87 lines
2.8 KiB
C
87 lines
2.8 KiB
C
/*
|
|
* security.h - Runtime function declarations for libglacier
|
|
*
|
|
* This file is part of Glacier.
|
|
*
|
|
* Glacier is free software: you can redistribute it and/or modify it under the terms of the
|
|
* GNU Lesser General Public License as published by the Free Software Foundation, either
|
|
* version 3 of the License, or (at your option) any later version.
|
|
*
|
|
* Glacier is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
|
|
* without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
|
* PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public License along with Glacier. If
|
|
* not, see <https://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#ifndef GLACIERSECURITY_H_
|
|
#define GLACIERSECURITY_H_
|
|
|
|
typedef unsigned int uint;
|
|
typedef unsigned char uchar;
|
|
|
|
/*
|
|
* compare_file_hash
|
|
*
|
|
* DESCRIPTION: compare_file_hash compares the SHA256 hashes of a file and its original hash
|
|
* PARAMETERS:
|
|
* char ORIG_HASH[] -> The file containing the expected hash result
|
|
* char FILE[] -> The file to compare against ORIG_HASH[]
|
|
* RETURN VALUES:
|
|
* 0 on hashes match, 1 on hashes do not match, -1 on library error
|
|
* CAVEATS:
|
|
* None.
|
|
* EXAMPLE:
|
|
* compare_file_hash("pkg.sha256sum", "pkg.tar.xz");
|
|
*/
|
|
|
|
/* int compare_file_hash(char ORIG_HASH[], char FILE[]); */
|
|
|
|
/*
|
|
* gl_print_hash
|
|
*
|
|
* DESCRIPTION: Prints a specified hash string
|
|
* PARAMETERS: unsigned char *hash, unsigned int length
|
|
* RETURNS: 0 on success, 1 on error
|
|
*/
|
|
int gl_print_hash(uchar *hash, uint length);
|
|
|
|
/*
|
|
* gl_stash_hash
|
|
*
|
|
* DESCRIPTION: Stores a hash inside a string
|
|
* PARAMETERS: unsigned char *stored_hash, unsigned char *hash, unsigned int length
|
|
* RETURNS: 0 on success, 1 on error
|
|
*/
|
|
int gl_stash_hash(char *stored_hash, unsigned int stored_hash_size, const uchar *hash, uint length);
|
|
|
|
/*
|
|
* gl_hash_file
|
|
*
|
|
* DESCRIPTION: Performs a hashing operation on a file and stores the result
|
|
* PARAMETERS: const char *filename, unsigned char *out_hash, unsigned int *out_length
|
|
* RETURNS: 0 on success, 1-6 for different error conditions
|
|
*/
|
|
int gl_hash_file(const char *filename, unsigned char *out_hash, unsigned int *out_length);
|
|
|
|
/*
|
|
* gl_verify_signature
|
|
*
|
|
* DESCRIPTION: Verify a package signature against a trusted keyring
|
|
* PARAMETERS: char PACKAGE[], char SIGNATURE[]
|
|
* RETURNS: 0 on success, 1 on verification failure, 2 on file not found
|
|
*/
|
|
int gl_verify_signature(char PACKAGE[], char SIGNATURE[]);
|
|
|
|
/*
|
|
* gl_check_integrity
|
|
*
|
|
* DESCRIPTION: Check package integrity by comparing with expected hash
|
|
* PARAMETERS: char PACKAGE[], char EXPECTED_HASH[]
|
|
* RETURNS: 0 on success, 1 on hash mismatch, 2 on file not found or error
|
|
*/
|
|
int gl_check_integrity(char PACKAGE[], char EXPECTED_HASH[]);
|
|
|
|
#endif
|