Wincert

wincert

Module for working with UEFI WinCert data.

WinCertPkcs1

Object representing a WinCertPkcs1 struct.

Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital signature.

Attributes:

Name	Type	Description
Hdr_dwLength	int	The length of the entire certificate, including the length of the header, in bytes.
Hdr_wRevision	int	The certificate type. See WIN_CERT_TYPE_xxx for the UEFI certificate types. The UEFI specification reserves the range of certificate type values from 0x0EF0 to 0x0EFF.
Hdr_wCertificateType	int	The following is the actual certificate. The format of the certificate depends on wCertificateType.
hash_algorithm	UUID	The Guid representing the hash algorithm for the Cert.
cert_data	memoryview	The actual Cert.

The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from WIN_CERTIFICATE and encapsulate the information needed to implement the RSASSA-PKCS1-v1_5 digital signature algorithm as specified in RFC2437. typedef struct { WIN_CERTIFICATE Hdr; EFI_GUID HashAlgorithm; UINT8 Signature[]; } WIN_CERTIFICATE_EFI_PKCS1_15;

The WIN_CERTIFICATE structure is part of the PE/COFF specification. typedef struct { UINT32 dwLength; UINT16 wRevision; UINT16 wCertificateType; UINT8 bCertificate[ANYSIZE_ARRAY]; } WIN_CERTIFICATE;

HashAlgorithm property writable

HashAlgorithm: UUID

Returns the HashAlgorithm.

CertData property writable

CertData: bytes

Returns the CertData.

__init__

__init__(
    filestream: Optional[BytesIO] = None,
) -> WinCertPkcs1

Inits the object.

add_cert_data

add_cert_data(fs: BytesIO) -> None

Adds the Cert Data to the struct.

Parameters:

Name	Type	Description	Default
fs	BytesIO	filestream representing bytes	required

Raises:

Type	Description
ValueError	Invalid Cert Data
ValueError	Missing Hash Algorithm

AddCertData

AddCertData(fs: BytesIO) -> None

Adds the Cert Data to the struct.

Raises:

Type	Description
ValueError	Invalid Cert Data
ValueError	Missing Hash Algorithm

set_hash_algorithm

set_hash_algorithm(hash_algorithm: uuid.UUID) -> None

Sets the hash algorithm for the wincert.

Parameters:

Name	Type	Description	Default
hash_algorithm	UUID	The Guid representing the hash algorithm for the Cert.	required

decode

decode(fs: BytesIO) -> None

Populates the struct from a filestream.

Parameters:

Name	Type	Description	Default
fs	BytesIO	An open file	required

Raises:

Type	Description
ValueError	Invalid stream
ValueError	Invalid stream size

PopulateFromFileStream

PopulateFromFileStream(fs: BytesIO) -> None

Populates the struct from a filestream.

Parameters:

Name	Type	Description	Default
fs	BytesIO	an open file	required

Raises:

Type	Description
ValueError	Invalid stream
ValueError	Invalid stream size

print

print(out_fs: Optional[BytesIO] = sys.stdout) -> None

Prints the struct to the console.

Print

Print(out_fs: Optional[BytesIO] = sys.stdout) -> None

Prints the struct to the console.

encode

encode() -> bytes

Serializes the object.

Returns:

Type	Description
bytes	string representing packed data as bytes (i.e. b'\x01\x00\x03')

write

write(fs: BytesIO) -> None

Writes an serialized object to a filestream.

Parameters:

Name	Type	Description	Default
fs	obj	an open file	required

Write

Write(fs: BytesIO) -> None

Serializes the object.

Parameters:

Name	Type	Description	Default
fs	BytesIO	an open file	required

WinCertUefiGuid

Object representing a Certificate which encapsulates a GUID-specific digital signature.

Attributes:

Name	Type	Description
Hdr_dwLength	int	The length of the entire certificate, including the length of the header, in bytes.
Hdr_wRevision	int	The certificate type. See WIN_CERT_TYPE_xxx for the UEFI certificate types. The UEFI specification reserves the range of certificate type values from 0x0EF0 to 0x0EFF.
Hdr_wCertificateType	int	The following is the actual certificate. The format of the certificate depends on wCertificateType.
cert_data	memoryview	The actual Cert.

typedef struct { WIN_CERTIFICATE Hdr; EFI_GUID cert_type; UINT8 cert_data[1]; } WIN_CERTIFICATE_UEFI_GUID;

The WIN_CERTIFICATE structure is part of the PE/COFF specification. typedef struct { UINT32 dwLength; UINT16 wRevision; UINT16 wCertificateType; UINT8 bCertificate[ANYSIZE_ARRAY]; } WIN_CERTIFICATE;

CertData property writable

CertData: UUID

Returns the CertData.

CertType property writable

CertType: UUID

Returns the CertType.

__init__

__init__(
    in_data: Optional[BytesIO] = None,
) -> WinCertUefiGuid

Inits the object.

get_length

get_length() -> int

Returns the length of the WinCertUefiGuid and it's data.

Encode

Encode() -> str

Serializes the object.

Returns:

Type	Description
str	string representing packed data as bytes (i.e. b'\x01\x00\x03')

Raises:

Type	Description
ValueError	Invalid Revision
ValueError	Invalid Cert Type

encode

encode() -> str

Serializes the object.

Returns:

Type	Description
str	string representing packed data as bytes (i.e. b'\x01\x00\x03')

Raises:

Type	Description
ValueError	Invalid Revision
ValueError	Invalid Cert Type

Decode

Decode(Buffer: BytesIO) -> bytes

Loads the struct with values from a buffer.

Parameters:

Name	Type	Description	Default
Buffer	BytesIO	Buffer containing serialized data	required

Returns:

Type	Description
bytes	Any remaining buffer

Raises:

Type	Description
ValueError	Invalid Buffer
ValueError	Invalid dwlength
ValueError	Invalid Revision
ValueError	Invalid Cert Type

decode

decode(in_data: BytesIO) -> bytes

Loads the struct with values from a buffer.

Parameters:

Name	Type	Description	Default
in_data	BytesIO	in_data containing serialized data	required

Returns:

Type	Description
bytes	Any remaining buffer

Raises:

Type	Description
ValueError	Invalid Buffer
ValueError	Invalid dwLength
ValueError	Invalid Revision
ValueError	Invalid Cert Type
ValueError	Invalid datatype provided

AddCertData

AddCertData(in_data: BytesIO) -> None

Adds the Cert Data to the struct.

Parameters:

Name	Type	Description	Default
in_data	obj	Data to read.	required

add_cert_data

add_cert_data(in_data: BytesIO) -> None

Adds the Cert Data to the struct.

Parameters:

Name	Type	Description	Default
in_data	obj	Data to read.	required

PopulateFromFileStream

PopulateFromFileStream(fs: BytesIO) -> bytes

Un-serialized from a filestream.

Parameters:

Name	Type	Description	Default
fs	BytesIO	Already opened file	required

Raises:

Type	Description
ValueError	Invalid fs
ValueError	Invalid size

get_certificate

get_certificate() -> bytes

Returns certificate data, if certificate data exists.

GetCertificate

GetCertificate() -> bytes

Returns certificate data, if certificate data exists.

print

print(outfs: StringIO = sys.stdout) -> None

Prints struct to console.

Print

Print(outfs: StringIO = sys.stdout) -> None

Prints struct to console.

dump_info

dump_info(outfs: StringIO = sys.stdout) -> None

Prints struct to a file stream.

DumpInfo

DumpInfo(outfs: StringIO = sys.stdout) -> None

Prints struct to a file stream.

write

write(fs: BytesIO) -> None

Writes the struct to a filestream.

Write

Write(fs: BytesIO) -> None

Writes the struct to a filestream.

__str__

__str__() -> str

Returns the object as a string.

WinCert

Object for generating a WinCert.

factory staticmethod

factory(
    fs: BytesIO,
) -> Union[WinCertUefiGuid, WinCertPkcs1]

Generates a specific Cert Type depending on parsed Hdr_wCertificationType from the fs.

Parameters:

Name	Type	Description	Default
fs	BytesIO	filestream	required

Returns:

Type	Description
WinCertUefiGuid	if Hdr_wCertificationType == WIN_CERT_TYPE_EFI_GUID
WinCertPkcs1	if Hdr_wCertificationType == WIN_CERT_TYPE_EFI_PKCS115

Factory staticmethod

Factory(
    fs: BytesIO,
) -> Union[WinCertUefiGuid, WinCertPkcs1]

Generates a specific Cert Type depending on parsed Hdr_wCertificationType from the fs.

Parameters:

Name	Type	Description	Default
fs	BytesIO	filestream	required

Returns:

Type	Description
WinCertUefiGuid	if Hdr_wCertificationType == WIN_CERT_TYPE_EFI_GUID
WinCertPkcs1	if Hdr_wCertificationType == WIN_CERT_TYPE_EFI_PKCS115