LIEF: Library to Instrument Executable Formats Version 0.17.0
|
Main interface for the PKCS #7 signature scheme. More...
#include <Signature.hpp>
Public Types | |
enum class | VERIFICATION_FLAGS : uint32_t { OK = 0 , INVALID_SIGNER = 1 << 0 , UNSUPPORTED_ALGORITHM = 1 << 1 , INCONSISTENT_DIGEST_ALGORITHM = 1 << 2 , CERT_NOT_FOUND = 1 << 3 , CORRUPTED_CONTENT_INFO = 1 << 4 , CORRUPTED_AUTH_DATA = 1 << 5 , MISSING_PKCS9_MESSAGE_DIGEST = 1 << 6 , BAD_DIGEST = 1 << 7 , BAD_SIGNATURE = 1 << 8 , NO_SIGNATURE = 1 << 9 , CERT_EXPIRED = 1 << 10 , CERT_FUTURE = 1 << 11 } |
Flags returned by the verification functions. More... | |
enum class | VERIFICATION_CHECKS : uint32_t { DEFAULT = 1 << 0 , HASH_ONLY = 1 << 1 , LIFETIME_SIGNING = 1 << 2 , SKIP_CERT_TIME = 1 << 3 } |
Flags to tweak the verification process of the signature. More... | |
using | it_const_crt = const_ref_iterator<const std::vector<x509>&> |
Iterator which outputs const x509& certificates. | |
using | it_crt = ref_iterator<std::vector<x509>&> |
Iterator which outputs x509& certificates. | |
using | it_const_signers_t = const_ref_iterator<const std::vector<SignerInfo>&> |
Iterator which outputs const SignerInfo&. | |
using | it_signers_t = ref_iterator<std::vector<SignerInfo>&> |
Iterator which outputs SignerInfo&. | |
Public Types inherited from LIEF::Object | |
template<class T > | |
using | output_t = add_pointer_t<decay_t<T>> |
template<class T > | |
using | output_const_t = add_pointer_t<add_const_t<decay_t<T>>> |
Public Member Functions | |
Signature () | |
Signature (const Signature &) | |
Signature & | operator= (const Signature &) |
Signature (Signature &&) | |
Signature & | operator= (Signature &&) |
uint32_t | version () const |
Should be 1. | |
ALGORITHMS | digest_algorithm () const |
Algorithm used to digest the file. | |
const ContentInfo & | content_info () const |
Return the ContentInfo. | |
it_const_crt | certificates () const |
Return an iterator over x509 certificates. | |
it_crt | certificates () |
it_const_signers_t | signers () const |
Return an iterator over the signers (SignerInfo) defined in the PKCS #7 signature. | |
it_signers_t | signers () |
span< const uint8_t > | raw_der () const |
Return the raw original PKCS7 signature. | |
const x509 * | find_crt (const std::vector< uint8_t > &serialno) const |
Find x509 certificate according to its serial number. | |
const x509 * | find_crt_subject (const std::string &subject) const |
Find x509 certificate according to its subject. | |
const x509 * | find_crt_subject (const std::string &subject, const std::vector< uint8_t > &serialno) const |
Find x509 certificate according to its subject AND serial number. | |
const x509 * | find_crt_issuer (const std::string &issuer) const |
Find x509 certificate according to its issuer. | |
const x509 * | find_crt_issuer (const std::string &issuer, const std::vector< uint8_t > &serialno) const |
Find x509 certificate according to its issuer AND serial number. | |
VERIFICATION_FLAGS | check (VERIFICATION_CHECKS checks=VERIFICATION_CHECKS::DEFAULT) const |
Check if this signature is valid according to the Authenticode/PKCS #7 verification scheme. | |
void | accept (Visitor &visitor) const override |
~Signature () override | |
Public Member Functions inherited from LIEF::Object | |
Object () | |
Object (const Object &other) | |
Object & | operator= (const Object &other) |
template<class T > | |
output_t< T > | as () |
template<class T > | |
output_const_t< T > | as () const |
virtual bool | operator== (const Object &other) const |
virtual bool | operator!= (const Object &other) const |
virtual | ~Object () |
Static Public Member Functions | |
static std::vector< uint8_t > | hash (const std::vector< uint8_t > &input, ALGORITHMS algo) |
Hash the input given the algorithm. | |
static std::vector< uint8_t > | hash (const uint8_t *buffer, size_t size, ALGORITHMS algo) |
static std::string | flag_to_string (VERIFICATION_FLAGS flag) |
Convert a verification flag into a humman representation. e.g VERIFICATION_FLAGS.BAD_DIGEST | VERIFICATION_FLAGS.BAD_SIGNATURE | VERIFICATION_FLAGS.CERT_EXPIRED. | |
Main interface for the PKCS #7 signature scheme.
using LIEF::PE::Signature::it_const_crt = const_ref_iterator<const std::vector<x509>&> |
Iterator which outputs const x509& certificates.
using LIEF::PE::Signature::it_const_signers_t = const_ref_iterator<const std::vector<SignerInfo>&> |
Iterator which outputs const SignerInfo&.
using LIEF::PE::Signature::it_crt = ref_iterator<std::vector<x509>&> |
Iterator which outputs x509& certificates.
using LIEF::PE::Signature::it_signers_t = ref_iterator<std::vector<SignerInfo>&> |
Iterator which outputs SignerInfo&.
|
strong |
Flags to tweak the verification process of the signature.
See Signature::check and LIEF::PE::Binary::verify_signature
Enumerator | |
---|---|
DEFAULT | Default behavior that tries to follow the Microsoft verification process as close as possible |
HASH_ONLY | Only check that Binary::authentihash matches ContentInfo::digest regardless of the signature's validity |
LIFETIME_SIGNING | Same semantic as WTD_LIFETIME_SIGNING_FLAG |
SKIP_CERT_TIME | Skip the verification of the certificates time validities so that even though a certificate expired, it returns VERIFICATION_FLAGS::OK |
|
strong |
LIEF::PE::Signature::Signature | ( | ) |
LIEF::PE::Signature::Signature | ( | const Signature & | ) |
LIEF::PE::Signature::Signature | ( | Signature && | ) |
|
override |
|
overridevirtual |
Implements LIEF::Object.
|
inline |
|
inline |
Return an iterator over x509 certificates.
VERIFICATION_FLAGS LIEF::PE::Signature::check | ( | VERIFICATION_CHECKS | checks = VERIFICATION_CHECKS::DEFAULT | ) | const |
Check if this signature is valid according to the Authenticode/PKCS #7 verification scheme.
By default, it performs the following verifications:
See: LIEF::PE::Signature::VERIFICATION_CHECKS to tweak the behavior
|
inline |
Return the ContentInfo.
|
inline |
Algorithm used to digest the file.
It should match SignerInfo::digest_algorithm
const x509 * LIEF::PE::Signature::find_crt | ( | const std::vector< uint8_t > & | serialno | ) | const |
Find x509 certificate according to its serial number.
const x509 * LIEF::PE::Signature::find_crt_issuer | ( | const std::string & | issuer | ) | const |
Find x509 certificate according to its issuer.
const x509 * LIEF::PE::Signature::find_crt_issuer | ( | const std::string & | issuer, |
const std::vector< uint8_t > & | serialno ) const |
Find x509 certificate according to its issuer AND serial number.
const x509 * LIEF::PE::Signature::find_crt_subject | ( | const std::string & | subject | ) | const |
Find x509 certificate according to its subject.
const x509 * LIEF::PE::Signature::find_crt_subject | ( | const std::string & | subject, |
const std::vector< uint8_t > & | serialno ) const |
Find x509 certificate according to its subject AND serial number.
|
static |
Convert a verification flag into a humman representation. e.g VERIFICATION_FLAGS.BAD_DIGEST | VERIFICATION_FLAGS.BAD_SIGNATURE | VERIFICATION_FLAGS.CERT_EXPIRED.
|
inlinestatic |
Hash the input given the algorithm.
References LIEF::hash().
|
static |
|
inline |
Return the raw original PKCS7 signature.
|
inline |
|
inline |
Return an iterator over the signers (SignerInfo) defined in the PKCS #7 signature.
|
inline |
Should be 1.