Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: implement Authenticode parsing and verification without relying on OpenSSL #100

Merged
merged 43 commits into from
Apr 29, 2024

Conversation

plusvic
Copy link
Member

@plusvic plusvic commented Apr 29, 2024

Until now we were using the authenticode-parser crate for Authenticode parsing and verification. This is simply a Rust wrapper around https://github.com/avast/authenticode-parser which is written in C and uses OpenSSL under the hood. Depending on OpenSSL makes building and deploying YARA-X harder, specially when you want to integrate YARA-X in other systems.

With this change all the Authenticode parsing and validation is re-written in Rust.

plusvic and others added 30 commits April 10, 2024 12:05
…es (#99)

This adds deferred parsing of SignedAttributes field of SignedInfo
structure within CMS, allowing us to directly access the raw data of
this field so that it can be properly verified without canonical DER
decoder in the way.

To make things easier and avoid rewrite of as many code as possible,
there's option to turn `DeferSignerInfo` structure directly into
`SignerInfo` structure. On top of that, all other fields are decoded
as usual, making deferred structure still useful in cases where
non-deferred attributes are needed.

Affected binary added to tests.
@plusvic plusvic enabled auto-merge (squash) April 29, 2024 11:40
@plusvic plusvic merged commit fa628cf into main Apr 29, 2024
24 checks passed
@plusvic plusvic deleted the authenticode3 branch April 29, 2024 11:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants