1*e595e65bSEdward Tomasz Napierala /*- 2*e595e65bSEdward Tomasz Napierala * Copyright (c) 2014 The FreeBSD Foundation 3*e595e65bSEdward Tomasz Napierala * All rights reserved. 4*e595e65bSEdward Tomasz Napierala * 5*e595e65bSEdward Tomasz Napierala * This software was developed by Edward Tomasz Napierala under sponsorship 6*e595e65bSEdward Tomasz Napierala * from the FreeBSD Foundation. 7*e595e65bSEdward Tomasz Napierala * 8*e595e65bSEdward Tomasz Napierala * Redistribution and use in source and binary forms, with or without 9*e595e65bSEdward Tomasz Napierala * modification, are permitted provided that the following conditions 10*e595e65bSEdward Tomasz Napierala * are met: 11*e595e65bSEdward Tomasz Napierala * 1. Redistributions of source code must retain the above copyright 12*e595e65bSEdward Tomasz Napierala * notice, this list of conditions and the following disclaimer. 13*e595e65bSEdward Tomasz Napierala * 2. Redistributions in binary form must reproduce the above copyright 14*e595e65bSEdward Tomasz Napierala * notice, this list of conditions and the following disclaimer in the 15*e595e65bSEdward Tomasz Napierala * documentation and/or other materials provided with the distribution. 16*e595e65bSEdward Tomasz Napierala * 17*e595e65bSEdward Tomasz Napierala * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18*e595e65bSEdward Tomasz Napierala * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19*e595e65bSEdward Tomasz Napierala * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20*e595e65bSEdward Tomasz Napierala * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21*e595e65bSEdward Tomasz Napierala * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22*e595e65bSEdward Tomasz Napierala * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23*e595e65bSEdward Tomasz Napierala * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24*e595e65bSEdward Tomasz Napierala * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25*e595e65bSEdward Tomasz Napierala * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26*e595e65bSEdward Tomasz Napierala * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27*e595e65bSEdward Tomasz Napierala * SUCH DAMAGE. 28*e595e65bSEdward Tomasz Napierala * 29*e595e65bSEdward Tomasz Napierala * $FreeBSD$ 30*e595e65bSEdward Tomasz Napierala */ 31*e595e65bSEdward Tomasz Napierala 32*e595e65bSEdward Tomasz Napierala #ifndef EFISIGN_H 33*e595e65bSEdward Tomasz Napierala #define EFISIGN_H 34*e595e65bSEdward Tomasz Napierala 35*e595e65bSEdward Tomasz Napierala #include <stdbool.h> 36*e595e65bSEdward Tomasz Napierala #include <openssl/evp.h> 37*e595e65bSEdward Tomasz Napierala 38*e595e65bSEdward Tomasz Napierala #define DIGEST "SHA256" 39*e595e65bSEdward Tomasz Napierala #define MAX_SECTIONS 128 40*e595e65bSEdward Tomasz Napierala 41*e595e65bSEdward Tomasz Napierala struct executable { 42*e595e65bSEdward Tomasz Napierala const char *x_path; 43*e595e65bSEdward Tomasz Napierala FILE *x_fp; 44*e595e65bSEdward Tomasz Napierala 45*e595e65bSEdward Tomasz Napierala char *x_buf; 46*e595e65bSEdward Tomasz Napierala size_t x_len; 47*e595e65bSEdward Tomasz Napierala 48*e595e65bSEdward Tomasz Napierala /* 49*e595e65bSEdward Tomasz Napierala * Set by pe_parse(), used by digest(). 50*e595e65bSEdward Tomasz Napierala */ 51*e595e65bSEdward Tomasz Napierala size_t x_headers_len; 52*e595e65bSEdward Tomasz Napierala 53*e595e65bSEdward Tomasz Napierala off_t x_checksum_off; 54*e595e65bSEdward Tomasz Napierala size_t x_checksum_len; 55*e595e65bSEdward Tomasz Napierala 56*e595e65bSEdward Tomasz Napierala off_t x_certificate_entry_off; 57*e595e65bSEdward Tomasz Napierala size_t x_certificate_entry_len; 58*e595e65bSEdward Tomasz Napierala 59*e595e65bSEdward Tomasz Napierala int x_nsections; 60*e595e65bSEdward Tomasz Napierala off_t x_section_off[MAX_SECTIONS]; 61*e595e65bSEdward Tomasz Napierala size_t x_section_len[MAX_SECTIONS]; 62*e595e65bSEdward Tomasz Napierala 63*e595e65bSEdward Tomasz Napierala /* 64*e595e65bSEdward Tomasz Napierala * Computed by digest(). 65*e595e65bSEdward Tomasz Napierala */ 66*e595e65bSEdward Tomasz Napierala unsigned char x_digest[EVP_MAX_MD_SIZE]; 67*e595e65bSEdward Tomasz Napierala unsigned int x_digest_len; 68*e595e65bSEdward Tomasz Napierala 69*e595e65bSEdward Tomasz Napierala /* 70*e595e65bSEdward Tomasz Napierala * Received from the parent process, which computes it in sign(). 71*e595e65bSEdward Tomasz Napierala */ 72*e595e65bSEdward Tomasz Napierala void *x_signature; 73*e595e65bSEdward Tomasz Napierala size_t x_signature_len; 74*e595e65bSEdward Tomasz Napierala }; 75*e595e65bSEdward Tomasz Napierala 76*e595e65bSEdward Tomasz Napierala 77*e595e65bSEdward Tomasz Napierala FILE *checked_fopen(const char *path, const char *mode); 78*e595e65bSEdward Tomasz Napierala void send_chunk(const void *buf, size_t len, int pipefd); 79*e595e65bSEdward Tomasz Napierala void receive_chunk(void **bufp, size_t *lenp, int pipefd); 80*e595e65bSEdward Tomasz Napierala 81*e595e65bSEdward Tomasz Napierala int child(const char *inpath, const char *outpath, int pipefd, 82*e595e65bSEdward Tomasz Napierala bool Vflag, bool vflag); 83*e595e65bSEdward Tomasz Napierala 84*e595e65bSEdward Tomasz Napierala void parse(struct executable *x); 85*e595e65bSEdward Tomasz Napierala void update(struct executable *x); 86*e595e65bSEdward Tomasz Napierala size_t signature_size(const struct executable *x); 87*e595e65bSEdward Tomasz Napierala void show_certificate(const struct executable *x); 88*e595e65bSEdward Tomasz Napierala void range_check(const struct executable *x, 89*e595e65bSEdward Tomasz Napierala off_t off, size_t len, const char *name); 90*e595e65bSEdward Tomasz Napierala 91*e595e65bSEdward Tomasz Napierala #endif /* !EFISIGN_H */ 92