wintrust-WinVerifyTrust: Update patchset to use MS_ENH_RSA_AES_PROV instead of default provider.

2025-09-12 18:50:20 -07:00 · 2017-08-02 15:19:37 +02:00
parent 71f0cf0aef
commit 5f7efc6b30
2 changed files with 31 additions and 1 deletions
--- a/patches/wintrust-WinVerifyTrust/0004-wintrust-use-enhanced-crypto-provider-in-VerifyImage.patch
+++ b/patches/wintrust-WinVerifyTrust/0004-wintrust-use-enhanced-crypto-provider-in-VerifyImage.patch
@@ -0,0 +1,28 @@
+From e6f3153b82f6592607a9e78585da8ba5b0bd9f06 Mon Sep 17 00:00:00 2001
+From: Marko Friedemann <marko@friedemann.email>
+Date: Wed, 2 Aug 2017 01:56:39 +0200
+Subject: wintrust: use enhanced crypto provider in VerifyImageHash
+
+Softpub VerifyImageHash uses the default crypto provider and fails for
+  certificates using SHA256 et al. with NTE_BAD_ALGID (80090008).
+Fixes startup cert error with SWTOR launcher as-of 2017-08-01.
+---
+ dlls/wintrust/softpub.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/dlls/wintrust/softpub.c b/dlls/wintrust/softpub.c
+index 35c0d7b5abb..0c04001985b 100644
+--- a/dlls/wintrust/softpub.c
+++ b/dlls/wintrust/softpub.c
+@@ -349,7 +349,7 @@ static DWORD SOFTPUB_VerifyImageHash(CRYPT_PROVIDER_DATA *data, HANDLE file)
+ 
+     if (!prov)
+     {
+-        if (!CryptAcquireContextW(&prov, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
+        if (!CryptAcquireContextW(&prov, NULL, MS_ENH_RSA_AES_PROV_W, PROV_RSA_AES, CRYPT_VERIFYCONTEXT))
+             return GetLastError();
+         release_prov = TRUE;
+     }
+-- 
+2.13.1
+