Browse Source

Document new public APIs

pull/72/head
Anairkoen Schno 3 years ago
parent
commit
bb92164dcb
Signed by: DaNike GPG Key ID: BEFB74D5F3FC4387
4 changed files with 40 additions and 3 deletions
  1. +8
    -0
      IPA.Loader/AntiMalware/AntiMalwareEngine.cs
  2. +14
    -0
      IPA.Loader/AntiMalware/IAntiMalware.cs
  3. +17
    -1
      IPA.Loader/AntiMalware/ScanResult.cs
  4. +1
    -2
      IPA.Loader/AntiMalware/_HideInNet3/WindowsAntiMalware.cs

+ 8
- 0
IPA.Loader/AntiMalware/AntiMalwareEngine.cs View File

@ -7,8 +7,16 @@ using System.Threading.Tasks;
namespace IPA.AntiMalware
{
/// <summary>
/// Provides a way to access BSIPA's Anti-Malware engine.
/// </summary>
/// <see cref="Engine"/>
/// <see cref="IAntiMalware"/>
public static class AntiMalwareEngine
{
/// <summary>
/// Gets the current Anti-Malware engine.
/// </summary>
public static IAntiMalware Engine { get; } = InitializeEngine();
private static IAntiMalware InitializeEngine()


+ 14
- 0
IPA.Loader/AntiMalware/IAntiMalware.cs View File

@ -3,9 +3,23 @@ using System.IO;
namespace IPA.AntiMalware
{
/// <summary>
/// An Anti-Malware engine that can be used to scan and detect potentially harmful files.
/// </summary>
public interface IAntiMalware
{
/// <summary>
/// Scans a particular file for malware.
/// </summary>
/// <param name="file">The file to scan.</param>
/// <returns>A <see cref="ScanResult"/> indicating whether the file is safe or not.</returns>
ScanResult ScanFile(FileInfo file);
/// <summary>
/// Scans a particular in-memory blob for malware.
/// </summary>
/// <param name="data">The binary blob to scan.</param>
/// <param name="contentName">The name of the content. If this is left <see langword="null"/>, one will be automatically generated.</param>
/// <returns>A <see cref="ScanResult"/> indicating whether the file is safe or not.</returns>
ScanResult ScanData(byte[] data, string? contentName = null);
}
}

+ 17
- 1
IPA.Loader/AntiMalware/ScanResult.cs View File

@ -1,11 +1,27 @@

namespace IPA.AntiMalware
{
/// <summary>
/// The result of an Anti-Malware scan.
/// </summary>
public enum ScanResult
{
/// <summary>
/// The object is known to be safe.
/// </summary>
KnownSafe,
/// <summary>
/// No malware was detected, but it is not known to be safe.
/// </summary>
NotDetected,
/// <summary>
/// Malware was detected, and the content should not be executed.
/// </summary>
Detected,
BlockedByPolicy
/// <summary>
/// The malware engine returned a threat level less than the max, so this object may be dangerous.
/// Proceed with caution.
/// </summary>
MaybeMalware
}
}

+ 1
- 2
IPA.Loader/AntiMalware/_HideInNet3/WindowsAntiMalware.cs View File

@ -40,8 +40,7 @@ namespace IPA.AntiMalware
AmsiResult.Clean => ScanResult.KnownSafe,
AmsiResult.NotDetected => ScanResult.NotDetected,
AmsiResult.Detected => ScanResult.Detected,
var a when a is >= AmsiResult.BlockedByAdminStart and <= AmsiResult.BlockedByAdminEnd => ScanResult.BlockedByPolicy,
_ => ScanResult.NotDetected,
_ => ScanResult.MaybeMalware
};
public ScanResult ScanFile(FileInfo file)


Loading…
Cancel
Save