latest/doxygen/Signature_8hpp_source.html

/* Copyright 2017 - 2024 R. Thomas

 * Copyright 2017 - 2024 Quarkslab

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *     http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#ifndef LIEF_PE_SIGNATURE_H

#define LIEF_PE_SIGNATURE_H


#include "LIEF/Object.hpp"

#include "LIEF/visibility.h"

#include "LIEF/span.hpp"


#include "LIEF/PE/signature/x509.hpp"

#include "LIEF/PE/signature/SignerInfo.hpp"

#include "LIEF/PE/signature/ContentInfo.hpp"


#include "LIEF/PE/signature/types.hpp"

#include "LIEF/PE/enums.hpp"


#include "LIEF/iterators.hpp"

#include "LIEF/enums.hpp"


namespace LIEF {

namespace PE {


class SignatureParser;

class Binary;


class LIEF_API Signature : public Object {


  friend class SignatureParser;

  friend class Parser;

  friend class Binary;


  public:


  static std::vector<uint8_t> hash(const std::vector<uint8_t>& input, ALGORITHMS algo) {

    return hash(input.data(), input.size(), algo);

  }


  static std::vector<uint8_t> hash(const uint8_t* buffer, size_t size, ALGORITHMS algo);


  public:


  using it_const_crt = const_ref_iterator<const std::vector<x509>&>;


  using it_crt = ref_iterator<std::vector<x509>&>;


  using it_const_signers_t = const_ref_iterator<const std::vector<SignerInfo>&>;


  using it_signers_t = ref_iterator<std::vector<SignerInfo>&>;


  enum class VERIFICATION_FLAGS {

    OK = 0,

    INVALID_SIGNER                = 1 << 0,

    UNSUPPORTED_ALGORITHM         = 1 << 1,

    INCONSISTENT_DIGEST_ALGORITHM = 1 << 2,

    CERT_NOT_FOUND                = 1 << 3,

    CORRUPTED_CONTENT_INFO        = 1 << 4,

    CORRUPTED_AUTH_DATA           = 1 << 5,

    MISSING_PKCS9_MESSAGE_DIGEST  = 1 << 6,

    BAD_DIGEST                    = 1 << 7,

    BAD_SIGNATURE                 = 1 << 8,

    NO_SIGNATURE                  = 1 << 9,

    CERT_EXPIRED                  = 1 << 10,

    CERT_FUTURE                   = 1 << 11,

  };


  static std::string flag_to_string(VERIFICATION_FLAGS flag);


  enum class VERIFICATION_CHECKS {

    DEFAULT          = 1 << 0,

    HASH_ONLY        = 1 << 1,

    LIFETIME_SIGNING = 1 << 2,

    SKIP_CERT_TIME   = 1 << 3,

  };


  Signature();

  Signature(const Signature&);

  Signature& operator=(const Signature&);


  Signature(Signature&&);

  Signature& operator=(Signature&&);


  uint32_t version() const;


  ALGORITHMS digest_algorithm() const {

    return digest_algorithm_;

  }


  const ContentInfo& content_info() const;


  it_const_crt certificates() const {

    return certificates_;

  }


  it_crt certificates()  {

    return certificates_;

  }


  it_const_signers_t signers() const {

    return signers_;

  }


  it_signers_t signers() {

    return signers_;

  }


  span<const uint8_t> raw_der() const {

    return original_raw_signature_;

  }


  const x509* find_crt(const std::vector<uint8_t>& serialno) const;


  const x509* find_crt_subject(const std::string& subject) const;


  const x509* find_crt_subject(const std::string& subject, const std::vector<uint8_t>& serialno) const;


  const x509* find_crt_issuer(const std::string& issuer) const;


  const x509* find_crt_issuer(const std::string& issuer, const std::vector<uint8_t>& serialno) const;


  VERIFICATION_FLAGS check(VERIFICATION_CHECKS checks = VERIFICATION_CHECKS::DEFAULT) const;


  void accept(Visitor& visitor) const override;


  ~Signature() override;


  LIEF_API friend std::ostream& operator<<(std::ostream& os, const Signature& signature);


  private:

  uint32_t                version_ = 0;

  ALGORITHMS              digest_algorithm_ = ALGORITHMS::UNKNOWN;

  ContentInfo             content_info_;

  std::vector<x509>       certificates_;

  std::vector<SignerInfo> signers_;


  uint64_t                content_info_start_ = 0;

  uint64_t                content_info_end_ = 0;


  std::vector<uint8_t> original_raw_signature_;

};


}

}


ENABLE_BITMASK_OPERATORS(LIEF::PE::Signature::VERIFICATION_FLAGS)

ENABLE_BITMASK_OPERATORS(LIEF::PE::Signature::VERIFICATION_CHECKS)


#endif


LIEF::Object
Definition Object.hpp:25

LIEF::PE::Binary
Class which represents a PE binary This is the main interface to manage and modify a PE executable.
Definition PE/Binary.hpp:54

LIEF::PE::ContentInfo
Definition ContentInfo.hpp:78

LIEF::PE::Parser
Main interface to parse PE binaries. In particular the static functions: Parser::parse should be used...
Definition PE/Parser.hpp:47

LIEF::PE::SignatureParser
Definition SignatureParser.hpp:37

LIEF::PE::Signature
Main interface for the PKCS #7 signature scheme.
Definition Signature.hpp:40

LIEF::PE::Signature::VERIFICATION_CHECKS
VERIFICATION_CHECKS
Flags to tweak the verification process of the signature.
Definition Signature.hpp:91

LIEF::PE::Signature::find_crt_issuer
const x509 * find_crt_issuer(const std::string &issuer, const std::vector< uint8_t > &serialno) const
Find x509 certificate according to its issuer AND serial number.

LIEF::PE::Signature::find_crt
const x509 * find_crt(const std::vector< uint8_t > &serialno) const
Find x509 certificate according to its serial number.

LIEF::PE::Signature::check
VERIFICATION_FLAGS check(VERIFICATION_CHECKS checks=VERIFICATION_CHECKS::DEFAULT) const
Check if this signature is valid according to the Authenticode/PKCS #7 verification scheme.

LIEF::PE::Signature::VERIFICATION_FLAGS
VERIFICATION_FLAGS
Flags returned by the verification functions.
Definition Signature.hpp:68

LIEF::PE::Signature::raw_der
span< const uint8_t > raw_der() const
Return the raw original PKCS7 signature.
Definition Signature.hpp:137

LIEF::PE::Signature::flag_to_string
static std::string flag_to_string(VERIFICATION_FLAGS flag)
Convert a verification flag into a humman representation. e.g VERIFICATION_FLAGS.BAD_DIGEST | VERIFIC...

LIEF::PE::Signature::content_info
const ContentInfo & content_info() const
Return the ContentInfo.

LIEF::PE::Signature::find_crt_issuer
const x509 * find_crt_issuer(const std::string &issuer) const
Find x509 certificate according to its issuer.

LIEF::PE::Signature::hash
static std::vector< uint8_t > hash(const std::vector< uint8_t > &input, ALGORITHMS algo)
Hash the input given the algorithm.
Definition Signature.hpp:48

LIEF::PE::Signature::find_crt_subject
const x509 * find_crt_subject(const std::string &subject) const
Find x509 certificate according to its subject.

LIEF::PE::Signature::signers
it_const_signers_t signers() const
Return an iterator over the signers (SignerInfo) defined in the PKCS #7 signature.
Definition Signature.hpp:128

LIEF::PE::Signature::certificates
it_const_crt certificates() const
Return an iterator over x509 certificates.
Definition Signature.hpp:119

LIEF::PE::Signature::find_crt_subject
const x509 * find_crt_subject(const std::string &subject, const std::vector< uint8_t > &serialno) const
Find x509 certificate according to its subject AND serial number.

LIEF::PE::Signature::version
uint32_t version() const
Should be 1.

LIEF::PE::Signature::digest_algorithm
ALGORITHMS digest_algorithm() const
Algorithm used to digest the file.
Definition Signature.hpp:111

LIEF::PE::x509
Interface over a x509 certificate.
Definition x509.hpp:43

LIEF::Visitor
Definition Visitor.hpp:219

LIEF::ref_iterator
Iterator which returns reference on container's values.
Definition iterators.hpp:48

LIEF::PE::ALGORITHMS
ALGORITHMS
Cryptography algorithms.
Definition PE/enums.hpp:686

LIEF::PE::IMPHASH_MODE::DEFAULT
@ DEFAULT

LIEF
LIEF namespace.
Definition Abstract/Binary.hpp:32