dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-07-09 08:40:43 +02:00
Code Releases Activity

ima-evm-utils: Allow EVM verify to determine hash algo

Browse Source 
Previously for EVM verify you should specify `--hashalgo' option while
for IMA ima_verify you didn't.

Allow EVM verify to determine hash algo from signature.

Also, this makes two previously static functions to become exportable
and renamed:

  get_hash_algo_from_sig -> imaevm_hash_algo_from_sig
  get_hash_algo_by_id    -> imaevm_hash_algo_by_id

This is needed because EVM hash is calculated (in calc_evm_hash) outside
of library.

imaevm_hash_algo_by_id() will now return NULL if algo is not found.

Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Vitaly Chikunov
2019-07-29 09:18:07 +03:00
committed by Mimi Zohar
parent 90176e835a
commit cf1b8fda8d
3 changed files with 20 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/imaevm.h
View File

@ -223,5 +223,7 @@ int sign_hash(const char *algo, const unsigned char *hash, int size, const char
int verify_hash(const char *file, const unsigned char *hash, int size, unsigned char *sig, int siglen);
int ima_verify_signature(const char *file, unsigned char *sig, int siglen, unsigned char *digest, int digestlen);
void init_public_keys(const char *keyfiles);
int imaevm_hash_algo_from_sig(unsigned char *sig);
const char *imaevm_hash_algo_by_id(int algo);
#endif