Menu
▾
▴
Re: [Linux-ima-user] Calculate Template Hash using ruby
|
From: Patrick C. <pat...@us...> - 2016-05-23 04:23:00
|
Looking at some test code to verify the measurement list, I modified the
ruby sample code for "ima-ng" template type entries to work with "ima-sig"
template type entries given there is no signature in the measurement list
entry. The code is here:
# For the entry:
# 10 0093baefab9ca1b8f16e5195e201b9aee9a5b73d ima-sig
# sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
# /sys/fs/cgroup/systemd/release_agent
#!/usr/bin/env ruby
require 'digest/sha1'
fhash="e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
fhashhex = [fhash].pack('H*')
fname0="/sys/fs/cgroup/systemd/release_agent\00"
thash="0093baefab9ca1b8f16e5195e201b9aee9a5b73d"
algname="sha256:\00"
signature_length = 0
hash = Digest::SHA1.hexdigest([fhashhex.length+algname.length].pack('i') +
algname + fhashhex + [fname0.length].pack('i') + fname0 +
[signature_length].pack('i'))
print "\nTest: #{thash==hash} ima #{thash} hash: #{hash} \n"
Patrick Callaghan
|
