| February 13, 2019 | ||
|---|---|---|
 |
View 1d7f6b2
Add support for cert blacklisting and whitelisting upfrontAndrew authored on 2019/02/13 05:10:04 |
|
| January 26, 2019 | ||
|---|---|---|
 |
View e1cbc27
Updating and cleaning up copyright notices.Micah Snyder authored on 2019/01/26 00:15:50 |
|
| January 8, 2019 | ||
|---|---|---|
|
View afe940d
PE parsing code improvements, db loading bug fixesAndrew authored on 2019/01/08 14:09:08 |
|
| December 4, 2018 | ||
|---|---|---|
|
View 288057e
clang-format'd using new .clang-format rules.Micah Snyder authored on 2018/12/04 02:40:13 |
|
|
View 27948a0
Added .clang-format style rules, clam-format script to automate formatting of ClamAV code, and preparing select files so that clang-format does not alter carefully formatted sections.Micah Snyder authored on 2018/12/04 02:37:58 |
|
| October 26, 2018 | ||
|---|---|---|
|
View 4d62654
Moving variable declaration to top of function because ‘for’ loop initial declarations are only allowed in C99 mode.Micah Snyder authored on 2018/10/26 12:30:44 |
|
| October 10, 2018 | ||
|---|---|---|
|
View d26a6fd
Allow the NULL to be missing on all AlgorithmIdsAndrew authored on 2018/10/10 03:00:28 |
|
| September 15, 2018 | ||
|---|---|---|
|
View b9c3525
Fix support for authenticode signatures from external .cat files This commit adds back in support for whitelisting files based on signatures from .cat files loaded in via a '-d' flag to clamscan. This also makes it so that a .crb blacklist rule match can't be overruled by a signature in a .cat fileAndrew authored on 2018/09/15 03:39:47 |
|
| September 14, 2018 | ||
|---|---|---|
|
View 39f735b
Make --dumpcerts be more consistent, improve cert processing This commit makes the following changes: - --dumpcerts will print certificates even if they already exist in any .crb files loaded - --dumpcerts will print certificates only once - Having a whitelist CRB rule on a leaf certificate should no longer prevent signature verification from happening. NOTE, this doesn't mean that you can have whitelist rules for leaf certificates and have that result in a trusted signature - that doesn't work yet - Determining whether a certificate is blacklisted now includes comparing the public key data (modulus and exponent) in addition to the subject and serial hashes - If a blacklisted certificate is detected, the code will return immediately instead of continuing on to parse the rest of the signatureAndrew authored on 2018/09/14 01:04:17 |
|
| September 12, 2018 | ||
|---|---|---|
|
View a493156
Add debug message in the case where a seemingly useless cert is detectedAndrew authored on 2018/09/12 23:41:59 |
|
|
View 7c55d4f
Set the certSign flag for certificates without a KeyUsage The MS MD5 root cert doesn't have the KeyUsage set and appears to validate just fineAndrew authored on 2018/09/12 23:04:35 |
|
| September 11, 2018 | ||
|---|---|---|
|
View c6c71ef
Allow x509 certs with v1 TBSCertificate sections in the timestamp chain There are some Windows binaries that have certificates with version 1 TBSCertificate sections. This technically isn't allowed by the spec, but the Windows API still seems to report these are being OKAndrew authored on 2018/09/11 05:27:21 |
|
| September 10, 2018 | ||
|---|---|---|
|
View a26ed93
Fix a bug causing nested signatures to trigger the no-countersignature case In an earlier commit, I mistakenly check for whether a nested signature has been seen when determining whether a countersignature is present instead of checking that the countersignature has been seenAndrew authored on 2018/09/10 23:43:08 |
|
|
View 5f11b08
Allow for the timestampToken OID in place of pkcs7-data OID in the countersignatureAndrew authored on 2018/09/10 23:41:56 |
|
| September 9, 2018 | ||
|---|---|---|
|
View 72771d9
Allow '0' as a counterSignature versionAndrew authored on 2018/09/09 04:16:18 |
|