http://bugs.winehq.org/show_bug.cgi?id=12014
Juan Lang juan_lang@yahoo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Component|crypt32 |wintrust
--- Comment #5 from Juan Lang juan_lang@yahoo.com 2008-04-23 17:46:48 --- The bug is more likely to be in wintrust than in crypt32. The problem seems to be the WIN_CERTIFICATE data that CryptSIPGetSignedDataMsg expects to find in the file. Instead of a valid WIN_CERTIFICATE, I see something like the following (output by hexdump -C):
00000000 49 00 00 00 68 00 74 00 74 00 70 00 3a 00 2f 00 |I...h.t.t.p.:./.| 00000010 2f 00 77 00 77 00 77 00 2e 00 61 00 62 00 69 00 |/.w.w.w...a.b.i.| 00000020 6c 00 69 00 74 00 79 00 64 00 6f 00 77 00 6e 00 |l.i.t.y.d.o.w.n.| 00000030 6c 00 6f 00 61 00 64 00 2e 00 63 00 6f 00 6d 00 |l.o.a.d...c.o.m.| 00000040 2f 00 64 00 6f 00 77 00 6e 00 7e 00 46 00 42 00 |/.d.o.w.n.~.F.B.|
The first DWORD appears to be a length of the following data, which is fine. But in place of the WORD for the revision and the WORD for the type, there's this wide-char URL.
Even the meaning of the length isn't clear: As a byte length it ends mid-character, which makes no sense. As a character length, it continues past any valid data, which also makes no sense.
I'm not sure where to go from here except to test more with Windows.