Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →

resedit

Package Overview

Dependencies

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

resedit

Node.js library editing Windows Resource data

1.6.1
Source
npm

Version published: 2 years ago

Weekly downloads: 166K; increased by4.42%

Maintainers: 1

Weekly downloads

Created: 6 years ago

Source

resedit-js

resedit-js is a library that manipulates resouces contained by Windows Executable files. All implementations are written in JavaScript (TypeScript), so there are no further restrictions for running environment.

This library is not tested well for modifying and/or signing executables yet. Please be careful with the emitted binaries.

To use in command line, consider using resedit-js-cli.

Install

npm install resedit

Supported formats

Windows Executables (PE Format, such as .exe and .dll), both 32-bit and 64-bit, are supported.
- Executables for 16-bit Windows is not supported.
.res file is not supported now.
PNG-based icon data is supported on require('resedit').Resource.IconGroupEntry class.

Parsing signed executables

Parsing signed executables (by using Authenticode or etc.) is not allowed by default and an exception will be thrown if NtExecutable.from receives a signed binary.
To parse signed, { ignoreCert: true } object must be passed to the second argument of NtExecutable.from.
Although the base executable data is signed, NtExecutable.generate will generate unsigned executable binary. If you want to re-sign it, you must use generate-function with signing (see below) or any other signing tool such as Microsoft signtool.

Signing executables with resedit-js

resedit-js provides basic signing process generateExecutableWithSign function, which is based on Authenticode specification and related RFCs.

To keep resedit-js generic library, the followings are required to use signing process.

Encryption / calculating hash (digest) process (e.g. Node.js built-in crypto module)
- A private key data is implicitly required to encrypt data.
DER-format certificate binary (such as *.cer file data or *.p7b file data with DER-format), which is paired with the private key used by encryption process.
(optional) Generating timestamp data, especially communicating with TSA server (e.g. HTTP/HTTPS API)

These requirements are represented as SignerObject. The caller of generateExecutableWithSign function must implement this object to sign executables.

An example code is here: signTest.js

Note that resedit-js only provides basic signing process, and provides as beta version. For example adding more attributes/informations to certificates are not supported now.

Some digest algorithms, such as SHA3 algorithms, might not be supported by current Windows.

Notes

It is not strongly recommended that the destination executable file is equal to the source executable file (which is not an intermediate data).

Examples

For more APIs, please see dist directory of the package. And, some test codes may help you for usages.

const PELibrary = require('pe-library');
const ResEdit = require('resedit');
const fs = require('fs');

// load and parse data
let data = fs.readFileSync('MyApp.exe');
// (the Node.js Buffer instance can be specified directly to NtExecutable.from)
let exe = PELibrary.NtExecutable.from(data);
let res = PELibrary.NtExecutableResource.from(exe);

// rewrite resources
// - You can use helper classes as followings:
//   - ResEdit.Resource.IconGroupEntry: access icon resource data
//   - ResEdit.Resource.StringTable: access string resource data
//   - ResEdit.Resource.VersionInfo: access version info data

// -- replace icons

// load icon data from file
// (you can use ResEdit.Data.IconFile to parse icon data)
let iconFile = ResEdit.Data.IconFile.from(fs.readFileSync('MyIcon.ico'));

ResEdit.Resource.IconGroupEntry.replaceIconsForResource(
  // destEntries
  res.entries,
  // iconGroupID
  101,
  // lang ('lang: 1033' means 'en-US')
  1033,
  // icons (map IconFileItem to IconItem/RawIconItem)
  iconFile.icons.map((item) => item.data)
);

// -- replace version

let viList = ResEdit.Resource.VersionInfo.fromEntries(res.entries);
let vi = viList[0];
// setFileVersion will set `vi.fixedInfo.fileVersionMS`/`fileVersionLS` and 'FileVersion' string value
// ('1033' means 'en-US')
vi.setFileVersion(1, 0, 0, 0, 1033);
// ('lang: 1033' means 'en-US', 'codepage: 1200' is the default codepage)
vi.setStringValues(
  { lang: 1033, codepage: 1200 },
  {
    FileDescription: 'My application',
    ProductName: 'My product',
  }
);
vi.outputToResourceEntries(res.entries);

// write to another binary
res.outputResource(exe);
let newBinary = exe.generate();
fs.writeFileSync('MyApp_modified.exe', new Buffer(newBinary));

License

MIT License

Keywords

FAQs

What is resedit?

Is resedit popular?

Is resedit well maintained?

Package last updated on 10 Dec 2022

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

resedit