Expand description
Windows Authenticode Portable Executable Signature Format
Authenticode is a digital signature format that is used to determine the origin and integrity of software binaries. Authenticode is based on Public-Key Cryptography Standards (PKCS) #7 signed data and X.509 certificates to bind an Authenticode-signed binary to the identity of a software publisher.
An Authenticode signature’s ContentInfo structure contains several structures that in turn contain the file’s hash value, page hash values (if present), the file description, and various optional or legacy ASN.1 fields.
Reference: Windows Authenticode Portable Executable Signature Format NOTE: the document differs from the actual implementation. This crate contains the structures used in actual signing.
Structs§
- Digest
Info - The DigestInfo structure defines the digest algorithm and data
- SpcAttribute
Type AndOptional Value - The SpcAttributeTypeAndOptionalValue structure has two fields, which are set for an Authenticode-signed PE file. The attribute_type is set to SPC_PE_IMAGE_DATAOBJ OID (1.3.6.1.4.1.311.2.1.15)
- SpcIndirect
Data Content - The root structure is SpcIndirectDataContent.
- SpcPe
Image Data - The SpcPeImageData structure specifies which portions of the Windows PE file are hashed.
- SpcPe
Image Flags - Flags specify which portions of the Windows PE file are hashed.
- SpcSerialized
Object - SpcSerializedObject contains a binary structure with page hashes
- SpcSp
Opus Info - This structure is present in SignerInfo authenticated attributes. It is identified by SPC_SP_OPUS_INFO_OBJID (1.3.6.1.4.1.311.2.1.12)
Enums§
- SpcLink
- SPCLink originally contained information that describes the software publisher
- SpcString
- SpcString is either Unicode or ASCII string
Constants§
- SPC_
CAB_ DATA_ OBJID - SPC_
CLASS_ UUID - SPC_
INDIRECT_ DATA_ OBJID - SPC_
NESTED_ SIGNATURE_ OBJID - SPC_
PE_ IMAGE_ DATA_ OBJID - SPC_
PE_ IMAGE_ PAGE_ HASHES_ V1 - SPC_
PE_ IMAGE_ PAGE_ HASHES_ V2 - SPC_
RFC3161_ OBJID - SPC_
SIPINFO_ OBJID - SPC_
SP_ OPUS_ INFO_ OBJID - SPC_
STATEMENT_ TYPE_ OBJID - SPC_
TIME_ STAMP_ REQUEST_ OBJID