dh/ima-evm-utils
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
14 Commits 3 Branches 11 Tags
Commit Graph

14 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dmitry Kasatkin
179664d7e9 Added signature write to .sig file 
To enable module signature verification working on file systems
without extended attributes, or to be able to copy modules by methods,
which does not support extended attribute copying, it is necessary
to store signature in the file. This patch provides command line parameter
for storing signature in .sig file.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-02-01 15:24:02 +02:00
Dmitry Kasatkin
c440d2d95f Change set_xattr to xattr. 
set_xattr changed to xattr.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-02-01 11:10:15 +02:00
Dmitry Kasatkin
fed7fb6933 Changed to conform Linux kernel coding style 
Changed to conform Linux kernel coding style, except 80 characters
line length limit.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-02-01 11:04:36 +02:00
Dmitry Kasatkin
78494ab370 added password parameter for using encrypted keys 
Added password parameter for using encrypted keys.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-02-01 10:35:43 +02:00
Dmitry Kasatkin
192f897b8e added openssl initialization and error reporting 
Added openssl initialization and error reporting.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-02-01 10:35:38 +02:00
Dmitry Kasatkin
0799e24820 minor fixes 
- error message
- command info

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2012-01-30 13:23:28 +02:00
Dmitry Kasatkin
c94a0b9262 Merge branch 'master' of ssh://linux-ima.git.sourceforge.net/gitroot/linux-ima/evm-utils 2011-12-02 14:39:56 +02:00
Dmitry Kasatkin
8e68cd0135 Scripts for searching not only root owned files 
-uid 0 removed.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2011-12-02 14:15:19 +02:00
Dmitry Kasatkin
b60f927609 directory hash calculation 
Directory integrity verification requires directory hash value
to be set to security.ima.
This patch provides directory hash calculation.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2011-12-02 14:12:57 +02:00
Dmitry Kasatkin
874c0fd45c EVM hmac calculation 
For debugging purpose it is nice to have evm hmac calculation for
labeling filesystem using hmac.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2011-12-01 12:17:29 +02:00
Dmitry Kasatkin
774029f71e EVP API for evm hash calculation 
evmctl was using sha1 for evm hash calculation.
Using EVM API is easy to use other digest algorithms such as sha256.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2011-11-30 16:01:17 +02:00
Dmitry Kasatkin
273701a5b2 evmctl - IMA/EVM control tool 
evmctl provides signing support for IMA/EVM.
Functionality includes signing of file content (IMA), file metadata (EVM),
importing public keys into kernel keyring.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2011-11-24 17:03:43 +02:00
Dmitry Kasatkin
e2da6956c4 evmctl - IMA/EVM control tool 
evmctl provides signing support for IMA/EVM.
Functionality includes signing of file content (IMA), file metadata (EVM),
importing public keys into kernel keyring.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
 2011-10-14 16:53:34 +03:00
Dmitry Kasatkin
6ec041487e initial empty repo 2010-11-25 11:27:14 +02:00