Class SecurityCertificate

java.lang.Object
ghidra.app.util.bin.format.pe.SecurityCertificate
All Implemented Interfaces:
StructConverter

public class SecurityCertificate extends Object implements StructConverter
A class to represent the WIN_CERTIFICATE struct as defined in winbase.h.

This structure encapsulates a signature used in verifying executables.

 typedef struct _WIN_CERTIFICATE {
     DWORD       dwLength;
     WORD        wRevision;
     WORD        wCertificateType;   // WIN_CERT_TYPE_xxx
     BYTE        bCertificate[ANYSIZE_ARRAY];
 } WIN_CERTIFICATE, *LPWIN_CERTIFICATE;
 
  • Field Details

    • NAME

      public static final String NAME
      The name to use when converting into a structure data type.
      See Also:
    • WIN_CERT_REVISION_1_0

      public static final int WIN_CERT_REVISION_1_0
      See Also:
    • WIN_CERT_REVISION_2_0

      public static final int WIN_CERT_REVISION_2_0
      See Also:
    • WIN_CERT_TYPE_X509

      public static final int WIN_CERT_TYPE_X509
      bCertificate contains an X.509 Certificate.
      See Also:
    • WIN_CERT_TYPE_PKCS_SIGNED_DATA

      public static final int WIN_CERT_TYPE_PKCS_SIGNED_DATA
      bCertificate contains a PKCS SignedData structure.
      See Also:
    • WIN_CERT_TYPE_RESERVED_1

      public static final int WIN_CERT_TYPE_RESERVED_1
      Reserved.
      See Also:
    • WIN_CERT_TYPE_PKCS1_SIGN

      public static final int WIN_CERT_TYPE_PKCS1_SIGN
      bCertificate contains PKCS1_MODULE_SIGN fields.
      See Also:
  • Constructor Details

    • SecurityCertificate

      public SecurityCertificate()
  • Method Details

    • getLength

      public int getLength()
      Returns the length, in bytes, of the signature.
      Returns:
      the length, in bytes, of the signature
    • getRevision

      public int getRevision()
      Returns the certificate revision. Currently, the only defined certificate revision is WIN_CERT_REVISION_1_0 (0x0100).
      Returns:
      the certificate revision
    • getType

      public int getType()
      Returns the certificate type.
      Returns:
      the certificate type
    • getTypeAsString

      public String getTypeAsString()
      Returns a string representation of the certificate type.
      Returns:
      a string representation of the certificate type
    • getData

      public byte[] getData()
      An array of certificates. The format of this member depends on the value of wCertificateType.
      Returns:
      an array of certificates
    • toDataType

      public DataType toDataType() throws DuplicateNameException
      Description copied from interface: StructConverter
      Returns a structure datatype representing the contents of the implementor of this interface.

      For example, given:

       class A {
           int foo;
           double bar;
       }
       

      The return value should be a structure data type with two data type components; an INT and a DOUBLE. The structure should contain field names and, if possible, field comments.

      Specified by:
      toDataType in interface StructConverter
      Returns:
      returns a structure datatype representing the implementor of this interface
      Throws:
      DuplicateNameException - when a datatype of the same name already exists
      See Also: