Struct lief::pe::signature::Signature

pub struct Signature<'a> { /* private fields */ }

Implementations§

§

impl<'a> Signature<'a>

pub fn from_file(path: &str) -> Option<Self>

Create a Signature from a PKCS#7 file path

pub fn from<R: Read + Seek>(reader: &mut R) -> Option<Self>

Create a Signature from a PKCS#7 reader implementing the Read + Seek traits

pub fn version(&self) -> u32

Should be 1

pub fn digest_algorithm(&self) -> Algorithms

Algorithm used to digest the file.

It should match SignerInfo::digest_algorithm

pub fn content_info(&'a self) -> ContentInfo<'a>

ContentInfo as described in the RFC2315 https://tools.ietf.org/html/rfc2315#section-7

pub fn certificates(&'a self) -> Certificates<'a>

Return list of X509 certificates associated with this signature

pub fn signers(&'a self) -> Signers<'a>

Iterator over the signer SignerInfo defined in the PKCS #7 signature

pub fn raw_der(&'a self) -> &[u8]

The original raw signature as a slice of bytes

pub fn crt_by_serial(&self, serial: &[u8]) -> Option<X509<'_>>

Find x509 certificate according to its serial number

pub fn crt_by_subject(&self, subject: &str) -> Option<X509<'_>>

Find X509 certificate according to its subject

pub fn crt_by_subject_and_serial( &self, subject: &str, serial: &[u8] ) -> Option<X509<'_>>

Find X509 certificate according to its subject AND serial number

pub fn crt_by_issuer(&self, issuer: &str) -> Option<X509<'_>>

Find X509 certificate according to its issuer

pub fn find_crt_by_issuer_and_serial( &self, issuer: &str, serial: &[u8] ) -> Option<X509<'_>>

Find X509 certificate according to its issuer AND serial number

pub fn check(&self, checks: VerificationChecks) -> VerificationFlags

Check if this signature is valid according to the Authenticode/PKCS #7 verification scheme

By default, it performs the following verifications:

  1. It must contain only one signer info
  2. Signature::digest_algorithm must match:
  3. The x509 certificate specified by SignerInfo::serial_number and SignerInfo::issuer must exist within Signature::certificates
  4. Given the x509 certificate, compare SignerInfo::encrypted_digest against either:
    • hash of authenticated attributes if present
    • hash of ContentInfo
  5. If authenticated attributes are present, check that a PKCS9_MESSAGE_DIGEST attribute exists and that its value matches hash of ContentInfo
  6. Check the validity of the PKCS #9 counter signature if present
  7. If the signature doesn’t embed a signing-time in the counter signature, check the certificate validity. (See VerificationChecks::LIFETIME_SIGNING and VerificationChecks::SKIP_CERT_TIME)

See: VerificationChecks to tweak the behavior

Trait Implementations§

§

impl Debug for Signature<'_>

§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
§

impl<'b, 'a: 'b> From<&'a Signature<'_>> for &'b PE_Signature

§

fn from(value: &'a Signature<'_>) -> &'b PE_Signature

Converts to this type from the input type.

Auto Trait Implementations§

§

impl<'a> RefUnwindSafe for Signature<'a>

§

impl<'a> !Send for Signature<'a>

§

impl<'a> !Sync for Signature<'a>

§

impl<'a> Unpin for Signature<'a>

§

impl<'a> UnwindSafe for Signature<'a>

Blanket Implementations§

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for Twhere T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for Twhere U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.