2 * This file is part of the OpenPTS project.
4 * The Initial Developer of the Original Code is International
5 * Business Machines Corporation. Portions created by IBM
6 * Corporation are Copyright (C) 2010 International Business
7 * Machines Corporation. All Rights Reserved.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the Common Public License as published by
11 * IBM Corporation; either version 1 of the License, or (at your option)
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * Common Public License for more details.
19 * You should have received a copy of the Common Public License
20 * along with this program; if not, a copy can be viewed at
21 * http://www.opensource.org/licenses/cpl1.0.php.
25 * \file include/openpts.h
27 * @author Seiji Munetoh <munetoh@users.sourceforge.jp>
29 * cleanup 2011-01-21 SM
33 #ifndef INCLUDE_OPENPTS_H_
34 #define INCLUDE_OPENPTS_H_
41 /* Hash table (AIDE) */
42 #define __USE_GNU // set for reentrant functions
49 // TODO do not need for build of verifier only
53 /* TCG IWG IF-PTS definitions */
56 #include <openpts_log.h>
58 #include <openpts_ifm.h>
59 #include <openpts_fsm.h>
60 #include <openpts_tpm.h>
63 #include <openpts_tboot.h>
67 /* OpenPTS default configurations */
69 // http://www.iana.org/assignments/port-numbers
70 // http://www.iana.org/cgi-bin/usr-port-number.pl
71 // User ports [1024:49151]
72 // 6674-6686 Unassigned
73 // TODO 5556 is comfrict with Freeciv, => 6678
74 // note) The port is local. for the remote access, we use SSH tunnel (port 22)
75 #define PTSC_CONFIG_FILE "/etc/ptsc.conf"
76 #define PTSV_CONFIG_FILE "/etc/ptsv.conf"
78 #define PTSC_GROUP_NAME "ptsc"
82 #define MAX_SSLEVEL 2 // platform, runtime
85 // TODO(munetoh) Adaptive
86 // 256 => SMBIOS can't fill
89 // TODO malloc this, MAX 100K?
90 // #define EVENTDATA_BUF_SIZE 1024
92 // #define EVENTDATA_BUF_SIZE 4096
93 // UNIX - TODO malloc the buffer
94 #define EVENTDATA_BUF_SIZE 100000
96 // 20100627 pseudo event as IMA's last event
97 #define OPENPTS_PSEUDO_EVENT_TYPE 0xFFFFFFFF
98 #define OPENPTS_PSEUDO_EVENT_PCR 0x5a
101 #define XML_ENCODING "UTF-8"
103 /* TCG RIMM schemas */
104 #define XMLNS_CORE "http://www.trustedcomputinggroup.org/XML/SCHEMA/1_0_1/core_integrity#"
105 #define XMLNS_STUFF "http://www.trustedcomputinggroup.org/XML/SCHEMA/1_0/simple_object#"
106 #define XMLNS_XSI "http://www.w3.org/2001/XMLSchema-instance"
107 #define XMLNS_RIMM "http://www.trustedcomputinggroup.org/XML/SCHEMA/1_0/rimm#"
108 #define XMLNS_IR "http://www.trustedcomputinggroup.org/XML/SCHEMA/1_0/integrity_report#"
110 /* OpenPTS Result Codes */
111 // 0 - 62 defined by IF-PTS
113 #define OPENPTS_RESULT_VALID 0
114 #define OPENPTS_RESULT_UNVERIFIED 101
115 #define OPENPTS_RESULT_INVALID 102
116 #define OPENPTS_RESULT_UNKNOWN 103
117 #define OPENPTS_RESULT_IGNORE 104
119 #define OPENPTS_FSM_SUCCESS 0
120 #define OPENPTS_FSM_FLASH 201
121 #define OPENPTS_FSM_FINISH 202
122 #define OPENPTS_FSM_TRANSIT 203
123 #define OPENPTS_FSM_FINISH_WO_HIT 204
124 #define OPENPTS_FSM_ERROR 205
125 #define OPENPTS_FSM_ERROR_LOOP 206
126 #define OPENPTS_FSM_MIGRATE_EVENT 207
128 #define OPENPTS_SELFTEST_SUCCESS 0
129 #define OPENPTS_SELFTEST_RENEWED 301
130 #define OPENPTS_SELFTEST_FALLBACK 302
131 #define OPENPTS_SELFTEST_FAILED 303
132 #define OPENPTS_FILE_EXISTS 311
133 #define OPENPTS_FILE_MISSING 312
134 #define OPENPTS_DIR_EXISTS 313
135 #define OPENPTS_DIR_MISSING 314
136 #define OPENPTS_IML_MISSING 315
139 #define IMV_ENROLLMENT_NONE 0
140 #define IMV_ENROLLMENT_CREDENTIAL 1
141 #define IMV_ENROLLMENT_AUTO 2
143 // malloc should never really fail
144 // #define ALWAYS_ASSERT_ON_BAD_ALLOC
145 // Undefined this for daemons
146 // #define NEVER_FREE_MEMORY
148 #define isFlagSet(bits, flagToTest) (flagToTest == ((bits) & (flagToTest)))
153 * Security Properties
157 char *name; /**< name */
158 char *value; /**< value */
159 void *next; /**< ptr to the next property */
168 char name[BUF_SIZE]; /**< name */
169 char value[BUF_SIZE]; /**< value */
170 int line; /**< line # */
171 void * next; /**< tr to the next policy */
175 * Actions (UML doActivity)
178 char name[BUF_SIZE]; /**< */
181 #define ACTION_TYPE_PROPERTY
185 * Snapshot (snapshot.c)
188 int event_num; /**< num of event */
189 int pcrIndex; /**< */
190 int level; /**< e.g. 0:BIOS, 1:VMM/OS, 2:App/Userland */
192 int update_num; /**< num of update */
193 void *update; /**< link to the last update */
195 int reset_pcr; /**< resetPCR(n) in FSM */
198 OPENPTS_PCR_EVENT_WRAPPER *start; /**< */
199 OPENPTS_PCR_EVENT_WRAPPER *end; /**< */
201 /* PCR values - calc duering IR generation */
202 BYTE tpm_pcr[MAX_DIGEST_SIZE]; /**< PCR values - calc when get the IML */
203 BYTE start_pcr[MAX_DIGEST_SIZE]; /**< PCR start value of this IML */
204 BYTE curr_pcr[MAX_DIGEST_SIZE]; /**< PCR of this IML */
207 OPENPTS_FSM_CONTEXT *fsm_behavior; /**< Behavior Model */
208 OPENPTS_FSM_CONTEXT *fsm_binary; /**< Binary Model (= RM)*/
212 * Snapshot Table (snapshot.c)
215 OPENPTS_SNAPSHOT *snapshot[MAX_PCRNUM][MAX_SSLEVEL]; /**< ptr to the snapshot */
216 int event_num; /**< Total event num */
217 int snapshots_level[MAX_PCRNUM]; /**< indicate active level */
218 int error[MAX_PCRNUM];
219 int update_num[MAX_SSLEVEL]; /**< remenber the update by ss level */
220 } OPENPTS_SNAPSHOT_TABLE;
225 #define RM_SAX_BUF_SIZE 256
235 OPENPTS_SNAPSHOT *snapshot;
236 OPENPTS_FSM_CONTEXT *fsm;
237 char subvertex_name[RM_SAX_BUF_SIZE];
238 char subvertex_xmitype[RM_SAX_BUF_SIZE];
239 char subvertex_xmiid[RM_SAX_BUF_SIZE];
240 char doactivity_name[RM_SAX_BUF_SIZE];
241 char charbuf[RM_SAX_BUF_SIZE];
242 char source_xmiid[RM_SAX_BUF_SIZE];
243 char target_xmiid[RM_SAX_BUF_SIZE];
244 } OPENPTS_RM_CONTEXT;
248 * Integrity Report (ir.c)
254 /* Structure for SAX parser */
260 char *buf; /**< buffer for the text element */
265 BYTE pcr[MAX_DIGEST_SIZE];
266 TSS_PCR_EVENT *event;
267 OPENPTS_PCR_EVENT_WRAPPER *ew_new;
268 OPENPTS_PCR_EVENT_WRAPPER *ew_last;
271 int integrity; /**< VALID, INVALID */
272 } OPENPTS_IR_CONTEXT;
275 #define IR_SAX_STATE_IDOL 0
276 #define IR_SAX_STATE_PCR_INDEX 1
277 #define IR_SAX_STATE_EVENT_TYPE 2
278 #define IR_SAX_STATE_DIGEST 3
279 #define IR_SAX_STATE_EVENT_DATA 4
280 #define IR_SAX_STATE_PCR 5
287 #define UML2SAX_SUBVERTEX 10
288 #define UML2SAX_DOACTIVITY 15
289 #define UML2SAX_TRANSITION 20
290 #define UML2SAX_BODY 25
295 * AIDE metadata (= IMA event)
299 char *name; /**< file name (full path) */
305 char *hash_key; /**< base64 of selected digest */
307 int status; /**< 0:AIDE 1:AIDE==PTS, 2: AIDE!=PTS, 2:PTS */
308 char * ima_name; /**< name of IMA's eventlog (short) */
309 void * event_wrapper; /**< link to the eventlog */
316 * list for ignore name, ext
327 AIDE_METADATA *start;
337 struct hsearch_data *aide_md_table; // hash table for metadata
338 int aide_md_table_size;
340 /* ignore list for 2.6.31-3X IMA, defectiveness name */
341 AIDE_LIST *ignore_name_start;
342 AIDE_LIST *ignore_name_end;
345 struct hsearch_data *aide_in_table; // hash table for ignore name
346 int aide_in_table_size;
349 #define OPENPTS_AIDE_MD_STATUS_NEW 0
350 #define OPENPTS_AIDE_MD_STATUS_HIT 1
351 #define OPENPTS_AIDE_MD_STATUS_IML_VALID 2
352 #define OPENPTS_AIDE_MD_STATUS_IML_INVALID 3
353 #endif // CONFIG_AIDE
355 /* Validation modes */
357 #define OPENPTS_VALIDATION_MODE_NONE 0
358 #define OPENPTS_VALIDATION_MODE_RM 1
360 #define OPENPTS_VALIDATION_MODE_AIDE 2
361 #define OPENPTS_VALIDATION_MODE_IIDB 3
362 #define OPENPTS_VALIDATION_MODE_AIXTE 4
364 #define OPENPTS_SSH_MODE_OFF 0
365 #define OPENPTS_SSH_MODE_ON 1
367 #define OPENPTS_RM_STATE_UNKNOWN 0
368 #define OPENPTS_RM_STATE_NOW 1
369 #define OPENPTS_RM_STATE_OLD 2
370 #define OPENPTS_RM_STATE_NEW 3
371 #define OPENPTS_RM_STATE_TRASH 4
380 int state; /**< OPENPTS_RM_STATE_XXX */
388 OPENPTS_RMSET rmset[];
392 * collector/target set
401 char *target_conf_filename;
409 OPENPTS_TARGET target[];
410 } OPENPTS_TARGET_LIST;
413 #define OPENPTS_UUID_EMPTY 0
414 #define OPENPTS_UUID_FILENAME_ONLY 1
415 #define OPENPTS_UUID_UUID_ONLY 2
416 #define OPENPTS_UUID_FILLED 3
417 #define OPENPTS_UUID_CHANGED 4
428 /* information about the components described by the models */
433 char *ModelSerialNumber;
434 char *ModelSystemClass;
441 char *DiscretePatches;
448 char *VendorID_Value;
451 /* Attestation(sign) key */
452 #define OPENPTS_AIK_STORAGE_TYPE_TSS 0
453 #define OPENPTS_AIK_STORAGE_TYPE_BLOB 1
454 #define OPENPTS_AIK_AUTH_TYPE_NULL 0
455 #define OPENPTS_AIK_AUTH_TYPE_COMMON 1
456 //>>>>>>> 042e40b0979f3e44e75200271e4d1282ce08f72c
466 int openpts_pcr_index; /**< openpts.pcr.index */
469 TPM_VERSION tpm_version;
470 TSS_VERSION tss_version;
471 TSS_VERSION pts_version;
473 /* Attestation(sign) key */
474 int aik_storage_type;
475 char *aik_storage_filename;
479 OPENPTS_UUID * uuid; /**< Platform(collector) UUID */
480 OPENPTS_UUID * rm_uuid; /**< RM(now) UUID */
481 OPENPTS_UUID * newrm_uuid; /**< RM(next) UUID */
482 OPENPTS_UUID * oldrm_uuid; /**< RM(old/previous) UUID */
483 OPENPTS_UUID * tmp_uuid; /**< Platform(collector) UUID - changed */
484 OPENPTS_UUID * tmp_rm_uuid; /**< RM(now) UUID - changed */
487 PTS_UUID *daemon_uuid;
488 char *str_daemon_uuid;
489 PTS_DateTime *time_daemon_uuid;
491 /* collector settings */
492 int iml_mode; /**< 0: via tss, 1:securityfs */
493 char *bios_iml_filename;
494 char *runtime_iml_filename;
495 int runtime_iml_type;
498 int selftest; /**< 1:run selftest at start */
499 int autoupdate; /**< 1:run autoupdate if selftest was failed at start */
501 int srk_password_mode;
502 int tpm_resetdalock; /**< tpm.resetdalock=on|off=1|0 */
503 int tpm_quote_type; /**< tpm.quote.type=quote|quote2=1:0 */
505 /* multiple manifest */
506 OPENPTS_RMSETS *rmsets;
511 char *rm_filename[MAX_RM_NUM];
514 char *newrm_filename[MAX_RM_NUM];
516 char *ir_dir; /**< collector side */
517 char *ir_filename; /**< vefirier side */
521 int iml_endian; /**< 0: same, 2:conv */
522 int iml_aligned; /**< 0: byte, 4: 4-byte aligned */
525 char *model_dir; /**< */
526 char *model_filename[MAX_RM_NUM][MAX_PCRNUM];
530 OPENPTS_COMPID compIDs[MAX_RM_NUM];
532 /* verifier setting */
533 char *verifier_logging_dir;
534 char *policy_filename;
535 char *property_filename;
536 PTS_UUID *target_uuid;
537 char *str_target_uuid;
538 BYTE *pubkey; /**< TPM PUBKEY */
539 int pubkey_length; /**< TPM PUBKEY length */
542 OPENPTS_TARGET_LIST *target_list;
545 int ima_validation_mode; /**< 0:NA 2:AIDE 3:IIDB */
546 int ima_validation_unknown; /**< 0:ignore 1:invalid */
547 char *aide_database_filename;
549 char *aide_sqlite_filename; /**> SQLite DB filename */
551 char *aide_ignorelist_filename;
555 BYTE *smbios; // link to event
559 /* IF-M collector(ptsc) */
564 /* IF-M verifier(IMV) */
567 #ifdef CONFIG_AUTO_RM_UPDATE
568 int enable_aru; /**> Enable update scan */
569 int update_exist; /**> Update exist, used by collector */
570 int target_newrm_exist; /**> NewRM exist, used by verifier */
571 PTS_UUID *target_newrm_uuid; /**> NewRM UUID */
572 void *update; /**> Hold update*/
577 int ir_without_quote; /**< 1:IR without quote */
582 * OpenPTS reason(remidiation)
587 char *message; /**< */
594 * OPENPTS_CONTEXT - OpenPTS context
595 * by each IF-M connection
599 OPENPTS_CONFIG *conf; /**< OpenPTS Configulation (global) */
600 OPENPTS_CONFIG *target_conf;
603 char *target_conf_filename;
605 /* Platform Validation */
606 int platform_validation_mode; // TODO(munetoh) -> conf?
609 OPENPTS_TPM_CONTEXT tpm; /**< */
613 int pcr_num; // TODO(munetoh) move to pcrs->pcr_num
617 // TODO(munetoh) move to OPENPTS_QUOTE?
618 TSS_VALIDATION *validation_data;
621 OPENPTS_SNAPSHOT_TABLE *ss_table;
622 int update_num; /**< total num of update */
625 OPENPTS_PROPERTY *prop_start; /**< */ // prop.c
626 OPENPTS_PROPERTY *prop_end;
630 OPENPTS_POLICY *policy_start; /**< */ // policy.c
631 OPENPTS_POLICY *policy_end;
634 OPENPTS_REASON *reason_start;
635 OPENPTS_REASON *reason_end;
639 /* Reference Manifest */
640 OPENPTS_RM_CONTEXT *rm_ctx;
642 /* Integrity Report */
643 OPENPTS_IR_CONTEXT *ir_ctx;
648 /* Runtime Validation */
649 int bios_action_count; // by snapshot
651 void *aide_ctx; // AIDE_CONTEXT
657 int ima_ignore; // they are included in the valid count
660 OPENPTS_COMPID compIDs[MAX_RM_NUM];
664 OPENPTS_NONCE *nonce;
665 PTS_UUID *uuid; /**< uuid of otherside, own uuid is ctx->conf->uuid */
667 UINT32 ifm_errno; /**< PTS error code */
670 OPENPTS_UUID *collector_uuid;
671 OPENPTS_UUID *rm_uuid;
678 int count; // TODO used by FSM, location is temp
686 OPENPTS_CONFIG * newPtsConfig();
687 int freePtsConfig(OPENPTS_CONFIG *conf);
688 int readPtsConfig(OPENPTS_CONFIG *conf, char *filename);
689 int writeTargetConf(OPENPTS_CONFIG *conf, PTS_UUID *uuid, char *filename);
690 int readTargetConf(OPENPTS_CONFIG *conf, char *filename);
691 int writeOpenptsConf(OPENPTS_CONFIG *conf, char *filename);
692 int readOpenptsConf(OPENPTS_CONFIG *conf, char *filename);
693 int setModelFile(OPENPTS_CONFIG *conf, int pcr_index, int level, char *filename);
694 OPENPTS_TARGET_LIST *newTargetList(int num);
695 void freeTargetList(OPENPTS_TARGET_LIST *list);
699 OPENPTS_CONTEXT * newPtsContext(OPENPTS_CONFIG *conf);
700 int freePtsContext(OPENPTS_CONTEXT *ctx);
701 char * getAlgString(int type);
702 int readFsmFromPropFile(OPENPTS_CONTEXT *ctx, char * filename); // fsm.c -> ctx.c
704 #define ALGTYPE_SHA1 0
705 #define ALGTYPE_MD5 1
708 int writePtsTlv(OPENPTS_CONTEXT *ctx, int fd, int type);
709 // int setTargetCapability(OPENPTS_CONTEXT *ctx, OPENPTS_IF_M_Capability *cap);
714 OPENPTS_CONFIG *conf,
715 int forground, int debug, const char* dirname);
719 OPENPTS_CONTEXT *ctx,
720 char *host, char *ssh_username, char *ssh_port, char *conf_dir, int mode);
722 OPENPTS_CONTEXT *ctx,
723 char *host, char *ssh_username, char *ssh_port, char *conf_dir, int force);
724 int writeAideIgnoreList(OPENPTS_CONTEXT *ctx, char *filename);
726 OPENPTS_CONTEXT *ctx,
727 char *host, char *ssh_username, char *ssh_port, char *conf_dir);
728 int extendEvCollectorStart(OPENPTS_CONFIG *conf);
730 #define OPENPTS_VERIFY_MODE 0
731 #define OPENPTS_UPDATE_MODE 1
738 OPENPTS_SNAPSHOT * newSnapshot();
739 int freeSnapshot(OPENPTS_SNAPSHOT * ss);
740 OPENPTS_SNAPSHOT_TABLE * newSnapshotTable();
741 int freeSnapshotTable(OPENPTS_SNAPSHOT_TABLE * sst);
742 int addSnapshotToTable(OPENPTS_SNAPSHOT_TABLE * sst, OPENPTS_SNAPSHOT * ss, int pcr_index, int level);
743 OPENPTS_SNAPSHOT *getSnapshotFromTable(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index, int level);
744 OPENPTS_SNAPSHOT *getNewSnapshotFromTable(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index, int level);
745 OPENPTS_SNAPSHOT *getActiveSnapshotFromTable(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index);
746 int setActiveSnapshotLevel(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index, int level);
747 int getActiveSnapshotLevel(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index);
748 int incActiveSnapshotLevel(OPENPTS_SNAPSHOT_TABLE * sst, int pcr_index);
751 // TODO(munetoh) assign IMA type to TCG EventType :-(
752 #define BINARY_IML_TYPE_BIOS 0x00000000
753 #define BINARY_IML_TYPE_IMA_ORIGINAL 0x00010000
754 #define BINARY_IML_TYPE_IMA_31 0x00011000 // 2.6.30?, 31, 32
755 #define BINARY_IML_TYPE_IMA 0x00012000
756 #define BINARY_IML_TYPE_IMA_NG 0x00013000
757 #define BINARY_IML_TYPE_IMA_NGLONG 0x00014000
759 /* mode of getBiosImlFile(), getImaImlFile() */
760 #define USE_BHV_FSM 0
761 #define USE_BIN_FSM 1
762 #define USE_BHV_FSM_EC 2
764 // extern SNAPSHOT snapshots[MAX_PCRNUM];
765 OPENPTS_SNAPSHOT * newSnapshot();
766 int freeSnapshot(OPENPTS_SNAPSHOT * ss);
767 int resetSnapshot(OPENPTS_SNAPSHOT *snapshots);
768 int addEventToSnapshotBhv(
769 OPENPTS_CONTEXT * ctx, OPENPTS_PCR_EVENT_WRAPPER * eventWrapper);
770 int addEventToSnapshotBin(
771 OPENPTS_CONTEXT * ctx, OPENPTS_PCR_EVENT_WRAPPER * eventWrapper);
772 int getIml(OPENPTS_CONTEXT *ctx, int option);
773 int readBiosImlFile(OPENPTS_CONTEXT *ctx, const char *filename, int mode);
775 OPENPTS_CONTEXT * ctx,
776 const char *filename,
778 int mode, int *count); // 20100613
779 int setPcrsToSnapshot(OPENPTS_CONTEXT *ctx, OPENPTS_PCRS *pcrs);
780 int getPcrBySysfsFile(OPENPTS_CONTEXT *ctx, const char *filename);
781 int validatePcr(OPENPTS_CONTEXT * ctx);
782 int getPcr(OPENPTS_CONTEXT * ctx);
784 OPENPTS_CONTEXT * ctx,
786 void printSnapshots(OPENPTS_CONTEXT *ctx);
787 void printSnapshotsInfo(OPENPTS_CONTEXT *ctx);
788 void freeEventWrapperChain(OPENPTS_PCR_EVENT_WRAPPER * ew);
790 OPENPTS_CONTEXT * ctx,
793 int printIml(OPENPTS_CONTEXT * ctx);
794 UINT32 freadUint32(FILE * stream, int endian);
795 OPENPTS_PCR_EVENT_WRAPPER * newEventWrapper();
798 char *encodeBase64(unsigned char * in, int inlen, int *outlen);
799 unsigned char *decodeBase64(char * in, int inlen, int *outlen);
804 OPENPTS_CONTEXT *ctx,
805 OPENPTS_FSM_CONTEXT *fsm,
806 OPENPTS_PCR_EVENT_WRAPPER *eventWrapper); // aru,iml
811 OPENPTS_RM_CONTEXT *newRmContext();
812 void freeRmContext(OPENPTS_RM_CONTEXT *ctx);
813 int writeRm(OPENPTS_CONTEXT * ctx, const char *file, int level);
814 int readRmFile(OPENPTS_CONTEXT *ctx, const char *filename, int level);
815 int getRmSetDir(OPENPTS_CONFIG *conf);
816 int getNewRmSetDir(OPENPTS_CONFIG *conf);
817 int makeRmSetDir(OPENPTS_CONFIG *conf);
818 int makeNewRmSetDir(OPENPTS_CONFIG *conf);
821 OPENPTS_IR_CONTEXT *newIrContext();
822 void freeIrContext(OPENPTS_IR_CONTEXT *ctx);
823 int writeIr(OPENPTS_CONTEXT *ctx, const char *filename, int *savedFd);
824 // int validateIr(OPENPTS_CONTEXT *ctx, const char *file);
825 int validateIr(OPENPTS_CONTEXT *ctx);
826 int genIr(OPENPTS_CONTEXT *ctx, int *savedFd);
830 OPENPTS_CONTEXT *ctx,
832 OPENPTS_PCR_EVENT_WRAPPER *eventWrapper);
833 char * trim(char *str);
834 int setLinuxKernelCmdlineAssertion(
835 OPENPTS_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper);
840 OPENPTS_PROPERTY * newProperty(char *name, char *value);
841 int freePropertyChain(OPENPTS_PROPERTY *prop);
842 int freeReasonChain(OPENPTS_REASON *reason);
843 OPENPTS_PROPERTY* getProperty(OPENPTS_CONTEXT *ctx, char *name);
844 int addProperty(OPENPTS_CONTEXT *ctx, char *name, char *value);
845 int updateProperty(OPENPTS_CONTEXT *ctx, char *name, char *value);
847 OPENPTS_CONTEXT *ctx,
850 int setEventProperty(
851 OPENPTS_CONTEXT *ctx,
854 OPENPTS_PCR_EVENT_WRAPPER *eventWrapper);
855 int saveProperties(OPENPTS_CONTEXT *ctx, char * filename);
856 void printProperties(OPENPTS_CONTEXT *ctx);
857 int validateProperty(
858 OPENPTS_CONTEXT *ctx, char *name, char *value, char *action);
859 int addPropertiesFromConfig(OPENPTS_CONFIG *conf, OPENPTS_CONTEXT *ctx);
862 int addReason(OPENPTS_CONTEXT *ctx, int pcr, const char *format, ...);
863 void printReason(OPENPTS_CONTEXT *ctx, int print_pcr_hints);
871 int freePolicyChain(OPENPTS_POLICY *pol);
872 int loadPolicyFile(OPENPTS_CONTEXT *ctx, char * filename);
873 int checkPolicy(OPENPTS_CONTEXT *ctx);
874 int printPolicy(OPENPTS_CONTEXT *ctx);
878 AIDE_METADATA * newAideMetadata();
879 void freeAideMetadata(AIDE_METADATA *md);
880 AIDE_CONTEXT * newAideContext();
881 void freeAideContext(AIDE_CONTEXT *ctx);
882 int loadAideDatabaseFile(AIDE_CONTEXT *ctx, char *filename);
883 int readAideIgnoreNameFile(AIDE_CONTEXT *ctx, char *filename);
884 int checkFileByAide(AIDE_CONTEXT *ctx, AIDE_METADATA *metadata);
885 int checkEventByAide(
886 AIDE_CONTEXT *ctx, OPENPTS_PCR_EVENT_WRAPPER *eventWrapper);
887 int printAideData(AIDE_CONTEXT *ctx);
888 int convertImlToAideDbFile(OPENPTS_CONTEXT *ctx, char *filename);
889 int writeReducedAidbDatabase(AIDE_CONTEXT *ctx, char *filename);
891 int convertAideDbfileToSQLiteDbFile(char * aide_filename, char * sqlite_filename);
892 int loadSQLiteDatabaseFile(AIDE_CONTEXT *ctx, char *filename);
893 int verifyBySQLite(AIDE_CONTEXT *ctx, char * key);
894 #endif // CONFIG_SQLITE
895 #endif // CONFIG_AIDE
900 int readSmbiosFile(char * filename, BYTE **data, int *len);
901 int printSmbios(BYTE *data, int length);
902 int genSmbiosFileByDmidecode(char * filename);
903 int parseSmbios(OPENPTS_CONTEXT *ctx, BYTE *data, int length);
906 void *xmalloc_assert(size_t len);
907 char *smalloc_assert(char *str);
908 #ifdef ALWAYS_ASSERT_ON_BAD_ALLOC
909 #define xmalloc(len) xmalloc_assert(len)
910 #define smalloc(str) smalloc_assert(str)
912 void *xmalloc(size_t len);
913 char *smalloc(char *str);
915 char *snmalloc(char *str, int len);
916 BYTE *snmalloc2(BYTE * buf, int offset, int len);
917 void xfree(void *ptr);
918 UINT32 byte2uint32(BYTE *b);
919 char * trim(char *str);
920 char *getHexString(BYTE *bin, int size);
921 void printHex(char *head, BYTE *data, int num, char *tail);
922 void fprintHex(FILE *fp, BYTE *data, int num);
923 UINT32 b2l(UINT32 in);
924 void debugHex(char *head, BYTE *data, int num, char *tail);
926 int saveToFile(char * filename, int len, BYTE * msg);
927 int getUint32(BYTE *buf);
928 int makeDir(char *dirname);
929 int checkDir(char *dirname);
930 int checkFile(char *filename);
931 ssize_t wrapRead(int fd, void *buf, size_t count);
932 ssize_t wrapWrite(int fd, const void *buf, size_t count);
933 char *getFullpathName(char *base_path, char *filename);
934 char *getFullpathDir(char *filename);
935 int unlinkDir(const char *dirPath);
939 void freeUuid(PTS_UUID *uuid);
940 char * getStringOfUuid(PTS_UUID *uuid);
941 PTS_UUID *getUuidFromString(char *str);
942 PTS_DateTime * getDateTimeOfUuid(PTS_UUID *uuid);
943 PTS_DateTime * getDateTime();
944 int writeUuidFile(char *str_uuid, char *filename, int overwrite);
945 int readUuidFile(char *filename, char **str_uuid, PTS_UUID **uuid);
946 int getRmList(OPENPTS_CONFIG *conf, char * config_dir);
947 int purgeRenewedRm(OPENPTS_CONFIG *conf);
948 void printRmList(OPENPTS_CONFIG *conf, char *indent);
949 int getTargetList(OPENPTS_CONFIG *conf, char * config_dir);
950 void printTargetList(OPENPTS_CONFIG *conf, char *indent);
951 char *getTargetConfDir(OPENPTS_CONFIG *conf);
952 OPENPTS_TARGET *getTargetCollector(OPENPTS_CONFIG *conf);
953 OPENPTS_TARGET *getTargetCollectorByUUID(OPENPTS_CONFIG *conf, const char *uuid);
955 OPENPTS_UUID *newOpenptsUuid();
956 OPENPTS_UUID *newOpenptsUuid2(PTS_UUID *pts_uuid);
957 OPENPTS_UUID *newOpenptsUuidFromFile(char * filename);
958 void freeOpenptsUuid(OPENPTS_UUID *uuid);
959 int genOpenptsUuid(OPENPTS_UUID *uuid);
960 int readOpenptsUuidFile(OPENPTS_UUID *uuid);
961 int writeOpenptsUuidFile(OPENPTS_UUID *uuid, int overwrite);
964 int init(OPENPTS_CONFIG *conf, int prop_count, OPENPTS_PROPERTY *prop_start, OPENPTS_PROPERTY *prop_end);
965 int printCollectorStatus(OPENPTS_CONFIG *conf);
966 int selftest(OPENPTS_CONFIG *conf, int prop_count, OPENPTS_PROPERTY *prop_start, OPENPTS_PROPERTY *prop_end);
967 int newrm(OPENPTS_CONFIG *conf, int prop_count, OPENPTS_PROPERTY *prop_start, OPENPTS_PROPERTY *prop_end);
968 int clear(OPENPTS_CONFIG *conf, int force);
970 #ifdef CONFIG_AUTO_RM_UPDATE
971 #include "./openpts_aru.h"
975 pid_t ssh_connect(char *host, char *ssh_username, char *ssh_port, char *key_file, int *socket);
977 #endif // INCLUDE_OPENPTS_H_