Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Canonical way to sign (and verify) an ELF file?

Tags:

linux

code-signing

digital-signature

elf

I would like to sign ELF files, preferably with a PGP key and later be able to verify the signature. Failing that I'll also go with a Authenticode or SSL certificate for signing if that makes more sense. Existing options, such as signelf, seem to be only available under copyleft licenses (even if it's the LGPL, but it imposes restrictions that prevent me from using it) or old/unmaintained.

What options do I have that can be used in a proprietary program?

Note: we can limit the scope of the question to Linux even though ELF isn't particular to Linux.

Even if there is no ready to use program and/or library under a liberal (non-copyleft) FLOSS license, I would appreciate pointers to standardization documents in case some kind of de-facto standard has emerged. I'm not aware of one, but then that's the reason I ask.

From what I see all distros seem to rely on signing the packages and verify these. That's fine in general but I would like to take it a step further.

like image 686
0xC0000022L Avatar asked Apr 02 '13 16:04

0xC0000022L

People also ask

How do you inspect ELF files?

you can use readelf and objdump to read parts of an elf file. You can also use 'hexdump filename' to get a hexdump of the contents of a binary file (this is likely only useful if you like reading machine code or you are writing an assembler).

How are ELF files loaded?

ELF files are used by two tools: the linker and the loader. A linker combines multiple ELF files into an executable or a library and a loader loads the executable ELF file in the memory of the process.

What do I do with an ELF file?

ELF files are for execution or for linking. Depending on the primary goal, it contains the required segments or sections. Segments are viewed by the kernel and mapped into memory (using mmap). Sections are viewed by the linker to create executable code or shared objects.

How do you tell if a file is signed?

First of all, open Windows File Explorer and navigate to the location where your program is saved. Right-click on the setup file and then click on Properties. Navigate to the tab that is labeled as Digital Signatures. In the Signature List, if you see entries that means that your file is digitally signed.

1 Answers

As you mentioned writing as an answer you can try elfgpg.

like image 51
linux_fanatic Avatar answered Oct 02 '22 01:10

linux_fanatic
Sign in to Comment

Related questions

Set Python memory limit [duplicate]
return struct from function [duplicate]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!