trustbridge: common/binverify.h comparison

comparison common/binverify.h @ 579:f4ce4eef3b38

Implement PKCS#7 embedded signature verfification for windows

author	Andre Heinecke <aheinecke@intevation.de>
date	Tue, 27 May 2014 10:28:36 +0000
parents
children	ecfd77751daf

comparison

equal deleted inserted replaced

-:bf54c9fc0d63
+:f4ce4eef3b38
+/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
+* Software engineering by Intevation GmbH
+*
+* This file is Free Software under the GNU GPL (v>=2)
+* and comes with ABSOLUTELY NO WARRANTY!
+* See LICENSE.txt for details.
+*/
+#ifndef BINVERIFY_H
+#define BINVERIFY_H
+/* @file binverify.h
+* @brief Verification of binary files
+*/
+#include <stdbool.h>
+#include <stddef.h>
+#ifdef __cplusplus
+extern "C" {
+#endif
+/**
+* @enum bin_verify_result
+* @brief Result of a verification
+*/
+typedef enum {
+Valid = 100, /*! Could be read and signature matched */
+UnknownError = 1, /*! The expected unexpected */
+InvalidSignature = 4, /*! Signature was invalid */
+ReadFailed = 6, /*! File exists but could not read the file */
+} bin_verify_result;
+#ifdef WIN32
+/**
+* @brief verify a binary
+*
+* This function checks that a binary is signed by a built
+* in certificate.
+*
+* Caution: This function works on file names only which could
+* be modified after this check.
+*
+* The verification is done using Windows crypto API based on
+* embedded PKCS 7 "authenticode" signatures embedded into the
+* file.
+*
+* @param[in] filename absolute null terminated UTF-8 encoded path to the file.
+* @param[in] name_len length of the filename.
+*
+* @returns the verification result.
+*/
+bin_verify_result verify_binary_win(const char *filename, size_t name_len);
+#endif /* WIN32 */
+#ifdef __cplusplus
+}
+#endif
+#endif /* BINVERIFY_H */

Mercurial > trustbridge

comparison common/binverify.h @ 579:f4ce4eef3b38