53
52
#include <termios.h>
55
#include <openssl/ssl.h>
56
#include <openssl/err.h>
57
#include "libclamav/crypto.h"
58
61
#include "shared/output.h"
59
62
#include "shared/optparser.h"
60
63
#include "shared/misc.h"
61
64
#include "shared/cdiff.h"
62
#include "libclamav/sha1.h"
63
#include "libclamav/sha256.h"
64
65
#include "shared/tar.h"
66
67
#include "libclamav/clamav.h"
400
401
unsigned int i, bytes;
401
402
unsigned char digest[32], buffer[FILEBUFF];
406
ctx = cl_hash_init("sha256");
407
410
if(!(fh = fopen(file, "rb"))) {
408
411
mprintf("!sha256file: Can't open file %s\n", file);
412
cl_hash_destroy(ctx);
413
417
while((bytes = fread(buffer, 1, sizeof(buffer), fh))) {
414
sha256_update(&ctx, buffer, bytes);
418
cl_update_hash(ctx, buffer, bytes);
418
sha256_final(&ctx, digest);
422
cl_finish_hash(ctx, digest);
419
423
sha = (char *) malloc(65);
435
439
unsigned int i, bytes;
436
440
char file[32], *pt, dbfile[32];
437
441
unsigned char digest[32], buffer[FILEBUFF];
440
444
snprintf(file, sizeof(file), "%s.info", dbname);
441
445
if(!access(file, R_OK)) {
493
497
if(!optget(opts, "unsigned")->enabled) {
499
ctx = cl_hash_init("sha256");
496
505
while((bytes = fread(buffer, 1, sizeof(buffer), fh)))
497
sha256_update(&ctx, buffer, bytes);
498
sha256_final(&ctx, digest);
506
cl_update_hash(ctx, buffer, bytes);
507
cl_finish_hash(ctx, digest);
499
508
if(!(pt = getdsig(optget(opts, "server")->strarg, builder, digest, 32, 3))) {
500
509
mprintf("!writeinfo: Can't get digital signature from remote server\n");
611
ctx = cl_hash_init("sha256");
604
619
while((bytes = fread(buffer, 1, sizeof(buffer), cdiffh)))
605
sha256_update(&ctx, (unsigned char *) buffer, bytes);
620
cl_update_hash(ctx, (unsigned char *) buffer, bytes);
608
sha256_final(&ctx, digest);
623
cl_finish_hash(ctx, digest);
610
625
if(!(pt = getdsig(optget(opts, "server")->strarg, builder, digest, 32, 2))) {
611
626
mprintf("!script2cdiff: Can't get digital signature from remote server\n");
793
808
version = oldcvd->version + 1;
794
809
oldsigs = oldcvd->sigs;
795
810
cl_cvdfree(oldcvd);
811
} else if (optget(opts, "cvd-version")->numarg != 0) {
812
version = optget(opts, "cvd-version")->numarg;
797
814
mprintf("Version number: ");
798
815
if(scanf("%u", &version) == EOF) {
2871
2897
/* Generate SHA1 */
2873
SHA1Update(&sha1, fmptr, sb.st_size);
2874
SHA1Final(&sha1, shash1);
2898
cl_sha1(fmptr, sb.st_size, shash1, NULL);
2876
ret = cli_checkfp_pe(&ctx, shash1);
2900
ret = cli_checkfp_pe(&ctx, shash1, NULL, CL_CHECKFP_PE_FLAG_AUTHENTICODE);
2903
2927
static void help(void)
2906
mprintf(" Clam AntiVirus: Signature Tool (sigtool) %s\n", get_version());
2907
printf(" By The ClamAV Team: http://www.clamav.net/team\n");
2908
printf(" (C) 2007-2009 Sourcefire, Inc. et al.\n\n");
2930
mprintf("Clam AntiVirus: Signature Tool (sigtool) %s\n", get_version());
2931
mprintf(" By The ClamAV Team: http://www.clamav.net/team\n");
2932
mprintf(" (C) 2007-2009 Sourcefire, Inc. et al.\n\n");
2910
2934
mprintf(" --help -h show help\n");
2911
2935
mprintf(" --version -V print version number and exit\n");
2925
2949
mprintf(" --utf16-decode=FILE decode UTF16 encoded files\n");
2926
2950
mprintf(" --info=FILE -i FILE print database information\n");
2927
2951
mprintf(" --build=NAME [cvd] -b NAME build a CVD file\n");
2928
mprintf(" --max-bad-sigs=NUMBER Maximum number of mismatched signatures when building a CVD. Default: 3000\n");
2929
mprintf(" --flevel=FLEVEL Specify a custom flevel. Default: %u\n", cl_retflevel());
2952
mprintf(" --max-bad-sigs=NUMBER Maximum number of mismatched signatures\n");
2953
mprintf(" when building a CVD. Default: 3000\n");
2954
mprintf(" --flevel=FLEVEL Specify a custom flevel.\n");
2955
mprintf(" Default: %u\n", cl_retflevel());
2956
mprintf(" --cvd-version=NUMBER Specify the version number to use for\n");
2957
mprintf(" the build. Default is to use the value+1\n");
2958
mprintf(" from the current CVD in --datadir.\n");
2959
mprintf(" If no datafile is found the default\n");
2960
mprintf(" behaviour is to prompt for a version\n");
2961
mprintf(" number, this switch will prevent the\n");
2962
mprintf(" prompt. NOTE: If a CVD is found in the\n");
2963
mprintf(" --datadir its version+1 is used and\n");
2964
mprintf(" this value is ignored.\n");
2930
2965
mprintf(" --no-cdiff Don't generate .cdiff file\n");
2931
2966
mprintf(" --unsigned Create unsigned database file (.cud)\n");
2932
2967
mprintf(" --print-certs=FILE Print Authenticode details from a PE\n");
2933
2968
mprintf(" --server=ADDR ClamAV Signing Service address\n");
2934
mprintf(" --datadir=DIR Use DIR as default database directory\n");
2969
mprintf(" --datadir=DIR Use DIR as default database directory\n");
2935
2970
mprintf(" --unpack=FILE -u FILE Unpack a CVD/CLD file\n");
2936
2971
mprintf(" --unpack-current=SHORTNAME Unpack local CVD/CLD into cwd\n");
2937
2972
mprintf(" --list-sigs[=FILE] -l[FILE] List signature names\n");
2938
2973
mprintf(" --find-sigs=REGEX -fREGEX Find signatures matching REGEX\n");
2939
2974
mprintf(" --decode-sigs Decode signatures from stdin\n");
2940
mprintf(" --test-sigs=DATABASE TARGET_FILE Test signatures from DATABASE against TARGET_FILE\n");
2975
mprintf(" --test-sigs=DATABASE TARGET_FILE Test signatures from DATABASE against \n");
2976
mprintf(" TARGET_FILE\n");
2941
2977
mprintf(" --vba=FILE Extract VBA/Word6 macro code\n");
2942
2978
mprintf(" --vba-hex=FILE Extract Word6 macro code with hex values\n");
2943
2979
mprintf(" --diff=OLD NEW -d OLD NEW Create diff for OLD and NEW CVDs\n");
2944
mprintf(" --compare=OLD NEW -c OLD NEW Show diff between OLD and NEW files in cdiff format\n");
2980
mprintf(" --compare=OLD NEW -c OLD NEW Show diff between OLD and NEW files in\n");
2981
mprintf(" cdiff format\n");
2945
2982
mprintf(" --run-cdiff=FILE -r FILE Execute update script FILE in cwd\n");
2946
2983
mprintf(" --verify-cdiff=DIFF CVD/CLD Verify DIFF against CVD/CLD\n");