http://bugs.winehq.org/show_bug.cgi?id=14483
Summary: WinVerifyTrustEx doesn't return expected HRESULT for PE images not digitally signed (TRUST_E_NOSIGNATURE) Product: Wine Version: CVS/GIT Platform: PC URL: http://www.filehippo.com/download_msn_messenger/751/ OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: wintrust AssignedTo: wine-bugs@winehq.org ReportedBy: focht@gmx.net
Hello,
this is a follow-up bug of bug 12718
Enable tracing:
--- snip --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Trace] "Level"=dword:00000099 --- snip ---
"msnmsgr.exe" PE image is *not* digitally signed.
Compare both:
--- snip windows trace --- .. <3776, 3780>: Verifying calling process image is signed...@passportclientlibrary.cpp_103 <3776, 3780>: Failed to WinVerifyTrustEx : C:\Program Files\MSN Messenger\msnmsgr.exe. hr = 0x800b0100@util.cpp_802 <3776, 3780>: Failed to Verify the file signature : C:\Program Files\MSN Messenger\msnmsgr.exe. hr = 0x800b0100@util.cpp_858 <3776, 3780>: Unable to verify caller is signed by MSFT cert 0x800b0100. GetCertificate API will not function correctly.@passportclientlibrary.cpp_124 --- snip windows trace ---
vs.
--- snip wine trace --- .. <8, 9>: Verifying calling process image is signed...@passportclientlibrary.cpp_103 <8, 9>: Passed WinVerifyTrustEx : C:\Program Files\MSN Messenger\msnmsgr.exe. @util.cpp_807 <8, 9>: Verify certificate against microsoft root : C:\Program Files\MSN Messenger\msnmsgr.exe. @util.cpp_808 <8, 9>: Failed to Verify the file signature : C:\Program Files\MSN Messenger\msnmsgr.exe. hr = 0x800b0100@util.cpp_858 <8, 9>: Unable to verify caller is signed by MSFT cert 0x800b0100. GetCertificate API will not function correctly.@passportclientlibrary.cpp_124 --- snip wine trace ---
--- snip wine --- 0030:Ret imagehlp.ImageGetCertificateHeader() retval=00000000 ret=609fb7cc .. 0030:trace:wintrust:CryptSIPGetSignedDataMsg returning 0 0030:Ret wintrust.CryptSIPGetSignedDataMsg() retval=00000000 ret=607c4b2a 0030:trace:crypt:CryptSIPGetSignedDataMsg returning 0 0030:trace:wintrust:SoftpubLoadMessage returning 1 (800b0100) 0030:Ret wintrust.SoftpubLoadMessage() retval=00000001 ret=60a05942 0030:trace:wintrust:WINTRUST_DefaultVerify returning 00000001 0030:trace:wintrust:WinVerifyTrust returning 00000001 0030:Ret wintrust.WinVerifyTrustEx() retval=00000001 ret=003ad2e9 --- snip wine ---
Remember: S_FALSE is not a failure code at all.
The return code evaluation from messenger looks like an inlined FAILED() macro ((HRESULT)(Status)<0) which basically just tests if the result has the high bit set. They don't test for S_OK, hence it incorrectly reports "pass" in wine.
TRUST_E_NOSIGNATURE has to be propagated somewhere because that's what WinVerifyTrustEx() should return in that case.
Reagrds