README
¶
go-winexetag
Embed custom data in code-signed PE (Windows) executables without breaking the signature.
This project is comprised of three parts:
- The
winexetaglibrary. exetag-tool, a CLI tool, to manipulate tags on code-signed PE files.exetag-httpd, a rudimentary HTTP server, to tag code-signed EXE files on the fly.
Origin
Original source code extracted from certificate_tag, a tool included in
Google's Omaha project, which
is the open-source version of Google Update for Windows.
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetSelfInstallationTag ¶
func SetTagCertTag ¶
SetTagCertTag modifies signedData, adding the tagging cert with the given tag. It returns the asn1 serialization of the modified signedData.
Types ¶
type Binary ¶
type Binary interface {
GetTagCert() (cert *x509.Certificate, index int, err error)
GetTag() (tag []byte, err error)
SetTag(tag []byte) (contents []byte, err error)
}
Binary represents a taggable binary of any format.
type MSIBinary ¶
type MSIBinary struct {
// contains filtered or unexported fields
}
MSIBinary represents an MSI binary. |headerBytes| and |contents| are non-overlapping slices of the same backing array.
func NewMSIBinary ¶
NewMSIBinary returns a Binary that contains details of the MSI binary given in |contents|. |contents| is modified; the region occupied by the cert section is zeroed out.
func (*MSIBinary) GetTagCert ¶
func (bin *MSIBinary) GetTagCert() (cert *x509.Certificate, index int, err error)
type MSIDirEntry ¶
type MSIDirEntry struct {
Name [64]byte
NumNameBytes uint16
ObjectType uint8
ColorFlag uint8
Left uint32
Right uint32
Child uint32
Clsid [16]byte
StateFlags uint32
CreateTime uint64
ModifyTime uint64
StreamFirstSector uint32
StreamSize uint64
}
MSIDirEntry represents a parsed MSI directory entry for a stream.
type MSIHeader ¶
type MSIHeader struct {
Magic [8]byte
Clsid [16]byte
MinorVersion uint16
DllVersion uint16
ByteOrder uint16
SectorShift uint16
MiniSectorShift uint16
Reserved [6]byte
NumDirSectors uint32
NumFatSectors uint32
FirstDirSector uint32
TransactionSignatureNumber uint32
MiniStreamCutoffSize uint32
FirstMiniFatSector uint32
NumMiniFatSectors uint32
FirstDifatSector uint32
NumDifatSectors uint32
}
MSIHeader represents a parsed MSI header.
type PE32Binary ¶
type PE32Binary struct {
// contains filtered or unexported fields
}
PE32Binary represents a PE binary.
func NewPE32Binary ¶
func NewPE32Binary(contents []byte) (*PE32Binary, error)
NewPE32Binary returns a Binary that contains details of the PE32 binary given in contents.
func (*PE32Binary) GetTag ¶
func (bin *PE32Binary) GetTag() (tag []byte, err error)
func (*PE32Binary) GetTagCert ¶
func (bin *PE32Binary) GetTagCert() (cert *x509.Certificate, index int, err error)
func (*PE32Binary) SetTag ¶
func (bin *PE32Binary) SetTag(tag []byte) (contents []byte, err error)
SetTag returns a PE binary based on bin, but where the superfluous certificate contains the given tag data. The (parsed) bin.signedData is modified; but bin.asn1Bytes, which contains the raw original bytes, is not.
type SectorFormat ¶
type SectorFormat struct {
Size offT // the size of a sector in bytes; 512 for dll v3 and 4096 for v4.
Ints int // the number of int32s in a sector.
}
SectorFormat represents parameters of an MSI file sector.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
cmd
|
|
|
exetag-tool
Program exetag-tool manipulates "tags" in Authenticode-signed Windows binaries.
|
Program exetag-tool manipulates "tags" in Authenticode-signed Windows binaries. |