Annotation of embedaddon/strongswan/src/libstrongswan/utils/integrity_checker.h, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2009 Martin Willi
3: * HSR Hochschule fuer Technik Rapperswil
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: /**
17: * @defgroup integrity_checker integrity_checker
18: * @{ @ingroup utils
19: */
20:
21: #ifndef INTEGRITY_CHECKER_H_
22: #define INTEGRITY_CHECKER_H_
23:
24: #include "utils.h"
25:
26: typedef struct integrity_checker_t integrity_checker_t;
27: typedef struct integrity_checksum_t integrity_checksum_t;
28:
29: /**
30: * Struct to hold a precalculated checksum, implemented in the checksum library.
31: */
32: struct integrity_checksum_t {
33: /* name of the checksum */
34: char *name;
35: /* size in bytes of the file on disk */
36: size_t file_len;
37: /* checksum of the file on disk */
38: uint32_t file;
39: /* size in bytes of executable segment in memory */
40: size_t segment_len;
41: /* checksum of the executable segment in memory */
42: uint32_t segment;
43: };
44:
45: /**
46: * Code integrity checker to detect non-malicious file manipulation.
47: *
48: * The integrity checker reads the checksums from a separate library
49: * libchecksum.so to compare the checksums.
50: */
51: struct integrity_checker_t {
52:
53: /**
54: * Check the integrity of a file on disk.
55: *
56: * @param name name to lookup checksum
57: * @param file path to file
58: * @return TRUE if integrity tested successfully
59: */
60: bool (*check_file)(integrity_checker_t *this, char *name, char *file);
61:
62: /**
63: * Build the integrity checksum of a file on disk.
64: *
65: * @param file path to file
66: * @param len return length in bytes of file
67: * @return checksum, 0 on error
68: */
69: uint32_t (*build_file)(integrity_checker_t *this, char *file, size_t *len);
70:
71: /**
72: * Check the integrity of the code segment in memory.
73: *
74: * @param name name to lookup checksum
75: * @param sym a symbol in the segment to check
76: * @return TRUE if integrity tested successfully
77: */
78: bool (*check_segment)(integrity_checker_t *this, char *name, void *sym);
79: /**
80: * Build the integrity checksum of a code segment in memory.
81: *
82: * @param sym a symbol in the segment to check
83: * @param len return length in bytes of code segment in memory
84: * @return checksum, 0 on error
85: */
86: uint32_t (*build_segment)(integrity_checker_t *this, void *sym, size_t *len);
87:
88: /**
89: * Check both, on disk file integrity and loaded segment.
90: *
91: * @param name name to lookup checksum
92: * @param sym a symbol to look up library and segment
93: * @return TRUE if integrity tested successfully
94: */
95: bool (*check)(integrity_checker_t *this, char *name, void *sym);
96:
97: /**
98: * Destroy a integrity_checker_t.
99: */
100: void (*destroy)(integrity_checker_t *this);
101: };
102:
103: /**
104: * Create a integrity_checker instance.
105: *
106: * @param checksum_library library containing checksums
107: */
108: integrity_checker_t *integrity_checker_create(char *checksum_library);
109:
110: #endif /** INTEGRITY_CHECKER_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>