Mercurial > trustbridge
view common/binverify.h @ 1289:34c92dbfee7e
(issue44) Do not ask the user to confirm start on update
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Mon, 29 Sep 2014 13:34:19 +0200 |
parents | 2a1aa9df8f11 |
children | 28885e8c891f |
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik * Software engineering by Intevation GmbH * * This file is Free Software under the GNU GPL (v>=2) * and comes with ABSOLUTELY NO WARRANTY! * See LICENSE.txt for details. */ #ifndef BINVERIFY_H #define BINVERIFY_H /* @file binverify.h * @brief Verification of binary files */ #include <stdbool.h> #include <stddef.h> #include <stdio.h> #ifdef __cplusplus extern "C" { #endif /** * @enum verify_result * @brief Result of a verification */ typedef enum { /*! Could be read and signature matched */ VerifyValid = 100, /*! The expected unexpected */ VerifyUnknownError = 1, /*! Signature was invalid */ VerifyInvalidSignature = 4, /*! Certificate mismatch */ VerifyInvalidCertificate = 5, /*! File exists but could not read the file */ VerifyReadFailed = 6, } verify_result; /** * @struct bin_verify_result * @brief A structure containing a verify_result and a reference to the * verified file. */ typedef struct { /*@{*/ verify_result result; /**< the result of the verification */ FILE *fptr; /**< Pointer to the open file struct of the verified file The ptr is only valid if verify_result is VerifyValid and needs to be closed by the caller in that case.*/ /*@}*/ } bin_verify_result; /** * @brief verify a binary * * This function checks that a binary is signed by a built * in certificate. * * Caution: This function works on file names only which could * be modified after this check. * * Windows verification is done using Windows crypto API based on * embedded PKCS 7 "authenticode" signatures embedded into the * file. * * On Linux the file is epxected to and with the pattern of * \\r\\nS: (0x0d0a533A) followed by a 3072 Bit Base64 encoded RSA * signature. * The signature is verified against the built in codesigning key in * the same certificate that is used for windows verification. * If the pattern is not found the verification fails. * * @param[in] filename absolute null terminated UTF-8 encoded path to the file. * @param[in] name_len length of the filename. * * @returns the verification result. */ bin_verify_result verify_binary(const char *filename, size_t name_len); /**@def Max size of a valid binary in byte */ #define MAX_VALID_BIN_SIZE (32 * 1024 * 1024) #ifdef WIN32 /** * @brief windows implementation of verify_binary */ bin_verify_result verify_binary_win(const char *filename, size_t name_len); #else /* WIN32 */ /** * @brief linux implementation of verify_binary */ bin_verify_result verify_binary_linux(const char *filename, size_t name_len); #endif #ifdef __cplusplus } #endif #endif /* BINVERIFY_H */