avast / authenticode-parser Goto Github PK
View Code? Open in Web Editor NEWAuthenticode-parser is a simple C library for Authenticode format parsing using OpenSSL.
License: MIT License
authenticode-parser's People
Contributors
Stargazers
Watchers
authenticode-parser's Issues
GCC 12 is reporting use-after-free warnings
When building the library on Arch Linux with GCC 12, several use-after-free warnings are emitted.
Steps to reproduce:
git clone https://github.com/avast/authenticode-parser/ && cd authenticode-parser
mkdir build && cd build
cmake ..
make
Expected output:
No warnings are reported.
Actual output:
authenticode-parser/src/authenticode.c: In function ‘authenticode_new’:
authenticode-parser/src/authenticode.c:306:20: warning: pointer ‘result’ used after ‘free’ [-Wuse-after-free]
306 | free(result->signatures);
| ~~~~~~^~~~~~~~~~~~
authenticode-parser/src/authenticode.c:305:9: note: call to ‘free’ here
305 | free(result);
| ^~~~~~~~~~~~
authenticode-parser/src/certificate.c: In function ‘parse_signer_chain’:
authenticode-parser/src/certificate.c:159:36: warning: pointer ‘result’ may be used after ‘free’ [-Wuse-after-free]
159 | certificate_free(result->certs[i]);
| ~~~~~~^~~~~~~
authenticode-parser/src/certificate.c:156:5: note: call to ‘free’ here
156 | free(result);
| ^~~~~~~~~~~~
authenticode-parser/src/certificate.c:161:20: warning: pointer ‘result’ may be used after ‘free’ [-Wuse-after-free]
161 | free(result->certs);
| ~~~~~~^~~~~~~
authenticode-parser/src/certificate.c:156:5: note: call to ‘free’ here
156 | free(result);
| ^~~~~~~~~~~~
authenticode-parser/src/certificate.c:158:38: warning: pointer ‘result’ may be used after ‘free’ [-Wuse-after-free]
158 | for (size_t i = 0; i < result->count; ++i) {
| ~~~~~~^~~~~~~
authenticode-parser/src/certificate.c:156:5: note: call to ‘free’ here
156 | free(result);
| ^~~~~~~~~~~~
Crash when parsing malformed PE file
Hi folks,
A crash was found while fuzz testing of the authenticode_dumper binary which can be triggered via a malformed PE file. Although this malformed file only crashes the program as-is, it could potentially be crafted further and create a security issue where these kinds of files would be able compromise the process's memory through taking advantage of affordances given by memory corruption. It's recommend to harden the code to prevent these kinds of bugs as it could greatly mitigate such this issue and even future bugs.
crash.exe debug log
Repro file: https://ufile.io/6qwkgvkm
$ authenticode_dumper crash.exe
Segmentation fault (core dumped)
(gdb) r crash.exe
Starting program: authenticode_dumper crash.exe
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
0x0000555555559b2b in parse_authenticode ()
(gdb) i r
rax 0x555556563490 93825009071248
rbx 0x55555555c660 93824992265824
rcx 0x1 1
rdx 0x1000000 16777216
rsi 0xe5 229
rdi 0x555555563490 93824992294032
rbp 0x7fffffffe2d0 0x7fffffffe2d0
rsp 0x7fffffffe270 0x7fffffffe270
r8 0x0 0
r9 0x7c 124
r10 0x0 0
r11 0x202 514
r12 0x555555557e20 93824992247328
r13 0x7fffffffe410 140737488348176
r14 0x0 0
r15 0x0 0
rip 0x555555559b2b 0x555555559b2b <parse_authenticode+277>
eflags 0x10206 [ PF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
(gdb) x/i $rip
=> 0x555555559b2b <parse_authenticode+277>: mov (%rax),%eax
(gdb) bt
#0 0x0000555555559b2b in parse_authenticode ()
#1 0x00005555555586e6 in main ()
(gdb) exploitable
Description: Access violation on source operand
Short description: SourceAv (19/22)
Hash: 78e41302c7e8e2098689aa57462889e0.78e41302c7e8e2098689aa57462889e0
Exploitability Classification: UNKNOWN
Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation.
Other tags: AccessViolation (21/22)
SIGSEGV caused by invalid pointer dereference in `extract_ms_counter_certs`
File e9b3cadbd8fdb7a26a7130e7b40d4a99632fa6f767b0339385e5786d66015cfb triggers an invalid pointer dereference in extract_ms_counter_certs. The crash occurs in line 201 in the snippet below:
authenticode-parser/src/authenticode.c
Lines 196 to 201 in 82a586f
The certs pointer is pointing to an invalid address (non-null).
PE CounterSignatures not parsed correctly in Microsoft signed drivers
Hi,
it seems there is a bug in the library when parsing the countersignatures on Microsoft signed drivers.
If you try to run the authenticode_dumper code from your examples on a Microsoft signed driver, e.g. procexp.sys, you will get the following output:
C:\Users\user\authenticode-parser\examples\build\Debug>authenticode_dumper.exe procexp.sys
Signature count: 1
Signatures: 1
PKCS7 Signature:
Version : 1
Digest : c7fef94e329bd9b66b281539265f989313356cbd9c345df9e670e9c4b6e0edce
File Digest : c7fef94e329bd9b66b281539265f989313356cbd9c345df9e670e9c4b6e0edce
Digest Algorithm : sha256
Verify flags : 0
Certificate count : 2
Certificates:
Certificate 0:
Version : 2
Subject : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Windows Hardware Compatibility Publisher
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Windows Third Party Component CA 2012
Serial : 33:00:00:00:b2:0f:9a:d8:67:94:f3:22:f6:00:00:00:00:00:b2
Not After : 1638483330
Not Before : 1608070530
SHA1 : 92d7192a7c3180912ff8414f790973a05c28f8b0
SHA256 : f437f71e6c0028d7b4e4a371144e746735bdf478a410d9091a3751f2d1c14da0
Key Algorithm : rsaEncryption
Signature Algorithm : sha256WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfDL4fe7NfjXUg7jEEJhT/FiX2oUbbVl8zrItfdS5vC4FeB3NQ5adsXD+VVRxaP7fVSZ9Rg8yXGuL7JG3ggFEo8fty1YWTJ5DN2AdnctFq8h9ZYmyQ+VEiTVZ6amiQceJWjw/gb2Q3BjvjEpS+AA5Y3tqtWAqL/Zujm97XwlQ5DkgqzdUZuYFk3ZhkGVZf8yiKvzDtd96neBDy3xVsHjnjQ5JysNjxtVn4Mj9a8S7jzD80xdyLT79zNwdvCRkEsWCi1T+tAalU0miwcn5EEUMN91J495zKyBBVtG2v/epuqa106/Nv0t/l8FtTw5wtBispZ8UcZnjmzNCDIDKEcthwIDAQAB
Certificate 1:
Version : 2
Subject : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Windows Third Party Component CA 2012
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Root Certificate Authority 2010
Serial : 61:0b:aa:c1:00:00:00:00:00:09
Not After : 1808092718
Not Before : 1334792918
SHA1 : 77a10ebf07542725218cd83a01b521c57bc67f73
SHA256 : 9d08973e4d108da40a1a0b274180e17371134b4dd1621fa5c1f131b739b4b823
Key Algorithm : rsaEncryption
Signature Algorithm : sha256WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5wwhAmnYy7PCkfw6iT5ozAgD15XMSaBmjEHslDUzmcJCGUKWqVLrtXtEC7npZm1n2gvmItYAqwgtCnEcb0oHKX9PJtk5MXr32ElvPDuaL/Rp8t+KgKBTmRcDFOGeVcZN2G3mPkMoE4iWZv5Gy1nPCc8VpBm4/1/ZX0Phr01R+iKzPTajulqTqunVeyiiR7VM0VTy/med73NLPkFuH90AR3o+xjhQ9EN6arcN2+9/rgP7R1NAUZOCqz8gujsVoMTjjoB7RRkdOpksmYQtmhtyHAAfVBILj1D7uAklcbNjsf9uOSVz91++5VeoQHNQ7EH16Qw7puGGipuwQtZonRviwIDAQAB
Signer Info:
Digest : 16efc5250c4d4a99a00ed2ad9a0e3d8fbc21da5be95ac35ad33b3d9c3f3719a1
Digest Algo : sha256
Program name : Procexp
Chain size : 2
Chain:
Certificate 0:
Version : 2
Subject : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Windows Hardware Compatibility Publisher
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Windows Third Party Component CA 2012
Serial : 33:00:00:00:b2:0f:9a:d8:67:94:f3:22:f6:00:00:00:00:00:b2
Not After : 1638483330
Not Before : 1608070530
SHA1 : 92d7192a7c3180912ff8414f790973a05c28f8b0
SHA256 : f437f71e6c0028d7b4e4a371144e746735bdf478a410d9091a3751f2d1c14da0
Key Algorithm : rsaEncryption
Signature Algorithm : sha256WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfDL4fe7NfjXUg7jEEJhT/FiX2oUbbVl8zrItfdS5vC4FeB3NQ5adsXD+VVRxaP7fVSZ9Rg8yXGuL7JG3ggFEo8fty1YWTJ5DN2AdnctFq8h9ZYmyQ+VEiTVZ6amiQceJWjw/gb2Q3BjvjEpS+AA5Y3tqtWAqL/Zujm97XwlQ5DkgqzdUZuYFk3ZhkGVZf8yiKvzDtd96neBDy3xVsHjnjQ5JysNjxtVn4Mj9a8S7jzD80xdyLT79zNwdvCRkEsWCi1T+tAalU0miwcn5EEUMN91J495zKyBBVtG2v/epuqa106/Nv0t/l8FtTw5wtBispZ8UcZnjmzNCDIDKEcthwIDAQAB
Certificate 1:
Version : 2
Subject : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Windows Third Party Component CA 2012
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Root Certificate Authority 2010
Serial : 61:0b:aa:c1:00:00:00:00:00:09
Not After : 1808092718
Not Before : 1334792918
SHA1 : 77a10ebf07542725218cd83a01b521c57bc67f73
SHA256 : 9d08973e4d108da40a1a0b274180e17371134b4dd1621fa5c1f131b739b4b823
Key Algorithm : rsaEncryption
Signature Algorithm : sha256WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5wwhAmnYy7PCkfw6iT5ozAgD15XMSaBmjEHslDUzmcJCGUKWqVLrtXtEC7npZm1n2gvmItYAqwgtCnEcb0oHKX9PJtk5MXr32ElvPDuaL/Rp8t+KgKBTmRcDFOGeVcZN2G3mPkMoE4iWZv5Gy1nPCc8VpBm4/1/ZX0Phr01R+iKzPTajulqTqunVeyiiR7VM0VTy/med73NLPkFuH90AR3o+xjhQ9EN6arcN2+9/rgP7R1NAUZOCqz8gujsVoMTjjoB7RRkdOpksmYQtmhtyHAAfVBILj1D7uAklcbNjsf9uOSVz91++5VeoQHNQ7EH16Qw7puGGipuwQtZonRviwIDAQAB
Countersignature:
Digest : Digest Algorithm : (null)
Signing Time : 0
Verify flags : 1
As you can see the Verify Flags is set to COUNTERSIGNATURE_VFY_CANT_PARSE in the parsed countersignature.
BTW this bug happens with any drivers signed by Microsoft, you can pick any drivers with a signature in the C:\Windows\System32\drivers directory and the same unwanted behavior happens.
When using the "Digital Signatures" tab from explorer in Windows, you can see that it correctly parses the countersignature from Microsoft-signed drivers. Below example for the procexp.sys driver:
Instead, the parsing of countersignatures from drivers non-Microsoft signed works properly, e.g. kprocesshacker.sys:
C:\Users\user\authenticode-parser\examples\build\Debug>authenticode_dumper.exe kprocesshacker.sys
Signature count: 2
Signatures: 2
PKCS7 Signature:
Version : 1
Digest : c2b8c1b34f09a91efe196f646ef7f9a11190fb8e
File Digest : c2b8c1b34f09a91efe196f646ef7f9a11190fb8e
Digest Algorithm : sha1
Verify flags : 0
Certificate count : 5
Certificates:
Certificate 0:
Version : 2
Subject : /C=AU/ST=New South Wales/L=Sydney/O=Wen Jia Liu/CN=Wen Jia Liu
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance Code Signing CA-1
Serial : 0f:f1:ef:66:bd:62:1c:65:b7:4b:4d:e4:14:25:71:7f
Not After : 1483531200
Not Before : 1383091200
SHA1 : 32387aec09eb287f202e98398189b460f4c61a0d
SHA256 : e0e85619eef45fce4421e4ba581060e43bbbf25911cd757dd081da425dd1db51
Key Algorithm : rsaEncryption
Signature Algorithm : sha1WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzC6hUkkJzCLvNEPcQaaYoB8PaRozspKlcyZOHbniq8RG4T75JML2HAB73BzZrlqp5IZR8sD7LRqUy74TqMb3g2MeJxk/lTa/QJg4I1Ky+cfiFG7+MdVvxtEPCkVUnHpsv7QCSDEKwmztSsFpGpv3PgXjAZlKqQ9wNpSjuuUPr3acok+heA7wotXwbZ8MM0zDuab7DbWHAAjxOGsfHbDu6MSNiUPJCBAqkqOH7hcnJKMSGxG8jBWaCIrXOl7tBKDg5u3vNG0sU7+QCd59WR9TnNS3uRlyFpU9/3lw/0ZenDNoSgbT7Gy0x6N9jYSENjwS1Zf77E2HnXPE4q8vhEgYuwIDAQAB
Certificate 1:
Version : 2
Subject : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Verification Root
Serial : 61:20:4d:b4:00:00:00:00:00:27
Not After : 1618516533
Not Before : 1302896733
SHA1 : 2f2513af3992db0a3f79709ff8143b3f7bd2d143
SHA256 : 766e3fdc0bc1fd22dd9aafecf8248760e50375fdad3d8959b2a6d487a8a05fca
Key Algorithm : rsaEncryption
Signature Algorithm : sha1WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxszlc+b71LvlLS0ypt/lgT/JzSVJtnEqw9WUNGeiChywX2mmQLHEt7KP0JikqUFZOtPclNY823Q4pErMTSWC90qlUxI47vNJbXGRfmO2q6Zfw6SE+E9iUb74xezbOJLjBuUIkQzEKEFV+8taiRV+ceg1v01yCT2+OjhQW3cxG42zxyRFmqesbQAUWgS3uhPrUQqYQUEiTmVhh4FBUKZ5XIneGUpX1S7mXRxTLH6YzRoGFqRoc9A0BBNcoXHTWnxV215k4TeHMFYE5RG0KYAS8Xk5iKICEXwnZreIt3jyygqoOKsKZMK/Zl2VhMGhJR6HXRpQCyASzEG7bgtROLhLywIDAQAB
Certificate 2:
Version : 2
Subject : /C=US/O=DigiCert/CN=DigiCert Timestamp Responder
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID CA-1
Serial : 03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Not After : 1729555200
Not Before : 1413936000
SHA1 : 614d271d9102e30169822487fde5de00a352b01d
SHA256 : 34bb219c2589b1d7658503e1246b013606d00f6b00310e7a4087ea2098832596
Key Algorithm : rsaEncryption
Signature Algorithm : sha1WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2Rd/Hyz4II14OD2xirmSXU7zG7gU6mfH2RZ5nxrf2uMnVX4kuOe1VpjWwJJUNmDzm9m7t3LhelfpfnUh3SIRDsZyeX1kZ/GFDmsJOqoSyyRicxeKPRktlC39RKzc5YKZ6O+YZ+u8/0SeHUOplsU/UUjjoZEVX0YhgWMVYd5SEb3yg6Np95OX+Koti1ZAmGIYXIYaLm4fO7m5zQvMXeBMB+7NgGN7yfj95rwTDFkjePr+hmHqH7P7IwMNlt6wXq4eMfJBi5GEMiN6ARg27xzdPpO2P6qQPGyznBGg+naQKFZOtkVCVeZVjCT88lhzNAIzGvsYkKRrALA76TwiRGPdwIDAQAB
Certificate 3:
Version : 2
Subject : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance Code Signing CA-1
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
Serial : 02:c4:d1:e5:8a:4a:68:0c:56:8d:a3:04:7e:7e:4d:5f
Not After : 1770724800
Not Before : 1297425600
SHA1 : e308f829dc77e80af15edd4151ea47c59399ab46
SHA256 : 007d2c8b15786232bac0eaa31f60aae06dc572921bad0d46c77107d8c2dca4b3
Key Algorithm : rsaEncryption
Signature Algorithm : sha1WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfkj5pQnxIAUpIAyX0CjjW9wwOU2cXE6daSqGpKUiV6sI3HLTmd9QT+q40u3e76dwag4j2kvOiTpd1kSx2YEQ8INJoKJQBnyLOrnTOd8BRq4/4gJTyY37zqk+iJsiMlKG2HyrhBeb7zReZtZGGDl7im1AyqkzvGDGU9pBXMoCfsiEJMioJAZGkwx8tMr2IRDrzxj/5jbINIJK1TB6v1qg+cQoxJx9dbX4RJ61eBWWs7qAVtoZVvBP1hSM6k1YU4iy4HKNqMSywbWzxtNGH65krkSz0Am2Jo2hbMVqkeThGsHu7zVs94lABGJAGjBKTzqPi3uUKvXHDAGeDylECNnkQIDAQAB
Certificate 4:
Version : 2
Subject : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID CA-1
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root CA
Serial : 06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Not After : 1636502400
Not Before : 1163116800
SHA1 : 19a09b5a36f4dd99727df783c17a51231a56c117
SHA256 : 425e72c87ff22855d9908b71ab4c64b0d2f248287097690c62fe733f631de38f
Key Algorithm : rsaEncryption
Signature Algorithm : sha1WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IItmfnKwkKVpYBzQHDSnlZUXKnE0kEGj8kz/E1FkVyBn+0snPgWWd+etSQVwpi5tHdJ3InECtqvy15r7a2wcTHrzzpADEZNk+yLejYIA6sMNP4YSYL+x8cxSIB8HqIPkg5QycaH6zY/2DDD/6b3+6LNb3Mj/qxWBZDwMiEWicZwiPkFl32jx0PdAug7Pe2xQaPtP77blUjE7h6z8rwMK5nQxl0SQoHhg26Ccz8mSxSQrllmCsSNvtLOBq6thG9IhJtPQLnxTPKvmPv2zkBdXPao8S+v7Iki8msYZbHBc63X8djPHgp0XEK4aH631XcKJ1Z8D2KkPzIUYJX9BwSiCQIDAQAB
Signer Info:
Digest : 9bb6c4bf0a838bf7ea75e48e9e82581deb6d48ed
Digest Algo : sha1
Program name : (null)
Chain size : 3
Chain:
Certificate 0:
Version : 2
Subject : /C=AU/ST=New South Wales/L=Sydney/O=Wen Jia Liu/CN=Wen Jia Liu
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance Code Signing CA-1
Serial : 0f:f1:ef:66:bd:62:1c:65:b7:4b:4d:e4:14:25:71:7f
Not After : 1483531200
Not Before : 1383091200
SHA1 : 32387aec09eb287f202e98398189b460f4c61a0d
SHA256 : e0e85619eef45fce4421e4ba581060e43bbbf25911cd757dd081da425dd1db51
Key Algorithm : rsaEncryption
Signature Algorithm : sha1WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzC6hUkkJzCLvNEPcQaaYoB8PaRozspKlcyZOHbniq8RG4T75JML2HAB73BzZrlqp5IZR8sD7LRqUy74TqMb3g2MeJxk/lTa/QJg4I1Ky+cfiFG7+MdVvxtEPCkVUnHpsv7QCSDEKwmztSsFpGpv3PgXjAZlKqQ9wNpSjuuUPr3acok+heA7wotXwbZ8MM0zDuab7DbWHAAjxOGsfHbDu6MSNiUPJCBAqkqOH7hcnJKMSGxG8jBWaCIrXOl7tBKDg5u3vNG0sU7+QCd59WR9TnNS3uRlyFpU9/3lw/0ZenDNoSgbT7Gy0x6N9jYSENjwS1Zf77E2HnXPE4q8vhEgYuwIDAQAB
Certificate 1:
Version : 2
Subject : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance Code Signing CA-1
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
Serial : 02:c4:d1:e5:8a:4a:68:0c:56:8d:a3:04:7e:7e:4d:5f
Not After : 1770724800
Not Before : 1297425600
SHA1 : e308f829dc77e80af15edd4151ea47c59399ab46
SHA256 : 007d2c8b15786232bac0eaa31f60aae06dc572921bad0d46c77107d8c2dca4b3
Key Algorithm : rsaEncryption
Signature Algorithm : sha1WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfkj5pQnxIAUpIAyX0CjjW9wwOU2cXE6daSqGpKUiV6sI3HLTmd9QT+q40u3e76dwag4j2kvOiTpd1kSx2YEQ8INJoKJQBnyLOrnTOd8BRq4/4gJTyY37zqk+iJsiMlKG2HyrhBeb7zReZtZGGDl7im1AyqkzvGDGU9pBXMoCfsiEJMioJAZGkwx8tMr2IRDrzxj/5jbINIJK1TB6v1qg+cQoxJx9dbX4RJ61eBWWs7qAVtoZVvBP1hSM6k1YU4iy4HKNqMSywbWzxtNGH65krkSz0Am2Jo2hbMVqkeThGsHu7zVs94lABGJAGjBKTzqPi3uUKvXHDAGeDylECNnkQIDAQAB
Certificate 2:
Version : 2
Subject : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Verification Root
Serial : 61:20:4d:b4:00:00:00:00:00:27
Not After : 1618516533
Not Before : 1302896733
SHA1 : 2f2513af3992db0a3f79709ff8143b3f7bd2d143
SHA256 : 766e3fdc0bc1fd22dd9aafecf8248760e50375fdad3d8959b2a6d487a8a05fca
Key Algorithm : rsaEncryption
Signature Algorithm : sha1WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxszlc+b71LvlLS0ypt/lgT/JzSVJtnEqw9WUNGeiChywX2mmQLHEt7KP0JikqUFZOtPclNY823Q4pErMTSWC90qlUxI47vNJbXGRfmO2q6Zfw6SE+E9iUb74xezbOJLjBuUIkQzEKEFV+8taiRV+ceg1v01yCT2+OjhQW3cxG42zxyRFmqesbQAUWgS3uhPrUQqYQUEiTmVhh4FBUKZ5XIneGUpX1S7mXRxTLH6YzRoGFqRoc9A0BBNcoXHTWnxV215k4TeHMFYE5RG0KYAS8Xk5iKICEXwnZreIt3jyygqoOKsKZMK/Zl2VhMGhJR6HXRpQCyASzEG7bgtROLhLywIDAQAB
Countersignature:
Digest : e0e1b26a21dda2a4d57236182a51cd3162e502fa
Digest Algorithm : sha1
Signing Time : 1459189265
Verify flags : 0
Chain size : 2
Chain:
Certificate 0:
Version : 2
Subject : /C=US/O=DigiCert/CN=DigiCert Timestamp Responder
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID CA-1
Serial : 03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Not After : 1729555200
Not Before : 1413936000
SHA1 : 614d271d9102e30169822487fde5de00a352b01d
SHA256 : 34bb219c2589b1d7658503e1246b013606d00f6b00310e7a4087ea2098832596
Key Algorithm : rsaEncryption
Signature Algorithm : sha1WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2Rd/Hyz4II14OD2xirmSXU7zG7gU6mfH2RZ5nxrf2uMnVX4kuOe1VpjWwJJUNmDzm9m7t3LhelfpfnUh3SIRDsZyeX1kZ/GFDmsJOqoSyyRicxeKPRktlC39RKzc5YKZ6O+YZ+u8/0SeHUOplsU/UUjjoZEVX0YhgWMVYd5SEb3yg6Np95OX+Koti1ZAmGIYXIYaLm4fO7m5zQvMXeBMB+7NgGN7yfj95rwTDFkjePr+hmHqH7P7IwMNlt6wXq4eMfJBi5GEMiN6ARg27xzdPpO2P6qQPGyznBGg+naQKFZOtkVCVeZVjCT88lhzNAIzGvsYkKRrALA76TwiRGPdwIDAQAB
Certificate 1:
Version : 2
Subject : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID CA-1
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root CA
Serial : 06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Not After : 1636502400
Not Before : 1163116800
SHA1 : 19a09b5a36f4dd99727df783c17a51231a56c117
SHA256 : 425e72c87ff22855d9908b71ab4c64b0d2f248287097690c62fe733f631de38f
Key Algorithm : rsaEncryption
Signature Algorithm : sha1WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IItmfnKwkKVpYBzQHDSnlZUXKnE0kEGj8kz/E1FkVyBn+0snPgWWd+etSQVwpi5tHdJ3InECtqvy15r7a2wcTHrzzpADEZNk+yLejYIA6sMNP4YSYL+x8cxSIB8HqIPkg5QycaH6zY/2DDD/6b3+6LNb3Mj/qxWBZDwMiEWicZwiPkFl32jx0PdAug7Pe2xQaPtP77blUjE7h6z8rwMK5nQxl0SQoHhg26Ccz8mSxSQrllmCsSNvtLOBq6thG9IhJtPQLnxTPKvmPv2zkBdXPao8S+v7Iki8msYZbHBc63X8djPHgp0XEK4aH631XcKJ1Z8D2KkPzIUYJX9BwSiCQIDAQAB
PKCS7 Signature:
Version : 1
Digest : 4ee2a56c1592ff0e951b452c0de064eba05b7c98e3add04c8aa3b4a84eb797a5
File Digest : 4ee2a56c1592ff0e951b452c0de064eba05b7c98e3add04c8aa3b4a84eb797a5
Digest Algorithm : sha256
Verify flags : 0
Certificate count : 5
Certificates:
Certificate 0:
Version : 2
Subject : /C=AU/ST=New South Wales/L=Sydney/O=Wen Jia Liu/CN=Wen Jia Liu
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Code Signing CA
Serial : 04:0c:b4:1e:4f:b3:70:c4:5c:43:44:76:51:62:58:2f
Not After : 1483531200
Not Before : 1383091200
SHA1 : 190d956129dde6972d46f46ef98bd86b982e6633
SHA256 : 389084bb9e1f6785a7b7da4cb87872738ab2f92cd88b286f2690bd46e3912bdf
Key Algorithm : rsaEncryption
Signature Algorithm : sha256WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6jor1kqBfPVDjZm64mVUho73UESY7KBufTQyz3fffWb8VU1wJsKrjn27djaWN2rDsrOst7e8P2dbXcenQWuUeYCJ42kwkMvKwfPBAsAoEZdYRP2o7arvQSz5Lainr2U1pXPKLvZX9z7BixSAD1jbGT4aMoCWh8luBzVr267EWHA9XKXMsFmr0G4e1mw2uVbmyXbVrRE/FJfREA7X7ACN1PRn5aloKVHhxnIPaZbkQUBsdQAlhQxgASK4KajpTIxkjcak4Xasel57Bq7pho0x3CALYrWiTjTjFSuboY9OsVJ1nJ7t5S2a+7w0HARwvCiXdiHXEekfo42KdVkz0l5hQIDAQAB
Certificate 1:
Version : 2
Subject : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Verification Root
Serial : 61:20:4d:b4:00:00:00:00:00:27
Not After : 1618516533
Not Before : 1302896733
SHA1 : 2f2513af3992db0a3f79709ff8143b3f7bd2d143
SHA256 : 766e3fdc0bc1fd22dd9aafecf8248760e50375fdad3d8959b2a6d487a8a05fca
Key Algorithm : rsaEncryption
Signature Algorithm : sha1WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxszlc+b71LvlLS0ypt/lgT/JzSVJtnEqw9WUNGeiChywX2mmQLHEt7KP0JikqUFZOtPclNY823Q4pErMTSWC90qlUxI47vNJbXGRfmO2q6Zfw6SE+E9iUb74xezbOJLjBuUIkQzEKEFV+8taiRV+ceg1v01yCT2+OjhQW3cxG42zxyRFmqesbQAUWgS3uhPrUQqYQUEiTmVhh4FBUKZ5XIneGUpX1S7mXRxTLH6YzRoGFqRoc9A0BBNcoXHTWnxV215k4TeHMFYE5RG0KYAS8Xk5iKICEXwnZreIt3jyygqoOKsKZMK/Zl2VhMGhJR6HXRpQCyASzEG7bgtROLhLywIDAQAB
Certificate 2:
Version : 2
Subject : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Code Signing CA
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
Serial : 0b:7e:10:90:3c:38:49:0f:fa:2f:67:9a:87:a1:a7:b9
Not After : 1855828800
Not Before : 1382443200
SHA1 : f7e0f449f1a2594f88856c0758f8e6f627e5f5a2
SHA256 : c51b83a0de49a201a5fbe947032c04702f8ca7c2d02adf28b73d42c8acd1c362
Key Algorithm : rsaEncryption
Signature Algorithm : sha256WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEpefQcPQd7E9XYWNr1x/88/T3NLnNEN/krLV1hehRbdAhVUmfCPPC9NAngQaMjYNUs/wfdnzpgcrjO5LR2kClSTxIWi3zWx9fE8p7M0+11IyUbJYkS8SJnrKElTwz2PwA7eNZjpYlHfPWtAYe4EQdrPp1xWltH5TLdEhIeYaeWCuRPmVb/IknCSCjFvf4syq89rWp9ixD7uvu1ZpFN/C/FSiIp7Cmcky5DN7NJNNEyw4bWfnMb2byzN5spTdAGfZzXeOEktzu05RIIZeU4asrX7u3jwSWanz/pclnWSixpy2f9QklPMPsJDMgkahhNpPPuBMjMyZHVzKCYdCDA7BwIDAQAB
Certificate 3:
Version : 2
Subject : /C=US/O=DigiCert, Inc./CN=DigiCert SHA2 Timestamp Responder
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Assured ID Timestamping CA
Serial : 02:ce:42:94:59:02:a4:f3:c0:40:b0:ff:77:93:d1:4f
Not After : 1736208000
Not Before : 1450915200
SHA1 : c636f4dda87cee3d8263bf9a2514b4533468d75e
SHA256 : 20e260ee55c80a37fca0c7fdeef8577a3a6391bc3e5234b5f3d492d0c37b3a9c
Key Algorithm : rsaEncryption
Signature Algorithm : sha256WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytybsxHNriB6ZXIsNS/eOfkoJJHRlOWg1B5eaAw4KLd4vZ6f8fKl3hDMoDgBAal6F7CAgS2wwYQCFv0QduxHLE1ulijQZQQRXXjIFx+MTodXHSHr7BznzH80+OGvK6xmrgopN+3WBY+8DdxrmS4chK5ww2q3LlhLEcemUDr7FhvwBjnwmos4IQ9iXiodhej3h8r9xxfYrlgnRxZGdPA7efnBqHMotvkM38WK8c7AnPjLRR9+Gyr8+94epelj3Sp/vJdCIhPwVAvQSlxLCB7s/+det0fbot9TvhmeR82C49Z4NiQGLEI+BuQGb7xcx0/bItXlyKqerRfIz/XT1uR2gQIDAQAB
Certificate 4:
Version : 2
Subject : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Assured ID Timestamping CA
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root CA
Serial : 0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Not After : 1925553600
Not Before : 1452168000
SHA1 : 3ba63a6e4841355772debef9cdcf4d5af353a297
SHA256 : ca8d0f4736454aecbec5deec80998c9ebf41d06c728f3c76cca24151bc62d463
Key Algorithm : rsaEncryption
Signature Algorithm : sha256WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdAy7kvNj3/dqbqCmcU5VChXtiNKxA4HRTNREH3Q+X1NaH7ntqD0jbOI5Je/YyGQmL8TvFfTw+F+CNZqFAA49y4eO+7MpvYyWf5fZT/gm+vjRkcGGlV+Cyd+wKL1oODeIj8O/36V+/OjuiI+GKwR5PCZA207hXwJ0+5dyJoLVOOoCXFr4M8iEA91z3FyTgqt30A6XLdR4aF5FMZNJCMwXbzsPGBqrC8HzP3w6kfZiFBe/WZuVmEnKYmEUeaC50ZQ/ZQqLKfkdT66mA+Ef58xFNat1fJky3seBdCEGXIX8RcG7z3N1k3vBkL9olMqT4UdxB08r8/arBD13ays6Vb/kwIDAQAB
Signer Info:
Digest : 1939ad5ec9ec5c1ac5b360973aadb5b2308b8e98f36f9684bc874b56b67d6657
Digest Algo : sha256
Program name : (null)
Chain size : 3
Chain:
Certificate 0:
Version : 2
Subject : /C=AU/ST=New South Wales/L=Sydney/O=Wen Jia Liu/CN=Wen Jia Liu
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Code Signing CA
Serial : 04:0c:b4:1e:4f:b3:70:c4:5c:43:44:76:51:62:58:2f
Not After : 1483531200
Not Before : 1383091200
SHA1 : 190d956129dde6972d46f46ef98bd86b982e6633
SHA256 : 389084bb9e1f6785a7b7da4cb87872738ab2f92cd88b286f2690bd46e3912bdf
Key Algorithm : rsaEncryption
Signature Algorithm : sha256WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6jor1kqBfPVDjZm64mVUho73UESY7KBufTQyz3fffWb8VU1wJsKrjn27djaWN2rDsrOst7e8P2dbXcenQWuUeYCJ42kwkMvKwfPBAsAoEZdYRP2o7arvQSz5Lainr2U1pXPKLvZX9z7BixSAD1jbGT4aMoCWh8luBzVr267EWHA9XKXMsFmr0G4e1mw2uVbmyXbVrRE/FJfREA7X7ACN1PRn5aloKVHhxnIPaZbkQUBsdQAlhQxgASK4KajpTIxkjcak4Xasel57Bq7pho0x3CALYrWiTjTjFSuboY9OsVJ1nJ7t5S2a+7w0HARwvCiXdiHXEekfo42KdVkz0l5hQIDAQAB
Certificate 1:
Version : 2
Subject : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Code Signing CA
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
Serial : 0b:7e:10:90:3c:38:49:0f:fa:2f:67:9a:87:a1:a7:b9
Not After : 1855828800
Not Before : 1382443200
SHA1 : f7e0f449f1a2594f88856c0758f8e6f627e5f5a2
SHA256 : c51b83a0de49a201a5fbe947032c04702f8ca7c2d02adf28b73d42c8acd1c362
Key Algorithm : rsaEncryption
Signature Algorithm : sha256WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEpefQcPQd7E9XYWNr1x/88/T3NLnNEN/krLV1hehRbdAhVUmfCPPC9NAngQaMjYNUs/wfdnzpgcrjO5LR2kClSTxIWi3zWx9fE8p7M0+11IyUbJYkS8SJnrKElTwz2PwA7eNZjpYlHfPWtAYe4EQdrPp1xWltH5TLdEhIeYaeWCuRPmVb/IknCSCjFvf4syq89rWp9ixD7uvu1ZpFN/C/FSiIp7Cmcky5DN7NJNNEyw4bWfnMb2byzN5spTdAGfZzXeOEktzu05RIIZeU4asrX7u3jwSWanz/pclnWSixpy2f9QklPMPsJDMgkahhNpPPuBMjMyZHVzKCYdCDA7BwIDAQAB
Certificate 2:
Version : 2
Subject : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
Issuer : /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Verification Root
Serial : 61:20:4d:b4:00:00:00:00:00:27
Not After : 1618516533
Not Before : 1302896733
SHA1 : 2f2513af3992db0a3f79709ff8143b3f7bd2d143
SHA256 : 766e3fdc0bc1fd22dd9aafecf8248760e50375fdad3d8959b2a6d487a8a05fca
Key Algorithm : rsaEncryption
Signature Algorithm : sha1WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxszlc+b71LvlLS0ypt/lgT/JzSVJtnEqw9WUNGeiChywX2mmQLHEt7KP0JikqUFZOtPclNY823Q4pErMTSWC90qlUxI47vNJbXGRfmO2q6Zfw6SE+E9iUb74xezbOJLjBuUIkQzEKEFV+8taiRV+ceg1v01yCT2+OjhQW3cxG42zxyRFmqesbQAUWgS3uhPrUQqYQUEiTmVhh4FBUKZ5XIneGUpX1S7mXRxTLH6YzRoGFqRoc9A0BBNcoXHTWnxV215k4TeHMFYE5RG0KYAS8Xk5iKICEXwnZreIt3jyygqoOKsKZMK/Zl2VhMGhJR6HXRpQCyASzEG7bgtROLhLywIDAQAB
Countersignature:
Digest : 8d2adfc11c43947d5ea6b7e81429acf0429930be60fd70c41c26e8e7c5b17aee
Digest Algorithm : sha256
Signing Time : 1459189265
Verify flags : 0
Chain size : 2
Chain:
Certificate 0:
Version : 2
Subject : /C=US/O=DigiCert, Inc./CN=DigiCert SHA2 Timestamp Responder
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Assured ID Timestamping CA
Serial : 02:ce:42:94:59:02:a4:f3:c0:40:b0:ff:77:93:d1:4f
Not After : 1736208000
Not Before : 1450915200
SHA1 : c636f4dda87cee3d8263bf9a2514b4533468d75e
SHA256 : 20e260ee55c80a37fca0c7fdeef8577a3a6391bc3e5234b5f3d492d0c37b3a9c
Key Algorithm : rsaEncryption
Signature Algorithm : sha256WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytybsxHNriB6ZXIsNS/eOfkoJJHRlOWg1B5eaAw4KLd4vZ6f8fKl3hDMoDgBAal6F7CAgS2wwYQCFv0QduxHLE1ulijQZQQRXXjIFx+MTodXHSHr7BznzH80+OGvK6xmrgopN+3WBY+8DdxrmS4chK5ww2q3LlhLEcemUDr7FhvwBjnwmos4IQ9iXiodhej3h8r9xxfYrlgnRxZGdPA7efnBqHMotvkM38WK8c7AnPjLRR9+Gyr8+94epelj3Sp/vJdCIhPwVAvQSlxLCB7s/+det0fbot9TvhmeR82C49Z4NiQGLEI+BuQGb7xcx0/bItXlyKqerRfIz/XT1uR2gQIDAQAB
Certificate 1:
Version : 2
Subject : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Assured ID Timestamping CA
Issuer : /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root CA
Serial : 0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Not After : 1925553600
Not Before : 1452168000
SHA1 : 3ba63a6e4841355772debef9cdcf4d5af353a297
SHA256 : ca8d0f4736454aecbec5deec80998c9ebf41d06c728f3c76cca24151bc62d463
Key Algorithm : rsaEncryption
Signature Algorithm : sha256WithRSAEncryption
Public key : MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdAy7kvNj3/dqbqCmcU5VChXtiNKxA4HRTNREH3Q+X1NaH7ntqD0jbOI5Je/YyGQmL8TvFfTw+F+CNZqFAA49y4eO+7MpvYyWf5fZT/gm+vjRkcGGlV+Cyd+wKL1oODeIj8O/36V+/OjuiI+GKwR5PCZA207hXwJ0+5dyJoLVOOoCXFr4M8iEA91z3FyTgqt30A6XLdR4aF5FMZNJCMwXbzsPGBqrC8HzP3w6kfZiFBe/WZuVmEnKYmEUeaC50ZQ/ZQqLKfkdT66mA+Ef58xFNat1fJky3seBdCEGXIX8RcG7z3N1k3vBkL9olMqT4UdxB08r8/arBD13ays6Vb/kwIDAQAB
I debugged a bit the issue and it seems the failure is here --> https://github.com/avast/authenticode-parser/blob/master/src/countersignature.c#L187
It seems that the openssl function d2i_PKCS7 is not able to parse the data from the unauthenticated attribute.
Also, i have a suspect that this bug is causing an issue in the parsing of countersignature in the "pe" module of yara in which i opened already an issue here --> VirusTotal/yara#2012
Thanks,
Antonio Cocomazzi
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.