want to sign and verify a binary using elfsign, please let me know the procedure step by step
Dear Team,
I am using ubuntu 10.04 LTS - Lucid Lynx.
I have generated binary using gcc filename.c -o TEST
I wanted to sign this binary (TEST) using elfsign - 0.2.2
I have built this package using elfsign-0.2.2 source package.
My work around:
:~/Documents/
b001f847f6320c0
:~/Documents/
Key Password:
:~/Documents/
c41803b138a56c3
I have successfully signed a binary using the above command and checked the md5sum before and after signing.
and I confirmed the signing using below method;
:~/Documents/
[30] .sig PROGBITS 00000000 000cff 00081e 00 0 0 0
:~/Documents/
Hex dump of section '.shstrtab':
0x00000000 002e7379 6d746162 002e7374 72746162 ..symtab..strtab
0x00000010 002e7368 73747274 6162002e 696e7465 ..shstrtab..inte
0x00000020 7270002e 6e6f7465 2e414249 2d746167 rp..note.ABI-tag
0x00000030 002e6e6f 74652e67 6e752e62 75696c64 ..note.gnu.build
0x00000040 2d696400 2e676e75 2e686173 68002e64 -id..gnu.hash..d
0x00000050 796e7379 6d002e64 796e7374 72002e67 ynsym..dynstr..g
0x00000060 6e752e76 65727369 6f6e002e 676e752e nu.version..gnu.
0x00000070 76657273 696f6e5f 72002e72 656c2e64 version_r..rel.d
0x00000080 796e002e 72656c2e 706c7400 2e696e69 yn..rel.plt..ini
0x00000090 74002e74 65787400 2e66696e 69002e72 t..text..fini..r
0x000000a0 6f646174 61002e65 685f6672 616d6500 odata..eh_frame.
0x000000b0 2e63746f 7273002e 64746f72 73002e6a .ctors..dtors..j
0x000000c0 6372002e 64796e61 6d696300 2e676f74 cr..dynamic..got
0x000000d0 002e676f 742e706c 74002e64 61746100 ..got.plt..data.
0x000000e0 2e627373 002e636f 6d6d656e 74002e73 .bss..comment..s
0x000000f0 696700 ig.
After this I wanted to verify this signed binary and used the below command
:~/Documents/
FAIL (The binary digest did not match the signed digest.)
:~/Documents/
FAIL (The binary digest did not match the signed digest.)
:~/Documents/
Issuer: O=My <email address hidden>, L=bengaluru, ST=karnataka, C=IN, CN=girishlc
Signer: O=My <email address hidden>, L=bengaluru, ST=karnataka, C=IN, CN=girishlc
Issuer is not trusted, would you like to trust them? [y/N] y
OK
Unable to verify the sign using the certificate and private key path, but if I give without root CA then I am asking to enter the option whether to certify since the certificate was not trusted by default; if I say 'Y' or 'y' then it accepts and prints OK
My Questions:
1. How many certificates we need?
2. What is root certificate?
3. After signing the binary I am unable to execute the binary as earlier, i,e binary is getting modified.
and if I try to execute the binary getting error saying "Killed"
4. What I have done so far for signing and verifying for the binary is it the correct way? am I going in a right way?
5. Can anybody please give me some solution Or
if anybody gives me step by step method to sign the binary with example I would be very much thankful to them.
Thanks,
Girish.L.C
<email address hidden>
Question information
- Language:
- English Edit question
- Status:
- Expired
- For:
- Ubuntu elfsign Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
This question was reopened
- by Girish L C