Annotation of embedaddon/strongswan/src/libstrongswan/utils/integrity_checker.h, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2009 Martin Willi
! 3: * HSR Hochschule fuer Technik Rapperswil
! 4: *
! 5: * This program is free software; you can redistribute it and/or modify it
! 6: * under the terms of the GNU General Public License as published by the
! 7: * Free Software Foundation; either version 2 of the License, or (at your
! 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 9: *
! 10: * This program is distributed in the hope that it will be useful, but
! 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 13: * for more details.
! 14: */
! 15:
! 16: /**
! 17: * @defgroup integrity_checker integrity_checker
! 18: * @{ @ingroup utils
! 19: */
! 20:
! 21: #ifndef INTEGRITY_CHECKER_H_
! 22: #define INTEGRITY_CHECKER_H_
! 23:
! 24: #include "utils.h"
! 25:
! 26: typedef struct integrity_checker_t integrity_checker_t;
! 27: typedef struct integrity_checksum_t integrity_checksum_t;
! 28:
! 29: /**
! 30: * Struct to hold a precalculated checksum, implemented in the checksum library.
! 31: */
! 32: struct integrity_checksum_t {
! 33: /* name of the checksum */
! 34: char *name;
! 35: /* size in bytes of the file on disk */
! 36: size_t file_len;
! 37: /* checksum of the file on disk */
! 38: uint32_t file;
! 39: /* size in bytes of executable segment in memory */
! 40: size_t segment_len;
! 41: /* checksum of the executable segment in memory */
! 42: uint32_t segment;
! 43: };
! 44:
! 45: /**
! 46: * Code integrity checker to detect non-malicious file manipulation.
! 47: *
! 48: * The integrity checker reads the checksums from a separate library
! 49: * libchecksum.so to compare the checksums.
! 50: */
! 51: struct integrity_checker_t {
! 52:
! 53: /**
! 54: * Check the integrity of a file on disk.
! 55: *
! 56: * @param name name to lookup checksum
! 57: * @param file path to file
! 58: * @return TRUE if integrity tested successfully
! 59: */
! 60: bool (*check_file)(integrity_checker_t *this, char *name, char *file);
! 61:
! 62: /**
! 63: * Build the integrity checksum of a file on disk.
! 64: *
! 65: * @param file path to file
! 66: * @param len return length in bytes of file
! 67: * @return checksum, 0 on error
! 68: */
! 69: uint32_t (*build_file)(integrity_checker_t *this, char *file, size_t *len);
! 70:
! 71: /**
! 72: * Check the integrity of the code segment in memory.
! 73: *
! 74: * @param name name to lookup checksum
! 75: * @param sym a symbol in the segment to check
! 76: * @return TRUE if integrity tested successfully
! 77: */
! 78: bool (*check_segment)(integrity_checker_t *this, char *name, void *sym);
! 79: /**
! 80: * Build the integrity checksum of a code segment in memory.
! 81: *
! 82: * @param sym a symbol in the segment to check
! 83: * @param len return length in bytes of code segment in memory
! 84: * @return checksum, 0 on error
! 85: */
! 86: uint32_t (*build_segment)(integrity_checker_t *this, void *sym, size_t *len);
! 87:
! 88: /**
! 89: * Check both, on disk file integrity and loaded segment.
! 90: *
! 91: * @param name name to lookup checksum
! 92: * @param sym a symbol to look up library and segment
! 93: * @return TRUE if integrity tested successfully
! 94: */
! 95: bool (*check)(integrity_checker_t *this, char *name, void *sym);
! 96:
! 97: /**
! 98: * Destroy a integrity_checker_t.
! 99: */
! 100: void (*destroy)(integrity_checker_t *this);
! 101: };
! 102:
! 103: /**
! 104: * Create a integrity_checker instance.
! 105: *
! 106: * @param checksum_library library containing checksums
! 107: */
! 108: integrity_checker_t *integrity_checker_create(char *checksum_library);
! 109:
! 110: #endif /** INTEGRITY_CHECKER_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>