From 2d656fe2133f89248825419fb8ffac5505486906 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20Jare=C5=A1?= <me@jakubjares.com>
Date: Mon, 20 Mar 2023 09:37:42 +0100
Subject: [PATCH] Revert "Revert "Fix signature verification" (#4333" (#4345

* Revert "Revert "Fix signature verification" (#4333"

This reverts commit b9dfa22788993bae967d21cb98933e3e5a1738bf.

* Update verify-sign.ps1
---
 scripts/verify-sign.ps1 | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/scripts/verify-sign.ps1 b/scripts/verify-sign.ps1
index dbc0834893..4523e6c2ee 100644
--- a/scripts/verify-sign.ps1
+++ b/scripts/verify-sign.ps1
@@ -60,6 +60,10 @@ function Verify-Assemblies
                 elseif ($signature.SignerCertificate.Subject -eq "CN=Microsoft 3rd Party Application Component, O=Microsoft Corporation, L=Redmond, S=Washington, C=US") {
                     Write-Debug "Valid ($($signature.SignerCertificate.Thumbprint)): $Path [3rd Party]"
                 }
+                elseif ($signature.SignerCertificate.Subject -eq "CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US") {
+                    # We see this on server only, review what is the actual signature on the dlls we ship.
+                    Write-Debug "Valid ($($signature.SignerCertificate.Thumbprint)): $Path [???]"
+                }
                 else {
                     # For legacy components, sign certificate is always "prod" signature. Skip such binaries.
                     if ($signature.SignerCertificate.Thumbprint -eq "98ED99A67886D020C564923B7DF25E9AC019DF26") {