Marcus Meissner's avatar

Marcus Meissner

msmeissn

Member of the groups
Involved Projects and Packages
Maintainer Bugowner

FIPSCheck is a library for integrity verification of FIPS validated
modules. The package also provides helper binaries for creation and
verification of the HMAC-SHA256 checksum files.

Maintainer

The haveged daemon feeds the linux entropy pool with random
numbers generated from hidden processor state.

For more information see http://www.issihosts.com/haveged/

Maintainer Bugowner

The hmaccalc package contains tools which can calculate HMAC (hash-based
message authentication code) values for files. The names and interfaces are
meant to mimic the sha*sum tools provided by the coreutils package.

Maintainer Bugowner

Tools for EVM enrolling of the Integrity Measurement Architecture EVM Tools.

Maintainer

SINIT AC modules for trusted boot on Intel(R) Trusted Execution Technology(INTER(R) TXT) ssystems

Bugowner

NOTE: Automatically created during Factory devel project migration by admin.

Maintainer

libkcapi allows user-space to access the Linux kernel crypto API.

libkcapi uses this Netlink interface and exports easy to use APIs so that a developer does not need to consider the low-level Netlink interface handling.

The library does not implement any cipher algorithms. All consumer requests are sent to the kernel for processing. Results from the kernel crypto API are returned to the consumer via the library API.

The kernel interface and therefore this library can be used by unprivileged processes.

The focus during the development of this library is put on speed. This library does not perform any memcpy for processing the cryptographic data! The library uses scatter / gather lists to eliminate the need for moving data around in memory.

Maintainer

libkcapi allows user-space to access the Linux kernel crypto API.

libkcapi uses this Netlink interface and exports easy to use APIs so that a developer does not need to consider the low-level Netlink interface handling.

The library does not implement any cipher algorithms. All consumer requests are sent to the kernel for processing. Results from the kernel crypto API are returned to the consumer via the library API.

The kernel interface and therefore this library can be used by unprivileged processes.

The focus during the development of this library is put on speed. This library does not perform any memcpy for processing the cryptographic data! The library uses scatter / gather lists to eliminate the need for moving data around in memory.

Maintainer
Maintainer Bugowner

A library providing TPM functionality for VMs. Targeted for integration
into Qemu.

Maintainer Bugowner

Lynis is a security and system auditing tool. It scans a system on the most interesting parts useful for audits, like:
- Security enhancements
- Logging and auditing options
- Banner identification
- Software availability

Lynis is released as a GPL licensed project and free for everyone to use.

See http://www.rootkit.nl for a full description and documentation.

Maintainer Bugowner

OpenSCAP is a set of open source libraries providing an easier path for integration of the SCAP line of standards.

SCAP is a line of standards managed by NIST with the goal of providing a standard language for the expression of Computer Network Defense related information.

More information about SCAP can be found at nvd.nist.gov.

Maintainer Bugowner

openscap report generator

Maintainer

Control physical access to a linux computer by locking all of its virtual
terminals / consoles.

physlock is an alternative to vlock, it is equivalent to `vlock -an'. It is
written because vlock blocks some linux kernel mechanisms like hibernate and
suspend and can therefore only be used with some limitations. physlock is
designed to be more lightweight, it does not have a plugin interface and it is
not started using a shell script wrapper.

Maintainer Bugowner

Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain. Rekor will enable software maintainers and build systems to record signed metadata to an immutable record. Other parties can then query said metadata to enable them to make informed decisions on trust and non-repudiation of an object's lifecycle. For more details visit the sigstore website

The Rekor project provides a restful API based server for validation and a transparency log for storage. A CLI application is available to make and verify entries, query the transparency log for inclusion proof, integrity verification of the transparency log or retrieval of entries by either public key or artifact.

Rekor fulfils the signature transparency role of sigstore's software signing infrastructure. However, Rekor can be run on its own and is designed to be extensible to working with different manifest schemas and PKI tooling.

Maintainer Bugowner

Package built based on https://github.com/ComplianceAsCode/content

Maintainer Bugowner

scrub overwrites hard disks, files, and other devices with repeating
patterns intended to make recovering data from these devices more
difficult. Although physical destruction is unarguably the most reliable
method of destroying sensitive data, it is inconvenient and costly. For
certain classes of data, organizations may be willing to do the next
best thing which is scribble on all the bytes until retrieval would
require heroic efforts in a lab.

scrub implements several different algorithms for this:

nnsa - U.S. NNSA Policy Letter NAP-14.1-C
dod - U.S. DoD 5220.22-M
usarmy - U.S. Army AR380-19
bsi - German Center of Security in Information Technologies
gutmann - 35-pass algorithm from Peter Gutmann's 1996 paper
schneier - algorithm described in Bruce Schneier's Applied Cryptography (1996)
pfitzner7 - Roy Pfitzner's 7-random-pass method
pfitzner33 - Roy Pfitzner's 33-random-pass method

Maintainer

The SWTPM package provides TPM emulators with different front-end interfaces
to libtpms. TPM emulators provide socket interfaces (TCP/IP) and the Linux
CUSE interface for the creation of multiple native /dev/vtpm* devices.
Those can be the targets of multiple QEMU cuse-tpm instances.

Maintainer

Trusted Boot (tboot) is an open source, pre-kernel/VMM module that uses Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured and verified launch of an OS kernel/VMM.

Maintainer Bugowner

Tomoyo userland tools.

Maintainer

NOTE: Automatically created during Factory devel project migration by admin.

Maintainer

The trousers package provides a TSS implementation through the help of a user-space daemon, the tcsd, and a library Trousers aims to be compliant to the 1.1b and 1.2 TSS specifications as available from the Trusted Computing website http://www.trustedcomputinggroup.org/.

The package needs the /dev/tpm device file to be present on your system. It is a character device file major 10 minor 224, 0600 tss:tss.

Maintainer

NOTE: Automatically created during Factory devel project migration by admin.

Maintainer

The trousers package provides a TSS implementation through the help of a user-space daemon, the tcsd, and a library Trousers aims to be compliant to the 1.1b and 1.2 TSS specifications as available from the Trusted Computing website http://www.trustedcomputinggroup.org/.

The package needs the /dev/tpm device file to be present on your system. It is a character device file major 10 minor 224, 0600 tss:tss.

Maintainer

This project contains forensic tools and libraries.

openSUSE Build Service is sponsored by