15fff9558SSimon J. Gerraty /*- 25fff9558SSimon J. Gerraty * Copyright (c) 2017-2018, Juniper Networks, Inc. 35fff9558SSimon J. Gerraty * 45fff9558SSimon J. Gerraty * Redistribution and use in source and binary forms, with or without 55fff9558SSimon J. Gerraty * modification, are permitted provided that the following conditions 65fff9558SSimon J. Gerraty * are met: 75fff9558SSimon J. Gerraty * 1. Redistributions of source code must retain the above copyright 85fff9558SSimon J. Gerraty * notice, this list of conditions and the following disclaimer. 95fff9558SSimon J. Gerraty * 2. Redistributions in binary form must reproduce the above copyright 105fff9558SSimon J. Gerraty * notice, this list of conditions and the following disclaimer in the 115fff9558SSimon J. Gerraty * documentation and/or other materials provided with the distribution. 125fff9558SSimon J. Gerraty * 135fff9558SSimon J. Gerraty * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 145fff9558SSimon J. Gerraty * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 155fff9558SSimon J. Gerraty * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 165fff9558SSimon J. Gerraty * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 175fff9558SSimon J. Gerraty * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 185fff9558SSimon J. Gerraty * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 195fff9558SSimon J. Gerraty * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 205fff9558SSimon J. Gerraty * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 215fff9558SSimon J. Gerraty * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 225fff9558SSimon J. Gerraty * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 235fff9558SSimon J. Gerraty * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 245fff9558SSimon J. Gerraty */ 255fff9558SSimon J. Gerraty #ifndef _VERIFY_FILE_H_ 265fff9558SSimon J. Gerraty #define _VERIFY_FILE_H_ 275fff9558SSimon J. Gerraty 285fff9558SSimon J. Gerraty #define VE_GUESS -1 /* let verify_file work it out */ 295fff9558SSimon J. Gerraty #define VE_TRY 0 /* we don't mind if unverified */ 305fff9558SSimon J. Gerraty #define VE_WANT 1 /* we want this verified */ 315fff9558SSimon J. Gerraty #define VE_MUST 2 /* this must be verified */ 325fff9558SSimon J. Gerraty 33b0fefb25SMarcin Wojtas #define VE_NOT_CHECKED -42 345fff9558SSimon J. Gerraty #define VE_VERIFIED 1 /* all good */ 355fff9558SSimon J. Gerraty #define VE_UNVERIFIED_OK 0 /* not verified but that's ok */ 365fff9558SSimon J. Gerraty #define VE_NOT_VERIFYING 2 /* we are not verifying */ 375fff9558SSimon J. Gerraty 3866655411SSimon J. Gerraty /* suitable buf size for hash_string */ 3966655411SSimon J. Gerraty #ifndef SHA_DIGEST_LENGTH 4066655411SSimon J. Gerraty # define SHA_DIGEST_LENGTH 20 4166655411SSimon J. Gerraty #endif 4266655411SSimon J. Gerraty 435fff9558SSimon J. Gerraty struct stat; 445fff9558SSimon J. Gerraty 45afc571b1SSimon J. Gerraty int verify_prep(int, const char *, off_t, struct stat *, const char *); 465fff9558SSimon J. Gerraty void ve_debug_set(int); 47afc571b1SSimon J. Gerraty char *ve_error_get(void); 4813ea0450SMarcin Wojtas void ve_efi_init(void); 49f616d61aSSimon J. Gerraty void ve_status_set(int, int); 50afc571b1SSimon J. Gerraty int ve_status_get(int); 515fff9558SSimon J. Gerraty int load_manifest(const char *, const char *, const char *, struct stat *); 52b0fefb25SMarcin Wojtas int pass_manifest(const char *, const char *); 53b0fefb25SMarcin Wojtas int pass_manifest_export_envs(void); 5466655411SSimon J. Gerraty void verify_report(const char *, int, int, struct stat *); 55afc571b1SSimon J. Gerraty int verify_file(int, const char *, off_t, int, const char *); 565fff9558SSimon J. Gerraty void verify_pcr_export(void); 5766655411SSimon J. Gerraty int hash_string(char *s, size_t n, char *buf, size_t bufsz); 5866655411SSimon J. Gerraty int is_verified(struct stat *); 5966655411SSimon J. Gerraty void add_verify_status(struct stat *, int); 605fff9558SSimon J. Gerraty 61afc571b1SSimon J. Gerraty struct vectx; 62afc571b1SSimon J. Gerraty struct vectx* vectx_open(int, const char *, off_t, struct stat *, int *, const char *); 63afc571b1SSimon J. Gerraty ssize_t vectx_read(struct vectx *, void *, size_t); 64afc571b1SSimon J. Gerraty off_t vectx_lseek(struct vectx *, off_t, int); 65afc571b1SSimon J. Gerraty int vectx_close(struct vectx *, int, const char *); 66afc571b1SSimon J. Gerraty 675fff9558SSimon J. Gerraty #endif /* _VERIFY_FILE_H_ */ 68