Cisco Systems SR-207 manual SR-215, Examples

Models: SR-207

1 22
Download 22 pages 27.39 Kb
Page 9
Image 9
SR-215

Software Authentication Manager Commands on Cisco IOS XR Software

sam verify

 

 

 

If the message digest matches the message digest generated by the sam verify command, the software

 

 

 

component is valid.

 

 

 

 

 

Note

You should calculate the hash code on the contents of the flash memory code at the destination

 

 

 

networking device using a different set of files from the one loaded on the flash memory card. It is

 

 

 

possible for an unauthorized person to use the same software version to produce the desired (matching)

 

 

 

hash code and thereby disguise that someone has tampered with the new software.

 

 

 

 

 

 

 

 

 

 

Examples

The following example shows how to use MD5 to generate a message digest on the entire file system on

 

 

 

the flash memory card in slot 0 and then use that message digest as input to perform the digest

 

 

 

comparison. The example shows a third sam verify command, issued with a mismatched message digest,

 

 

 

to show the Software Authentication Manager (SAM) response to a mismatch.

 

 

 

RP/0/RP0/CPU0:router# sam verify disk0: MD5

 

 

 

Total file count in disk0: = 813

 

 

 

082183cb6e65a44fd7ca95fe8e93def6

 

 

 

RP/0/RP0/CPU0:router# sam verify disk0: MD5 082183cb6e65a44fd7ca95fe8e93def6

 

 

 

Total file count in disk0: = 813

 

 

 

Same digest values

 

 

 

RP/0/RP0/CPU0:router# sam verify disk0: MD5 3216c9282d97ee7a40b78a4e401158bd

 

 

 

Total file count in disk0: = 813

 

 

 

Different digest values

 

 

 

The following example shows how to use MD5 to generate a message digest and then uses that message

 

 

 

digest as input to perform the digest comparison:

 

 

 

RP/0/RP0/CPU0:router# sam verify disk0: /crl_revoked.bin MD5

 

 

 

38243ffbbe6cdb7a12fa9fa6452956ac

 

 

 

RP/0/RP0/CPU0:router# sam verify disk0: /crl_revoked.bin MD5

 

 

 

38243ffbbe6cdb7a12fa9fa6452956ac

 

 

 

Same digest values

Cisco IOS XR System Security Command Reference

SR-215

Page 9
Image 9
Cisco Systems SR-207 manual SR-215, Examples