How to verify vc_redist.x64.exe with osslsigncode?
1
vote
0
answers
89
views
osslsigncode verify VirtualBox-7.1.0-164728-Win.exe: Functional.
osslsigncode verify vc_redist.x64.exe: Broken.
Why? How to fix?
Full logs below.
Debian 12.
----
Functional:
osslsigncode verify VirtualBox-7.1.0-164728-Win.exeCurrent PE checksum : 0698F8DE
Calculated PE checksum: 0698F8DE
Signature Index: 0 (Primary Signature)
Message digest algorithm : SHA256
Current message digest : 219D775E1F63FD2734FDB97D7EE67A17488B0E18B9A294114F7E17D8834B597F
Calculated message digest : 219D775E1F63FD2734FDB97D7EE67A17488B0E18B9A294114F7E17D8834B597F
Signer's certificate:
Signer #0:
Subject: /C=US/ST=California/L=Redwood City/O=Oracle America, Inc./CN=Oracle America, Inc.
Issuer : /C=US/O=DigiCert, Inc./CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1
Serial : 060E2F8F9E1B8BE518D5FE2B69CFCCB1
Certificate expiration date:
notBefore : Mar 9 00:00:00 2023 GMT
notAfter : Mar 11 23:59:59 2025 GMT
Number of certificates: 2
Signer #0:
Subject: /C=US/O=DigiCert, Inc./CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Trusted Root G4
Serial : 08AD40B260D29C4C9F5ECDA9BD93AED9
Certificate expiration date:
notBefore : Apr 29 00:00:00 2021 GMT
notAfter : Apr 28 23:59:59 2036 GMT
------------------
Signer #1:
Subject: /C=US/ST=California/L=Redwood City/O=Oracle America, Inc./CN=Oracle America, Inc.
Issuer : /C=US/O=DigiCert, Inc./CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1
Serial : 060E2F8F9E1B8BE518D5FE2B69CFCCB1
Certificate expiration date:
notBefore : Mar 9 00:00:00 2023 GMT
notAfter : Mar 11 23:59:59 2025 GMT
Authenticated attributes:
Message digest algorithm: SHA256
Message digest: 780A2C240E94C6A520FBA4EBA7ADC02D5DB11B0F223CD3F202A4F11A56F73A7A
Signing time: N/A
Microsoft Individual Code Signing purpose
The signature is timestamped: Sep 6 22:12:04 2024 GMT
Hash Algorithm: sha256
Timestamp Verified by:
Issuer : /C=US/O=DigiCert, Inc./CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA
Serial : 0544AFF3949D0839A6BFDB3F5FE56116
CAfile: /etc/ssl/certs/ca-certificates.crt
TSA's certificates file: /etc/ssl/certs/ca-certificates.crt
CRL distribution point: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl
TSA's CRL distribution point: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl
Timestamp Server Signature verification: ok
Signature verification time: Sep 6 22:12:04 2024 GMT
Signature verification: ok
Number of verified signatures: 1
Succeededosslsigncode verify vc_redist.x64.exeCurrent PE checksum : 0187CD76
Calculated PE checksum: 0187CD76
Signature Index: 0 (Primary Signature)
Message digest algorithm : SHA256
Current message digest : 870E96D39FD03180C74AE4BCC1C4B6203AF36AABDAC37210773C127F37393036
Calculated message digest : 870E96D39FD03180C74AE4BCC1C4B6203AF36AABDAC37210773C127F37393036
Signer's certificate:
Signer #0:
Subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Corporation
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Signing PCA 2011
Serial : 3300000403BDD5955D0F3B18AD000000000403
Certificate expiration date:
notBefore : Sep 12 20:11:13 2024 GMT
notAfter : Sep 11 20:11:13 2025 GMT
Number of certificates: 2
Signer #0:
Subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Corporation
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Signing PCA 2011
Serial : 3300000403BDD5955D0F3B18AD000000000403
Certificate expiration date:
notBefore : Sep 12 20:11:13 2024 GMT
notAfter : Sep 11 20:11:13 2025 GMT
------------------
Signer #1:
Subject: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Signing PCA 2011
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Root Certificate Authority 2011
Serial : 610E90D2000000000003
Certificate expiration date:
notBefore : Jul 8 20:59:09 2011 GMT
notAfter : Jul 8 21:09:09 2026 GMT
Authenticated attributes:
Message digest algorithm: SHA256
Message digest: C21A9171ECEC5F60ADFB1DDFF81B447D8B810D6A893F604E7C3D50849E3719DD
Signing time: N/A
Microsoft Individual Code Signing purpose
URL description: http://www.microsoft.com
Text description: Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433
The signature is timestamped: Oct 29 12:03:40 2024 GMT
Hash Algorithm: sha256
Timestamp Verified by:
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Time-Stamp PCA 2010
Serial : 33000001F91F678D75ABA4F1B10001000001F9
CAfile: /etc/ssl/certs/ca-certificates.crt
TSA's certificates file: /etc/ssl/certs/ca-certificates.crt
CRL distribution point: http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl
CMS_verify error
4049E3FCAC7E0000:error:17000064:CMS routines:cms_signerinfo_verify_cert:certificate verify error:../crypto/cms/cms_smime.c:289:Verify error: unable to get local issuer certificate
Timestamp Server Signature verification: failed
PKCS7_verify error
4049E3FCAC7E0000:error:10800075:PKCS7 routines:PKCS7_verify:certificate verify error:../crypto/pkcs7/pk7_smime.c:295:Verify error: unable to get local issuer certificate
Signature verification: failed
Number of verified signatures: 1
Failed
zsh: exit 1 osslsigncode verify vc_redist.x64.exe
Asked by adrelanos
(1956 rep)
Dec 2, 2024, 09:34 AM
Last activity: Dec 2, 2024, 09:44 AM
Last activity: Dec 2, 2024, 09:44 AM