Mercurial > trustbridge
view common/binverify.h @ 623:5042ace08cba
Add certificate specific logging functions
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Fri, 20 Jun 2014 12:17:32 +0200 |
parents | ecfd77751daf |
children | facb13c578f1 |
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik * Software engineering by Intevation GmbH * * This file is Free Software under the GNU GPL (v>=2) * and comes with ABSOLUTELY NO WARRANTY! * See LICENSE.txt for details. */ #ifndef BINVERIFY_H #define BINVERIFY_H /* @file binverify.h * @brief Verification of binary files */ #include <stdbool.h> #include <stddef.h> #ifdef __cplusplus extern "C" { #endif /** * @enum bin_verify_result * @brief Result of a verification */ typedef enum { VerifyValid = 100, /*! Could be read and signature matched */ VerifyUnknownError = 1, /*! The expected unexpected */ VerifyInvalidSignature = 4, /*! Signature was invalid */ VerifyReadFailed = 6, /*! File exists but could not read the file */ } bin_verify_result; /** * @brief verify a binary * * This function checks that a binary is signed by a built * in certificate. * * Caution: This function works on file names only which could * be modified after this check. * * The verification is done using Windows crypto API based on * embedded PKCS 7 "authenticode" signatures embedded into the * file. * * @param[in] filename absolute null terminated UTF-8 encoded path to the file. * @param[in] name_len length of the filename. * * @returns the verification result. */ bin_verify_result verify_binary(const char *filename, size_t name_len); #ifdef WIN32 /** * @brief windows implementation of verify_binary */ bin_verify_result verify_binary_win(const char *filename, size_t name_len); #endif /* WIN32 */ #ifdef __cplusplus } #endif #endif /* BINVERIFY_H */