readsigs

command module

v0.0.0-...-2a6e56a Latest Latest Go to latest Published: Oct 7, 2023 License: GPL-3.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/chr15p/readsigs

Links

Open Source Insights

README ¶

signed_kmod_tools

tool(s) to examine signed kernel modules

$ go build readsigs.go

$ ./readsigs -kmod [kernel_mod] -cert [cert_public_key.der]

example, gfs2_double.ko has been signed twice, the outer signature with the testkey keypair and the inner one with the Fedora kmod signing key:

$ go build readsigs.go
$ ./readsigs -kmod gfs2_double.ko -cert testkey_pub.der 
kmod: gfs2_double.ko
cert: testkey_pub.der
Signature 1:
  signature verified
        subject: CN=cp3.chrisprocter.co.uk,O=kube9
        serial: 140021739515945850553976687443445479312715656853
Signature 2:
  signature not verified

Note: for secureboot/kmod validation purposes the Linux kernel only looks at the outer signature (Signature 1), any inner sigs are ignored (therefore this kmod will not load on linux machine with secureboot enabled unless testkey_pub.der hass been added to the MOK database)

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

readsigs.go

Directories ¶

Path	Synopsis
pkgs
certlist/cert
certlist/moklist
kmod
signature

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL