Failed to extract current message digest

[Kcchouette]

Hello

I'm trying to use your software to verify a exe signature, in this way:

$ osslsigncode verify "soft.exe"

The software returns me this message:

Current PE checksum   : 00000000
Calculated PE checksum: 0C423E31

Failed to extract current message digest

Failed

Sadly I didn't find a way to give you more information (-verbose is not available for verify) and I can't give you the exe file

I'm trying to patch a bit the files, I'll keep you informed. Thanks

[Kcchouette]

I forget to give you some useful information:

• I've tested the ubuntu package version

  $ osslsigncode --version
  osslsigncode 1.7.1, using:
  OpenSSL 1.1.1f  31 Mar 2020
  libcurl/7.68.0 GnuTLS/3.6.15 zlib/1.2.11 brotli/1.0.9 libidn2/2.3.0 libpsl/0.21.0 (+libidn2/2.3.0) libssh/0.9.3/openssl/zlib nghttp2/1.41.0 librtmp/2.3
  libgsf 1.14.47

• and then test on archlinux based on commit 1c175c43393b7f22e3591f6fd757180475329bdc (same message above)

  osslsigncode 2.1.0, using:
  OpenSSL 1.1.1k  25 Mar 2021 (Library: OpenSSL 1.1.1k  25 Mar 2021)
  libcurl/7.76.1 OpenSSL/1.1.1k zlib/1.2.11 zstd/1.4.9 libidn2/2.3.0 libpsl/0.21.1 (+libidn2/2.3.0) libssh2/1.9.0 nghttp2/1.43.0

[Kcchouette]

I've been able to display more information:

Current PE checksum   : 00000000
Calculated PE checksum: 0C423E31

Signature Index: 0  (Primary Signature)

Authenticated attributes:
    Message digest algorithm: SHA256
    Message digest: 094C954250067AD0A01AB5496209ECCBA313F2D1410213B87F87885AC56B9E90
    Signing time: May 10 15:55:25 2021 GMT
    Microsoft Individual Code Signing purpose

The signature is timestamped: May 10 15:55:18 2021 GMT
Hash Algorithm: sha256
Timestamp Verified by:
        Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Assured ID Timestamping CA
        Serial : 0D424AE0BE3A88FF604021CE1400F0DD
Message digest algorithm  : SHA256
Current message digest    : 094C954250067AD0A01AB5496209ECCBA313F2D1410213B87F87885AC56B9E90
Calculated message digest : F38970C6E64A77060EC5375814756FBC3EDE6611C93587E896F0B07F5D92AFB9    MISMATCH!!!

Signature verification: failed

Number of verified signatures: 1
Failed

I've patched files like that:

diff --git a/osslsigncode.c b/osslsigncode.c
index 7697aa9..4f2cb29 100644
--- a/osslsigncode.c
+++ b/osslsigncode.c
@@ -3268,20 +3268,28 @@ static int pe_verify_pkcs7(SIGNATURE *signature, char *indata, FILE_HEADER *head
    const EVP_MD *md;

    if (is_content_type(signature->p7, SPC_INDIRECT_DATA_OBJID)) {
        ASN1_STRING *content_val = signature->p7->d.sign->contents->d.other->value.sequence;
        const unsigned char *p = content_val->data;
        SpcIndirectDataContent *idc = d2i_SpcIndirectDataContent(NULL, &p, content_val->length);
        if (idc) {
            pe_extract_page_hash(idc->data, &ph, &phlen, &phtype);
            if (idc->messageDigest && idc->messageDigest->digest && idc->messageDigest->digestAlgorithm) {
                mdtype = OBJ_obj2nid(idc->messageDigest->digestAlgorithm->algorithm);
                memcpy(mdbuf, idc->messageDigest->digest->data, idc->messageDigest->digest->length);
            }
            SpcIndirectDataContent_free(idc);
        }
    }
+   else {
+       mdtype = signature->md_nid;
+       memcpy(mdbuf, (unsigned char *)ASN1_STRING_get0_data(signature->digest),
+               ASN1_STRING_length(signature->digest));
+   }
    if (mdtype == -1) {
        printf("Failed to extract current message digest\n\n");
        goto out;
    }
    printf("Message digest algorithm  : %s\n", OBJ_nid2sn(mdtype));
@@ -3386,6 +3394,7 @@ static int pe_verify_file(char *indata, FILE_HEADER *header, GLOBAL_OPTIONS *opt
    for (i = 0; i < sk_SIGNATURE_num(signatures); i++) {
        SIGNATURE *signature = sk_SIGNATURE_value(signatures, i);
        printf("Signature Index: %d %s\n", i, i==0 ? " (Primary Signature)" : "");
+       print_attributes(signature, 99);
        ret &= pe_verify_pkcs7(signature, indata, header, options);
    }
    printf("Number of verified signatures: %d\n", i);

Of course, Microsoft find the signature OK on their OS. Edit: The current message digest is the same than the one display by microsoft

[Kcchouette]

Here readpe --all soft.exe information (I've removed/censured confidential information)

DOS Header
    Magic number:                    0x5a4d (MZ)
    Bytes in last page:              144
    Pages in file:                   3
    Relocations:                     0
    Size of header in paragraphs:    4
    Minimum extra paragraphs:        0
    Maximum extra paragraphs:        65535
    Initial (relative) SS value:     0
    Initial SP value:                0xb8
    Initial IP value:                0
    Initial (relative) CS value:     0
    Address of relocation table:     0x40
    Overlay number:                  0
    OEM identifier:                  0
    OEM information:                 0
    PE header offset:                0xf8
COFF/File header
    Machine:                         0x8664 IMAGE_FILE_MACHINE_AMD64
    Number of sections:              6
    Date/time stamp:                 1583275147 (Tue, 03 Mar 2020 22:39:07 UTC)
    Symbol Table offset:             0
    Number of symbols:               0
    Size of optional header:         0xf0
    Characteristics:                 0x22
    Characteristics names
                                         IMAGE_FILE_EXECUTABLE_IMAGE
                                         IMAGE_FILE_LARGE_ADDRESS_AWARE
Optional/Image header
    Magic number:                    0x20b (PE32+)
    Linker major version:            9
    Linker minor version:            0
    Size of .text section:           0x48800
    Size of .data section:           0x3c200
    Size of .bss section:            0
    Entrypoint:                      0x32e08
    Address of .text section:        0x1000
    ImageBase:                       0x140000000
    Alignment of sections:           0x1000
    Alignment factor:                0x200
    Major version of required OS:    5
    Minor version of required OS:    2
    Major version of image:          0
    Minor version of image:          0
    Major version of subsystem:      5
    Minor version of subsystem:      2
    Size of image:                   0x87000
    Size of headers:                 0x400
    Checksum:                        0
    Subsystem required:              0x2 (IMAGE_SUBSYSTEM_WINDOWS_GUI)
    DLL characteristics:             0x8140
    DLL characteristics names
                                         IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
                                         IMAGE_DLLCHARACTERISTICS_NX_COMPAT
                                         IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
    Size of stack to reserve:        0x100000
    Size of stack to commit:         0x1000
    Size of heap space to reserve:   0x100000
    Size of heap space to commit:    0x1000
Data directories
    Directory
        IMAGE_DIRECTORY_ENTRY_EXPORT:    0x66e60 (7523 bytes)
    Directory
        IMAGE_DIRECTORY_ENTRY_IMPORT:    0x65374 (120 bytes)
    Directory
        IMAGE_DIRECTORY_ENTRY_RESOURCE:  0x80000 (24064 bytes)
    Directory
        IMAGE_DIRECTORY_ENTRY_EXCEPTION: 0x7d000 (11856 bytes)
    Directory
        IMAGE_DIRECTORY_ENTRY_SECURITY:  0xc416800 (7608 bytes)
    Directory
        IMAGE_DIRECTORY_ENTRY_BASERELOC: 0x86000 (956 bytes)
    Directory
        IMAGE_DIRECTORY_ENTRY_IAT:       0x4a000 (2064 bytes)
Imported functions
    Library
        Name:                            USER32.dll
        Functions
            Function
                Hint:                            687
                Name:                            SetWindowPos
            Function
                Hint:                            530
                Name:                            OffsetRect
            Function
                Hint:                            79
                Name:                            CopyRect
            Function
                Hint:                            396
                Name:                            GetWindowRect
            Function
                Hint:                            286
                Name:                            GetDesktopWindow
            Function
                Hint:                            343
                Name:                            GetParent
            Function
                Hint:                            518
                Name:                            MonitorFromPoint
            Function
                Hint:                            240
                Name:                            FindWindowA
            Function
                Hint:                            404
                Name:                            GetWindowThreadProcessId
            Function
                Hint:                            475
                Name:                            LoadIconW
            Function
                Hint:                            572
                Name:                            RegisterClipboardFormatW
            Function
                Hint:                            243
                Name:                            FindWindowW
            Function
                Hint:                            389
                Name:                            GetWindowLongPtrW
            Function
                Hint:                            269
                Name:                            GetClassNameW
            Function
                Hint:                            383
                Name:                            GetWindow
            Function
                Hint:                            403
                Name:                            GetWindowTextW
            Function
                Hint:                            614
                Name:                            SendMessageTimeoutW
            Function
                Hint:                            395
                Name:                            GetWindowPlacement
            Function
                Hint:                            547
                Name:                            PostMessageW
            Function
                Hint:                            784
                Name:                            wsprintfW
            Function
                Hint:                            508
                Name:                            MessageBoxA
            Function
                Hint:                            165
                Name:                            DialogBoxParamA
            Function
                Hint:                            211
                Name:                            EndDialog
            Function
                Hint:                            692
                Name:                            SetWindowTextW
            Function
                Hint:                            637
                Name:                            SetDlgItemTextW
            Function
                Hint:                            289
                Name:                            GetDlgItem
            Function
                Hint:                            143
                Name:                            DefDlgProcW
            Function
                Hint:                            474
                Name:                            LoadIconA
            Function
                Hint:                            470
                Name:                            LoadCursorA
            Function
                Hint:                            570
                Name:                            RegisterClassW
            Function
                Hint:                            606
                Name:                            SendDlgItemMessageW
            Function
                Hint:                            605
                Name:                            SendDlgItemMessageA
            Function
                Hint:                            238
                Name:                            ExitWindowsEx
            Function
                Hint:                            235
                Name:                            EnumWindows
            Function
                Hint:                            449
                Name:                            IsIconic
            Function
                Hint:                            704
                Name:                            ShowWindow
            Function
                Hint:                            640
                Name:                            SetForegroundWindow
            Function
                Hint:                            314
                Name:                            GetLastActivePopup
            Function
                Hint:                            462
                Name:                            IsWindowVisible
            Function
                Hint:                            515
                Name:                            MessageBoxW
    Library
        Name:                            ADVAPI32.dll
        Functions
            Function
                Hint:                            75
                Name:                            ChangeServiceConfigW
            Function
                Hint:                            73
                Name:                            ChangeServiceConfig2W
            Function
                Hint:                            125
                Name:                            CreateServiceW
            Function
                Hint:                            214
                Name:                            DeleteService
            Function
                Hint:                            707
                Name:                            StartServiceW
            Function
                Hint:                            88
                Name:                            ControlService
            Function
                Hint:                            542
                Name:                            QueryServiceConfigW
            Function
                Hint:                            499
                Name:                            OpenSCManagerW
            Function
                Hint:                            501
                Name:                            OpenServiceW
            Function
                Hint:                            546
                Name:                            QueryServiceStatus
            Function
                Hint:                            83
                Name:                            CloseServiceHandle
            Function
                Hint:                            588
                Name:                            RegEnumValueW
            Function
                Hint:                            610
                Name:                            RegQueryInfoKeyW
            Function
                Hint:                            585
                Name:                            RegEnumKeyExW
            Function
                Hint:                            574
                Name:                            RegDeleteKeyW
            Function
                Hint:                            578
                Name:                            RegDeleteValueW
            Function
                Hint:                            632
                Name:                            RegSetValueExW
            Function
                Hint:                            622
                Name:                            RegRestoreKeyW
            Function
                Hint:                            626
                Name:                            RegSaveKeyW
            Function
                Hint:                            563
                Name:                            RegCreateKeyExW
            Function
                Hint:                            401
                Name:                            LookupPrivilegeValueW
            Function
                Hint:                            603
                Name:                            RegOpenKeyExW
            Function
                Hint:                            616
                Name:                            RegQueryValueExW
            Function
                Hint:                            393
                Name:                            LookupAccountNameW
            Function
                Hint:                            31
                Name:                            AllocateAndInitializeSid
            Function
                Hint:                            282
                Name:                            FreeSid
            Function
                Hint:                            316
                Name:                            GetNamedSecurityInfoW
            Function
                Hint:                            672
                Name:                            SetEntriesInAclW
            Function
                Hint:                            683
                Name:                            SetNamedSecurityInfoW
            Function
                Hint:                            577
                Name:                            RegDeleteValueA
            Function
                Hint:                            497
                Name:                            OpenProcessToken
            Function
                Hint:                            400
                Name:                            LookupPrivilegeValueA
            Function
                Hint:                            30
                Name:                            AdjustTokenPrivileges
            Function
                Hint:                            584
                Name:                            RegEnumKeyExA
            Function
                Hint:                            602
                Name:                            RegOpenKeyExA
            Function
                Hint:                            615
                Name:                            RegQueryValueExA
            Function
                Hint:                            562
                Name:                            RegCreateKeyExA
            Function
                Hint:                            631
                Name:                            RegSetValueExA
            Function
                Hint:                            554
                Name:                            RegCloseKey
            Function
                Hint:                            395
                Name:                            LookupAccountSidW
    Library
        Name:                            ole32.dll
        Functions
            Function
                Hint:                            137
                Name:                            CreateStreamOnHGlobal
            Function
                Hint:                            20
                Name:                            CoCreateInstance
            Function
                Hint:                            66
                Name:                            CoInitializeEx
            Function
                Hint:                            152
                Name:                            GetHGlobalFromStream
            Function
                Hint:                            65
                Name:                            CoInitialize
            Function
                Hint:                            107
                Name:                            CoTaskMemFree
            Function
                Hint:                            334
                Name:                            ReleaseStgMedium
            Function
                Hint:                            111
                Name:                            CoUninitialize
    Library
        Name:                            OLEAUT32.dll
        Functions
    Library
        Name:                            KERNEL32.dll
        Functions
            Function
                Hint:                            320
                Name:                            FlsGetValue
            Function
                Hint:                            321
                Name:                            FlsSetValue
            Function
                Hint:                            319
                Name:                            FlsFree
            Function
                Hint:                            1016
                Name:                            SetLastError
            Function
                Hint:                            431
                Name:                            GetCurrentThreadId
            Function
                Hint:                            318
                Name:                            FlsAlloc
            Function
                Hint:                            683
                Name:                            HeapSize
            Function
                Hint:                            389
                Name:                            GetConsoleCP
            Function
                Hint:                            407
                Name:                            GetConsoleMode
            Function
                Hint:                            192
                Name:                            DeleteCriticalSection
            Function
                Hint:                            1012
                Name:                            SetHandleCount
            Function
                Hint:                            349
                Name:                            GetCPInfo
            Function
                Hint:                            340
                Name:                            GetACP
            Function
                Hint:                            532
                Name:                            GetOEMCP
            Function
                Hint:                            730
                Name:                            IsValidCodePage
            Function
                Hint:                            682
                Name:                            HeapSetInformation
            Function
                Hint:                            676
                Name:                            HeapCreate
            Function
                Hint:                            738
                Name:                            LCMapStringW
            Function
                Hint:                            623
                Name:                            GetTimeZoneInformation
            Function
                Hint:                            444
                Name:                            GetDriveTypeA
            Function
                Hint:                            698
                Name:                            InitializeCriticalSectionAndSpinCount
            Function
                Hint:                            1034
                Name:                            SetStdHandle
            Function
                Hint:                            986
                Name:                            SetEndOfFile
            Function
                Hint:                            550
                Name:                            GetProcessHeap
            Function
                Hint:                            851
                Name:                            QueryPerformanceCounter
            Function
                Hint:                            1168
                Name:                            WriteConsoleA
            Function
                Hint:                            736
                Name:                            LCMapStringA
            Function
                Hint:                            576
                Name:                            GetStringTypeA
            Function
                Hint:                            579
                Name:                            GetStringTypeW
            Function
                Hint:                            489
                Name:                            GetLocaleInfoA
            Function
                Hint:                            83
                Name:                            CompareStringA
            Function
                Hint:                            86
                Name:                            CompareStringW
            Function
                Hint:                            185
                Name:                            DecodePointer
            Function
                Hint:                            606
                Name:                            GetTempPathA
            Function
                Hint:                            215
                Name:                            EncodePointer
            Function
                Hint:                            572
                Name:                            GetStartupInfoA
            Function
                Hint:                            369
                Name:                            GetCommandLineA
            Function
                Hint:                            681
                Name:                            HeapReAlloc
            Function
                Hint:                            182
                Name:                            DebugBreak
            Function
                Hint:                            678
                Name:                            HeapFree
            Function
                Hint:                            674
                Name:                            HeapAlloc
            Function
                Hint:                            926
                Name:                            RtlUnwindEx
            Function
                Hint:                            922
                Name:                            RtlPcToFileHeader
            Function
                Hint:                            858
                Name:                            RaiseException
            Function
                Hint:                            913
                Name:                            RtlCaptureContext
            Function
                Hint:                            920
                Name:                            RtlLookupFunctionEntry
            Function
                Hint:                            487
                Name:                            GetLastError
            Function
                Hint:                            129
                Name:                            CreateFileW
            Function
                Hint:                            1004
                Name:                            SetFilePointer
            Function
                Hint:                            1179
                Name:                            WriteFile
            Function
                Hint:                            872
                Name:                            ReadFile
            Function
                Hint:                            546
                Name:                            GetProcAddress
            Function
                Hint:                            752
                Name:                            LoadLibraryA
            Function
                Hint:                            626
                Name:                            GetUserDefaultLCID
            Function
                Hint:                            68
                Name:                            CloseHandle
            Function
                Hint:                            122
                Name:                            CreateFileA
            Function
                Hint:                            110
                Name:                            CreateDirectoryA
            Function
                Hint:                            323
                Name:                            FlushFileBuffers
            Function
                Hint:                            1178
                Name:                            WriteConsoleW
            Function
                Hint:                            473
                Name:                            GetFileType
            Function
                Hint:                            574
                Name:                            GetStdHandle
            Function
                Hint:                            499
                Name:                            GetLongPathNameW
            Function
                Hint:                            262
                Name:                            ExitProcess
            Function
                Hint:                            893
                Name:                            RemoveDirectoryA
            Function
                Hint:                            283
                Name:                            FindClose
            Function
                Hint:                            304
                Name:                            FindNextFileA
            Function
                Hint:                            194
                Name:                            DeleteFileA
            Function
                Hint:                            287
                Name:                            FindFirstFileA
            Function
                Hint:                            793
                Name:                            MultiByteToWideChar
            Function
                Hint:                            20
                Name:                            AreFileApisANSI
            Function
                Hint:                            294
                Name:                            FindFirstFileW
            Function
                Hint:                            1083
                Name:                            TerminateProcess
            Function
                Hint:                            455
                Name:                            GetExitCodeProcess
            Function
                Hint:                            153
                Name:                            CreateProcessW
            Function
                Hint:                            646
                Name:                            GetWindowsDirectoryW
            Function
                Hint:                            1013
                Name:                            SetHandleInformation
            Function
                Hint:                            147
                Name:                            CreatePipe
            Function
                Hint:                            570
                Name:                            GetShortPathNameA
            Function
                Hint:                            501
                Name:                            GetModuleFileNameA
            Function
                Hint:                            571
                Name:                            GetShortPathNameW
            Function
                Hint:                            502
                Name:                            GetModuleFileNameW
            Function
                Hint:                            428
                Name:                            GetCurrentProcessId
            Function
                Hint:                            496
                Name:                            GetLongPathNameA
            Function
                Hint:                            645
                Name:                            GetWindowsDirectoryA
            Function
                Hint:                            452
                Name:                            GetEnvironmentVariableA
            Function
                Hint:                            453
                Name:                            GetEnvironmentVariableW
            Function
                Hint:                            607
                Name:                            GetTempPathW
            Function
                Hint:                            604
                Name:                            GetTempFileNameA
            Function
                Hint:                            481
                Name:                            GetFullPathNameW
            Function
                Hint:                            478
                Name:                            GetFullPathNameA
            Function
                Hint:                            503
                Name:                            GetModuleHandleA
            Function
                Hint:                            333
                Name:                            FreeEnvironmentStringsW
            Function
                Hint:                            451
                Name:                            GetEnvironmentStringsW
            Function
                Hint:                            332
                Name:                            FreeEnvironmentStringsA
            Function
                Hint:                            449
                Name:                            GetEnvironmentStrings
            Function
                Hint:                            456
                Name:                            GetExitCodeThread
            Function
                Hint:                            1138
                Name:                            WaitForSingleObject
            Function
                Hint:                            164
                Name:                            CreateThread
            Function
                Hint:                            411
                Name:                            GetConsoleOutputCP
            Function
                Hint:                            214
                Name:                            DuplicateHandle
            Function
                Hint:                            427
                Name:                            GetCurrentProcess
            Function
                Hint:                            989
                Name:                            SetEnvironmentVariableA
            Function
                Hint:                            150
                Name:                            CreateProcessA
            Function
                Hint:                            979
                Name:                            SetCurrentDirectoryA
            Function
                Hint:                            425
                Name:                            GetCurrentDirectoryA
            Function
                Hint:                            634
                Name:                            GetVersionExA
            Function
                Hint:                            931
                Name:                            SearchPathA
            Function
                Hint:                            595
                Name:                            GetSystemTimeAsFileTime
            Function
                Hint:                            197
                Name:                            DeleteFileW
            Function
                Hint:                            219
                Name:                            EnterCriticalSection
            Function
                Hint:                            697
                Name:                            InitializeCriticalSection
            Function
                Hint:                            750
                Name:                            LeaveCriticalSection
            Function
                Hint:                            1071
                Name:                            Sleep
            Function
                Hint:                            500
                Name:                            GetMailslotInfo
            Function
                Hint:                            138
                Name:                            CreateMailslotA
            Function
                Hint:                            370
                Name:                            GetCommandLineW
            Function
                Hint:                            155
                Name:                            CreateSemaphoreA
            Function
                Hint:                            1070
                Name:                            SizeofResource
            Function
                Hint:                            774
                Name:                            LockResource
            Function
                Hint:                            757
                Name:                            LoadResource
            Function
                Hint:                            312
                Name:                            FindResourceA
            Function
                Hint:                            668
                Name:                            GlobalUnlock
            Function
                Hint:                            665
                Name:                            GlobalSize
            Function
                Hint:                            661
                Name:                            GlobalLock
            Function
                Hint:                            974
                Name:                            SetConsoleTitleA
            Function
                Hint:                            618
                Name:                            GetTickCount
            Function
                Hint:                            416
                Name:                            GetConsoleTitleA
            Function
                Hint:                            15
                Name:                            AllocConsole
            Function
                Hint:                            753
                Name:                            LoadLibraryExA
            Function
                Hint:                            990
                Name:                            SetEnvironmentVariableW
            Function
                Hint:                            980
                Name:                            SetCurrentDirectoryW
            Function
                Hint:                            1049
                Name:                            SetThreadPriority
            Function
                Hint:                            1160
                Name:                            WideCharToMultiByte
            Function
                Hint:                            764
                Name:                            LocalFree
            Function
                Hint:                            760
                Name:                            LocalAlloc
            Function
                Hint:                            506
                Name:                            GetModuleHandleW
            Function
                Hint:                            754
                Name:                            LoadLibraryExW
            Function
                Hint:                            755
                Name:                            LoadLibraryW
            Function
                Hint:                            586
                Name:                            GetSystemDirectoryW
            Function
                Hint:                            445
                Name:                            GetDriveTypeW
            Function
                Hint:                            1136
                Name:                            WaitForMultipleObjects
            Function
                Hint:                            818
                Name:                            OpenProcess
            Function
                Hint:                            552
                Name:                            GetProcessId
            Function
                Hint:                            662
                Name:                            GlobalMemoryStatus
            Function
                Hint:                            334
                Name:                            FreeLibrary
            Function
                Hint:                            440
                Name:                            GetDiskFreeSpaceExW
            Function
                Hint:                            975
                Name:                            SetConsoleTitleW
            Function
                Hint:                            417
                Name:                            GetConsoleTitleW
            Function
                Hint:                            146
                Name:                            CreateNamedPipeW
            Function
                Hint:                            87
                Name:                            ConnectNamedPipe
            Function
                Hint:                            1145
                Name:                            WaitNamedPipeW
            Function
                Hint:                            207
                Name:                            DisconnectNamedPipe
            Function
                Hint:                            657
                Name:                            GlobalFree
            Function
                Hint:                            430
                Name:                            GetCurrentThread
            Function
                Hint:                            115
                Name:                            CreateDirectoryW
            Function
                Hint:                            605
                Name:                            GetTempFileNameW
            Function
                Hint:                            158
                Name:                            CreateSemaphoreW
            Function
                Hint:                            896
                Name:                            RemoveDirectoryW
            Function
                Hint:                            786
                Name:                            MoveFileExW
            Function
                Hint:                            1100
                Name:                            UnhandledExceptionFilter
            Function
                Hint:                            1059
                Name:                            SetUnhandledExceptionFilter
            Function
                Hint:                            720
                Name:                            IsDebuggerPresent
            Function
                Hint:                            927
                Name:                            RtlVirtualUnwind
Exported functions
    Library
        Name:                            temp.exe
        Functions
            Function
                Ordinal:                         1
                Address:                         0x20058
                Name:                            Java_com_install4j_runtime_installer_platform_win32_ACLHandling_addACE
            Function
                Ordinal:                         2
                Address:                         0x20dcc
                Name:                            Java_com_install4j_runtime_installer_platform_win32_FileVersion_compare0
            Function
                Ordinal:                         3
                Address:                         0x21328
                Name:                            Java_com_install4j_runtime_installer_platform_win32_FolderInfo_getDriveType0
            Function
                Ordinal:                         4
                Address:                         0x2110c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_FolderInfo_getPathFromRegistry0
            Function
                Ordinal:                         5
                Address:                         0x213a8
                Name:                            Java_com_install4j_runtime_installer_platform_win32_FolderInfo_getShortPathName0
            Function
                Ordinal:                         6
                Address:                         0x210e0
                Name:                            Java_com_install4j_runtime_installer_platform_win32_FolderInfo_getSpecialFolder0
            Function
                Ordinal:                         7
                Address:                         0x212b4
                Name:                            Java_com_install4j_runtime_installer_platform_win32_FolderInfo_getSystemDirectory0
            Function
                Ordinal:                         8
                Address:                         0x2144c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_FolderInfo_getUniversalPathName0
            Function
                Ordinal:                         9
                Address:                         0x21208
                Name:                            Java_com_install4j_runtime_installer_platform_win32_FolderInfo_getWindowsDirectory0
            Function
                Ordinal:                         10
                Address:                         0x22834
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Misc_broadcastSettingChange0
            Function
                Ordinal:                         11
                Address:                         0x23c20
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Misc_getEnvVarPairs0
            Function
                Ordinal:                         12
                Address:                         0x22914
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Misc_getFreeDiskSpace0
            Function
                Ordinal:                         13
                Address:                         0x22878
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Misc_getPhysicalMemory0
            Function
                Ordinal:                         14
                Address:                         0x227d0
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Misc_getPidFromHandle0
            Function
                Ordinal:                         15
                Address:                         0x23a50
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Misc_getRunningModules0
            Function
                Ordinal:                         16
                Address:                         0x2369c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Misc_getTopLevelWindows0
            Function
                Ordinal:                         17
                Address:                         0x22b14
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Misc_getWindowTitle0
            Function
                Ordinal:                         18
                Address:                         0x22964
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Misc_moveWithDelayUntilReboot0
            Function
                Ordinal:                         19
                Address:                         0x22478
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Misc_reboot0
            Function
                Ordinal:                         20
                Address:                         0x227dc
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Misc_setForegroundWindow0
            Function
                Ordinal:                         21
                Address:                         0x2253c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Misc_terminateProcesses0
            Function
                Ordinal:                         22
                Address:                         0x22a6c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Misc_toFront0
            Function
                Ordinal:                         23
                Address:                         0x2439c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_ObjectPicker_show0
            Function
                Ordinal:                         24
                Address:                         0x255dc
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Registry_changeNotifyAssociations0
            Function
                Ordinal:                         25
                Address:                         0x24fb0
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Registry_createKey0
            Function
                Ordinal:                         26
                Address:                         0x25d6c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Registry_deleteKey0
            Function
                Ordinal:                         27
                Address:                         0x25570
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Registry_deleteValue0
            Function
                Ordinal:                         28
                Address:                         0x2631c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Registry_enumSubKeys0
            Function
                Ordinal:                         29
                Address:                         0x2656c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Registry_enumValues0
            Function
                Ordinal:                         30
                Address:                         0x26228
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Registry_getValue0
            Function
                Ordinal:                         31
                Address:                         0x24f74
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Registry_keyExists0
            Function
                Ordinal:                         32
                Address:                         0x2510c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Registry_restoreKey0
            Function
                Ordinal:                         33
                Address:                         0x25074
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Registry_saveKey0
            Function
                Ordinal:                         34
                Address:                         0x25434
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Registry_setValue0
            Function
                Ordinal:                         35
                Address:                         0x279d4
                Name:                            Java_com_install4j_runtime_installer_platform_win32_ShellLink_changeNotify0
            Function
                Ordinal:                         36
                Address:                         0x2750c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_ShellLink_create0
            Function
                Ordinal:                         37
                Address:                         0x277ac
                Name:                            Java_com_install4j_runtime_installer_platform_win32_ShellLink_createWide0
            Function
                Ordinal:                         38
                Address:                         0x27a88
                Name:                            Java_com_install4j_runtime_installer_platform_win32_ShellLink_initialize0
            Function
                Ordinal:                         39
                Address:                         0x27a9c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_ShellLink_uninitialize
            Function
                Ordinal:                         40
                Address:                         0x2073c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_VistaFileChooser_displayDialog0
            Function
                Ordinal:                         41
                Address:                         0x20328
                Name:                            Java_com_install4j_runtime_installer_platform_win32_VistaFileChooser_initialize0
            Function
                Ordinal:                         42
                Address:                         0x79b8
                Name:                            Java_com_install4j_runtime_installer_platform_win32_VistaTaskDialog_init0
            Function
                Ordinal:                         43
                Address:                         0x27b40
                Name:                            Java_com_install4j_runtime_installer_platform_win32_VistaTaskDialog_show0
            Function
                Ordinal:                         44
                Address:                         0x246c0
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32CommunicationBackend_closeHandle0
            Function
                Ordinal:                         45
                Address:                         0x245e8
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32CommunicationBackend_connectClient0
            Function
                Ordinal:                         46
                Address:                         0x24574
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32CommunicationBackend_connectNamedPipe0
            Function
                Ordinal:                         47
                Address:                         0x24518
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32CommunicationBackend_createListener0
            Function
                Ordinal:                         48
                Address:                         0x246d8
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32CommunicationBackend_disconnectNamedPipe0
            Function
                Ordinal:                         49
                Address:                         0x24904
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32CommunicationBackend_getCurrentProcessId0
            Function
                Ordinal:                         50
                Address:                         0x24510
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32CommunicationBackend_getInvalidHandle0
            Function
                Ordinal:                         51
                Address:                         0x2490c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32CommunicationBackend_isProcessAlive0
            Function
                Ordinal:                         52
                Address:                         0x246f0
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32CommunicationBackend_readDataBlock0
            Function
                Ordinal:                         53
                Address:                         0x247f4
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32CommunicationBackend_writeDataBlock0
            Function
                Ordinal:                         54
                Address:                         0x22b70
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Exec_launch0
            Function
                Ordinal:                         55
                Address:                         0x2156c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Handle_close0
            Function
                Ordinal:                         56
                Address:                         0x21600
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Handle_getDeviceName0
            Function
                Ordinal:                         57
                Address:                         0x21e08
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Handle_list0
            Function
                Ordinal:                         58
                Address:                         0x24c64
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Proxy_getAutoProxyConfig0
            Function
                Ordinal:                         59
                Address:                         0x24ad4
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Proxy_getDefaultConfig0
            Function
                Ordinal:                         60
                Address:                         0x24b98
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Proxy_getIEConfig0
            Function
                Ordinal:                         61
                Address:                         0x24acc
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Proxy_loadFunctions0
            Function
                Ordinal:                         62
                Address:                         0x272ac
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Services_changeServiceConfig0
            Function
                Ordinal:                         63
                Address:                         0x26858
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Services_getServiceBinary0
            Function
                Ordinal:                         64
                Address:                         0x269b8
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Services_getStartType0
            Function
                Ordinal:                         65
                Address:                         0x26e50
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Services_installService0
            Function
                Ordinal:                         66
                Address:                         0x2679c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Services_queryStatus0
            Function
                Ordinal:                         67
                Address:                         0x271d8
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Services_setDelayedAutoStart0
            Function
                Ordinal:                         68
                Address:                         0x26f64
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Services_setRestartServiceConfig0
            Function
                Ordinal:                         69
                Address:                         0x26c20
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Services_startService0
            Function
                Ordinal:                         70
                Address:                         0x26b58
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Services_stopService0
            Function
                Ordinal:                         71
                Address:                         0x26d9c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32Services_uninstallService0
            Function
                Ordinal:                         72
                Address:                         0x28434
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32UserInfo_addUser0
            Function
                Ordinal:                         73
                Address:                         0x28384
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32UserInfo_deleteLocalGroup0
            Function
                Ordinal:                         74
                Address:                         0x282d4
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32UserInfo_deleteUser0
            Function
                Ordinal:                         75
                Address:                         0x28198
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32UserInfo_executeElevated0
            Function
                Ordinal:                         76
                Address:                         0x28d8c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32UserInfo_getAccountName0
            Function
                Ordinal:                         77
                Address:                         0x28254
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32UserInfo_getElevationType0
            Function
                Ordinal:                         78
                Address:                         0x28a4c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32UserInfo_getUserProfileDirectory0
            Function
                Ordinal:                         79
                Address:                         0x27e70
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32UserInfo_getUserSid0
            Function
                Ordinal:                         80
                Address:                         0x27fd4
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32UserInfo_isMemberOfGroup0
            Function
                Ordinal:                         81
                Address:                         0x28fd4
                Name:                            Java_com_install4j_runtime_installer_platform_win32_Win32UserInfo_setLsaAccountRight0
            Function
                Ordinal:                         82
                Address:                         0x22cd0
                Name:                            Java_com_install4j_runtime_installer_platform_win32_WinGuiHelper_getHwnd0
            Function
                Ordinal:                         83
                Address:                         0x22c3c
                Name:                            Java_com_install4j_runtime_installer_platform_win32_WinGuiHelper_getPeer0
            Function
                Ordinal:                         84
                Address:                         0x2b1d0
                Name:                            registerNatives
Sections
    Section
        Name:                            .text
        Virtual Size:                    0x4868a (296586 bytes)
        Virtual Address:                 0x1000
        Size Of Raw Data:                0x48800 (296960 bytes)
        Pointer To Raw Data:             0x400
        Number Of Relocations:           0
        Characteristics:                 0x60000020
        Characteristic Names
                                             IMAGE_SCN_CNT_CODE
                                             IMAGE_SCN_MEM_EXECUTE
                                             IMAGE_SCN_MEM_READ
    Section
        Name:                            .rdata
        Virtual Size:                    0x1ebc3 (125891 bytes)
        Virtual Address:                 0x4a000
        Size Of Raw Data:                0x1ec00 (125952 bytes)
        Pointer To Raw Data:             0x48c00
        Number Of Relocations:           0
        Characteristics:                 0x40000040
        Characteristic Names
                                             IMAGE_SCN_CNT_INITIALIZED_DATA
                                             IMAGE_SCN_MEM_READ
    Section
        Name:                            .data
        Virtual Size:                    0x13c44 (80964 bytes)
        Virtual Address:                 0x69000
        Size Of Raw Data:                0x2600 (9728 bytes)
        Pointer To Raw Data:             0x67800
        Number Of Relocations:           0
        Characteristics:                 0xc0000040
        Characteristic Names
                                             IMAGE_SCN_CNT_INITIALIZED_DATA
                                             IMAGE_SCN_MEM_READ
                                             IMAGE_SCN_MEM_WRITE
    Section
        Name:                            .pdata
        Virtual Size:                    0x2e50 (11856 bytes)
        Virtual Address:                 0x7d000
        Size Of Raw Data:                0x3000 (12288 bytes)
        Pointer To Raw Data:             0x69e00
        Number Of Relocations:           0
        Characteristics:                 0x40000040
        Characteristic Names
                                             IMAGE_SCN_CNT_INITIALIZED_DATA
                                             IMAGE_SCN_MEM_READ
    Section
        Name:                            .rsrc
        Virtual Size:                    0x5e00 (24064 bytes)
        Virtual Address:                 0x80000
        Size Of Raw Data:                0x5e00 (24064 bytes)
        Pointer To Raw Data:             0x6ce00
        Number Of Relocations:           0
        Characteristics:                 0x40000040
        Characteristic Names
                                             IMAGE_SCN_CNT_INITIALIZED_DATA
                                             IMAGE_SCN_MEM_READ
    Section
        Name:                            .reloc
        Virtual Size:                    0x94c (2380 bytes)
        Virtual Address:                 0x86000
        Size Of Raw Data:                0xa00 (2560 bytes)
        Pointer To Raw Data:             0x72c00
        Number Of Relocations:           0
        Characteristics:                 0x42000040
        Characteristic Names
                                             IMAGE_SCN_CNT_INITIALIZED_DATA
                                             IMAGE_SCN_MEM_DISCARDABLE
                                             IMAGE_SCN_MEM_READ

[olszomal]

This is really interesting. But I must reproduce myself this issue and research the file. Could you find or generate similar but not confidential signed PE file and share it?

[Kcchouette]

Hello I fully reproduced the issue with another more available software : atlassian confluence I'm using install4j to sign the executable like them, and base of the cert is digicert

You can find exe file here: https://www.atlassian.com/software/confluence/download then I choose "Latest release", OS "windows 64 bit", get started then I agree the term And I have the file atlassian-confluence-7.12.0-x64.exe

---

without my patch:

$ osslsigncode verify atlassian-confluence-7.12.0-x64.exe 
Current PE checksum   : 00000000
Calculated PE checksum: 2E3F659F

Failed to extract current message digest

Failed

---

with my patch it shows more information (but digest mismatch)