Menu
▾
▴
Re: [Linux-ima-user] Calculate Template Hash using ruby
|
From: Patrick C. <pat...@us...> - 2016-05-21 04:15:23
|
In the thread at https://sourceforge.net/p/linux-ima/mailman/message/33192047/, Jens, with help from Andreas, documents a ruby script that verifies the target hash with a calculated hash for a "ima-ng" entry in the ascii_measurement_list. Does anyone have a similar ruby or python script for a "ima-sig" entry? Note, the ruby script for ima-ng verification is as follows (and parsing the entry of "10 79fa39c792abfd03ba7569e1900d155f993b01e8 ima-ng sha1:037d38f6148770b9565ba3f6b532c7794e37e025 /sbin/init"): #!/usr/bin/env ruby require 'digest/sha1' fhash="037d38f6148770b9565ba3f6b532c7794e37e025" fhashhex = [fhash].pack('H*') fname0="/sbin/init\x00" thash="79fa39c792abfd03ba7569e1900d155f993b01e8" algname="sha1:\00" hash = Digest::SHA1.hexdigest([fhashhex.length+algname.length].pack('i') + algname + fhashhex + [fname0.length].pack('i') + fname0) print "\nTest: #{thash==hash} ima #{thash} hash: #{hash} \n" Thank you. Patrick Callaghan |
