readme
A very simple security application to test for the integrity of files and "states" in a computer installation. signduterre.py constructs a signature of the current system state and checks installation state with a previously made signature. The files are hashed with a passphrase (and salt) to allow detection of compromised systems while running on the same system. The signature checking can be subverted, but the flexibility of signduterre.py and the fact that the output of any command can be tested makes automated root-kit attacks extremely difficult.
signduterre.py writes a total SHA-256 hash to STDOUT of all the files and commands entered as arguments. It can also write a hash for each individual file (insecure). The output of a signature can be send to a file and later used to check with --check-file. Hashes are calculated with a hashed salt + passphrase sequence pre-pended to create unpredictable hashes. An attacker can only know when to supply the requested hash values if she knows the passphrase or has copies available of all the tested files and output of commands to calculate the hashes
on the fly.