def _get_digital_signers(self):
if not self.pe:
return None
retlist = None
if HAVE_CRYPTO:
address = self.pe.OPTIONAL_HEADER.DATA_DIRECTORY[pefile.DIRECTORY_ENTRY['IMAGE_DIRECTORY_ENTRY_SECURITY']].VirtualAddress
#check if file is digitally signed
if address == 0:
return retlist
signature = self.pe.write()[address+8:]
# BIO.MemoryBuffer expects an argument of type 'str'
if type(signature) is bytearray:
signature = str(signature)
bio = BIO.MemoryBuffer(signature)
if bio:
swig_pkcs7 = m2.pkcs7_read_bio_der(bio.bio_ptr())
if swig_pkcs7:
p7 = SMIME.PKCS7(swig_pkcs7)
xst = p7.get0_signers(X509.X509_Stack())
retlist = []
if xst:
for cert in xst:
sn = cert.get_serial_number()
sha1_fingerprint = cert.get_fingerprint('sha1').lower().rjust(40, '0')
md5_fingerprint = cert.get_fingerprint('md5').lower().rjust(32, '0')
subject_str = str(cert.get_subject())
try:
cn = subject_str[subject_str.index("/CN=")+len("/CN="):]
except:
continue
retlist.append({
"sn": str(sn),
"cn": cn,
"sha1_fingerprint": sha1_fingerprint,
"md5_fingerprint": md5_fingerprint
})
return retlist
评论列表
文章目录
