Esempi in Python per ImaKeyrings

Linguaggio di programmazione: Python

Spazio dei nomi/nome del pacchetto: keylime.ima.file_signatures

Classe/tipologia: ImaKeyrings

Esempi su hotexamples.com: 5

ImaKeyrings in Python: 5 esempi trovati. Questi sono i migliori esempi reali in Python per keylime.ima.file_signatures.ImaKeyrings, estratti da progetti open source. Li puoi valutare, per aiutarci a migliorare la qualità dei nostri esempi.

Metodi utilizzati di frequente

Mostra Nascondi

ImaKeyrings(3)

add_pubkey_to_keyring(1)

from_json(1)

Esempio n. 1

Mostra file

File: ima.py Progetto: mpeters/keylime

def _validate_ima_buf(
    exclude_regex,
    allowlist,
    ima_keyrings: file_signatures.ImaKeyrings,
    dm_validator: Optional[ima_dm.DmIMAValidator],
    digest: ast.Digest,
    path: ast.Name,
    data: ast.Buffer,
):
    failure = Failure(Component.IMA)
    # Is data.data a key?
    pubkey, keyidv2 = file_signatures.get_pubkey(data.data)
    if pubkey:
        ignored_keyrings = allowlist["ima"]["ignored_keyrings"]
        if "*" not in ignored_keyrings and path.name not in ignored_keyrings:
            failure = _validate_ima_ng(exclude_regex, allowlist, digest, path, hash_types="keyrings")
            if not failure:
                # Add the key only now that it's validated (no failure)
                ima_keyrings.add_pubkey_to_keyring(pubkey, path.name, keyidv2=keyidv2)
    # Check if this is a device mapper entry only if we have a validator for that
    elif dm_validator is not None and path.name in dm_validator.valid_names:
        failure = dm_validator.validate(digest, path, data)
    else:
        # handling of generic ima-buf entries that for example carry a hash in the buf field
        failure = _validate_ima_ng(exclude_regex, allowlist, digest, path, hash_types="ima-buf")

    # Anything else evaluates to true for now
    return failure

Esempio n. 2

Mostra file

 def reset_ima_attestation(self):
     """ Reset the IMA attestation state to start over with 1st entry
         ad start over with learning the keys """
     self.next_ima_ml_entry = 0
     for pcr_num in self.ima_pcrs:
         self.tpm_state.reset_pcr(pcr_num)
     self.set_boottime(0)
     self.ima_keyrings = ImaKeyrings()

Esempio n. 3

Mostra file

 def add(self, agent_id, boottime, ima_pcrs_dict, next_ima_ml_entry,
         learned_ima_keyrings):
     """ Add or replace an existing AgentAttestState initialized with the given values """
     agentAttestState = self.get_by_agent_id(agent_id)
     agentAttestState.set_boottime(boottime)
     agentAttestState.set_ima_pcrs(ima_pcrs_dict)
     agentAttestState.set_next_ima_ml_entry(next_ima_ml_entry)
     agentAttestState.set_ima_keyrings(
         ImaKeyrings.from_json(learned_ima_keyrings))

Esempio n. 4

Mostra file

    def __init__(self, agent_id):
        """ constructor """

        self.agent_id = agent_id
        self.next_ima_ml_entry = 0
        self.set_boottime(0)

        self.tpm_state = TPMState()
        self.ima_pcrs = set()

        self.ima_keyrings = ImaKeyrings()

        self.reset_ima_attestation()

        self.ima_dm_state = None

Esempio n. 5

Mostra file

File: agentstates.py Progetto: mbestavros/keylime

    def __init__(self, agent_id):
        """constructor"""

        self.agent_id = agent_id
        self.next_ima_ml_entry = 0
        self.set_boottime(0)
        self.tpm_clockinfo = TPMClockInfo(clock=0,
                                          resetcount=0,
                                          restartcount=0,
                                          safe=1)

        self.tpm_state = TPMState()
        self.ima_pcrs = set()

        self.ima_keyrings = ImaKeyrings()

        self.reset_ima_attestation()

        self.ima_dm_state = None