dh/ima-evm-utils
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Commit Graph

  • 5af8cc781e patched for openssl1.1 interface with patch file from fedora porject https://fedora.pkgs.org/rawhide/fedora-x86_64/ima-evm-utils-1.0-3.fc28.x86_64.rpm.html openssl1.1 Johann Neuhauser 2018-01-13 16:59:58 +01:00
  • 4928548d9d Add support for portable EVM format next Matthew Garrett 2017-11-16 10:21:11 -08:00
  • 233dedffe9 Write out .sig file as security.ima xattr Mimi Zohar 2016-03-02 23:34:25 -05:00
  • 3e2a67bdb0 script to build static evmctl version master Dmitry Kasatkin 2015-10-01 19:28:23 +03:00
  • 839a674580 Supply file attributes values on command line Dmitry Kasatkin 2015-09-20 02:54:46 +03:00
  • e55d286ad6 Use single flag to indicate 'no'flag Dmitry Kasatkin 2015-09-20 23:14:17 +03:00
  • 28d99354de Use byte range values Dmitry Kasatkin 2015-09-20 22:04:04 +03:00
  • ea5ccdf38f Newer kernels requires at least 64 byte keys Dmitry Kasatkin 2015-09-20 02:35:21 +03:00
  • b0d13ba557 calc_evm_hmac/hash: avoid fd leak when ioctl fails Patrick Ohly 2015-09-09 23:02:01 +03:00
  • 199311e6a5 ima_verify: ignore -n flag Patrick Ohly 2015-08-13 18:21:54 +02:00
  • 453d3db8a5 tpm_pcr_read: close file when returning early Patrick Ohly 2015-08-13 18:21:53 +02:00
  • fa0b30b15e add_dir_hash: fix DIR leak in case of failure Patrick Ohly 2015-08-13 18:21:52 +02:00
  • 4b56112c09 Release version 1.0 v1.0 Dmitry Kasatkin 2015-07-30 21:28:53 +03:00
  • 9c8a67a209 Prompt for the password Mimi Zohar 2015-07-27 14:28:27 -04:00
  • 96e55082c2 Must use 'const char*' Dmitry Kasatkin 2015-07-23 21:46:21 +03:00
  • 6a712b3b38 Add support for passing the private key password to sign_hash() Mimi Zohar 2015-07-03 09:13:58 -04:00
  • 17f49a1881 Add "ima_clear" command to remove IMA/EVM xattrs Dmitry Kasatkin 2014-10-29 21:37:24 +02:00
  • 4d7d2c71a5 Define common function for recursive scanning Dmitry Kasatkin 2014-10-29 21:31:58 +02:00
  • 92033dc404 Produce immutable EVM signature Dmitry Kasatkin 2014-10-29 12:32:21 +02:00
  • f805d4d0fe Fix typo Dmitry Kasatkin 2014-10-29 12:33:58 +02:00
  • 8558dc5250 Add recursive hashing Dmitry Kasatkin 2014-10-02 19:22:19 +03:00
  • 3d9bdc1de2 Release version 0.9 v0.9 Dmitry Kasatkin 2014-09-23 15:09:05 +03:00
  • f4fe504f98 Add 'evmctl --version' version reporting Dmitry Kasatkin 2014-09-23 14:12:19 +03:00
  • 05d1f74559 Update README/man page documentation Dmitry Kasatkin 2014-09-17 14:41:42 +03:00
  • a99a8a517c Provide command parameter to include extra SMACK xattrs for EVM signature Dmitry Kasatkin 2014-09-17 13:57:04 +03:00
  • 6261753e1e Use <linux/xattr.h> for security xattrs Dmitry Kasatkin 2014-09-17 16:01:12 +03:00
  • 47d3048ce1 Make error and help messages more understandable Dmitry Kasatkin 2014-09-11 16:05:55 +03:00
  • 14a90aa87c Make evmctl.1 as part of distribution and release Dmitry Kasatkin 2014-09-10 18:09:05 +03:00
  • 635288f70f Update README to produce initial evmctl.1 man page Dmitry Kasatkin 2014-09-10 13:08:50 +03:00
  • d5891ad96d Include example scripts to distribution and installation Dmitry Kasatkin 2014-09-10 16:27:38 +03:00
  • dede7cf850 Fix checkpatch errors Dmitry Kasatkin 2014-08-15 10:30:06 +03:00
  • 8f04d131ac Move sign hash functions to library Fionnuala Gunter 2014-08-14 13:29:06 -05:00
  • 29adc34d35 Remove local ioctl definitions and use <linux/fs.h> Dmitry Kasatkin 2014-06-13 14:39:48 +03:00
  • 0636083acd Remove code duplication Dmitry Kasatkin 2014-06-25 18:12:19 +03:00
  • 02594d3003 Switch to HMAC attribute mask Dmitry Kasatkin 2014-06-13 15:17:21 +03:00
  • c958062023 Fix setting correct hash header Dmitry Kasatkin 2014-06-24 15:52:16 +03:00
  • 9bc24ee556 Use defined xattr types Dmitry Kasatkin 2014-06-24 15:40:58 +03:00
  • c5a2992bc8 Fix resource leak Zbigniew Jasinski 2014-06-04 17:49:58 +02:00
  • dddef9172e make it possible to provide keyring id in hexadecimal format Dmitry Kasatkin 2014-06-13 12:59:14 +03:00
  • 24c9e6adc7 add extra auto built files to .gitignore Dmitry Kasatkin 2014-06-13 12:58:16 +03:00
  • 1a4c9ed2d6 Fix memory leak Zbigniew Jasinski 2014-05-30 17:45:34 +03:00
  • 3a1ef5f5c7 Use proper loff_t type for file size Zbigniew Jasinski 2014-05-30 17:44:12 +03:00
  • 7ece92b4e1 Release version 0.8 v0.8 Dmitry Kasatkin 2014-05-05 10:01:26 +03:00
  • dde9e21a4a Fix parameter name in help output Dmitry Kasatkin 2014-05-02 18:51:15 +03:00
  • 6ec61ab9cb Remove unused 'x' parameter Dmitry Kasatkin 2014-05-02 18:43:45 +03:00
  • 77986c80ac Add Mimi to AUTHORS list Dmitry Kasatkin 2014-05-02 17:49:42 +03:00
  • 2b893135be Update license text with OpenSSL exception clause Dmitry Kasatkin 2014-05-02 16:35:24 +03:00
  • 8feba3f462 Add support for signing a file hash Mimi Zohar 2014-02-18 16:41:33 -05:00
  • b0da7e69e0 Define symbolic keyring name Mimi Zohar 2014-03-05 13:00:48 +02:00
  • bed3cc06f1 Release new version v0.7 v0.7 Dmitry Kasatkin 2014-01-24 17:08:07 +02:00
  • bddbd31a15 Provide random KMK example instead of fixed testing123 Dmitry Kasatkin 2014-02-17 16:06:28 +02:00
  • c7042472e8 Limit includes in imaevm.h Dmitry Kasatkin 2014-02-14 19:16:19 +02:00
  • 12af148131 Rename library, header file and export it. Dmitry Kasatkin 2014-02-14 18:52:12 +02:00
  • ca6b42ab17 Use --m32 and --m64 parameters also in HMAC signing code Dmitry Kasatkin 2014-02-14 13:31:08 +02:00
  • 5e8564d155 Provide target architecture size parameter Dmitry Kasatkin 2014-02-14 13:27:09 +02:00
  • f3cef2c047 Provide additional debug info for hmac_misc Dmitry Kasatkin 2014-02-14 12:38:49 +02:00
  • ef46876b10 Include only libraries to the package Dmitry Kasatkin 2014-02-10 15:29:23 +02:00
  • 5f30ed1da6 Remove experimental module signing functionality Dmitry Kasatkin 2014-01-24 16:04:47 +02:00
  • 86a605eb10 Remove verify_hash parameter Dmitry Kasatkin 2014-01-24 15:59:24 +02:00
  • fd7e949c29 Remove x509 library parameter Dmitry Kasatkin 2014-01-24 15:37:54 +02:00
  • e92cbe4756 Remove user_hash_algo Dmitry Kasatkin 2014-01-24 15:27:49 +02:00
  • 86d8772653 Use EVM v2 HMAC format by default Dmitry Kasatkin 2014-01-24 15:06:49 +02:00
  • 317fa60467 Do use x509 by default Dmitry Kasatkin 2014-01-24 15:05:34 +02:00
  • f9a3d7c378 Select signing function in single place Dmitry Kasatkin 2014-01-24 15:01:17 +02:00
  • 454350d294 Select verification function version in the library code Dmitry Kasatkin 2014-01-24 14:57:16 +02:00
  • 4578679081 Remove user_sig_type flag Dmitry Kasatkin 2014-01-24 14:54:59 +02:00
  • ff5f07e171 Use verify_hash() for EVM verification as well Dmitry Kasatkin 2014-01-24 14:50:09 +02:00
  • 3299fba40d Move signature version checking to verify_hash() Dmitry Kasatkin 2014-01-24 14:48:02 +02:00
  • 906861a308 Move hash verification to separate function Dmitry Kasatkin 2014-01-24 14:42:22 +02:00
  • 6aabda5b65 Move signature verification implementation to the library Dmitry Kasatkin 2014-01-23 16:35:30 +02:00
  • 018495c87f Initial library skeleton Dmitry Kasatkin 2014-01-17 18:20:22 +02:00
  • 3dc656bc6f Implement recursive IMA signing Dmitry Kasatkin 2014-01-17 15:18:48 +02:00
  • 5b852c0fbb Rename de_type to search_type Dmitry Kasatkin 2014-01-17 15:09:10 +02:00
  • e4e0cabc21 Move file type checking to separate function Dmitry Kasatkin 2014-01-17 15:07:38 +02:00
  • 51dbb77c4f Implement recursive EVM signing Dmitry Kasatkin 2014-01-16 16:51:29 +02:00
  • eda8a164e0 Export find() declaration for the following patches Dmitry Kasatkin 2014-01-16 15:11:41 +02:00
  • 6c0ebe2be6 Prevent reading of inode generation for special files in HMAC signing Dmitry Kasatkin 2014-01-17 12:35:21 +02:00
  • fd08fdeeb5 Prevent reading of inode generation for special files Dmitry Kasatkin 2014-01-17 11:27:16 +02:00
  • 05017f3e98 Use lgetxattr() instead of getxattr() Dmitry Kasatkin 2014-01-16 16:39:57 +02:00
  • 33ff9595e5 Use lsetxattr() instead of setxattr() Dmitry Kasatkin 2014-01-16 16:39:57 +02:00
  • 7045d70a1e Implement recursive efficient IMA fixing Dmitry Kasatkin 2014-01-15 20:24:54 +02:00
  • 323d81777d Script for generating self-signed certificate Dmitry Kasatkin 2014-01-15 18:15:22 +02:00
  • 73f10810c0 Provide spec file for gbs build system Dmitry Kasatkin 2013-11-26 14:51:14 +02:00
  • 504e1d4013 Move spec file to packaging directory Dmitry Kasatkin 2013-11-26 14:47:54 +02:00
  • 08043fc800 IMA measurement list verification (experimental) Dmitry Kasatkin 2013-11-12 12:30:32 +02:00
  • afcef2b493 Define __packed Dmitry Kasatkin 2013-11-12 19:27:05 +02:00
  • 20f1837d51 Provide hexdump functions without new line Dmitry Kasatkin 2013-11-12 19:06:44 +02:00
  • 6918bfbf20 split signature verification function for passing signature as an argument Dmitry Kasatkin 2013-11-12 18:26:54 +02:00
  • 092d5cc15d scripts to generate ca and keys Dmitry Kasatkin 2013-11-01 01:30:40 +02:00
  • 78ccd56afe License changed from LGPL to GPL as in COPYING v0.6 Dmitry Kasatkin 2013-09-04 09:28:12 +03:00
  • f1ba3e7b45 Version 0.6 release Dmitry Kasatkin 2013-08-28 15:31:35 +03:00
  • d7d74e5648 Fix cleanup in the case of errors Dmitry Kasatkin 2013-08-28 15:02:36 +03:00
  • 15dab873b5 fix the crash when key file is not found Dmitry Kasatkin 2013-08-27 15:44:18 +03:00
  • 971b286169 make --imahash or --imasig optional for EVM signing Dmitry Kasatkin 2013-08-13 16:50:05 +03:00
  • 2406322914 perform uuid format checking and error handling Dmitry Kasatkin 2013-08-13 16:34:44 +03:00
  • b3a5fcbca2 make argument for '-u' option as optional Dmitry Kasatkin 2013-08-13 16:08:16 +03:00
  • 59ef0a0b99 Save full security.ima attribute to a file Vivek Goyal 2013-07-12 14:52:12 -04:00
  • ab18c60ec1 Get signature version from the header Vivek Goyal 2013-07-12 14:52:11 -04:00
  • d9678295b9 Move key file selection to later phase Vivek Goyal 2013-07-17 16:28:02 +03:00
  • 0df73005a3 Use enums for signature versions Vivek Goyal 2013-07-12 14:52:10 -04:00