/* fipscheck.h */
/*
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 * 
 * 1. Redistributions of source code must retain the above copyright notice,
 * this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright notice,
 * this list of conditions and the following disclaimer in the documentation
 * and/or other materials provided with the distribution.
 * 
 * THIS SOFTWARE IS PROVIDED BY RED HAT, INC. ''AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
 * EVENT SHALL THE FREEBSD PROJECT OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 * 
 * The views and conclusions contained in the software and documentation are those
 * of the authors and should not be interpreted as representing official policies,
 * either expressed or implied, of Red Hat, Inc.
 */

/* Verifies the HMAC checksum of the library or binary which contains the symbol.
 * If libname or symbolname is NULL, then the executable binary which is being
 * executed is verified.
 * Return value: 0 - verification failed, 1 - verification succeded
 */
int FIPSCHECK_verify(const char *libname, const char *symbolname);

/* Verifies the HMAC checksum of the files in the NULL terminated array of
 * pointers.
 * Return value: 0 - verification failed, 1 - verification succeded
 */
int FIPSCHECK_verify_files(const char *files[]);

/*
 * Auxiliary function - returns path pointing to the executable file which is being
 * run. The path buffer must be large enough to hold the path, otherwise it is truncated.
 * Return value: 0 - success -1 - failure
 */
int FIPSCHECK_get_binary_path(char *path, size_t pathlen);

/*
 * Auxiliary function - returns path pointing to the shared library file with a name
 * libname and containing a symbol symbolname. The path buffer must be large enough to
 * hold the path, otherwise it is truncated.
 * Return value: 0 - success -1 - failure
 */
int FIPSCHECK_get_library_path(const char *libname, const char *symbolname, char *path, size_t pathlen);

/*
 * Auxiliary function - returns the value of the kernel fips mode flag.
 * Return value: 0 - the kernel fips mode flag is 0 or unreadable
 * 1 - the kernel fips mode flag is 1
 */
int FIPSCHECK_kernel_fips_mode(void);