Wincert
wincert ¶
Module for working with UEFI WinCert data.
WinCertPkcs1 ¶
Object representing a WinCertPkcs1 struct.
Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.
Attributes:
Name | Type | Description |
---|---|---|
Hdr_dwLength |
int
|
The length of the entire certificate, including the length of the header, in bytes. |
Hdr_wRevision |
int
|
The certificate type. See WIN_CERT_TYPE_xxx for the UEFI certificate types. The UEFI specification reserves the range of certificate type values from 0x0EF0 to 0x0EFF. |
Hdr_wCertificateType |
int
|
The following is the actual certificate. The format of the certificate depends on wCertificateType. |
hash_algorithm |
UUID
|
The Guid representing the hash algorithm for the Cert. |
cert_data |
memoryview
|
The actual Cert. |
The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from WIN_CERTIFICATE and encapsulate the information needed to implement the RSASSA-PKCS1-v1_5 digital signature algorithm as specified in RFC2437. typedef struct { WIN_CERTIFICATE Hdr; EFI_GUID HashAlgorithm; UINT8 Signature[]; } WIN_CERTIFICATE_EFI_PKCS1_15;
The WIN_CERTIFICATE structure is part of the PE/COFF specification. typedef struct { UINT32 dwLength; UINT16 wRevision; UINT16 wCertificateType; UINT8 bCertificate[ANYSIZE_ARRAY]; } WIN_CERTIFICATE;
add_cert_data ¶
add_cert_data(fs: BytesIO) -> None
Adds the Cert Data to the struct.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
fs |
BytesIO
|
filestream representing bytes |
required |
Raises:
Type | Description |
---|---|
ValueError
|
Invalid Cert Data |
ValueError
|
Missing Hash Algorithm |
AddCertData ¶
AddCertData(fs: BytesIO) -> None
Adds the Cert Data to the struct.
Raises:
Type | Description |
---|---|
ValueError
|
Invalid Cert Data |
ValueError
|
Missing Hash Algorithm |
set_hash_algorithm ¶
set_hash_algorithm(hash_algorithm: uuid.UUID) -> None
Sets the hash algorithm for the wincert.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
hash_algorithm |
UUID
|
The Guid representing the hash algorithm for the Cert. |
required |
decode ¶
decode(fs: BytesIO) -> None
Populates the struct from a filestream.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
fs |
BytesIO
|
An open file |
required |
Raises:
Type | Description |
---|---|
ValueError
|
Invalid stream |
ValueError
|
Invalid stream size |
PopulateFromFileStream ¶
PopulateFromFileStream(fs: BytesIO) -> None
Populates the struct from a filestream.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
fs |
BytesIO
|
an open file |
required |
Raises:
Type | Description |
---|---|
ValueError
|
Invalid stream |
ValueError
|
Invalid stream size |
encode ¶
encode() -> bytes
Serializes the object.
Returns:
Type | Description |
---|---|
bytes
|
string representing packed data as bytes (i.e. b'\x01\x00\x03') |
write ¶
write(fs: BytesIO) -> None
Writes an serialized object to a filestream.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
fs |
obj
|
an open file |
required |
Write ¶
Write(fs: BytesIO) -> None
Serializes the object.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
fs |
BytesIO
|
an open file |
required |
WinCertUefiGuid ¶
Object representing a Certificate which encapsulates a GUID-specific digital signature.
Attributes:
Name | Type | Description |
---|---|---|
Hdr_dwLength |
int
|
The length of the entire certificate, including the length of the header, in bytes. |
Hdr_wRevision |
int
|
The certificate type. See WIN_CERT_TYPE_xxx for the UEFI certificate types. The UEFI specification reserves the range of certificate type values from 0x0EF0 to 0x0EFF. |
Hdr_wCertificateType |
int
|
The following is the actual certificate. The format of the certificate depends on wCertificateType. |
cert_data |
memoryview
|
The actual Cert. |
typedef struct { WIN_CERTIFICATE Hdr; EFI_GUID cert_type; UINT8 cert_data[1]; } WIN_CERTIFICATE_UEFI_GUID;
The WIN_CERTIFICATE structure is part of the PE/COFF specification. typedef struct { UINT32 dwLength; UINT16 wRevision; UINT16 wCertificateType; UINT8 bCertificate[ANYSIZE_ARRAY]; } WIN_CERTIFICATE;
Encode ¶
Encode() -> str
Serializes the object.
Returns:
Type | Description |
---|---|
str
|
string representing packed data as bytes (i.e. b'\x01\x00\x03') |
Raises:
Type | Description |
---|---|
ValueError
|
Invalid Revision |
ValueError
|
Invalid Cert Type |
encode ¶
encode() -> str
Serializes the object.
Returns:
Type | Description |
---|---|
str
|
string representing packed data as bytes (i.e. b'\x01\x00\x03') |
Raises:
Type | Description |
---|---|
ValueError
|
Invalid Revision |
ValueError
|
Invalid Cert Type |
Decode ¶
Decode(Buffer: BytesIO) -> bytes
Loads the struct with values from a buffer.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
Buffer |
BytesIO
|
Buffer containing serialized data |
required |
Returns:
Type | Description |
---|---|
bytes
|
Any remaining buffer |
Raises:
Type | Description |
---|---|
ValueError
|
Invalid Buffer |
ValueError
|
Invalid dwlength |
ValueError
|
Invalid Revision |
ValueError
|
Invalid Cert Type |
decode ¶
decode(in_data: BytesIO) -> bytes
Loads the struct with values from a buffer.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
in_data |
BytesIO
|
in_data containing serialized data |
required |
Returns:
Type | Description |
---|---|
bytes
|
Any remaining buffer |
Raises:
Type | Description |
---|---|
ValueError
|
Invalid Buffer |
ValueError
|
Invalid dwLength |
ValueError
|
Invalid Revision |
ValueError
|
Invalid Cert Type |
ValueError
|
Invalid datatype provided |
AddCertData ¶
AddCertData(in_data: BytesIO) -> None
Adds the Cert Data to the struct.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
in_data |
obj
|
Data to read. |
required |
add_cert_data ¶
add_cert_data(in_data: BytesIO) -> None
Adds the Cert Data to the struct.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
in_data |
obj
|
Data to read. |
required |
PopulateFromFileStream ¶
PopulateFromFileStream(fs: BytesIO) -> bytes
Un-serialized from a filestream.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
fs |
BytesIO
|
Already opened file |
required |
Raises:
Type | Description |
---|---|
ValueError
|
Invalid fs |
ValueError
|
Invalid size |
WinCert ¶
Object for generating a WinCert.
factory
staticmethod
¶
factory(
fs: BytesIO,
) -> Union[WinCertUefiGuid, WinCertPkcs1]
Generates a specific Cert Type depending on parsed Hdr_wCertificationType from the fs.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
fs |
BytesIO
|
filestream |
required |
Returns:
Type | Description |
---|---|
WinCertUefiGuid
|
if Hdr_wCertificationType == WIN_CERT_TYPE_EFI_GUID |
WinCertPkcs1
|
if Hdr_wCertificationType == WIN_CERT_TYPE_EFI_PKCS115 |
Factory
staticmethod
¶
Factory(
fs: BytesIO,
) -> Union[WinCertUefiGuid, WinCertPkcs1]
Generates a specific Cert Type depending on parsed Hdr_wCertificationType from the fs.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
fs |
BytesIO
|
filestream |
required |
Returns:
Type | Description |
---|---|
WinCertUefiGuid
|
if Hdr_wCertificationType == WIN_CERT_TYPE_EFI_GUID |
WinCertPkcs1
|
if Hdr_wCertificationType == WIN_CERT_TYPE_EFI_PKCS115 |