aheinecke@579: /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
aheinecke@579: * Software engineering by Intevation GmbH
aheinecke@579: *
aheinecke@579: * This file is Free Software under the GNU GPL (v>=2)
aheinecke@579: * and comes with ABSOLUTELY NO WARRANTY!
aheinecke@579: * See LICENSE.txt for details.
aheinecke@579: */
aheinecke@579:
aheinecke@579: #ifndef BINVERIFY_H
aheinecke@579: #define BINVERIFY_H
aheinecke@579: /* @file binverify.h
aheinecke@579: * @brief Verification of binary files
aheinecke@579: */
aheinecke@579: #include <stdbool.h>
aheinecke@579: #include <stddef.h>
andre@1081: #include <stdio.h>
aheinecke@579:
aheinecke@579: #ifdef __cplusplus
aheinecke@579: extern "C" {
aheinecke@579: #endif
aheinecke@579:
aheinecke@579: /**
andre@1081: * @enum verify_result
aheinecke@579: * @brief Result of a verification
aheinecke@579: */
aheinecke@579: typedef enum {
andre@1255: /*! Could be read and signature matched */
andre@1255: VerifyValid = 100,
andre@1255: /*! The expected unexpected */
andre@1255: VerifyUnknownError = 1,
andre@1255: /*! Signature was invalid */
andre@1255: VerifyInvalidSignature = 4,
andre@1255: /*! Certificate mismatch */
andre@1255: VerifyInvalidCertificate = 5,
andre@1255: /*! File exists but could not read the file */
andre@1255: VerifyReadFailed = 6,
andre@1081: } verify_result;
andre@1081:
andre@1081: /**
andre@1255: * @struct bin_verify_result
andre@1255: * @brief A structure containing a verify_result and a reference to the
andre@1081: * verified file.
andre@1081: */
andre@1081: typedef struct {
andre@1081: /*@{*/
andre@1081: verify_result result; /**< the result of the verification */
andre@1081: FILE *fptr; /**< Pointer to the open file struct of the verified file
andre@1081: The ptr is only valid if verify_result is VerifyValid
andre@1081: and needs to be closed by the caller in that case.*/
andre@1081: /*@}*/
aheinecke@579: } bin_verify_result;
aheinecke@579:
aheinecke@579: /**
aheinecke@579: * @brief verify a binary
aheinecke@579: *
aheinecke@579: * This function checks that a binary is signed by a built
aheinecke@579: * in certificate.
aheinecke@579: *
aheinecke@579: * Caution: This function works on file names only which could
aheinecke@579: * be modified after this check.
aheinecke@579: *
andre@771: * Windows verification is done using Windows crypto API based on
aheinecke@579: * embedded PKCS 7 "authenticode" signatures embedded into the
aheinecke@579: * file.
aheinecke@579: *
andre@904: * On Linux the file is epxected to and with the pattern of
emanuel@1053: * \\r\\nS: (0x0d0a533A) followed by a 3072 Bit Base64 encoded RSA
andre@774: * signature.
andre@771: * The signature is verified against the built in codesigning key in
andre@771: * the same certificate that is used for windows verification.
andre@774: * If the pattern is not found the verification fails.
andre@771: *
aheinecke@579: * @param[in] filename absolute null terminated UTF-8 encoded path to the file.
aheinecke@579: * @param[in] name_len length of the filename.
aheinecke@579: *
aheinecke@579: * @returns the verification result.
aheinecke@579: */
aheinecke@586: bin_verify_result verify_binary(const char *filename, size_t name_len);
aheinecke@586:
andre@1081: /**@def Max size of a valid binary in byte */
andre@1081: #define MAX_VALID_BIN_SIZE (32 * 1024 * 1024)
andre@1081:
aheinecke@586: #ifdef WIN32
aheinecke@586: /**
aheinecke@586: * @brief windows implementation of verify_binary
aheinecke@586: */
aheinecke@579: bin_verify_result verify_binary_win(const char *filename, size_t name_len);
andre@771: #else /* WIN32 */
andre@771:
andre@771: /**
andre@771: * @brief linux implementation of verify_binary
andre@771: */
andre@771: bin_verify_result verify_binary_linux(const char *filename, size_t name_len);
andre@771: #endif
aheinecke@579:
aheinecke@579: #ifdef __cplusplus
aheinecke@579: }
aheinecke@579: #endif
aheinecke@579:
aheinecke@579: #endif /* BINVERIFY_H */