[Bug Report] wrong timestamp parsing

[bitman694]

I use osslsigncode 2.2 to verify a sample, it shows the signature is invalid, because "Verify error:certificate is not yet valid Signature verification: failed". And osslsigncode shows: "The signature is timestamped: May 3 22:19:50 2016 GMT", the signing certificate is valid from "5:25 AM 5/4/2016" GTM.

I think it parses the timestamp with wrong way (But certificate valid time is right). The correct timestamp should be May 4 6:19:50 2016 GMT. And the signature is valid when I right click the file's porperty UI to see its code signing signatures.

I also try to verify the file with osslsigncode 2.5, it just prints "Invalid signature". Without extra information.

[mtrojnar]

Your bug report is very confusing to me. What is the command you executed? What output do you observe in the current master branch? What output do you expect?

Please avoid reporting bugs in anything other than the current master branch. We have made several major changes to our verification code over the years. Some of them are not released yet.

I highly recommend reading https://www.chiark.greenend.org.uk/~sgtatham/bugs.html.

[bitman694]

@mtrojnar Sorry about that. I retry it as follows:

1. I install osslsigncode master branch in a Ubuntu 20.04.
2. I use command 'osslsigncode verify -in VirusShare_bfc1e517c69f9e9daba6a14dc375e90e -CAfile roots.pem -TSA-CAfile roots.pem -verbose' to verify the file. Related files can be downloaded at https://github.com/bitman694/testForOsslsigncode. BE CAUTIOUS that the file maybe malicious.
3. it prints: Current PE checksum : 0020AFE3 Calculated PE checksum: 0020AFE3 Invalid signature Failed
4. I think the signatures should be valid. I right click the file in Windows and see it is valid. You can also see the screenshot at the link above.

[olszomal]

Fixed by #255