Skip to content

blueboxd/php-authenticode

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
classes
classes
 
 
tools
tools
 
 
trusted
trusted
 
 
vendor
vendor
 
 
.gitignore
.gitignore
 
 
Authenticode.php
Authenticode.php
 
 
README.md
README.md
 
 

Repository files navigation

php-authenticode

What is this?

pure-php implementation of authenticode verifier.

implemented validation

  • authenticode hash (PE32/PE32+)
  • signedData integrity
  • timestamping (simple countersignature/RFC 3161)
  • certificate chain engine with validation:
  • signature (RSA/ECDSA with SHA-1/2)
  • validity period
  • keyUsage/extKeyUsage
  • basicConstraints (CA)

usage

simple validation from PHP

require_once "Authenticode.php";

$acVerifier = new Authenticode($pathToPE);
var_dump($acVerifier->isValid());

manual validation

php tools/verifyAC.php /path/to/PE

certificate store

certificates (pem format) in trusted/codesigning are trusted as root CA

TODOs

CCE/w validation

  • CRL validation
  • CRL loader
  • CRL parser/validator
  • validate certificate with CRL
  • OCSP support
  • OCSP client
  • validate certificate with OCSP result
  • basicConstraints (pathlen)
  • restrict usage of CA certificates

About

Pure-PHP implementation of Authenticode verifier

Topics

php authenticode codesigning

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages