Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Signs binary elf32 executables to be verified later by the shell before executing.
C C++
branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
Makefile
README
signer.c
signer_common.c
signer_common.h
verifier.c
verifier.h
verifier_unittest.c

README

supports FreeBSD ONLY for now.

signer/verifier allows you to sign elf32 binary executables and give them 
expiration date to execute. Verification makes sure that the binary  is signed
and hasn't expired or been tampered with.

The verification should take place from the shell before it runs the executable.
Use verifier.o when recompiling the shell.


To verify binaries from your program (ex. shell), add verifier.o to the 
linked objects when compiling, and call
verify_binary(char * file, char *cacert) 

returns 0 upon successful verification.

-----------------
signer_common.c & signer_common.h is the signer library used by signer.c to 
sign executables.

verifier.c depends on signer_common library to verify signed executables.

verifier_unittest.c is an example of how to verify an executable.

To compile signer, run:
make

To compile verifier_unittest.c, run:
make verifier_test

To compiler verifier.o, run:
make verifier.o
-----------------
Something went wrong with that request. Please try again.