1. clamav-devel
  2. Blame
libclamav/dlp.h
a6e38800 
 /* 
  *  Simple library to detect and validate SSN and Credit Card numbers.
  *
  *  Copyright (C) 2007-2008 Sourcefire, Inc.
  *
  *  Authors: Martin Roesch <roesch@sourcefire.com>
  *
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License version 2 as
  *  published by the Free Software Foundation.
  *
  *  This program is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  *  GNU General Public License for more details.
  *
  *  You should have received a copy of the GNU General Public License
  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
  *  MA 02110-1301, USA.
  */
 
 #ifndef __DLP_H_
 #define __DLP_H_
 
 #include <stdio.h>
 
 /* these macros define the SSN string format to search for */
 #define SSN_FORMAT_HYPHENS    0     /* xxx-yy-zzzz */
 #define SSN_FORMAT_STRIPPED   1     /* xxxyyzzzz */
 
 /*
  * will check if a valid credit card number exists within the 
  * first 16 bytes of the supplied buffer.  Validation supplied
  * via the Luhn algorithm.
  * Params:
  *      buffer => data buffer to be validated.
  *      length => length of supplied buffer.  Values greater than 16 are
  *                truncated to 16.  Values less than 13 are rejected. 
  * Returns:
  *      1 on a find, 0 on a miss
  */
 int dlp_is_valid_cc(const unsigned char *buffer, int length);
 
 /* Searches the supplied buffer for credit card numbers and returns
  * the number of CC's found.
  * Params:
  *      buffer => data buffer to be analyzed.
  *      length => length of buffer.  
  * Returns:
  *      Count of detected CC #'s.
  */
 int dlp_get_cc_count(const unsigned char *buffer, int length);
 
 /* Searches the supplied buffer for CC #'s.  Bails out as soon as a 
  * validated number is detected.
  * Params:
  *      buffer => data buffer to be analyzed.
  *      length => length of buffer.
  * Returns:
  *      1 on detect, 0 on fail
  */
 int dlp_has_cc(const unsigned char *buffer, int length);
 
 /* Checks the supplied buffer for a valid SSN number.  Validation
  * is supplied via area and group number validation.  Valid numbers
  * which are not in circulation (666 series, 000 series) are NOT
  * detected, only numbers that can be valid in the real world.  Searches
  * only the first 11 or 9 bytes (based on the selected format)!
  * Params:
  *      buffer => buffer to be validated
  *      length => length of buffer to validate
  * Returns:
  *      1 on detect, 0 on failure
  */
 int dlp_is_valid_ssn(const unsigned char *buffer, int length, int format);
 
 /* Searches the supplied buffer for valid SSNs.  Note that this function
  * is effectively searching the buffer TWICE looking for the hyphenated and
  * stripped forms of the SSN.  There will be a performance impact!
  * Params:
  *      buffer => buffer to search
  *      length => length of the buffer
  * Returns:
  *      Count of SSNs in the supplied buffer
  */
 int dlp_get_ssn_count(const unsigned char *buffer, int length);
 
 /* Searches the supplied buffer for valid SSNs formatted as xxxyyzzzz.
  * Params:
  *      buffer => buffer to search
  *      length => length of the buffer
  * Returns:
  *      Count of SSNs in the supplied buffer.
  */
 int dlp_get_stripped_ssn_count(const unsigned char *buffer, int length);
 
 /* Searches the supplied buffer for valid SSNs formatted as xxx-yy-zzzz.
  * Params:
  *      buffer => buffer to search
  *      length => length of the buffer
  * Returns:
  *      Count of SSNs in the supplied buffer.
  */
 int dlp_get_normal_ssn_count(const unsigned char *buffer, int length);
 
 /* Searches the supplied buffer for a SSN in any format.  This searches the
  * buffer twice for both the stripped and hyphenated versions of an SSN so
  * there will be a performance impact!
  * Params:
  *      buffer => buffer to search
  *      length => length of the buffer
  * Returns:
  *      1 on detect, 0 on fail
  */
 int dlp_has_ssn(const unsigned char *buffer, int length);
 
 /* Searches the supplied buffer for a SSN in the stripped xxxyyzzzz format.
  * Params:
  *      buffer => buffer to search
  *      length => length of the buffer
  * Returns:
  *      1 on detect, 0 on fail
  */
 int dlp_has_stripped_ssn(const unsigned char *buffer, int length);
 
 /* Searches the supplied buffer for a SSN in the normal xxx-yy-zzzz format.
  * Params:
  *      buffer => buffer to search
  *      length => length of the buffer
  * Returns:
  *      1 on detect, 0 on fail
  */
 int dlp_has_normal_ssn(const unsigned char *buffer, int length);
 
 #endif  /* __DLP_H_ */