windows-nt/Source/XPSP1/NT/base/win32/fusion/sxs/hashfile.h

202 lines
5.6 KiB
C
Raw Permalink Normal View History

2020-09-26 03:20:57 -05:00
#pragma once
#include "FusionBuffer.h"
#include "FusionArray.h"
//#include "wincrypt.h"
#include "fusionsha1.h"
/*++
Hashfile.h - Inclusions for file-hashing and verification testing functionality.
--*/
#define SHA1_HASH_SIZE_BYTES ( 160 / 8 )
#define HASHFLAG_AUTODETECT ( 0x00000001 )
#define HASHFLAG_STRAIGHT_HASH ( 0x00000002 )
#define HASHFLAG_PROCESS_IMAGE ( 0x00000004 )
#define HASHFLAG_VALID_PARAMS ( HASHFLAG_AUTODETECT | HASHFLAG_STRAIGHT_HASH | \
HASHFLAG_PROCESS_IMAGE )
//
// If someone invents a hash with more than 512 bytes, I'll eat my socks.
//
#define MAX_HASH_BYTES ( 512 )
BOOL
SxspEnumKnownHashTypes(
DWORD dwIndex,
OUT CBaseStringBuffer &rbuffHashTypeName,
OUT BOOL &rbNoMoreItems
);
BOOL
SxspCreateFileHash(
DWORD dwFlags,
ALG_ID PreferredAlgorithm,
const CBaseStringBuffer &pwsFileName,
CFusionArray<BYTE> &bHashDestination
);
BOOL
SxspIsFullHexString(
PCWSTR wsString,
SIZE_T Cch
);
typedef enum {
HashValidate_Matches, // Hashes are identical
HashValidate_InvalidPassedHash, // The hash passed in was somehow invalid
HashValidate_InvalidAlgorithm, // The hash algorithm is invalid
HashValidate_HashesCantBeMatched, // No match for another reason
HashValidate_HashNotMatched, // Hashes are not identical (ie: not matched)
HashValidate_OtherProblems // There was some other problem along the way
} HashValidateResult;
//
// Do the normal validation process - single retry
//
#define SVFH_DEFAULT_ACTION (0x00000000)
//
// Retry this file N times until either (a) the file was unable to be
// opened or (b) the file has other errors or (c) the file was checked
// and it was ok / bad / etc.
//
#define SVFH_RETRY_LOGIC_SIMPLE (0x00000001)
//
// Wait until the file was able to be verified - spin in a backoff loop
// until the file open didn't fail with ERROR_SHARING_VIOLATION
//
#define SVFH_RETRY_WAIT_UNTIL (0x00000002)
BOOL
SxspVerifyFileHash(
const DWORD dwFlags,
const CBaseStringBuffer &rhsFullFilePath,
const CFusionArray<BYTE> &baTheorheticalHash,
ALG_ID whichAlg,
HashValidateResult &rHashResult
);
BOOL
SxspHashAlgFromString(
const CBaseStringBuffer &strAlgName,
ALG_ID &algId
);
BOOL
SxspHashStringFromAlg(
ALG_ID algId,
CBaseStringBuffer &rstrAlgName
);
typedef enum
{
ManifestValidate_Unknown = 0,
ManifestValidate_IsIntact = 1,
ManifestValidate_CatalogMissing = 2,
ManifestValidate_ManifestMissing = 3,
ManifestValidate_InvalidHash = 4,
ManifestValidate_NotCertified = 5,
ManifestValidate_StrongNameMismatch = 6,
ManifestValidate_OtherProblems = 7
} ManifestValidationResult;
class CMetaDataFileElement;
BOOL
SxspValidateAllFileHashes(
IN const CMetaDataFileElement &rmdfeElement,
IN const CBaseStringBuffer &rbuffFileName,
OUT HashValidateResult &rResult
);
#define ENUM_TO_STRING( x ) case x: return (L#x)
#if DBG
inline PCWSTR SxspManifestValidationResultToString( ManifestValidationResult r )
{
switch ( r )
{
ENUM_TO_STRING( ManifestValidate_Unknown );
ENUM_TO_STRING( ManifestValidate_IsIntact );
ENUM_TO_STRING( ManifestValidate_CatalogMissing );
ENUM_TO_STRING( ManifestValidate_ManifestMissing );
ENUM_TO_STRING( ManifestValidate_InvalidHash );
ENUM_TO_STRING( ManifestValidate_NotCertified );
ENUM_TO_STRING( ManifestValidate_OtherProblems );
}
return L"Bad manifest validation value";
}
inline PCWSTR SxspHashValidateResultToString( HashValidateResult r )
{
switch ( r )
{
ENUM_TO_STRING( HashValidate_Matches );
ENUM_TO_STRING( HashValidate_InvalidPassedHash );
ENUM_TO_STRING( HashValidate_InvalidAlgorithm );
ENUM_TO_STRING( HashValidate_HashesCantBeMatched );
ENUM_TO_STRING( HashValidate_HashNotMatched );
ENUM_TO_STRING( HashValidate_OtherProblems );
}
return L"Bad hash validation value";
}
#endif
// Default mode
#define MANIFESTVALIDATE_OPTION_MASK ( 0x000000FF )
#define MANIFESTVALIDATE_MODE_MASK ( 0x0000FF00 )
#define MANIFESTVALIDATE_MODE_COMPLETE ( 0x00000100 )
#define MANIFESTVALIDATE_MODE_NO_STRONGNAME ( 0x00000200 )
// The manifest has to validate against a trusted root CA to be valid.
#define MANIFESTVALIDATE_OPTION_NEEDS_ROOT_CA ( 0x00000001 )
// The catalog gets validated first before the manifest is checked.
#define MANIFESTVALIDATE_OPTION_VALIDATE_CATALOG ( 0x00000002 )
// If the manifest or catalog are invalid, attempt to retrieve it
#define MANIFESTVALIDATE_OPTION_ATTEMPT_RETRIEVAL ( 0x00000004 )
#define MANIFESTVALIDATE_MOST_COMMON ( MANIFESTVALIDATE_MODE_COMPLETE + \
( MANIFESTVALIDATE_OPTION_NEEDS_ROOT_CA | \
MANIFESTVALIDATE_OPTION_VALIDATE_CATALOG ) )
BOOL
SxspValidateManifestAgainstCatalog(
const CBaseStringBuffer &rbuffManifestPath,
ManifestValidationResult &rResult,
DWORD dwOptionsFlags
);
BOOL
SxspValidateManifestAgainstCatalog(
const CBaseStringBuffer &rbuffManifestPath,
const CBaseStringBuffer &rbuffCatalogPath,
ManifestValidationResult &rResult,
DWORD dwOptionsFlags
);
BOOL
SxspCheckHashDuringInstall(
BOOL bHasHashData,
const CBaseStringBuffer &rbuffFile,
const CBaseStringBuffer &rbuffHashDataString,
ALG_ID HashAlgId,
HashValidateResult &hvr
);
static inline BOOL IsSlash( WCHAR w ) { return ( ( w == L'\\' ) || ( w == L'/' ) ); }