pe: support basic certificates enumeration #354

RaitoBezarius · 2023-02-24T05:35:35Z

This is a rough PR to enable basic certificate enumeration in the PE structure.

I am planning to add support to transform the string binary data into a structured format using a PKCS#7 compatible library gated behind a feature flag maybe (?).

I'm not sure my implementation is optimal, let me know if I should simplify stuff.

For tests, I was planning to add PE binaries with a certificate and multiple certificates attached, checking the number of certificates found, would that work?

Later, I am also planning for write support, including attaching arbitrary signatures.

m4b · 2023-02-25T19:16:14Z

CI failing because needs a rustfmt

m4b

let's fix the potential infinite loop/make it less likely with random inputs and some of the underflow/overflow questions, but otherwise this looks great, thank you!

src/pe/certificate_table.rs

RaitoBezarius · 2023-02-25T21:21:48Z

Thank you for the mindful comments, will address them :) ; do you have an opinion on the tests @m4b ?

src/pe/certificate_table.rs

baloo · 2023-02-26T05:13:33Z

nitpick: CertificateAttribute should probably be named AttributeCertificate as this is referred as such in the spec, but it's a nitpick.

src/pe/certificate_table.rs

RaitoBezarius · 2023-02-26T12:24:22Z

Thanks for the comments @baloo ; will address them in the next hours 👍

m4b

let's fix up the nits i posted about pub stuff and other details, and the comments as @baloo suggested and then this is ready to go

src/pe/certificate_table.rs

src/pe/mod.rs

src/pe/certificate_table.rs

RaitoBezarius · 2023-03-05T12:50:16Z

Everything has been addressed, @m4b :)

m4b

This is good to go but we need to fix last issue with unimplemented, then we can merge. thank you for your patience!

src/pe/certificate_table.rs

RaitoBezarius · 2023-03-05T22:10:57Z

thank you for your patience!

it was quite fast for NixOS contributor standards :P -- thank you for your guidance

m4b

this is great thank you @RaitoBezarius

m4b · 2023-03-05T22:25:33Z

this will likely be rolled up into the 0.7 release which includes 1 minor breaking change, are you ok to wait a bit @RaitoBezarius i prefer to have at least a few changes between releases (1-2 month cadence seems the pattern). if not i could cherry-pick this into a 0.6.2 branch if it's something urgent.

RaitoBezarius · 2023-03-05T23:04:11Z

this will likely be rolled up into the 0.7 release which includes 1 minor breaking change, are you ok to wait a bit @RaitoBezarius i prefer to have at least a few changes between releases (1-2 month cadence seems the pattern). if not i could cherry-pick this into a 0.6.2 branch if it's something urgent.

can definitely wait because I want to send you more PRs on that subject so we can bundle a lot of them for this 0.7 :)

m4b · 2023-06-12T03:20:25Z

released in 0.7.0, thank you so much for your patience!

RaitoBezarius force-pushed the certificates branch from 02750ab to 086955b Compare February 24, 2023 06:36

m4b requested changes Feb 25, 2023

View reviewed changes

RaitoBezarius force-pushed the certificates branch from 086955b to cd7775c Compare February 25, 2023 23:39

RaitoBezarius requested a review from m4b February 25, 2023 23:42

RaitoBezarius force-pushed the certificates branch 2 times, most recently from ed08205 to 8876109 Compare February 25, 2023 23:52

baloo reviewed Feb 26, 2023

View reviewed changes