What to do if the file has multiple digital signatures?
send010 opened this issue · 2 comments
send010 commented
What to do if the file has multiple digital signatures?
secana commented
Hi @send010, do you have an example binary? If so, I can have a look at what options PeNet offers, or what is needed to the information you need.
send010 commented
mycode:
public static List<X509Certificate2> GetSigningCertificates(this PeFile pefile)
{
var data = DecodeCertificateData(pefile.WinCertificate?.BCertificate.ToArray());
var result = new List<X509Certificate2>();
result.Add(pefile.Authenticode.SigningCertificate);
foreach (var cert in data)
{
result.AddRange(GetNestedAuthenticodeDetails(cert));
}
return result;
}
public static IEnumerable<SignerInfo> DecodeCertificateData(byte[] rawData)
{
var orgCms = new SignedCms();
orgCms.Decode(rawData);
return orgCms.SignerInfos.Cast<SignerInfo>();
}
public static List<X509Certificate2> GetNestedAuthenticodeDetails(SignerInfo cert)
{
var result = new List<X509Certificate2>();
List<CryptographicAttributeObject> data = new List<CryptographicAttributeObject>();
foreach (var item in cert.UnsignedAttributes)
{
if (item.Oid.Value == "1.3.6.1.4.1.311.2.4.1")
{
data.Add(item);
}
}
foreach (var item in data)
{
var CertificateList = DecodeCertificateData(item.Values[0].RawData);
foreach (var item1 in CertificateList)
{
result.Add(item1.Certificate);
}
}
return result;
}