Skip to content

Instantly share code, notes, and snippets.

View eduardolfalcao's full-sized avatar

Eduardo Falcão eduardolfalcao

110 followers · 23 following
View GitHub Profile
@eduardolfalcao
eduardolfalcao / ima-boot_aggregate.c
Created May 28, 2020 17:06 — forked from dnoliver/ima-boot_aggregate.c
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <string.h>
#include <unistd.h>
#include "config.h"
#include "test.h"
#if HAVE_OPENSSL_SHA_H
@eduardolfalcao
eduardolfalcao / enrollment.sh
Created May 28, 2020 17:05 — forked from dnoliver/enrollment.sh
TPM 2.0 Device Identity Attestation Samples
#!/bin/bash
# Dependencies
# tpm2-tools-4.0.1-1.fc31.x86_64
# tpm2-tss-2.3.1-1.fc31.x86_64
# tpm2-tss-engine-master
set -euxo pipefail
export TPM2TOOLS_TCTI="device:/dev/tpmrm0"
@eduardolfalcao
eduardolfalcao / disk-encryption.sh
Created May 28, 2020 17:05 — forked from dnoliver/disk-encryption.sh
Disk encryption with Clevis example
GNU nano 4.3 disk-encryption.sh
#!/bin/bash
set -euxo pipefail
rpm -qa clevis* cryptsetup* luks* tpm2* e*fspr* | sort
# Creation
# dd if=/dev/zero of=/dev/sda1 bs=1M status=progress
@eduardolfalcao
eduardolfalcao / tpm2-pkcs11-csr.sh
Created May 28, 2020 17:05 — forked from dnoliver/tpm2-pkcs11-csr.sh
Certificate Signing Request generation with tpm2-pkcs11
#!/bin/bash
set -euxo pipefail
export TPM2TOOLS_TCTI="device:/dev/tpmrm0"
export TPM2_PKCS11_TCTI="device:/dev/tpmrm0"
#export TPM2_PKCS11_LOG_LEVEL=2
tpm2_print_handles () {
for i in transient saved-session loaded-session;
@eduardolfalcao
eduardolfalcao / ima-duplicates.sh
Created May 28, 2020 17:04 — forked from dnoliver/README.md
Linux Integrity Measurement Architecture (IMA) Helpers
#!/bin/bash
set -euo pipefail
cat /sys/kernel/security/ima/ascii_runtime_measurements | awk '{print $5}' | sort | uniq -c | sort -n -r