winsign.verify

Code to verify signatures.

class winsign.verify.VerifyStatus

Object to represent signature verification status.

add_result(name, value, message)

Add a new result to the verificatoin status.

winsign.verify.asn1_name_to_cryptography_name(asn1_name)

Convert an ASN1 name to a x509 name.

winsign.verify.get_attribute(attributes, type_)

Return the first attribute with the given type from a sequence of attributes.

winsign.verify.get_x509_certificates(pe)

Returns a mapping of (issuer, serial) to x509 certificates.

winsign.verify.strip_pkcs1_padding(b)

Removes PKCS1 padding from a byte string.

e.g. 00 01 FF FF FF FF 00 12 34 -> 12 34

winsign.verify.verify_pefile(f)

Verifies the given pefile.

Parameters:

f (file object) – open pefile. This must be open in binary mode.

Returns:

A VerifyStatus object, which evaluates to True if all checks pass, or False if one or more checks fail. A list of checks and their statuses can be found in the .results attribute.

winsign.verify.verify_pefile_checksum(f, pe)

Verifies the PE file checksum.

winsign.verify.verify_pefile_digest(f, pe)

Verifies that the authenticode digest in this PE file is valid.

winsign.verify.verify_pefile_old_timestamp(f, pe)

Verifies that the timestamp in this PE file is valid.

winsign.verify.verify_pefile_rfc3161_timestamp(f, pe)

Verifies that the timestamp in this PE file is valid.

winsign.verify.verify_pefile_signature(f, pe)

Verifies that the signature in this PE file is valid.

winsign.verify.verify_signed_data(signed_data, x509_certs_by_serial)

Verify a SignedData object.

winsign.verify.verify_signer_info(signer_info, x509_certs_by_serial)

Verifies a SignerInfo object from a signature.