Various data structures and parsing tools for UEFI firmware.
Project description
CERT UEFI Parser
The CERT UEFI Parser is a Python-based tool for inspecting firmware ROM images, installers, and related files, especially those associated with UEFI. It combines information from the UEFI specifications with insights from independent firmware research (for example, Igor Skochinsky’s Intel ME work).
Written for Python 3 and built on the Construct parsing framework, the parser is more flexible than the EDK2 reference implementation and is easier to extend to proprietary or experimental data structures. CERT UEFI Parser aims to support all data formats commonly found inside UEFI ROMs, including Portable Executables (PEs) and image structures. The project is free of NDAs or other restrictions; all proprietary formats have been reverse engineered from public information and original analysis.
Installation
The parser depends on the cert-uefi-support package, which provides lower-level decompression and binary utilities. Both packages are now available on PyPI.
Basic installation:
$ python3 -m venv cert-venv
$ ./cert-venv/bin/pip install cert-uefi-support cert-uefi-parser
Optional GUI Support (Qt)
GUI support is optional and provided via the PySide6 package. It is a large dependency, so it is not installed by default. To install with the GUI extras:
$ python3 -m venv cert-venv
$ ./cert-venv/bin/pip install cert-uefi-support cert-uefi-parser[qt]
Installing from the Official Git Repositories
$ python3 -m venv cert-venv
$ ./cert-venv/bin/pip install \
git+https://github.com/cmu-sei/cert-uefi-support \
"cert-uefi-parser[qt] @ git+https://github.com/cmu-sei/cert-uefi-parser.git"
Usage
CERT UEFI Parser provides four primary output modes: a graphical interface, an ASCII text display (with ANSI color output enabled by default), a full JSON representation, and a filtered JSON representation containing fields that are useful for generating a Software Bill of Materials (SBOM).
$ ./cert-venv/bin/cert-uefi-parser --gui {firmware-related-file}
$ ./cert-venv/bin/cert-uefi-parser --text {firmware-related-file} | less
$ ./cert-venv/bin/cert-uefi-parser --json {firmware-related-file} >output.json
$ ./cert-venv/bin/cert-uefi-parser --sbom {firmware-related-file} >output.json
Sample firmware files can typically be obtained by downloading the BIOS or UEFI update tools from your system vendor’s support site. While not all models are guaranteed to be fully supported, many common vendor formats parse successfully, and examining these update files is a good way to begin exploring the parser’s capabilities.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file cert_uefi_parser-1.0.7.tar.gz.
File metadata
- Download URL: cert_uefi_parser-1.0.7.tar.gz
- Upload date:
- Size: 1.1 MB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0b5ec5c3ebbd5c75d16180d726bba1aaffb2745d85786d3cf4a4439d03e473a3
|
|
| MD5 |
0d35cc13e83b7205ab237f86cef35482
|
|
| BLAKE2b-256 |
90ec8d91be119ad68b78f4a1e3c4a7f8658076d004f664d594976f18387b6939
|
Provenance
The following attestation bundles were made for cert_uefi_parser-1.0.7.tar.gz:
Publisher:
pyblish.yml on CERTCC/cert-uefi-parser
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
cert_uefi_parser-1.0.7.tar.gz -
Subject digest:
0b5ec5c3ebbd5c75d16180d726bba1aaffb2745d85786d3cf4a4439d03e473a3 - Sigstore transparency entry: 805009853
- Sigstore integration time:
-
Permalink:
CERTCC/cert-uefi-parser@d784dffd9e708e6aeb36b41945fbeb3e6603b8c0 -
Branch / Tag:
refs/tags/v1.0.7 - Owner: https://github.com/CERTCC
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
pyblish.yml@d784dffd9e708e6aeb36b41945fbeb3e6603b8c0 -
Trigger Event:
push
-
Statement type:
File details
Details for the file cert_uefi_parser-1.0.7-py3-none-any.whl.
File metadata
- Download URL: cert_uefi_parser-1.0.7-py3-none-any.whl
- Upload date:
- Size: 1.1 MB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7ad1ce7f6a4cbd2f3deb4dec7dfe4dcf25835082d6dd2e4a80cadd16b938f3e4
|
|
| MD5 |
9cf086b2d9bcd517a62fd146ce3fcb85
|
|
| BLAKE2b-256 |
44a7beb88a55519286122a5aa227e271fc3a0ede539b504e0422f36c53a7b4cb
|
Provenance
The following attestation bundles were made for cert_uefi_parser-1.0.7-py3-none-any.whl:
Publisher:
pyblish.yml on CERTCC/cert-uefi-parser
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
cert_uefi_parser-1.0.7-py3-none-any.whl -
Subject digest:
7ad1ce7f6a4cbd2f3deb4dec7dfe4dcf25835082d6dd2e4a80cadd16b938f3e4 - Sigstore transparency entry: 805009857
- Sigstore integration time:
-
Permalink:
CERTCC/cert-uefi-parser@d784dffd9e708e6aeb36b41945fbeb3e6603b8c0 -
Branch / Tag:
refs/tags/v1.0.7 - Owner: https://github.com/CERTCC
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
pyblish.yml@d784dffd9e708e6aeb36b41945fbeb3e6603b8c0 -
Trigger Event:
push
-
Statement type:
