crash.software
Projects
Pull Requests
Issues
Builds
LIEF
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY LIEF Commits a6d9ea90
🤬
  • ■ ■ ■ ■ ■ ■
    api/python/PE/objects/signature/pySignature.cpp
    skipped 52 lines
    53 53   .value("BAD_SIGNATURE", Signature::VERIFICATION_FLAGS::BAD_SIGNATURE)
    54 54   .value("NO_SIGNATURE", Signature::VERIFICATION_FLAGS::NO_SIGNATURE)
    55 55   .value("CERT_EXPIRED", Signature::VERIFICATION_FLAGS::CERT_EXPIRED)
    56  - .value("CERT_FUTURE", Signature::VERIFICATION_FLAGS::CERT_FUTURE);
    57  - 
     56 + .value("CERT_FUTURE", Signature::VERIFICATION_FLAGS::CERT_FUTURE)
     57 + .def("__str__", [] (const Signature::VERIFICATION_FLAGS& flags) {
     58 + static const std::array<Signature::VERIFICATION_FLAGS, 13> FLAGS = {
     59 + Signature::VERIFICATION_FLAGS::OK,
     60 + Signature::VERIFICATION_FLAGS::INVALID_SIGNER,
     61 + Signature::VERIFICATION_FLAGS::UNSUPPORTED_ALGORITHM,
     62 + Signature::VERIFICATION_FLAGS::INCONSISTENT_DIGEST_ALGORITHM,
     63 + Signature::VERIFICATION_FLAGS::CERT_NOT_FOUND,
     64 + Signature::VERIFICATION_FLAGS::CORRUPTED_CONTENT_INFO,
     65 + Signature::VERIFICATION_FLAGS::CORRUPTED_AUTH_DATA,
     66 + Signature::VERIFICATION_FLAGS::MISSING_PKCS9_MESSAGE_DIGEST,
     67 + Signature::VERIFICATION_FLAGS::BAD_DIGEST,
     68 + Signature::VERIFICATION_FLAGS::BAD_SIGNATURE,
     69 + Signature::VERIFICATION_FLAGS::NO_SIGNATURE,
     70 + Signature::VERIFICATION_FLAGS::CERT_EXPIRED,
     71 + Signature::VERIFICATION_FLAGS::CERT_FUTURE,
     72 + };
     73 + if (flags == Signature::VERIFICATION_FLAGS::OK) {
     74 + return Signature::flag_to_string(flags);
     75 + }
     76 + std::string flags_str;
     77 + for (const Signature::VERIFICATION_FLAGS& flag : FLAGS) {
     78 + if ((flags & flag) == flag and flag != Signature::VERIFICATION_FLAGS::OK) {
     79 + if (not flags_str.empty()) {
     80 + flags_str += " | ";
     81 + }
     82 + flags_str += "VERIFICATION_FLAGS." + Signature::flag_to_string(flag);
     83 + }
     84 + }
     85 + return flags_str;
     86 + }, py::prepend{});
    58 87   
    59 88   LIEF::enum_<Signature::VERIFICATION_CHECKS>(signature, "VERIFICATION_CHECKS", py::arithmetic(),
    60 89   R"delim(
    skipped 148 lines
  • ■ ■ ■ ■ ■ ■
    include/LIEF/PE/signature/Signature.hpp
    skipped 61 lines
    62 62   CERT_FUTURE = 1 << 11,
    63 63   };
    64 64   
     65 + //! Convert a verification flag into a humman representation.
     66 + //! e.g VERIFICATION_FLAGS.BAD_DIGEST | VERIFICATION_FLAGS.BAD_SIGNATURE | VERIFICATION_FLAGS.CERT_EXPIRED
     67 + static std::string flag_to_string(VERIFICATION_FLAGS flag);
     68 + 
    65 69   //! Flags to tweak the verification process of the signature
    66 70   //!
    67 71   //! See Signature::check and LIEF::PE::Binary::verify_signature
    skipped 100 lines
  • ■ ■ ■ ■ ■ ■
    src/PE/Binary.cpp
    skipped 1205 lines
    1206 1206   return Signature::VERIFICATION_FLAGS::NO_SIGNATURE;
    1207 1207   }
    1208 1208   
     1209 + Signature::VERIFICATION_FLAGS flags = Signature::VERIFICATION_FLAGS::OK;
     1210 + 
    1209 1211   for (size_t i = 0; i < this->signatures_.size(); ++i) {
    1210 1212   const Signature& sig = this->signatures_[i];
    1211  - Signature::VERIFICATION_FLAGS flags = this->verify_signature(sig, checks);
     1213 + flags |= this->verify_signature(sig, checks);
    1212 1214   if (flags != Signature::VERIFICATION_FLAGS::OK) {
    1213 1215   LIEF_INFO("Verification failed for signature #{:d} (0b{:b})", i, static_cast<uintptr_t>(flags));
    1214  - return flags;
     1216 + break;
    1215 1217   }
    1216 1218   }
    1217  - return Signature::VERIFICATION_FLAGS::OK;
     1219 + return flags;
    1218 1220  }
    1219 1221   
    1220 1222  Signature::VERIFICATION_FLAGS Binary::verify_signature(const Signature& sig, Signature::VERIFICATION_CHECKS checks) const {
     1223 + Signature::VERIFICATION_FLAGS flags = Signature::VERIFICATION_FLAGS::OK;
    1221 1224   if (not is_true(checks & Signature::VERIFICATION_CHECKS::HASH_ONLY)) {
    1222 1225   const Signature::VERIFICATION_FLAGS value = sig.check(checks);
    1223 1226   if (value != Signature::VERIFICATION_FLAGS::OK) {
    1224 1227   LIEF_INFO("Bad signature (0b{:b})", static_cast<uintptr_t>(value));
    1225  - return value;
     1228 + flags |= value;
    1226 1229   }
    1227 1230   }
    1228 1231   
    skipped 3 lines
    1232 1235   if (authhash != chash) {
    1233 1236   LIEF_INFO("Authentihash and Content info's digest does not match:\n {}\n {}",
    1234 1237   hex_dump(authhash), hex_dump(chash));
    1235  - return Signature::VERIFICATION_FLAGS::BAD_SIGNATURE;
     1238 + flags |= Signature::VERIFICATION_FLAGS::BAD_DIGEST;
     1239 + }
     1240 + if (flags != Signature::VERIFICATION_FLAGS::OK) {
     1241 + flags |= Signature::VERIFICATION_FLAGS::BAD_SIGNATURE;
    1236 1242   }
    1237  - return Signature::VERIFICATION_FLAGS::OK;
     1243 +return flags;
    1238 1244  }
    1239 1245   
    1240 1246   
    skipped 472 lines
  • ■ ■ ■ ■ ■ ■
    src/PE/signature/Signature.cpp
    skipped 39 lines
    40 40  #include "mbedtls/x509_crt.h"
    41 41  #include "mbedtls/x509.h"
    42 42   
     43 +#include "frozen.hpp"
    43 44   
    44 45  namespace LIEF {
    45 46  namespace PE {
    skipped 4 lines
    50 51   date[3], date[4], date[5]);
    51 52  }
    52 53   
     54 +std::string Signature::flag_to_string(Signature::VERIFICATION_FLAGS flag) {
     55 + CONST_MAP(VERIFICATION_FLAGS, const char*, 13) enumStrings {
     56 + { Signature::VERIFICATION_FLAGS::OK, "OK"},
     57 + { Signature::VERIFICATION_FLAGS::INVALID_SIGNER, "INVALID_SIGNER"},
     58 + { Signature::VERIFICATION_FLAGS::UNSUPPORTED_ALGORITHM, "UNSUPPORTED_ALGORITHM"},
     59 + { Signature::VERIFICATION_FLAGS::INCONSISTENT_DIGEST_ALGORITHM, "INCONSISTENT_DIGEST_ALGORITHM"},
     60 + { Signature::VERIFICATION_FLAGS::CERT_NOT_FOUND, "CERT_NOT_FOUND"},
     61 + { Signature::VERIFICATION_FLAGS::CORRUPTED_CONTENT_INFO, "CORRUPTED_CONTENT_INFO"},
     62 + { Signature::VERIFICATION_FLAGS::CORRUPTED_AUTH_DATA, "CORRUPTED_AUTH_DATA"},
     63 + { Signature::VERIFICATION_FLAGS::MISSING_PKCS9_MESSAGE_DIGEST, "MISSING_PKCS9_MESSAGE_DIGEST"},
     64 + { Signature::VERIFICATION_FLAGS::BAD_DIGEST, "BAD_DIGEST"},
     65 + { Signature::VERIFICATION_FLAGS::BAD_SIGNATURE, "BAD_SIGNATURE"},
     66 + { Signature::VERIFICATION_FLAGS::NO_SIGNATURE, "NO_SIGNATURE"},
     67 + { Signature::VERIFICATION_FLAGS::CERT_EXPIRED, "CERT_EXPIRED"},
     68 + { Signature::VERIFICATION_FLAGS::CERT_FUTURE, "CERT_FUTURE"},
     69 + };
     70 + auto it = enumStrings.find(flag);
     71 + return it == enumStrings.end() ? "UNDEFINED" : it->second;
     72 +}
    53 73   
    54 74  Signature::VERIFICATION_FLAGS verify_ts_counter_signature(const SignerInfo& signer,
    55 75   const PKCS9CounterSignature& cs, Signature::VERIFICATION_CHECKS checks) {
    skipped 554 lines
Please wait...
Page is in error, reload to recover