Documentation ¶
Overview ¶
Bindings to read, write and validate IMA signatures stored as an xattr on a file.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // Files attribute to read and write IMA signatures to. IMAAttrName string = "security.ima" )
Functions ¶
func Parse ¶
Load the ima signature from the filesystem xattr, and parse the Signature into an ima.Signature block.
If the attribute doesn't exist, golang/x/sys/unix.ENODATA will be returned.
func Sign ¶
Measure the file, and sign the digest with the provided signer. The entropy source and signer options will be passed directly back into the underlying Signature call.
This code expects the file is seek'd to the origin of the file, and will return the file at its EOF.
func Verify ¶
Load the ima signature from the filesystem xattr, and measure the file's current digest against the signature's digest. If that's valid, the signature will be checked against all keys in the KeyPool that have the same Key ID, and will either return nil for a valid signature from one of the keys, or the last error for the last key tried.
This code expects the file is seek'd to the origin of the file, and will return the file at its EOF.
Types ¶
This section is empty.