richprint-pe 1.0.0__py3-none-any.whl

richprint/__init__.py

@@ -0,0 +1,62 @@
+"""
+richprint - Decode and print Rich headers from Windows PE executables.
+
+The Rich header is metadata embedded by Microsoft's linker containing
+compiler version information (@comp.id records).
+"""
+
+from .parser import parse_file, parse_bytes
+from .database import load_database, lookup_description, CompilerDatabase
+from .models import CompilerEntry, RichHeader, PEInfo, ParseResult
+from .constants import (
+    MZ_SIGNATURE,
+    PE_SIGNATURE,
+    RICH_SIGNATURE,
+    DANS_SIGNATURE,
+    MACHINE_TYPES,
+    get_machine_type,
+)
+from .exceptions import (
+    RichPrintError,
+    FileOpenError,
+    NoMZHeaderError,
+    NoPEHeaderError,
+    InvalidDOSHeaderError,
+    NoRichHeaderError,
+    NoDanSTokenError,
+    InvalidRichHeaderError,
+)
+
+__version__ = "1.0.0"
+
+__all__ = [
+    # Main API
+    "parse_file",
+    "parse_bytes",
+    "load_database",
+    "lookup_description",
+    # Models
+    "CompilerEntry",
+    "RichHeader",
+    "PEInfo",
+    "ParseResult",
+    "CompilerDatabase",
+    # Constants
+    "MZ_SIGNATURE",
+    "PE_SIGNATURE",
+    "RICH_SIGNATURE",
+    "DANS_SIGNATURE",
+    "MACHINE_TYPES",
+    "get_machine_type",
+    # Exceptions
+    "RichPrintError",
+    "FileOpenError",
+    "NoMZHeaderError",
+    "NoPEHeaderError",
+    "InvalidDOSHeaderError",
+    "NoRichHeaderError",
+    "NoDanSTokenError",
+    "InvalidRichHeaderError",
+    # Version
+    "__version__",
+]

richprint/__main__.py

@@ -0,0 +1,7 @@
+"""Enable running as: python -m richprint"""
+
+import sys
+from .cli import main
+
+if __name__ == "__main__":
+    sys.exit(main())

richprint/cli.py

@@ -0,0 +1,112 @@
+"""Command-line interface for richprint."""
+
+import argparse
+import json
+import sys
+from typing import List, Optional
+
+from .database import load_database
+from .parser import parse_file
+from .models import ParseResult
+
+
+def format_entry_line(entry) -> str:
+    """Format a single Rich header entry for display."""
+    return (
+        f"{entry.comp_id:08x} {entry.product_id:4x} {entry.build_version:6d} "
+        f"{entry.count:5d}"
+        + (f" {entry.description}" if entry.description else "")
+    )
+
+
+def print_result(result: ParseResult) -> None:
+    """Print parse result in human-readable format."""
+    print(f"Processing {result.filename}")
+
+    if not result.success:
+        print(result.error, file=sys.stderr)
+        return
+
+    if result.pe_info:
+        print(f"Target machine: {result.pe_info.machine_name}")
+
+    if result.rich_header and result.rich_header.entries:
+        print("@comp.id   id version count   description")
+        for entry in result.rich_header.entries:
+            print(format_entry_line(entry))
+
+
+def create_parser() -> argparse.ArgumentParser:
+    """Create argument parser."""
+    parser = argparse.ArgumentParser(
+        prog="richprint",
+        description="Decode and print Rich headers from Windows PE executables.",
+        epilog=(
+            "Rich headers contain compiler version information embedded by "
+            "Microsoft's linker."
+        ),
+    )
+
+    parser.add_argument(
+        "files",
+        nargs="*",
+        metavar="FILE",
+        help="PE executable file(s) to analyze",
+    )
+
+    parser.add_argument(
+        "--json",
+        action="store_true",
+        help="Output results as JSON",
+    )
+
+    parser.add_argument(
+        "--database", "-d",
+        metavar="PATH",
+        help="Path to custom comp_id.txt database file",
+    )
+
+    parser.add_argument(
+        "--version", "-V",
+        action="version",
+        version="%(prog)s 1.0.0",
+    )
+
+    return parser
+
+
+def main(argv: Optional[List[str]] = None) -> int:
+    """Main entry point for CLI."""
+    parser = create_parser()
+    args = parser.parse_args(argv)
+
+    if not args.files:
+        print(
+            "Rich header decoder. Usage:\n\n"
+            "  richprint file ...\n\n"
+            "Rich headers can be found in executable files, DLLs, "
+            "and other binary files\ncreated by Microsoft linker."
+        )
+        return 0
+
+    # Load database
+    db = load_database(args.database)
+
+    results = []
+    for filename in args.files:
+        result = parse_file(filename, db)
+        results.append(result)
+
+    if args.json:
+        output = [r.to_dict() for r in results]
+        print(json.dumps(output, indent=2))
+    else:
+        for result in results:
+            print_result(result)
+
+    # Return non-zero if any file failed
+    return 0 if all(r.success for r in results) else 1
+
+
+if __name__ == "__main__":
+    sys.exit(main())

richprint/constants.py

@@ -0,0 +1,47 @@
+"""Magic numbers and constants for PE/Rich header parsing."""
+
+# Signature magic values
+MZ_SIGNATURE = 0x5A4D  # "MZ" - DOS executable signature
+PE_SIGNATURE = 0x4550  # "PE\0\0" - PE header signature
+RICH_SIGNATURE = 0x68636952  # "Rich" (little-endian)
+DANS_SIGNATURE = 0x536E6144  # "DanS" (little-endian)
+
+# DOS header offsets
+DOS_NUM_RELOCS_OFFSET = 0x06  # Number of relocations
+DOS_HEADER_PARA_OFFSET = 0x08  # Size of header in paragraphs
+DOS_RELOC_OFFSET = 0x18  # File address of relocation table
+DOS_PE_OFFSET = 0x3C  # File address of PE header
+
+# PE header offsets (relative to PE signature)
+PE_MACHINE_OFFSET = 4  # Machine type field
+
+# Machine type mapping
+# From https://msdn.microsoft.com/en-us/windows/hardware/gg463119.aspx
+MACHINE_TYPES = {
+    0x8664: "x64",
+    0x14C: "x32",
+    0x1D3: "Matsushita AM33",
+    0x1C0: "ARM LE",
+    0x1C4: "ARMv7+ Thumb",
+    0xAA64: "ARMv8 64bit",
+    0xEBC: "EFI bytecode",
+    0x200: "Intel Itanium",
+    0x9041: "Mitsubishi M32R LE",
+    0x266: "MIPS16",
+    0x366: "MIPS w/FPU",
+    0x466: "MIPS16 w/FPU",
+    0x1F0: "PowerPC LE",
+    0x1F1: "PowerPC w/FPU",
+    0x166: "MIPS LE",
+    0x1A2: "Hitachi SH3",
+    0x1A3: "Hitachi SH3 DSP",
+    0x1A6: "Hitachi SH4",
+    0x1A8: "Hitachi SH5",
+    0x1C2: "ARM or Thumb",
+    0x169: "MIPS LE WCE v2",
+}
+
+
+def get_machine_type(machine_id: int) -> str:
+    """Get human-readable machine type name."""
+    return MACHINE_TYPES.get(machine_id, "Unknown")

richprint/data/__init__.py

@@ -0,0 +1 @@
+# Package marker for bundled data files.