|
LIEF: Library to Instrument Executable Formats Version 0.16.0
|
Loading...
Searching...
No Matches
Go to the documentation of this file.
16#ifndef LIEF_PE_SIGNATURE_H
17#define LIEF_PE_SIGNATURE_H
41 friend class SignatureParser;
45 public:
static std::vector<uint8_t>
hash(
const std::vector<uint8_t>& input, ALGORITHMS algo) {
48 return hash(input.data(), input.size(), algo);
51 static std::vector<uint8_t>
hash(
const uint8_t* buffer,
size_t size, ALGORITHMS algo);
54 using it_const_crt = const_ref_iterator<const std::vector<x509>&>;
57 using it_crt = ref_iterator<std::vector<x509>&>;
60 using it_const_signers_t = const_ref_iterator<const std::vector<SignerInfo>&>;
63 using it_signers_t = ref_iterator<std::vector<SignerInfo>&>;
66 enum class VERIFICATION_FLAGS : uint32_t {
70 INVALID_SIGNER = 1 << 0,
71 UNSUPPORTED_ALGORITHM = 1 << 1,
72 INCONSISTENT_DIGEST_ALGORITHM = 1 << 2,
73 CERT_NOT_FOUND = 1 << 3,
74 CORRUPTED_CONTENT_INFO = 1 << 4,
75 CORRUPTED_AUTH_DATA = 1 << 5,
76 MISSING_PKCS9_MESSAGE_DIGEST = 1 << 6,
78 BAD_SIGNATURE = 1 << 8,
79 NO_SIGNATURE = 1 << 9,
80 CERT_EXPIRED = 1 << 10,
81 CERT_FUTURE = 1 << 11,
87 enum class VERIFICATION_CHECKS : uint32_t {
94 LIFETIME_SIGNING = 1 << 2,
95 SKIP_CERT_TIME = 1 << 3,
114 return digest_algorithm_;
119 return content_info_;
124 return certificates_;
128 return certificates_;
130 it_const_signers_t
signers()
const {
139 span<const uint8_t>
raw_der()
const {
142 return original_raw_signature_;
144 const x509*
find_crt(
const std::vector<uint8_t>& serialno)
const;
150 const x509*
find_crt_subject(
const std::string& subject,
const std::vector<uint8_t>& serialno)
const;
156 const x509*
find_crt_issuer(
const std::string& issuer,
const std::vector<uint8_t>& serialno)
const;
159 VERIFICATION_FLAGS
check(VERIFICATION_CHECKS checks = VERIFICATION_CHECKS::DEFAULT)
const;
182 void accept(Visitor& visitor)
const override;
189 uint32_t version_ = 0;
190 ALGORITHMS digest_algorithm_ = ALGORITHMS::UNKNOWN;
191 ContentInfo content_info_;
192 std::vector<x509> certificates_;
193 std::vector<SignerInfo> signers_;
195 uint64_t content_info_start_ = 0;
196 uint64_t content_info_end_ = 0;
198 std::vector<uint8_t> original_raw_signature_;
Class which represents a PE binary This is the main interface to manage and modify a PE executable.
Definition PE/Binary.hpp:52
Definition SignatureParser.hpp:37
Main interface for the PKCS #7 signature scheme.
Definition Signature.hpp:39
const x509 * find_crt_issuer(const std::string &issuer, const std::vector< uint8_t > &serialno) const
Find x509 certificate according to its issuer AND serial number.
it_signers_t signers()
Definition Signature.hpp:136
const x509 * find_crt(const std::vector< uint8_t > &serialno) const
Find x509 certificate according to its serial number.
static std::vector< uint8_t > hash(const uint8_t *buffer, size_t size, ALGORITHMS algo)
Signature & operator=(Signature &&)
VERIFICATION_FLAGS check(VERIFICATION_CHECKS checks=VERIFICATION_CHECKS::DEFAULT) const
Check if this signature is valid according to the Authenticode/PKCS #7 verification scheme.
span< const uint8_t > raw_der() const
Return the raw original PKCS7 signature.
Definition Signature.hpp:141
static std::string flag_to_string(VERIFICATION_FLAGS flag)
Convert a verification flag into a humman representation. e.g VERIFICATION_FLAGS.BAD_DIGEST | VERIFIC...
const ContentInfo & content_info() const
Return the ContentInfo.
Definition Signature.hpp:118
Signature(const Signature &)
it_crt certificates()
Definition Signature.hpp:127
Signature & operator=(const Signature &)
const x509 * find_crt_issuer(const std::string &issuer) const
Find x509 certificate according to its issuer.
static std::vector< uint8_t > hash(const std::vector< uint8_t > &input, ALGORITHMS algo)
Hash the input given the algorithm.
Definition Signature.hpp:47
const x509 * find_crt_subject(const std::string &subject) const
Find x509 certificate according to its subject.
void accept(Visitor &visitor) const override
it_const_signers_t signers() const
Return an iterator over the signers (SignerInfo) defined in the PKCS #7 signature.
Definition Signature.hpp:132
it_const_crt certificates() const
Return an iterator over x509 certificates.
Definition Signature.hpp:123
const x509 * find_crt_subject(const std::string &subject, const std::vector< uint8_t > &serialno) const
Find x509 certificate according to its subject AND serial number.
uint32_t version() const
Should be 1.
Definition Signature.hpp:106
friend std::ostream & operator<<(std::ostream &os, const Signature &signature)
ALGORITHMS digest_algorithm() const
Algorithm used to digest the file.
Definition Signature.hpp:113
VERIFICATION_FLAGS
Flags returned by the verification functions.
Definition Signature.hpp:68
#define ENABLE_BITMASK_OPERATORS(X)
Definition enums.hpp:24
Namespace related to the LIEF's PE module.
Definition Abstract/Header.hpp:32
ALGORITHMS
Cryptography algorithms.
Definition PE/enums.hpp:686
@ DEFAULT
Definition PE/utils.hpp:34
LIEF namespace.
Definition Abstract/Binary.hpp:36
Hash::value_type hash(const Object &v)
#define LIEF_API
Definition visibility.h:41
