On Mon, 2026-03-30 at 13:13 -0700, Eric Biggers wrote: > On Tue, Mar 24, 2026 at 04:39:27PM -0400, Mimi Zohar wrote: > > + * IMA signature version 3 disambiguates the data that is signed by > > + * indirectly signing the hash of the ima_file_id structure data. > > The right way to think about it is that it's the ima_file_id itself that > is being signed and verified, and taking the hash of it is only a > workaround for legacy algorithms that can only sign and verify hashes. > With modern algorithms like Ed25519 and ML-DSA that accept > arbitrary-length messages, that workaround won't be needed.
I'll keep that in mind. As previously discussed, the hashes are being calculated for other purposes, like inclusion in the IMA measurement list and the audit log. Providing the potentially large, variable sized data so that the crypto signing/verifying algorithm can recalculate the hash is superfluous. Your recommendation of signing the ima_file_id works nicely. thanks! Mimi
