git-svn-id: https://svn.microneil.com/svn/SNF2Check/trunk@1 03c7648f-d85f-4116-bd46-33641c4b74a5

15 years ago · 88151bb618
--- a/Makefile.am
+++ b/Makefile.am
@@ -0,0 +1,24 @@
 ## Process this file with automake to produce Makefile.in
 ##
 ## $Id$
 ##
 ## automake input for the MicroNeil SNF2Check application.
 ##
 ## Author:  Alban Deniz
 ##
 ## Copyright (C) 2008 ARM Research Labs, LLC.
 ## See www.armresearch.com for the copyright terms.
 ##
 ##

 LIBS = @SNF_LIBS@ -L../SNFMulti -L../CodeDweller -lCodeDweller -lSNFMulti @LIBS@
 CXXFLAGS = $(SNF_CXXFLAGS) -I@top_srcdir@/SNFMulti -I@top_srcdir@/CodeDweller

 sbin_PROGRAMS =               				\
 	SNF2Check

 SNF2Check_SOURCES =        				\
 	@top_srcdir@/SNF2Check/main.cpp

 clean-local:
 	rm -f *.gcno *.gcov *.gcda *~
--- a/main.cpp
+++ b/main.cpp
@@ -0,0 +1,140 @@
 // snf2check.cpp
 //
 // Copyright 2002-2004 MicroNeil Research Corporation.
 //

 // 20040502 _M - Completed testing. Digest checking rocks!

 // 20040419 _M - Beginning modification to check an embedded digest of the entire
 // rulebase file. The digest is embedded in a way that makes it backward compatible
 // with all prior versions.

 // This utility opens a Message Sniffer version 2 rule base file and authenticates
 // the file. If the authentiaction fails then the utility returns a nonzero value.
 // If the file autneticates correctly then the utility returns a zero value.
 //
 // This utility can be used to check that a download was performed properly so that
 // corrupted rule base files won't be placed into service in a Message Sniffer engine.

 #include <unistd.h>
 #include <cstdio>
 #include <cctype>
 #include <ctime>
 #include <cstdlib>
 #include <fstream>
 #include <iostream>
 #include <string>
 #include "snf_engine.hpp"

 using namespace std;    //introduces namespace std

 const int RULEFILE_PARM = 1;        // Rule Base File Parameter.
 const int AUTHENTICATION_PARM = 2;  // Parm position of authentication.
 const int CORRECT_ARGS = 3;         // Correct number of command line args.


 const int OK = 0;                   // OK result.
 const int ERROR_CMDLINE = 65;       // Command line error result.
 const int ERROR_RULE_FILE = 67;     // Rule file open error result.
 const int ERROR_RULE_DATA = 68;     // Rule file authentication error result.
 const int ERROR_RULE_AUTH = 73;     // Authentication failed on the rule base.
 const int ERROR_BAD_MATRIX = 71;    // Something pushed us out of range.

 //////////////////////////////////////////////////////////////////////////////////////////
 // main()... well, that's where it all happens.

 int main( int argc, char* argv[] ) {

  // Check the command line and set option flags.

  // First, are the right number of parameters present?
  // If not then remind the user of what the command line should look like.

  if(argc != CORRECT_ARGS) {

    cerr << "snf2check: Bad Command Line" << endl
         << endl
         << "use snf2check.exe rulefilepath authentication" << endl
         << endl
         << "Version 2 w/Mangler Digest Checking - build " 
         << __DATE__ << " " << __TIME__ << endl
         << endl
         << "Copyright (C) 2002-2008 MicroNeil Research Corporation"
         << endl;

    return ERROR_CMDLINE;
  }

  // Capture & rewrite path info...

  string RuleFileString(argv[RULEFILE_PARM]);         // Rule file path...
  string Authentication(argv[AUTHENTICATION_PARM]);   // Authentication...

  const int LicenseLength = 8;                        // License IDs are this long.

  string License(RuleFileString);                     // The license is in the rule file string.
  int LicensePosition = License.find_last_of("\\/");  // Find the license position.
  LicensePosition += 1;                               // Move past the stroke if present.
  string LicenseID(                                   // Extract the licenseID.
    License.substr(LicensePosition,LicenseLength));

  ///////////////////////////////////////////////////////////////////////////////////////
  // Load the RuleBase.
  ///////////////////////////////////////////////////////////////////////////////////////

  TokenMatrix RuleBase;               // Create the rule base object.

  try {
    RuleBase.Load(RuleFileString);
  }

  catch(TokenMatrix::BadAllocation) { // If we can't allocate memory report it.

    cerr << "snf2check: " << License << " ERROR_RULE_DATA!" << endl;
    return ERROR_RULE_DATA;
  }

  catch(...) { // If something else goes wrong report the following error...

    cerr << "snf2check: " << License << " ERROR_RULE_FILE!" << endl;
    return ERROR_RULE_FILE;
  }

  ///////////////////////////////////////////////////////////////////////////////////////
  // Validate the RuleBase is properly authenticated.
  ///////////////////////////////////////////////////////////////////////////////////////

                                                      // SecurityKey starts with
  string SecurityKey(LicenseID);                      // the License ID then we add
  SecurityKey += string(argv[AUTHENTICATION_PARM]);   // the authentication code.

  try {
    RuleBase.Validate(SecurityKey);
  }

  catch(...) { // If the validation fails then we produce this error...

    cerr << "snf2check: " << License << " ERROR_RULE_AUTH! " << endl;
    return ERROR_RULE_AUTH;
  }

  ///////////////////////////////////////////////////////////////////////////////////////
  // Verify the integrity of the RuleBase - this can only happen if Validated!
  ///////////////////////////////////////////////////////////////////////////////////////

  try {
    RuleBase.Verify(SecurityKey);
  }

  catch(...) { // If the verification process fails then we produce this error...
  
    cerr << "snf2check: " << License << " ERROR_BAD_MATRIX! " << endl;
    return ERROR_BAD_MATRIX;
  }

  // If we made it through all of that, then we're golden!

  return OK;
 }