view common/selftest.c @ 1369:948f03bb5254

Add signature time extraction for Linux and test for it in binverifytest
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 24 Nov 2014 14:43:10 +0100
parents 28885e8c891f
children
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU GPL (v>=2)
 * and comes with ABSOLUTELY NO WARRANTY!
 * See LICENSE.txt for details.
 */

#include "selftest.h"
#include "binverify.h"
#include "strhelp.h"
#include "logging.h"

bool
selftest(time_t *sig_time)
{
  bin_verify_result res;
#ifdef WIN32
  wchar_t wPath[MAX_PATH];
  char *utf8path = NULL;

  if (!GetModuleFileNameW (NULL, wPath, MAX_PATH - 1))
    {
      PRINTLASTERROR ("Failed to obtain module file name. Path too long?");
      return false;
    }

  /* wPath might not be 0 terminated */
  wPath[MAX_PATH - 1] = '\0';

  utf8path = wchar_to_utf8 (wPath, wcsnlen(wPath, MAX_PATH));

  if (utf8path == NULL)
    {
      ERRORPRINTF ("Failed to convert module path to utf-8");
      return false;
    }

  res = verify_binary (utf8path, strlen(utf8path));
  if (res.result != VerifyValid)
    {
      ERRORPRINTF ("Verification of the binary failed");
      syslog_error_printf ("Integrity check failed.");
      xfree(utf8path);
      return false;
    }

  if (sig_time)
    {
      *sig_time = res.sig_time;
    }
  fclose(res.fptr);
  xfree(utf8path);
  return true;
#else
  res = verify_binary ("/proc/self/exe", 14);
  if (res.result != VerifyValid)
    {
      syslog_error_printf ("Integrity check failed.");
      return false;
    }
  if (sig_time)
    {
      *sig_time = res.sig_time;
    }
  fclose(res.fptr);
  return true;
#endif
}

http://wald.intevation.org/projects/trustbridge/