...

Source file src/github.com/sassoftware/relic/lib/authenticode/structs.go

Documentation: github.com/sassoftware/relic/lib/authenticode 

     1  //
     2  // Copyright (c) SAS Institute Inc.
     3  //
     4  // Licensed under the Apache License, Version 2.0 (the "License");
     5  // you may not use this file except in compliance with the License.
     6  // You may obtain a copy of the License at
     7  //
     8  //     http://www.apache.org/licenses/LICENSE-2.0
     9  //
    10  // Unless required by applicable law or agreed to in writing, software
    11  // distributed under the License is distributed on an "AS IS" BASIS,
    12  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  // See the License for the specific language governing permissions and
    14  // limitations under the License.
    15  //
    16  
    17  package authenticode
    18  
    19  import (
    20  	"crypto/x509/pkix"
    21  	"encoding/asn1"
    22  	"time"
    23  )
    24  
    25  var (
    26  	OidSpcIndirectDataContent = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 2, 1, 4}
    27  	OidSpcStatementType       = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 2, 1, 11}
    28  	OidSpcSpOpusInfo          = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 2, 1, 12}
    29  	OidSpcPeImageData         = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 2, 1, 15}
    30  	OidSpcIndividualPurpose   = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 2, 1, 21}
    31  	OidSpcCabImageData        = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 2, 1, 25}
    32  	OidSpcSipInfo             = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 2, 1, 30}
    33  	OidSpcPageHashV1          = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 2, 3, 1}
    34  	OidSpcPageHashV2          = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 2, 3, 2}
    35  	OidSpcCabPageHash         = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 2, 5, 1}
    36  	OidCertTrustList          = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 10, 1}
    37  	OidCatalogList            = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 12, 1, 1}
    38  	OidCatalogListMember      = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 12, 1, 2}
    39  	OidCatalogListMemberV2    = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 12, 1, 3}
    40  	OidCatalogNameValue       = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 12, 2, 1}
    41  	OidCatalogMemberInfo      = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 12, 2, 2}
    42  	OidCatalogMemberInfoV2    = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 12, 2, 3}
    43  
    44  	SpcUUIDPageHashes = []byte{0xa6, 0xb5, 0x86, 0xd5, 0xb4, 0xa1, 0x24, 0x66, 0xae, 0x05, 0xa2, 0x17, 0xda, 0x8e, 0x60, 0xd6}
    45  
    46  	// SIP or Subject Interface Package is an internal Microsoft API for
    47  	// transforming arbitrary files into a digestible stream. These ClassIDs
    48  	// are found in the indirect data section and identify the type of processor needed to validate the signature.
    49  	// SIP related DLLs are registered at
    50  	// HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllCreateIndirectData
    51  	// although these particular ClassIDs do not seem to appear there.
    52  	// Relevant DLLs include: WINTRUST.DLL, MSISIP.DLL, pwrshsip.dll
    53  	SpcUUIDSipInfoMsi = []byte{0xf1, 0x10, 0x0c, 0x00, 0x00, 0x00, 0x00, 0x00, 0xc0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x46}
    54  	SpcUUIDSipInfoPs  = []byte{0x1f, 0xcc, 0x3b, 0x60, 0x59, 0x4b, 0x08, 0x4e, 0xb7, 0x24, 0xd2, 0xc6, 0x29, 0x7e, 0xf3, 0x51}
    55  
    56  	// This one is used in V1 security catalogs
    57  	CryptSipCreateIndirectData = "{C689AAB8-8E78-11D0-8C47-00C04FC295EE}"
    58  
    59  	// Filenames for MSI streams holding signature data
    60  	msiDigitalSignature   = "\x05DigitalSignature"
    61  	msiDigitalSignatureEx = "\x05MsiDigitalSignatureEx"
    62  )
    63  
    64  type SpcIndirectDataContentPe struct {
    65  	Data          SpcAttributePeImageData
    66  	MessageDigest DigestInfo
    67  }
    68  
    69  type SpcAttributePeImageData struct {
    70  	Type  asn1.ObjectIdentifier
    71  	Value SpcPeImageData `asn1:"optional"`
    72  }
    73  
    74  type DigestInfo struct {
    75  	DigestAlgorithm pkix.AlgorithmIdentifier
    76  	Digest          []byte
    77  }
    78  
    79  type SpcPeImageData struct {
    80  	Flags asn1.BitString
    81  	File  SpcLink `asn1:"tag:0"`
    82  }
    83  
    84  type SpcLink struct {
    85  	URL     string              `asn1:"optional,tag:0,ia5"`
    86  	Moniker SpcSerializedObject `asn1:"optional,tag:1"`
    87  	File    SpcString           `asn1:"optional,tag:2"`
    88  }
    89  
    90  type SpcString struct {
    91  	Unicode string `asn1:"optional,tag:0,utf8"`
    92  	ASCII   string `asn1:"optional,tag:1,ia5"`
    93  }
    94  
    95  type SpcSerializedObject struct {
    96  	ClassID        []byte
    97  	SerializedData []byte
    98  }
    99  
   100  type SpcAttributePageHashes struct {
   101  	Type   asn1.ObjectIdentifier
   102  	Hashes [][]byte `asn1:"set"`
   103  }
   104  
   105  type SpcSpOpusInfo struct {
   106  	ProgramName SpcString `asn1:"optional,tag:0"`
   107  	MoreInfo    SpcLink   `asn1:"optional,tag:1"`
   108  }
   109  
   110  type SpcSpStatementType struct {
   111  	Type asn1.ObjectIdentifier
   112  }
   113  
   114  type SpcIndirectDataContentMsi struct {
   115  	Data          SpcAttributeMsiImageData
   116  	MessageDigest DigestInfo
   117  }
   118  
   119  type SpcAttributeMsiImageData struct {
   120  	Type  asn1.ObjectIdentifier
   121  	Value SpcSipInfo `asn1:"optional"`
   122  }
   123  
   124  type SpcSipInfo struct {
   125  	A             int
   126  	UUID          []byte
   127  	B, C, D, E, F int
   128  }
   129  
   130  var msiSipInfo = SpcSipInfo{1, SpcUUIDSipInfoMsi, 0, 0, 0, 0, 0}
   131  var psSipInfo = SpcSipInfo{65536, SpcUUIDSipInfoPs, 0, 0, 0, 0, 0}
   132  
   133  type CertTrustList struct {
   134  	SubjectUsage     []asn1.ObjectIdentifier
   135  	ListIdentifier   []byte
   136  	EffectiveDate    time.Time
   137  	SubjectAlgorithm pkix.AlgorithmIdentifier
   138  	Entries          []CertTrustEntry
   139  	Attributes       *CertTrustAttributes `asn1:"optional,explicit,tag:0"`
   140  }
   141  
   142  type CertTrustEntry struct {
   143  	Tag    []byte
   144  	Values []CertTrustValue `asn1:"set"`
   145  }
   146  
   147  type CertTrustValue struct {
   148  	Attribute asn1.ObjectIdentifier
   149  	Value     asn1.RawValue
   150  }
   151  
   152  type CertTrustMemberInfoV1 struct {
   153  	ClassID  asn1.RawValue
   154  	Unknown1 int
   155  }
   156  
   157  type CertTrustAttributes struct {
   158  	// TODO
   159  }
   160  

View as plain text