2 releases
| new 0.1.1 | Mar 1, 2025 |
|---|---|
| 0.1.0 | Feb 28, 2025 |
#1389 in Cryptography
287 downloads per month
1MB
293 lines
Contains (DOS exe, 1.5MB) test-pe/test-signed-64.bin, (DOS exe, 680KB) test-pe/test-signed-32.bin, (DOS exe, 180KB) test-pe/test-unsigned-64.bin, (DOS exe, 61KB) test-pe/test-unsigned-32.bin
cross-authenticode
THIS CRATE IS CURRENTLY WORK IN PROGRESS
There will be frequent breaking changes until the first 1.*.* release
Cross platform library to check authenticode signatures and certificate hashes of PE files. It's focus is on a seamless cross platform experience, so that you can use the same code on Windows, Linux and macOS.
Current State
- Extract all certificates from a PE file
- Compute the
SHA-1andSHA-256hash (thumbprint/fingerprint) of a certificate - Find the signing certificate of the PE file from the certificate chain
- Verify the signature of a PE file
Documentation
The documentation can be found docs.rs/cross-authenticode
Related Projects
There are a few other projects on crates.io that deal with authenticode signatures. Here is a list of them and why I decided to write my own:
- authenticode: Does not compute the thumbprint of the certificates
- authenticate-parser: Depends on
opensslwhich makes it hard to cross-compile
Dependencies
~3–4MB
~86K SLoC