yara-x 1.15.0

A pure Rust implementation of YARA.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76

syntax = "proto2";
import "yara.proto";

package crx;

option (yara.module_options) = {
  name : "crx"
  root_message: "crx.Crx"
  rust_module: "crx"
  cargo_feature: "crx-module"
};

message Crx {
  // True if the file is a valid Chrome Extension (CRX) package.
  optional bool is_crx = 1;
  // Format version of the CRX package.
  optional uint32 crx_version = 2;
  // Size in bytes of the binary CRX header.
  optional uint32 header_size = 3;
  // Standard 32-character extension ID string.
  optional string id = 4;
  // Extension version string extracted from the manifest.
  optional string version = 16;
  // Processed extension name extracted from the manifest.
  optional string name = 5;
  // Processed extension description extracted from the manifest.
  optional string description = 6;
  // Raw unparsed extension name extracted from the manifest.
  optional string raw_name = 7;
  // Raw unparsed extension description extracted from the manifest.
  optional string raw_description = 8;
  // Minimum Chrome version requirement string from the manifest.
  optional string minimum_chrome_version = 9;
  // Homepage URL string defined inside the manifest.
  optional string homepage_url = 10;
  // Required runtime permissions defined inside the manifest.
  repeated string permissions = 11;
  // Required host access permissions defined inside the manifest.
  repeated string host_permissions = 12;
  // Optional runtime permissions defined inside the manifest.
  repeated string optional_permissions = 13;
  // Optional host access permissions defined inside the manifest.
  repeated string optional_host_permissions = 14;
  // Cryptographic signatures validating the package.
  repeated CrxSignature signatures = 15;
}

message CrxSignature {
  // Public key or identifier string used in the signature.
  required string key = 1;
  // True if the cryptographic signature successfully verified.
  required bool verified = 2;
}

message CrxFileHeader {
  // PSS signature with RSA public key.
  repeated AsymmetricKeyProof sha256_with_rsa = 2;

  // ECDSA signature using the NIST P-256 curve.
  repeated AsymmetricKeyProof sha256_with_ecdsa = 3;

  // Binary form of the SignedData message payload.
  optional bytes signed_header_data = 10000;
}

message AsymmetricKeyProof {
  // Raw bytes representation of the public key.
  optional bytes public_key = 1;
  // Cryptographic signature bytes validating the payload.
  optional bytes signature = 2;
}

message SignedData {
  // Raw binary 16-byte extension identifier.
  optional bytes crx_id = 1;
}