16#ifndef LIEF_PE_SIGNATURE_H
17#define LIEF_PE_SIGNATURE_H
19#include "LIEF/Object.hpp"
20#include "LIEF/visibility.h"
21#include "LIEF/span.hpp"
23#include "LIEF/PE/signature/x509.hpp"
24#include "LIEF/PE/signature/SignerInfo.hpp"
25#include "LIEF/PE/signature/ContentInfo.hpp"
27#include "LIEF/PE/signature/types.hpp"
28#include "LIEF/PE/enums.hpp"
30#include "LIEF/iterators.hpp"
31#include "LIEF/enums.hpp"
48 static std::vector<uint8_t>
hash(
const std::vector<uint8_t>& input,
ALGORITHMS algo) {
49 return hash(input.data(), input.size(), algo);
51 static std::vector<uint8_t> hash(
const uint8_t* buffer,
size_t size,
ALGORITHMS algo);
70 INVALID_SIGNER = 1 << 0,
71 UNSUPPORTED_ALGORITHM = 1 << 1,
72 INCONSISTENT_DIGEST_ALGORITHM = 1 << 2,
73 CERT_NOT_FOUND = 1 << 3,
74 CORRUPTED_CONTENT_INFO = 1 << 4,
75 CORRUPTED_AUTH_DATA = 1 << 5,
76 MISSING_PKCS9_MESSAGE_DIGEST = 1 << 6,
78 BAD_SIGNATURE = 1 << 8,
79 NO_SIGNATURE = 1 << 9,
80 CERT_EXPIRED = 1 << 10,
81 CERT_FUTURE = 1 << 11,
94 LIFETIME_SIGNING = 1 << 2,
95 SKIP_CERT_TIME = 1 << 3,
112 return digest_algorithm_;
120 return certificates_;
123 it_crt certificates() {
124 return certificates_;
132 it_signers_t signers() {
138 return original_raw_signature_;
178 void accept(
Visitor& visitor)
const override;
182 LIEF_API
friend std::ostream& operator<<(std::ostream& os,
const Signature& signature);
185 uint32_t version_ = 0;
186 ALGORITHMS digest_algorithm_ = ALGORITHMS::UNKNOWN;
188 std::vector<x509> certificates_;
189 std::vector<SignerInfo> signers_;
191 uint64_t content_info_start_ = 0;
192 uint64_t content_info_end_ = 0;
194 std::vector<uint8_t> original_raw_signature_;
202ENABLE_BITMASK_OPERATORS(
LIEF::PE::Signature::VERIFICATION_CHECKS)
Class which represents a PE binary This is the main interface to manage and modify a PE executable.
Definition PE/Binary.hpp:54
Definition ContentInfo.hpp:78
Main interface to parse PE binaries. In particular the static functions: Parser::parse should be used...
Definition PE/Parser.hpp:47
Definition SignatureParser.hpp:37
Main interface for the PKCS #7 signature scheme.
Definition Signature.hpp:40
VERIFICATION_CHECKS
Flags to tweak the verification process of the signature.
Definition Signature.hpp:91
const x509 * find_crt_issuer(const std::string &issuer, const std::vector< uint8_t > &serialno) const
Find x509 certificate according to its issuer AND serial number.
const x509 * find_crt(const std::vector< uint8_t > &serialno) const
Find x509 certificate according to its serial number.
VERIFICATION_FLAGS check(VERIFICATION_CHECKS checks=VERIFICATION_CHECKS::DEFAULT) const
Check if this signature is valid according to the Authenticode/PKCS #7 verification scheme.
VERIFICATION_FLAGS
Flags returned by the verification functions.
Definition Signature.hpp:68
span< const uint8_t > raw_der() const
Return the raw original PKCS7 signature.
Definition Signature.hpp:137
static std::string flag_to_string(VERIFICATION_FLAGS flag)
Convert a verification flag into a humman representation. e.g VERIFICATION_FLAGS.BAD_DIGEST | VERIFIC...
const ContentInfo & content_info() const
Return the ContentInfo.
const x509 * find_crt_issuer(const std::string &issuer) const
Find x509 certificate according to its issuer.
static std::vector< uint8_t > hash(const std::vector< uint8_t > &input, ALGORITHMS algo)
Hash the input given the algorithm.
Definition Signature.hpp:48
const x509 * find_crt_subject(const std::string &subject) const
Find x509 certificate according to its subject.
it_const_signers_t signers() const
Return an iterator over the signers (SignerInfo) defined in the PKCS #7 signature.
Definition Signature.hpp:128
it_const_crt certificates() const
Return an iterator over x509 certificates.
Definition Signature.hpp:119
const x509 * find_crt_subject(const std::string &subject, const std::vector< uint8_t > &serialno) const
Find x509 certificate according to its subject AND serial number.
uint32_t version() const
Should be 1.
ALGORITHMS digest_algorithm() const
Algorithm used to digest the file.
Definition Signature.hpp:111
Interface over a x509 certificate.
Definition x509.hpp:43
Definition Visitor.hpp:219
Iterator which returns reference on container's values.
Definition iterators.hpp:48
ALGORITHMS
Cryptography algorithms.
Definition PE/enums.hpp:686
LIEF namespace.
Definition Abstract/Binary.hpp:32