Documentation
¶
Index ¶
Constants ¶
View Source
const ( SigProvUnknown = SigProvenance(iota) SigProvEmbedded SigProvCatalog )
Variables ¶
View Source
var ( // ErrSigNotFound is returned if no authenticode signature could be found. ErrSigNotFound = errors.New("authenticode signature not found") // ErrUnexpectedCertSubject is wrapped with the actual cert subject and // returned when the binary is signed by a different subject than expected. ErrUnexpectedCertSubject = errors.New("unexpected cert subject") )
Functions ¶
Types ¶
type CertSubjectError ¶
type CertSubjectError struct {
Err error // The error that occurred while extracting the cert subject.
Subject string // The (possibly invalid) cert subject that was extracted.
}
CertSubjectError is returned if a cert subject was successfully resolved but there was a problem encountered during its extraction. The Subject is provided for informational purposes but is not presumed to be accurate.
func (*CertSubjectError) Error ¶
func (e *CertSubjectError) Error() string
func (*CertSubjectError) Unwrap ¶
func (e *CertSubjectError) Unwrap() error
type SigProvenance ¶
type SigProvenance int
SigProvenance indicates whether an authenticode signature was embedded within the file itself, or the signature applies to an associated catalog file.
func QueryCertSubject ¶
func QueryCertSubject(path string) (certSubject string, provenance SigProvenance, err error)
QueryCertSubject obtains the subject associated with the certificate used to sign the PE binary located at path. When err == nil, it also returns the provenance of that signature. ErrSigNotFound is returned if no signature is found. Note that this function does *not* validate the chain of trust; use Verify for that purpose!
Source Files
Click to show internal directories.
Click to hide internal directories.