Skip to content

Instantly share code, notes, and snippets.

View eduardolfalcao's full-sized avatar

Eduardo Falcão eduardolfalcao

110 followers · 23 following
View GitHub Profile
@dnoliver
dnoliver / README.md
Last active December 9, 2020 18:41
Linux Integrity Measurement Architecture (IMA) Helpers

IMA Helper Scripts

@dnoliver
dnoliver / tpm2-pkcs11-csr.sh
Last active May 28, 2020 17:05
Certificate Signing Request generation with tpm2-pkcs11
#!/bin/bash
set -euxo pipefail
export TPM2TOOLS_TCTI="device:/dev/tpmrm0"
export TPM2_PKCS11_TCTI="device:/dev/tpmrm0"
#export TPM2_PKCS11_LOG_LEVEL=2
tpm2_print_handles () {
for i in transient saved-session loaded-session;
@dnoliver
dnoliver / disk-encryption.sh
Created January 13, 2020 22:01
Disk encryption with Clevis example
GNU nano 4.3 disk-encryption.sh
#!/bin/bash
set -euxo pipefail
rpm -qa clevis* cryptsetup* luks* tpm2* e*fspr* | sort
# Creation
# dd if=/dev/zero of=/dev/sda1 bs=1M status=progress
@dnoliver
dnoliver / enrollment.sh
Last active July 3, 2023 12:31
TPM 2.0 Device Identity Attestation Samples
#!/bin/bash
# Dependencies
# tpm2-tools-4.0.1-1.fc31.x86_64
# tpm2-tss-2.3.1-1.fc31.x86_64
# tpm2-tss-engine-master
set -euxo pipefail
export TPM2TOOLS_TCTI="device:/dev/tpmrm0"
@dnoliver
dnoliver / ima-boot_aggregate.c
Created May 10, 2019 20:31
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <string.h>
#include <unistd.h>
#include "config.h"
#include "test.h"
#if HAVE_OPENSSL_SHA_H