2 * This file is part of the OpenPTS project.
4 * The Initial Developer of the Original Code is International
5 * Business Machines Corporation. Portions created by IBM
6 * Corporation are Copyright (C) 2010 International Business
7 * Machines Corporation. All Rights Reserved.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the Common Public License as published by
11 * IBM Corporation; either version 1 of the License, or (at your option)
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * Common Public License for more details.
19 * You should have received a copy of the Common Public License
20 * along with this program; if not, a copy can be viewed at
21 * http://www.opensource.org/licenses/cpl1.0.php.
25 * \file include/openpts.h
27 * @author Seiji Munetoh <munetoh@users.sourceforge.jp>
29 * cleanup 2012-01-02 SM
33 #ifndef INCLUDE_OPENPTS_H_
34 #define INCLUDE_OPENPTS_H_
41 /* Hash table (AIDE) */
42 #define __USE_GNU // set for reentrant functions
49 // TODO do not need for build of verifier only
53 /* TCG IWG IF-PTS definitions */
56 #include <openpts_log.h>
58 #include <openpts_ifm.h>
59 #include <openpts_fsm.h>
60 #include <openpts_tpm.h>
63 #include <openpts_tboot.h>
67 /* OpenPTS default configurations */
69 // http://www.iana.org/assignments/port-numbers
70 // http://www.iana.org/cgi-bin/usr-port-number.pl
71 // User ports [1024:49151]
72 // 6674-6686 Unassigned
73 // TODO 5556 is comfrict with Freeciv, => 6678
74 // note) The port is local. for the remote access, we use SSH tunnel (port 22)
75 #define PTSC_CONFIG_FILE "/etc/ptsc.conf"
76 #define PTSV_CONFIG_FILE "/etc/ptsv.conf"
78 #define PTSC_GROUP_NAME "ptsc"
82 #define MAX_SSLEVEL 2 // platform, runtime
85 // TODO(munetoh) Adaptive
86 // 256 => SMBIOS can't fill
89 // TODO malloc this, MAX 100K?
90 // #define EVENTDATA_BUF_SIZE 1024
92 // #define EVENTDATA_BUF_SIZE 4096
93 // UNIX - TODO malloc the buffer
94 #define EVENTDATA_BUF_SIZE 100000
96 // 20100627 pseudo event as IMA's last event
97 #define OPENPTS_PSEUDO_EVENT_TYPE 0xFFFFFFFF
98 #define OPENPTS_PSEUDO_EVENT_PCR 0x5a
101 #define XML_ENCODING "UTF-8"
103 /* TCG RIMM schemas */
104 #define XMLNS_CORE "http://www.trustedcomputinggroup.org/XML/SCHEMA/1_0_1/core_integrity#"
105 #define XMLNS_STUFF "http://www.trustedcomputinggroup.org/XML/SCHEMA/1_0/simple_object#"
106 #define XMLNS_XSI "http://www.w3.org/2001/XMLSchema-instance"
107 #define XMLNS_RIMM "http://www.trustedcomputinggroup.org/XML/SCHEMA/1_0/rimm#"
108 #define XMLNS_IR "http://www.trustedcomputinggroup.org/XML/SCHEMA/1_0/integrity_report#"
110 /* OpenPTS Result Codes */
111 // 0 - 62 defined by IF-PTS
113 #define OPENPTS_RESULT_VALID 0
114 #define OPENPTS_RESULT_UNVERIFIED 101
115 #define OPENPTS_RESULT_INVALID 102
116 #define OPENPTS_RESULT_UNKNOWN 103
117 #define OPENPTS_RESULT_IGNORE 104
119 #define OPENPTS_FSM_SUCCESS 0
120 #define OPENPTS_FSM_FLASH 201
121 #define OPENPTS_FSM_FINISH 202
122 #define OPENPTS_FSM_TRANSIT 203
123 #define OPENPTS_FSM_FINISH_WO_HIT 204
124 #define OPENPTS_FSM_ERROR 205
125 #define OPENPTS_FSM_ERROR_LOOP 206
126 #define OPENPTS_FSM_MIGRATE_EVENT 207
128 #define OPENPTS_SELFTEST_SUCCESS 0
129 #define OPENPTS_SELFTEST_RENEWED 301
130 #define OPENPTS_SELFTEST_FALLBACK 302
131 #define OPENPTS_SELFTEST_FAILED 303
132 #define OPENPTS_FILE_EXISTS 311
133 #define OPENPTS_FILE_MISSING 312
134 #define OPENPTS_DIR_EXISTS 313
135 #define OPENPTS_DIR_MISSING 314
136 #define OPENPTS_IML_MISSING 315
139 #define IMV_ENROLLMENT_NONE 0
140 #define IMV_ENROLLMENT_CREDENTIAL 1
141 #define IMV_ENROLLMENT_AUTO 2
143 // malloc should never really fail
144 // #define ALWAYS_ASSERT_ON_BAD_ALLOC
145 // Undefined this for daemons
146 // #define NEVER_FREE_MEMORY
148 #define isFlagSet(bits, flagToTest) (flagToTest == ((bits) & (flagToTest)))
153 * Security Properties
157 int ignore; /**< flag to exclude policy check. 0: policy check, 1:ignore*/
158 char *name; /**< name */
159 char *value; /**< value */
160 void *next; /**< ptr to the next property */
169 char name[BUF_SIZE]; /**< name */
170 char value[BUF_SIZE]; /**< value */
171 int line; /**< line # */
172 void * next; /**< tr to the next policy */
176 * Actions (UML doActivity)
179 char name[BUF_SIZE]; /**< */
182 #define ACTION_TYPE_PROPERTY
186 * Snapshot (snapshot.c)
189 int event_num; /**< num of event */
190 int pcrIndex; /**< */
191 int level; /**< e.g. 0:BIOS, 1:VMM/OS, 2:App/Userland */
193 int update_num; /**< num of update */
194 void *update; /**< link to the last update */
196 int reset_pcr; /**< resetPCR(n) in FSM */
199 OPENPTS_PCR_EVENT_WRAPPER *start; /**< */
200 OPENPTS_PCR_EVENT_WRAPPER *end; /**< */
202 /* PCR values - calc duering IR generation */
203 BYTE tpm_pcr[MAX_DIGEST_SIZE]; /**< PCR values - calc when get the IML */
204 BYTE start_pcr[MAX_DIGEST_SIZE]; /**< PCR start value of this IML */
205 BYTE curr_pcr[MAX_DIGEST_SIZE]; /**< PCR of this IML */
208 OPENPTS_FSM_CONTEXT *fsm_behavior; /**< Behavior Model */
209 OPENPTS_FSM_CONTEXT *fsm_binary; /**< Binary Model (= RM)*/
213 * Snapshot Table (snapshot.c)
216 OPENPTS_SNAPSHOT *snapshot[MAX_PCRNUM][MAX_SSLEVEL]; /**< ptr to the snapshot */
217 int event_num; /**< Total event num */
218 int snapshots_level[MAX_PCRNUM]; /**< indicate active level */
219 int error[MAX_PCRNUM];
220 int update_num[MAX_SSLEVEL]; /**< remenber the update by ss level */
221 } OPENPTS_SNAPSHOT_TABLE;
226 #define RM_SAX_BUF_SIZE 256
236 OPENPTS_SNAPSHOT *snapshot;
237 OPENPTS_FSM_CONTEXT *fsm;
238 char subvertex_name[RM_SAX_BUF_SIZE];
239 char subvertex_xmitype[RM_SAX_BUF_SIZE];
240 char subvertex_xmiid[RM_SAX_BUF_SIZE];
241 char doactivity_name[RM_SAX_BUF_SIZE];
242 char charbuf[RM_SAX_BUF_SIZE];
243 char source_xmiid[RM_SAX_BUF_SIZE];
244 char target_xmiid[RM_SAX_BUF_SIZE];
245 } OPENPTS_RM_CONTEXT;
249 * Integrity Report (ir.c)
255 /* Structure for SAX parser */
261 char *buf; /**< buffer for the text element */
266 BYTE pcr[MAX_DIGEST_SIZE];
267 TSS_PCR_EVENT *event;
268 OPENPTS_PCR_EVENT_WRAPPER *ew_new;
269 OPENPTS_PCR_EVENT_WRAPPER *ew_last;
272 int integrity; /**< VALID, INVALID */
273 } OPENPTS_IR_CONTEXT;
276 #define IR_SAX_STATE_IDOL 0
277 #define IR_SAX_STATE_PCR_INDEX 1
278 #define IR_SAX_STATE_EVENT_TYPE 2
279 #define IR_SAX_STATE_DIGEST 3
280 #define IR_SAX_STATE_EVENT_DATA 4
281 #define IR_SAX_STATE_PCR 5
288 #define UML2SAX_SUBVERTEX 10
289 #define UML2SAX_DOACTIVITY 15
290 #define UML2SAX_TRANSITION 20
291 #define UML2SAX_BODY 25
296 * AIDE metadata (= IMA event)
300 char *name; /**< file name (full path) */
306 char *hash_key; /**< base64 of selected digest */
308 int status; /**< 0:AIDE 1:AIDE==PTS, 2: AIDE!=PTS, 2:PTS */
309 char * ima_name; /**< name of IMA's eventlog (short) */
310 void * event_wrapper; /**< link to the eventlog */
317 * list for ignore name, ext
328 AIDE_METADATA *start;
338 struct hsearch_data *aide_md_table; // hash table for metadata
339 int aide_md_table_size;
341 /* ignore list for 2.6.31-3X IMA, defectiveness name */
342 AIDE_LIST *ignore_name_start;
343 AIDE_LIST *ignore_name_end;
346 struct hsearch_data *aide_in_table; // hash table for ignore name
347 int aide_in_table_size;
350 #define OPENPTS_AIDE_MD_STATUS_NEW 0
351 #define OPENPTS_AIDE_MD_STATUS_HIT 1
352 #define OPENPTS_AIDE_MD_STATUS_IML_VALID 2
353 #define OPENPTS_AIDE_MD_STATUS_IML_INVALID 3
354 #endif // CONFIG_AIDE
356 /* Validation modes */
358 #define OPENPTS_VALIDATION_MODE_NONE 0
359 #define OPENPTS_VALIDATION_MODE_RM 1
361 #define OPENPTS_VALIDATION_MODE_AIDE 2
362 #define OPENPTS_VALIDATION_MODE_IIDB 3
363 #define OPENPTS_VALIDATION_MODE_AIXTE 4
365 #define OPENPTS_SSH_MODE_OFF 0
366 #define OPENPTS_SSH_MODE_ON 1
368 #define OPENPTS_RM_STATE_UNKNOWN 0
369 #define OPENPTS_RM_STATE_NOW 1
370 #define OPENPTS_RM_STATE_OLD 2
371 #define OPENPTS_RM_STATE_NEW 3
372 #define OPENPTS_RM_STATE_TRASH 4
381 int state; /**< OPENPTS_RM_STATE_XXX */
389 OPENPTS_RMSET rmset[];
393 * collector/target set
402 char *target_conf_filename;
410 OPENPTS_TARGET target[];
411 } OPENPTS_TARGET_LIST;
414 #define OPENPTS_UUID_EMPTY 0
415 #define OPENPTS_UUID_FILENAME_ONLY 1
416 #define OPENPTS_UUID_UUID_ONLY 2
417 #define OPENPTS_UUID_FILLED 3
418 #define OPENPTS_UUID_CHANGED 4
428 /* information about the components described by the models */
433 char *ModelSerialNumber;
434 char *ModelSystemClass;
441 char *DiscretePatches;
448 char *VendorID_Value;
459 int openpts_pcr_index; /**< openpts.pcr.index */
462 TPM_VERSION tpm_version;
463 TSS_VERSION tss_version;
464 TSS_VERSION pts_version;
466 /* Attestation(sign) key */
467 int aik_storage_type;
468 char *aik_storage_filename;
472 OPENPTS_UUID * uuid; /**< Platform(collector) UUID */
473 OPENPTS_UUID * rm_uuid; /**< RM(now) UUID */
474 OPENPTS_UUID * newrm_uuid; /**< RM(next) UUID */
475 OPENPTS_UUID * oldrm_uuid; /**< RM(old/previous) UUID */
476 OPENPTS_UUID * tmp_uuid; /**< Platform(collector) UUID - changed */
477 OPENPTS_UUID * tmp_rm_uuid; /**< RM(now) UUID - changed */
480 PTS_UUID *daemon_uuid;
481 char *str_daemon_uuid;
482 PTS_DateTime *time_daemon_uuid;
484 /* collector settings */
485 int iml_mode; /**< 0: via tss, 1:securityfs */
486 char *bios_iml_filename;
487 char *runtime_iml_filename;
488 int runtime_iml_type;
491 int selftest; /**< 1:run selftest at start */
492 int autoupdate; /**< 1:run autoupdate if selftest was failed at start */
494 int srk_password_mode;
495 int tpm_resetdalock; /**< tpm.resetdalock=on|off=1|0 */
496 int tpm_quote_type; /**< tpm.quote.type=quote|quote2=1:0 */
498 /* multiple manifest */
499 OPENPTS_RMSETS *rmsets;
504 char *rm_filename[MAX_RM_NUM];
507 char *newrm_filename[MAX_RM_NUM];
509 char *ir_dir; /**< collector side */
510 char *ir_filename; /**< vefirier side */
514 int iml_endian; /**< 0: same, 2:conv */
515 int iml_aligned; /**< 0: byte, 4: 4-byte aligned */
518 char *model_dir; /**< */
519 char *model_filename[MAX_RM_NUM][MAX_PCRNUM];
523 OPENPTS_COMPID compIDs[MAX_RM_NUM];
525 /* verifier setting */
526 char *verifier_logging_dir;
527 char *policy_filename;
528 char *property_filename;
529 PTS_UUID *target_uuid;
530 char *str_target_uuid;
531 BYTE *pubkey; /**< TPM PUBKEY */
532 int pubkey_length; /**< TPM PUBKEY length */
535 OPENPTS_TARGET_LIST *target_list;
538 int ima_validation_mode; /**< 0:NA 2:AIDE 3:IIDB */
539 int ima_validation_unknown; /**< 0:ignore 1:invalid */
540 char *aide_database_filename;
542 char *aide_sqlite_filename; /**> SQLite DB filename */
544 char *aide_ignorelist_filename;
548 BYTE *smbios; // link to event
552 /* IF-M collector(ptsc) */
557 /* IF-M verifier(IMV) */
560 #ifdef CONFIG_AUTO_RM_UPDATE
561 int enable_aru; /**> Enable update scan */
562 int update_exist; /**> Update exist, used by collector */
563 int target_newrm_exist; /**> NewRM exist, used by verifier */
564 PTS_UUID *target_newrm_uuid; /**> NewRM UUID */
565 void *update; /**> Hold update*/
570 int ir_without_quote; /**< 1:IR without quote */
575 * OpenPTS reason(remidiation)
580 char *message; /**< */
587 * OPENPTS_CONTEXT - OpenPTS context
588 * by each IF-M connection
592 OPENPTS_CONFIG *conf; /**< OpenPTS Configulation (global) */
593 OPENPTS_CONFIG *target_conf;
596 char *target_conf_filename;
598 /* Platform Validation */
599 int platform_validation_mode; // TODO(munetoh) -> conf?
602 OPENPTS_TPM_CONTEXT tpm; /**< */
606 int pcr_num; // TODO(munetoh) move to pcrs->pcr_num
610 // TODO(munetoh) move to OPENPTS_QUOTE?
611 TSS_VALIDATION *validation_data;
614 OPENPTS_SNAPSHOT_TABLE *ss_table;
615 int update_num; /**< total num of update */
618 OPENPTS_PROPERTY *prop_start; /**< */ // prop.c
619 OPENPTS_PROPERTY *prop_end;
623 OPENPTS_POLICY *policy_start; /**< */ // policy.c
624 OPENPTS_POLICY *policy_end;
627 OPENPTS_REASON *reason_start;
628 OPENPTS_REASON *reason_end;
632 /* Reference Manifest */
633 OPENPTS_RM_CONTEXT *rm_ctx;
635 /* Integrity Report */
636 OPENPTS_IR_CONTEXT *ir_ctx;
641 /* Runtime Validation */
642 int bios_action_count; // by snapshot
644 void *aide_ctx; // AIDE_CONTEXT
650 int ima_ignore; // they are included in the valid count
653 OPENPTS_COMPID compIDs[MAX_RM_NUM];
657 OPENPTS_NONCE *nonce;
658 PTS_UUID *uuid; /**< uuid of otherside, own uuid is ctx->conf->uuid */
660 UINT32 ifm_errno; /**< PTS error code */
663 OPENPTS_UUID *collector_uuid;
664 OPENPTS_UUID *rm_uuid;
671 int count; // TODO used by FSM, location is temp
679 OPENPTS_CONFIG * newPtsConfig();
680 int freePtsConfig(OPENPTS_CONFIG *conf);
681 int readPtsConfig(OPENPTS_CONFIG *conf, char *filename);
682 int writeTargetConf(OPENPTS_CONFIG *conf, PTS_UUID *uuid, char *filename);
683 int readTargetConf(OPENPTS_CONFIG *conf, char *filename);
684 int writeOpenptsConf(OPENPTS_CONFIG *conf, char *filename);
685 int readOpenptsConf(OPENPTS_CONFIG *conf, char *filename);
686 int setModelFile(OPENPTS_CONFIG *conf, int pcr_index, int level, char *filename);
687 OPENPTS_TARGET_LIST *newTargetList(int num);
688 void freeTargetList(OPENPTS_TARGET_LIST *list);
692 OPENPTS_CONTEXT * newPtsContext(OPENPTS_CONFIG *conf);
693 int freePtsContext(OPENPTS_CONTEXT *ctx);
694 char * getAlgString(int type);
695 int readFsmFromPropFile(OPENPTS_CONTEXT *ctx, char * filename); // fsm.c -> ctx.c
697 #define ALGTYPE_SHA1 0
698 #define ALGTYPE_MD5 1
701 int writePtsTlv(OPENPTS_CONTEXT *ctx, int fd, int type);
702 // int setTargetCapability(OPENPTS_CONTEXT *ctx, OPENPTS_IF_M_Capability *cap);
707 OPENPTS_CONFIG *conf,
708 int forground, int debug, const char* dirname);
712 OPENPTS_CONTEXT *ctx,
713 char *host, char *ssh_username, char *ssh_port, char *conf_dir, int mode);
715 OPENPTS_CONTEXT *ctx,
716 char *host, char *ssh_username, char *ssh_port, char *conf_dir, int force);
717 int writeAideIgnoreList(OPENPTS_CONTEXT *ctx, char *filename);
719 OPENPTS_CONTEXT *ctx,
720 char *host, char *ssh_username, char *ssh_port, char *conf_dir);
721 int extendEvCollectorStart(OPENPTS_CONFIG *conf);
723 #define OPENPTS_VERIFY_MODE 0
724 #define OPENPTS_UPDATE_MODE 1
731 OPENPTS_SNAPSHOT * newSnapshot();
732 int freeSnapshot(OPENPTS_SNAPSHOT * ss);
733 OPENPTS_SNAPSHOT_TABLE * newSnapshotTable();
734 int freeSnapshotTable(OPENPTS_SNAPSHOT_TABLE * sst);
735 int addSnapshotToTable(OPENPTS_SNAPSHOT_TABLE * sst, OPENPTS_SNAPSHOT * ss, int pcr_index, int level);
736 OPENPTS_SNAPSHOT *getSnapshotFromTable(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index, int level);
737 OPENPTS_SNAPSHOT *getNewSnapshotFromTable(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index, int level);
738 OPENPTS_SNAPSHOT *getActiveSnapshotFromTable(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index);
739 int setActiveSnapshotLevel(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index, int level);
740 int getActiveSnapshotLevel(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index);
741 int incActiveSnapshotLevel(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index);
744 // TODO(munetoh) assign IMA type to TCG EventType :-(
745 #define BINARY_IML_TYPE_BIOS 0x00000000
746 #define BINARY_IML_TYPE_IMA_ORIGINAL 0x00010000
747 #define BINARY_IML_TYPE_IMA_31 0x00011000 // 2.6.30?, 31, 32
748 #define BINARY_IML_TYPE_IMA 0x00012000
749 #define BINARY_IML_TYPE_IMA_NG 0x00013000
750 #define BINARY_IML_TYPE_IMA_NGLONG 0x00014000
752 /* mode of getBiosImlFile(), getImaImlFile() */
753 #define USE_BHV_FSM 0
754 #define USE_BIN_FSM 1
755 #define USE_BHV_FSM_EC 2
757 // extern SNAPSHOT snapshots[MAX_PCRNUM];
758 OPENPTS_SNAPSHOT * newSnapshot();
759 int freeSnapshot(OPENPTS_SNAPSHOT * ss);
760 int resetSnapshot(OPENPTS_SNAPSHOT *snapshots);
761 int addEventToSnapshotBhv(
762 OPENPTS_CONTEXT * ctx, OPENPTS_PCR_EVENT_WRAPPER * eventWrapper);
763 int addEventToSnapshotBin(
764 OPENPTS_CONTEXT * ctx, OPENPTS_PCR_EVENT_WRAPPER * eventWrapper);
765 int getIml(OPENPTS_CONTEXT *ctx, int option);
766 int readBiosImlFile(OPENPTS_CONTEXT *ctx, const char *filename, int mode);
768 OPENPTS_CONTEXT * ctx,
769 const char *filename,
771 int mode, int *count); // 20100613
772 int setPcrsToSnapshot(OPENPTS_CONTEXT *ctx, OPENPTS_PCRS *pcrs);
773 int getPcrBySysfsFile(OPENPTS_CONTEXT *ctx, const char *filename);
774 int validatePcr(OPENPTS_CONTEXT * ctx);
775 int getPcr(OPENPTS_CONTEXT * ctx);
777 OPENPTS_CONTEXT * ctx,
779 void printSnapshots(OPENPTS_CONTEXT *ctx);
780 void printSnapshotsInfo(OPENPTS_CONTEXT *ctx);
781 void freeEventWrapperChain(OPENPTS_PCR_EVENT_WRAPPER * ew);
783 OPENPTS_CONTEXT * ctx,
786 int printIml(OPENPTS_CONTEXT * ctx);
787 UINT32 freadUint32(FILE * stream, int endian);
788 OPENPTS_PCR_EVENT_WRAPPER * newEventWrapper();
791 char *encodeBase64(unsigned char * in, int inlen, int *outlen);
792 unsigned char *decodeBase64(char * in, int inlen, int *outlen);
797 OPENPTS_CONTEXT *ctx,
798 OPENPTS_FSM_CONTEXT *fsm,
799 OPENPTS_PCR_EVENT_WRAPPER *eventWrapper); // aru,iml
804 OPENPTS_RM_CONTEXT *newRmContext();
805 void freeRmContext(OPENPTS_RM_CONTEXT *ctx);
806 int writeRm(OPENPTS_CONTEXT * ctx, const char *file, int level);
807 int readRmFile(OPENPTS_CONTEXT *ctx, const char *filename, int level);
808 int getRmSetDir(OPENPTS_CONFIG *conf);
809 int getNewRmSetDir(OPENPTS_CONFIG *conf);
810 int makeRmSetDir(OPENPTS_CONFIG *conf);
811 int makeNewRmSetDir(OPENPTS_CONFIG *conf);
814 OPENPTS_IR_CONTEXT *newIrContext();
815 void freeIrContext(OPENPTS_IR_CONTEXT *ctx);
816 int writeIr(OPENPTS_CONTEXT *ctx, const char *filename, int *savedFd);
817 // int validateIr(OPENPTS_CONTEXT *ctx, const char *file);
818 int validateIr(OPENPTS_CONTEXT *ctx);
819 int genIr(OPENPTS_CONTEXT *ctx, int *savedFd);
823 OPENPTS_CONTEXT *ctx,
825 OPENPTS_PCR_EVENT_WRAPPER *eventWrapper);
826 char * trim(char *str);
827 int setLinuxKernelCmdlineAssertion(
828 OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper);
833 OPENPTS_PROPERTY * newProperty(char *name, char *value);
834 int freePropertyChain(OPENPTS_PROPERTY *prop);
835 int freeReasonChain(OPENPTS_REASON *reason);
836 OPENPTS_PROPERTY* getProperty(OPENPTS_CONTEXT *ctx, char *name);
837 int addProperty(OPENPTS_CONTEXT *ctx, char *name, char *value);
838 int updateProperty(OPENPTS_CONTEXT *ctx, char *name, char *value);
840 OPENPTS_CONTEXT *ctx,
843 int setEventProperty(
844 OPENPTS_CONTEXT *ctx,
847 OPENPTS_PCR_EVENT_WRAPPER *eventWrapper);
848 int saveProperties(OPENPTS_CONTEXT *ctx, char * filename);
849 void printProperties(OPENPTS_CONTEXT *ctx);
850 int validateProperty(
851 OPENPTS_CONTEXT *ctx, char *name, char *value, char *action);
852 int addPropertiesFromConfig(OPENPTS_CONFIG *conf, OPENPTS_CONTEXT *ctx);
855 int addReason(OPENPTS_CONTEXT *ctx, int pcr, const char *format, ...);
856 void printReason(OPENPTS_CONTEXT *ctx, int print_pcr_hints);
864 int freePolicyChain(OPENPTS_POLICY *pol);
865 int loadPolicyFile(OPENPTS_CONTEXT *ctx, char * filename);
866 int checkPolicy(OPENPTS_CONTEXT *ctx);
867 int printPolicy(OPENPTS_CONTEXT *ctx);
871 AIDE_METADATA * newAideMetadata();
872 void freeAideMetadata(AIDE_METADATA *md);
873 AIDE_CONTEXT * newAideContext();
874 void freeAideContext(AIDE_CONTEXT *ctx);
875 int loadAideDatabaseFile(AIDE_CONTEXT *ctx, char *filename);
876 int readAideIgnoreNameFile(AIDE_CONTEXT *ctx, char *filename);
877 int checkFileByAide(AIDE_CONTEXT *ctx, AIDE_METADATA *metadata);
878 int checkEventByAide(
879 AIDE_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper);
880 int printAideData(AIDE_CONTEXT *ctx);
881 int convertImlToAideDbFile(OPENPTS_CONTEXT *ctx, char *filename);
882 int writeReducedAidbDatabase(AIDE_CONTEXT *ctx, char *filename);
884 int convertAideDbfileToSQLiteDbFile(char * aide_filename, char * sqlite_filename);
885 int loadSQLiteDatabaseFile(AIDE_CONTEXT *ctx, char *filename);
886 int verifyBySQLite(AIDE_CONTEXT *ctx, char * key);
887 #endif // CONFIG_SQLITE
888 #endif // CONFIG_AIDE
893 int readSmbiosFile(char * filename, BYTE **data, int *len);
894 int printSmbios(BYTE *data, int length);
895 int genSmbiosFileByDmidecode(char * filename);
896 int parseSmbios(OPENPTS_CONTEXT *ctx, BYTE *data, int length);
899 void *xmalloc_assert(size_t len);
900 char *smalloc_assert(char *str);
901 #ifdef ALWAYS_ASSERT_ON_BAD_ALLOC
902 #define xmalloc(len) xmalloc_assert(len)
903 #define smalloc(str) smalloc_assert(str)
905 void *xmalloc(size_t len);
906 char *smalloc(char *str);
908 char *snmalloc(char *str, int len);
909 BYTE *snmalloc2(BYTE * buf, int offset, int len);
910 void xfree(void *ptr);
911 UINT32 byte2uint32(BYTE *b);
912 char * trim(char *str);
913 char *getHexString(BYTE *bin, int size);
914 void printHex(char *head, BYTE *data, int num, char *tail);
915 void fprintHex(FILE *fp, BYTE *data, int num);
916 UINT32 b2l(UINT32 in);
917 void debugHex(char *head, BYTE *data, int num, char *tail);
919 int saveToFile(char * filename, int len, BYTE * msg);
920 UINT32 getUint32(BYTE *buf);
921 int makeDir(char *dirname);
922 int checkDir(char *dirname);
923 int checkFile(char *filename);
924 ssize_t wrapRead(int fd, void *buf, size_t count);
925 ssize_t wrapWrite(int fd, const void *buf, size_t count);
926 char *getFullpathName(char *base_path, char *filename);
927 char *getFullpathDir(char *filename);
928 int unlinkDir(const char *dirPath);
932 void freeUuid(PTS_UUID *uuid);
933 char * getStringOfUuid(PTS_UUID *uuid);
934 PTS_UUID *getUuidFromString(char *str);
935 PTS_DateTime * getDateTimeOfUuid(PTS_UUID *uuid);
936 PTS_DateTime * getDateTime();
937 int writeUuidFile(char *str_uuid, char *filename, int overwrite);
938 int readUuidFile(char *filename, char **str_uuid, PTS_UUID **uuid);
939 int getRmList(OPENPTS_CONFIG *conf, char * config_dir);
940 int purgeRenewedRm(OPENPTS_CONFIG *conf);
941 void printRmList(OPENPTS_CONFIG *conf, char *indent);
942 int getTargetList(OPENPTS_CONFIG *conf, char * config_dir);
943 void printTargetList(OPENPTS_CONFIG *conf, char *indent);
944 char *getTargetConfDir(OPENPTS_CONFIG *conf);
945 OPENPTS_TARGET *getTargetCollector(OPENPTS_CONFIG *conf);
946 OPENPTS_TARGET *getTargetCollectorByUUID(OPENPTS_CONFIG *conf, const char *uuid);
948 OPENPTS_UUID *newOpenptsUuid();
949 OPENPTS_UUID *newOpenptsUuid2(PTS_UUID *pts_uuid);
950 OPENPTS_UUID *newOpenptsUuidFromFile(char * filename);
951 void freeOpenptsUuid(OPENPTS_UUID *uuid);
952 int genOpenptsUuid(OPENPTS_UUID *uuid);
953 int readOpenptsUuidFile(OPENPTS_UUID *uuid);
954 int writeOpenptsUuidFile(OPENPTS_UUID *uuid, int overwrite);
957 int init(OPENPTS_CONFIG *conf, int prop_count, OPENPTS_PROPERTY *prop_start, OPENPTS_PROPERTY *prop_end);
958 int printCollectorStatus(OPENPTS_CONFIG *conf);
959 int selftest(OPENPTS_CONFIG *conf, int prop_count, OPENPTS_PROPERTY *prop_start, OPENPTS_PROPERTY *prop_end);
960 int newrm(OPENPTS_CONFIG *conf, int prop_count, OPENPTS_PROPERTY *prop_start, OPENPTS_PROPERTY *prop_end);
961 int clear(OPENPTS_CONFIG *conf, int force);
963 #ifdef CONFIG_AUTO_RM_UPDATE
964 #include "./openpts_aru.h"
968 pid_t ssh_connect(char *host, char *ssh_username, char *ssh_port, char *key_file, int *socket);
970 #endif // INCLUDE_OPENPTS_H_