diff --git a/README.md b/README.md
index c3d34fd..458ed6a 100644
--- a/README.md
+++ b/README.md
@@ -55,7 +55,7 @@ let opts = ParseOptions::default()
     .with_template_hash_algorithm(HashAlgorithm::Sha1);
 for event in EventLogParser::new(bytes.as_slice(), opts) {
     let event = event?;
-    println!("PCR {} {}", event.pcr_index, event.template_name);
+    println!("PCR {} {}", event.pcr_index, event.template);
 }
 ```
 
@@ -67,7 +67,7 @@ use ima_parser::log::parse_ascii_log;
 let line = "10 91f34b5c671d73504b274a919661cf80dab1e127 ima-ng sha1:1801e1be3e65ef1eaa5c16617bec8f1274eaf6b3 boot_aggregate\n";
 let events = parse_ascii_log(line).unwrap();
 assert_eq!(events.len(), 1);
-assert_eq!(events[0].template_name, "ima-ng");
+assert_eq!(events[0].template.as_str(), "ima-ng");
 ```
 
 #### Recomputing a template hash
diff --git a/examples/parse_ascii_log.rs b/examples/parse_ascii_log.rs
index 9ebe641..fa7db01 100644
--- a/examples/parse_ascii_log.rs
+++ b/examples/parse_ascii_log.rs
@@ -96,6 +96,7 @@ fn main() -> ExitCode {
             }
             TemplateData::ImaBuf(e) => format!("{} [{}] buf={}B", e.name, e.digest, e.buf.len()),
             TemplateData::Unknown(fields) => format!("{} unknown-field(s)", fields.len()),
+            _ => "other built-in template".to_owned(),
         };
         if args.verify {
             #[cfg(feature = "hash")]
@@ -108,10 +109,16 @@ fn main() -> ExitCode {
             let ok = "no-hash-feature";
             println!(
                 "PCR={:>2}  {:<8}  hash-ok={}  {hint}",
-                ev.pcr_index, ev.template_name, ok
+                ev.pcr_index,
+                ev.template.as_str(),
+                ok
             );
         } else {
-            println!("PCR={:>2}  {:<8}  {hint}", ev.pcr_index, ev.template_name);
+            println!(
+                "PCR={:>2}  {:<8}  {hint}",
+                ev.pcr_index,
+                ev.template.as_str()
+            );
         }
     }
     ExitCode::SUCCESS
diff --git a/examples/parse_binary_log.rs b/examples/parse_binary_log.rs
index bfbafc0..7a9f2a7 100644
--- a/examples/parse_binary_log.rs
+++ b/examples/parse_binary_log.rs
@@ -107,6 +107,7 @@ fn main() -> ExitCode {
             }
             TemplateData::ImaBuf(e) => format!("{} [{}] buf={}B", e.name, e.digest, e.buf.len()),
             TemplateData::Unknown(fields) => format!("{} unknown-field(s)", fields.len()),
+            _ => "other built-in template".to_owned(),
         };
         if args.verify {
             #[cfg(feature = "hash")]
@@ -119,10 +120,16 @@ fn main() -> ExitCode {
             let ok = "no-hash-feature";
             println!(
                 "PCR={:>2}  {:<8}  hash-ok={}  {hint}",
-                ev.pcr_index, ev.template_name, ok
+                ev.pcr_index,
+                ev.template.as_str(),
+                ok
             );
         } else {
-            println!("PCR={:>2}  {:<8}  {hint}", ev.pcr_index, ev.template_name);
+            println!(
+                "PCR={:>2}  {:<8}  {hint}",
+                ev.pcr_index,
+                ev.template.as_str()
+            );
         }
     }
     ExitCode::SUCCESS
diff --git a/src/lib.rs b/src/lib.rs
index fcf3204..4a4bae0 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -49,7 +49,7 @@
 //!     .with_template_hash_algorithm(HashAlgorithm::Sha1);
 //! for event in EventLogParser::new(bytes.as_slice(), opts) {
 //!     let event = event?;
-//!     println!("PCR {} {}", event.pcr_index, event.template_name);
+//!     println!("PCR {} {}", event.pcr_index, event.template);
 //! }
 //! # Ok::<(), Box<dyn std::error::Error>>(())
 //! ```
@@ -62,7 +62,7 @@
 //! let line = "10 91f34b5c671d73504b274a919661cf80dab1e127 ima-ng sha1:1801e1be3e65ef1eaa5c16617bec8f1274eaf6b3 boot_aggregate\n";
 //! let events = parse_ascii_log(line).unwrap();
 //! assert_eq!(events.len(), 1);
-//! assert_eq!(events[0].template_name, "ima-ng");
+//! assert_eq!(events[0].template.as_str(), "ima-ng");
 //! ```
 //!
 //! ### Recomputing a template hash
diff --git a/src/log.rs b/src/log.rs
index a7eb505..2144df1 100644
--- a/src/log.rs
+++ b/src/log.rs
@@ -26,7 +26,9 @@ pub use self::ascii::{parse_ascii_line, parse_ascii_log};
 pub use self::event::Event;
 pub use self::parser::{Endianness, EventLogParser, ParseOptions};
 pub use self::template::{
-    Digest, ImaBufEntry, ImaEntry, ImaNgEntry, ImaSigEntry, TemplateData, TemplateField,
+    Digest, DigestType, DigestV2, EvmSigEntry, ImaBufEntry, ImaEntry, ImaModsigEntry, ImaNgEntry,
+    ImaNgV2Entry, ImaSigEntry, ImaSigV2Entry, Template, TemplateData, TemplateField,
+    TemplateFieldId,
 };
 
 /// Default PCR index used by IMA (`CONFIG_IMA_MEASURE_PCR_IDX`).
@@ -36,12 +38,3 @@ pub const DEFAULT_IMA_PCR: u32 = 10;
 /// The legacy `ima` template pads the `n` field to this size plus one when
 /// computing the template hash.
 pub const IMA_EVENT_NAME_LEN_MAX: usize = 255;
-
-/// Template name of the legacy fixed-format template.
-pub const IMA_TEMPLATE_NAME: &str = "ima";
-/// Template name of the `ima-ng` (next-generation) template.
-pub const IMA_NG_TEMPLATE_NAME: &str = "ima-ng";
-/// Template name of the `ima-sig` template.
-pub const IMA_SIG_TEMPLATE_NAME: &str = "ima-sig";
-/// Template name of the `ima-buf` template.
-pub const IMA_BUF_TEMPLATE_NAME: &str = "ima-buf";
diff --git a/src/log/ascii.rs b/src/log/ascii.rs
index 1faaf5e..b3f62d5 100644
--- a/src/log/ascii.rs
+++ b/src/log/ascii.rs
@@ -5,7 +5,7 @@
 //! The format of `/sys/kernel/security/ima/ascii_runtime_measurements_*` is:
 //!
 //! ```text
-//! <pcr> <template_hash_hex> <template_name> <template_specific fields…>
+//! <pcr> <template_hash_hex> <template> <template_specific fields…>
 //! ```
 //!
 //! with SP (`' '`) as the token separator and LF (`'\n'`) as the record
@@ -23,10 +23,8 @@ use crate::hash::HashAlgorithm;
 
 use super::event::Event;
 use super::template::{
-    Digest, ImaBufEntry, ImaEntry, ImaNgEntry, ImaSigEntry, TemplateData, TemplateField,
-};
-use super::{
-    IMA_BUF_TEMPLATE_NAME, IMA_NG_TEMPLATE_NAME, IMA_SIG_TEMPLATE_NAME, IMA_TEMPLATE_NAME,
+    Digest, DigestType, DigestV2, EvmSigEntry, ImaBufEntry, ImaEntry, ImaModsigEntry, ImaNgEntry,
+    ImaNgV2Entry, ImaSigEntry, ImaSigV2Entry, Template, TemplateData, TemplateField,
 };
 
 /// Parse an entire ASCII measurement log (one event per line).
@@ -68,25 +66,30 @@ pub fn parse_ascii_line(line: &str) -> Result<Event> {
         .next()
         .ok_or_else(|| Error::malformed("missing template name"))?
         .to_owned();
+    let template = Template::parse(&template_name);
 
     let rest: Vec<&str> = toks.collect();
-    let (template_data, template_data_raw) = parse_template_payload(&template_name, &rest)?;
+    let (template_data, template_data_raw) = parse_template_payload(&template, &rest)?;
 
     Ok(Event {
         pcr_index,
         template_hash,
-        template_name,
+        template,
         template_data,
         template_data_raw,
     })
 }
 
-fn parse_template_payload(template_name: &str, fields: &[&str]) -> Result<(TemplateData, Vec<u8>)> {
-    match template_name {
-        n if n == IMA_NG_TEMPLATE_NAME => parse_ima_ng(fields),
-        n if n == IMA_SIG_TEMPLATE_NAME => parse_ima_sig(fields),
-        n if n == IMA_BUF_TEMPLATE_NAME => parse_ima_buf(fields),
-        n if n == IMA_TEMPLATE_NAME => parse_legacy_ima(fields),
+fn parse_template_payload(template: &Template, fields: &[&str]) -> Result<(TemplateData, Vec<u8>)> {
+    match template {
+        Template::ImaNg => parse_ima_ng(fields),
+        Template::ImaSig => parse_ima_sig(fields),
+        Template::ImaBuf => parse_ima_buf(fields),
+        Template::ImaModsig => parse_ima_modsig(fields),
+        Template::ImaNgV2 => parse_ima_ngv2(fields),
+        Template::ImaSigV2 => parse_ima_sigv2(fields),
+        Template::EvmSig => parse_evm_sig(fields),
+        Template::Ima => parse_legacy_ima(fields),
         _ => {
             // Unknown template: preserve every whitespace-separated token as
             // its own opaque field so callers can still inspect the payload.
@@ -107,6 +110,107 @@ fn parse_template_payload(template_name: &str, fields: &[&str]) -> Result<(Templ
     }
 }
 
+fn parse_ima_ngv2(fields: &[&str]) -> Result<(TemplateData, Vec<u8>)> {
+    if fields.len() < 2 {
+        return Err(Error::malformed(
+            "ima-ngv2 expects <dtype:algo:hex> <filename>",
+        ));
+    }
+    let digest = parse_prefixed_digest_v2(fields[0])?;
+    let filename = unescape_filename(&fields[1..].join(" "));
+    let raw = Vec::new();
+    Ok((
+        TemplateData::ImaNgV2(ImaNgV2Entry { digest, filename }),
+        raw,
+    ))
+}
+
+fn parse_ima_sigv2(fields: &[&str]) -> Result<(TemplateData, Vec<u8>)> {
+    if fields.len() < 2 {
+        return Err(Error::malformed(
+            "ima-sigv2 expects <dtype:algo:hex> <filename> [<sig>]",
+        ));
+    }
+    let digest = parse_prefixed_digest_v2(fields[0])?;
+    let (filename, signature) = if fields.len() >= 3 && looks_like_hex(fields[fields.len() - 1]) {
+        (
+            unescape_filename(&fields[1..fields.len() - 1].join(" ")),
+            decode_hex(fields[fields.len() - 1])?,
+        )
+    } else {
+        (unescape_filename(&fields[1..].join(" ")), Vec::new())
+    };
+    Ok((
+        TemplateData::ImaSigV2(ImaSigV2Entry {
+            digest,
+            filename,
+            signature,
+        }),
+        Vec::new(),
+    ))
+}
+
+fn parse_ima_modsig(fields: &[&str]) -> Result<(TemplateData, Vec<u8>)> {
+    if fields.len() < 3 {
+        return Err(Error::malformed(
+            "ima-modsig expects <digest> <filename> <sig> [<d-modsig>] [<modsig>]",
+        ));
+    }
+    let digest = parse_prefixed_digest(fields[0])?;
+    let filename = unescape_filename(fields[1]);
+    let signature = decode_hex(fields[2])?;
+    let modsig_digest = fields
+        .get(3)
+        .map(|s| decode_hex(s))
+        .transpose()?
+        .unwrap_or_default();
+    let modsig = fields
+        .get(4)
+        .map(|s| decode_hex(s))
+        .transpose()?
+        .unwrap_or_default();
+    Ok((
+        TemplateData::ImaModsig(ImaModsigEntry {
+            digest,
+            filename,
+            signature,
+            modsig_digest,
+            modsig,
+        }),
+        Vec::new(),
+    ))
+}
+
+fn parse_evm_sig(fields: &[&str]) -> Result<(TemplateData, Vec<u8>)> {
+    if fields.len() < 9 {
+        return Err(Error::malformed("evm-sig expects 9 template fields"));
+    }
+    let digest = parse_prefixed_digest(fields[0])?;
+    let iuid: u32 = fields[6]
+        .parse()
+        .map_err(|_| Error::malformed("invalid iuid"))?;
+    let igid: u32 = fields[7]
+        .parse()
+        .map_err(|_| Error::malformed("invalid igid"))?;
+    let imode: u16 = fields[8]
+        .parse()
+        .map_err(|_| Error::malformed("invalid imode"))?;
+    Ok((
+        TemplateData::EvmSig(EvmSigEntry {
+            digest,
+            filename: unescape_filename(fields[1]),
+            evmsig: decode_hex(fields[2])?,
+            xattrnames: unescape_filename(fields[3]),
+            xattrlengths: decode_hex(fields[4])?,
+            xattrvalues: decode_hex(fields[5])?,
+            iuid,
+            igid,
+            imode,
+        }),
+        Vec::new(),
+    ))
+}
+
 fn parse_ima_ng(fields: &[&str]) -> Result<(TemplateData, Vec<u8>)> {
     if fields.len() < 2 {
         return Err(Error::malformed("ima-ng expects <digest> <filename>"));
@@ -206,6 +310,23 @@ fn parse_prefixed_digest(s: &str) -> Result<Digest> {
     }
     Ok(Digest::new(algo, bytes))
 }
+fn parse_prefixed_digest_v2(s: &str) -> Result<DigestV2> {
+    let mut it = s.splitn(3, ':');
+    let dtype = it
+        .next()
+        .ok_or_else(|| Error::malformed("missing digest type"))?;
+    let algo_name = it
+        .next()
+        .ok_or_else(|| Error::malformed("missing algorithm"))?;
+    let hex = it
+        .next()
+        .ok_or_else(|| Error::malformed("missing digest hex"))?;
+    let digest = parse_prefixed_digest(&format!("{algo_name}:{hex}"))?;
+    Ok(DigestV2 {
+        digest_type: DigestType::parse(dtype),
+        digest,
+    })
+}
 
 fn decode_hex(s: &str) -> Result<Vec<u8>> {
     if !s.len().is_multiple_of(2) {
@@ -326,7 +447,7 @@ mod tests {
                     sha1:1801e1be3e65ef1eaa5c16617bec8f1274eaf6b3 boot_aggregate";
         let ev = parse_ascii_line(line).unwrap();
         assert_eq!(ev.pcr_index, 10);
-        assert_eq!(ev.template_name, "ima-ng");
+        assert_eq!(ev.template.as_str(), "ima-ng");
         match &ev.template_data {
             TemplateData::ImaNg(e) => {
                 assert_eq!(e.digest.algorithm, HashAlgorithm::Sha1);
@@ -363,7 +484,7 @@ sha1:1801e1be3e65ef1eaa5c16617bec8f1274eaf6b3 /init\n\
                     deadbeefdeadbeefdeadbeefdeadbeefdeadbeef \
                     weird-template foo bar baz";
         let ev = parse_ascii_line(line).unwrap();
-        assert_eq!(ev.template_name, "weird-template");
+        assert_eq!(ev.template.as_str(), "weird-template");
         match &ev.template_data {
             TemplateData::Unknown(fields) => {
                 let strs: Vec<&[u8]> = fields.iter().map(|f| f.data.as_slice()).collect();
diff --git a/src/log/event.rs b/src/log/event.rs
index 11990e2..3d2b865 100644
--- a/src/log/event.rs
+++ b/src/log/event.rs
@@ -5,7 +5,7 @@
 #[cfg(feature = "hash")]
 use crate::hash::HashAlgorithm;
 
-use super::template::TemplateData;
+use super::template::{Template, TemplateData};
 use super::template_hash;
 
 /// A single IMA measurement event.
@@ -17,7 +17,7 @@ use super::template_hash;
 /// 2. `template_hash` — digest covering the template's data bytes, computed
 ///    with the algorithm recorded in
 ///    [`ParseOptions::template_hash_algorithm`](super::parser::ParseOptions::with_template_hash_algorithm).
-/// 3. `template_name` — ASCII identifier of the template (`"ima"`,
+/// 3. `template` — ASCII identifier of the template (`"ima"`,
 ///    `"ima-ng"`, `"ima-sig"`, `"ima-buf"`, …).
 /// 4. `template_data` — decoded payload; see [`TemplateData`].
 /// 5. `template_data_raw` — unparsed template-data bytes, retained so the
@@ -32,7 +32,7 @@ pub struct Event {
     pub template_hash: Vec<u8>,
 
     /// Template name (e.g. `"ima-ng"`).
-    pub template_name: String,
+    pub template: Template,
 
     /// Decoded template payload.
     pub template_data: TemplateData,
diff --git a/src/log/parser.rs b/src/log/parser.rs
index db15aa1..8a413d2 100644
--- a/src/log/parser.rs
+++ b/src/log/parser.rs
@@ -24,13 +24,11 @@ use std::io::Read;
 use crate::error::{Error, Result};
 use crate::hash::HashAlgorithm;
 
+use super::IMA_EVENT_NAME_LEN_MAX;
 use super::event::Event;
 use super::template::{
-    Digest, ImaBufEntry, ImaEntry, ImaNgEntry, ImaSigEntry, TemplateData, TemplateField,
-};
-use super::{
-    IMA_BUF_TEMPLATE_NAME, IMA_EVENT_NAME_LEN_MAX, IMA_NG_TEMPLATE_NAME, IMA_SIG_TEMPLATE_NAME,
-    IMA_TEMPLATE_NAME,
+    Digest, DigestType, DigestV2, EvmSigEntry, ImaBufEntry, ImaEntry, ImaModsigEntry, ImaNgEntry,
+    ImaNgV2Entry, ImaSigEntry, ImaSigV2Entry, Template, TemplateData, TemplateField,
 };
 
 /// Byte order of the integer fields in the binary log.
@@ -223,9 +221,10 @@ impl<R: Read> EventLogParser<R> {
         let template_name = String::from_utf8(name_bytes).map_err(|_| Error::InvalidUtf8 {
             context: "template name",
         })?;
+        let template = Template::parse(&template_name);
 
         // 4) Template data length (suppressed for the legacy "ima" template).
-        let (template_data_raw, template_data) = if template_name == IMA_TEMPLATE_NAME {
+        let (template_data_raw, template_data) = if template == Template::Ima {
             // Legacy `ima` template: 20-byte digest + 256-byte padded name.
             let raw = self.read_vec(20 + IMA_EVENT_NAME_LEN_MAX + 1, "ima template data")?;
             let entry = decode_legacy_ima(&raw)?;
@@ -238,14 +237,14 @@ impl<R: Read> EventLogParser<R> {
                     context: "template data length",
                 })? as usize;
             let raw = self.read_vec(data_len, "template data")?;
-            let decoded = decode_generic(&template_name, &raw)?;
+            let decoded = decode_generic(&template, &raw)?;
             (raw, decoded)
         };
 
         Ok(Some(Event {
             pcr_index,
             template_hash,
-            template_name,
+            template,
             template_data,
             template_data_raw,
         }))
@@ -302,12 +301,16 @@ fn decode_legacy_ima(raw: &[u8]) -> Result<ImaEntry> {
     Ok(ImaEntry { digest, filename })
 }
 
-fn decode_generic(template_name: &str, raw: &[u8]) -> Result<TemplateData> {
+fn decode_generic(template: &Template, raw: &[u8]) -> Result<TemplateData> {
     let fields = split_fields(raw)?;
-    let decoded = match template_name {
-        n if n == IMA_NG_TEMPLATE_NAME => decode_ima_ng(&fields)?,
-        n if n == IMA_SIG_TEMPLATE_NAME => decode_ima_sig(&fields)?,
-        n if n == IMA_BUF_TEMPLATE_NAME => decode_ima_buf(&fields)?,
+    let decoded = match template {
+        Template::ImaNg => decode_ima_ng(&fields)?,
+        Template::ImaSig => decode_ima_sig(&fields)?,
+        Template::ImaBuf => decode_ima_buf(&fields)?,
+        Template::ImaModsig => decode_ima_modsig(&fields)?,
+        Template::ImaNgV2 => decode_ima_ngv2(&fields)?,
+        Template::ImaSigV2 => decode_ima_sigv2(&fields)?,
+        Template::EvmSig => decode_evm_sig(&fields)?,
         _ => TemplateData::Unknown(
             fields
                 .into_iter()
@@ -318,6 +321,69 @@ fn decode_generic(template_name: &str, raw: &[u8]) -> Result<TemplateData> {
     Ok(decoded)
 }
 
+fn decode_ima_ngv2(fields: &[Vec<u8>]) -> Result<TemplateData> {
+    if fields.len() != 2 {
+        return Err(Error::parse(format!(
+            "ima-ngv2 expects 2 fields, got {}",
+            fields.len()
+        )));
+    }
+    Ok(TemplateData::ImaNgV2(ImaNgV2Entry {
+        digest: decode_d_ngv2(&fields[0])?,
+        filename: decode_n_ng(&fields[1])?,
+    }))
+}
+
+fn decode_ima_sigv2(fields: &[Vec<u8>]) -> Result<TemplateData> {
+    if fields.len() != 3 {
+        return Err(Error::parse(format!(
+            "ima-sigv2 expects 3 fields, got {}",
+            fields.len()
+        )));
+    }
+    Ok(TemplateData::ImaSigV2(ImaSigV2Entry {
+        digest: decode_d_ngv2(&fields[0])?,
+        filename: decode_n_ng(&fields[1])?,
+        signature: fields[2].clone(),
+    }))
+}
+
+fn decode_ima_modsig(fields: &[Vec<u8>]) -> Result<TemplateData> {
+    if fields.len() != 5 {
+        return Err(Error::parse(format!(
+            "ima-modsig expects 5 fields, got {}",
+            fields.len()
+        )));
+    }
+    Ok(TemplateData::ImaModsig(ImaModsigEntry {
+        digest: decode_d_ng(&fields[0])?,
+        filename: decode_n_ng(&fields[1])?,
+        signature: fields[2].clone(),
+        modsig_digest: fields[3].clone(),
+        modsig: fields[4].clone(),
+    }))
+}
+
+fn decode_evm_sig(fields: &[Vec<u8>]) -> Result<TemplateData> {
+    if fields.len() != 9 {
+        return Err(Error::parse(format!(
+            "evm-sig expects 9 fields, got {}",
+            fields.len()
+        )));
+    }
+    Ok(TemplateData::EvmSig(EvmSigEntry {
+        digest: decode_d_ng(&fields[0])?,
+        filename: decode_n_ng(&fields[1])?,
+        evmsig: fields[2].clone(),
+        xattrnames: decode_n_ng(&fields[3])?,
+        xattrlengths: fields[4].clone(),
+        xattrvalues: fields[5].clone(),
+        iuid: parse_u32_le(&fields[6], "evm-sig iuid")?,
+        igid: parse_u32_le(&fields[7], "evm-sig igid")?,
+        imode: parse_u16_le(&fields[8], "evm-sig imode")?,
+    }))
+}
+
 /// Decode the framed `template_data` into a plain list of field payloads.
 ///
 /// Each field is `<u32 LE length> || <bytes>`. We always use little-endian
@@ -353,6 +419,7 @@ fn split_fields(raw: &[u8]) -> Result<Vec<Vec<u8>>> {
     Ok(fields)
 }
 
+/// Decode an `ima-ng` field: `d-ng | n-ng`.
 fn decode_ima_ng(fields: &[Vec<u8>]) -> Result<TemplateData> {
     if fields.len() != 2 {
         return Err(Error::parse(format!(
@@ -365,6 +432,7 @@ fn decode_ima_ng(fields: &[Vec<u8>]) -> Result<TemplateData> {
     Ok(TemplateData::ImaNg(ImaNgEntry { digest, filename }))
 }
 
+/// Decode an `ima-sig` field: `d-ng | n-ng | sig`.
 fn decode_ima_sig(fields: &[Vec<u8>]) -> Result<TemplateData> {
     if fields.len() != 3 {
         return Err(Error::parse(format!(
@@ -382,6 +450,7 @@ fn decode_ima_sig(fields: &[Vec<u8>]) -> Result<TemplateData> {
     }))
 }
 
+/// Decode an `ima-buf` field: `d-ng | n-ng | buf`.
 fn decode_ima_buf(fields: &[Vec<u8>]) -> Result<TemplateData> {
     if fields.len() != 3 {
         return Err(Error::parse(format!(
@@ -423,6 +492,64 @@ pub(crate) fn decode_d_ng(raw: &[u8]) -> Result<Digest> {
     Ok(Digest::new(algo, digest_bytes))
 }
 
+/// Decode a `d-ngv2` field: `<digest_type> ":" <algo_name> ":" "\0" <digest_bytes>`.
+pub(crate) fn decode_d_ngv2(raw: &[u8]) -> Result<DigestV2> {
+    let sep = raw
+        .iter()
+        .position(|b| *b == 0)
+        .ok_or_else(|| Error::parse("d-ngv2 field missing NUL separator"))?;
+    if sep == 0 || raw[sep - 1] != b':' {
+        return Err(Error::parse("d-ngv2 field missing ':\\0' separator"));
+    }
+    let header = std::str::from_utf8(&raw[..sep - 1]).map_err(|_| Error::InvalidUtf8 {
+        context: "d-ngv2 header",
+    })?;
+    let mut parts = header.splitn(2, ':');
+    let digest_type = DigestType::parse(
+        parts
+            .next()
+            .ok_or_else(|| Error::parse("d-ngv2 missing digest type"))?,
+    );
+    let algo_name = parts
+        .next()
+        .ok_or_else(|| Error::parse("d-ngv2 missing hash algorithm"))?;
+    let algo = HashAlgorithm::from_name(algo_name)?;
+    let digest_bytes = raw[sep + 1..].to_vec();
+    if digest_bytes.len() != algo.digest_size() {
+        return Err(Error::InvalidLength {
+            value: digest_bytes.len() as u64,
+            limit: algo.digest_size() as u64,
+            context: "d-ngv2 digest",
+        });
+    }
+    Ok(DigestV2 {
+        digest_type,
+        digest: Digest::new(algo, digest_bytes),
+    })
+}
+
+fn parse_u32_le(raw: &[u8], context: &'static str) -> Result<u32> {
+    if raw.len() != 4 {
+        return Err(Error::InvalidLength {
+            value: raw.len() as u64,
+            limit: 4,
+            context,
+        });
+    }
+    Ok(u32::from_le_bytes([raw[0], raw[1], raw[2], raw[3]]))
+}
+
+fn parse_u16_le(raw: &[u8], context: &'static str) -> Result<u16> {
+    if raw.len() != 2 {
+        return Err(Error::InvalidLength {
+            value: raw.len() as u64,
+            limit: 2,
+            context,
+        });
+    }
+    Ok(u16::from_le_bytes([raw[0], raw[1]]))
+}
+
 /// Decode an `n-ng` field: `<utf-8 bytes> \0`.
 pub(crate) fn decode_n_ng(raw: &[u8]) -> Result<String> {
     // Drop the trailing nul if any.
@@ -437,59 +564,470 @@ pub(crate) fn decode_n_ng(raw: &[u8]) -> Result<String> {
 mod tests {
     use super::*;
 
+    // ---------------- helpers ----------------
+
+    fn d_ng_field(algo: HashAlgorithm, digest: &[u8]) -> Vec<u8> {
+        let mut v = Vec::new();
+        v.extend_from_slice(algo.name().as_bytes());
+        v.push(b':');
+        v.push(0);
+        v.extend_from_slice(digest);
+        v
+    }
+
+    fn d_ngv2_field(dtype: &str, algo: HashAlgorithm, digest: &[u8]) -> Vec<u8> {
+        let mut v = Vec::new();
+        v.extend_from_slice(dtype.as_bytes());
+        v.push(b':');
+        v.extend_from_slice(algo.name().as_bytes());
+        v.push(b':');
+        v.push(0);
+        v.extend_from_slice(digest);
+        v
+    }
+
+    fn n_ng_field(name: &str) -> Vec<u8> {
+        let mut v = Vec::new();
+        v.extend_from_slice(name.as_bytes());
+        v.push(0);
+        v
+    }
+
+    fn frame_fields(fields: &[&[u8]]) -> Vec<u8> {
+        let mut v = Vec::new();
+        for f in fields {
+            v.extend_from_slice(&(f.len() as u32).to_le_bytes());
+            v.extend_from_slice(f);
+        }
+        v
+    }
+
+    fn build_event(pcr: u32, template_hash: &[u8], name: &str, td: &[u8]) -> Vec<u8> {
+        let mut v = Vec::new();
+        v.extend_from_slice(&pcr.to_le_bytes());
+        v.extend_from_slice(template_hash);
+        v.extend_from_slice(&(name.len() as u32).to_le_bytes());
+        v.extend_from_slice(name.as_bytes());
+        v.extend_from_slice(&(td.len() as u32).to_le_bytes());
+        v.extend_from_slice(td);
+        v
+    }
+
+    // ---------------- Endianness ----------------
+
+    #[test]
+    fn endianness_u32_from_little() {
+        assert_eq!(
+            Endianness::Little.u32_from([0x01, 0x02, 0x03, 0x04]),
+            0x04030201
+        );
+    }
+
+    #[test]
+    fn endianness_u32_from_big() {
+        assert_eq!(
+            Endianness::Big.u32_from([0x01, 0x02, 0x03, 0x04]),
+            0x01020304
+        );
+    }
+
+    #[test]
+    fn endianness_u32_from_native() {
+        let bytes = 0xDEADBEEFu32.to_ne_bytes();
+        assert_eq!(Endianness::Native.u32_from(bytes), 0xDEADBEEF);
+    }
+
+    #[test]
+    fn endianness_default_is_little() {
+        assert_eq!(Endianness::default(), Endianness::Little);
+    }
+
+    // ---------------- ParseOptions ----------------
+
+    #[test]
+    fn parse_options_default() {
+        let opts = ParseOptions::default();
+        assert_eq!(opts.endianness(), Endianness::Little);
+        assert_eq!(opts.template_hash_algorithm(), HashAlgorithm::Sha1);
+        assert_eq!(opts.max_field_len, 16 * 1024 * 1024);
+    }
+
+    #[test]
+    fn parse_options_builders() {
+        let opts = ParseOptions::default()
+            .with_endianness(Endianness::Big)
+            .with_template_hash_algorithm(HashAlgorithm::Sha256)
+            .with_max_field_len(64);
+        assert_eq!(opts.endianness(), Endianness::Big);
+        assert_eq!(opts.template_hash_algorithm(), HashAlgorithm::Sha256);
+        assert_eq!(opts.max_field_len, 64);
+    }
+
+    // ---------------- decode_d_ng ----------------
+
     #[test]
     fn decode_d_ng_sha1() {
-        // "sha1" + ":" + "\0" + 20 bytes
-        let mut raw = Vec::new();
-        raw.extend_from_slice(b"sha1");
-        raw.push(b':');
-        raw.push(0);
-        raw.extend_from_slice(&[0xAB; 20]);
+        let raw = d_ng_field(HashAlgorithm::Sha1, &[0xAB; 20]);
         let d = decode_d_ng(&raw).unwrap();
         assert_eq!(d.algorithm, HashAlgorithm::Sha1);
         assert_eq!(d.bytes, vec![0xAB; 20]);
     }
 
+    #[test]
+    fn decode_d_ng_sha256() {
+        let raw = d_ng_field(HashAlgorithm::Sha256, &[0x42; 32]);
+        let d = decode_d_ng(&raw).unwrap();
+        assert_eq!(d.algorithm, HashAlgorithm::Sha256);
+        assert_eq!(d.bytes, vec![0x42; 32]);
+    }
+
+    #[test]
+    fn decode_d_ng_too_short() {
+        assert!(matches!(decode_d_ng(b"abc"), Err(Error::Parse(_))));
+    }
+
+    #[test]
+    fn decode_d_ng_missing_nul() {
+        let raw = b"sha1:abcdefghijklmnopqrst";
+        assert!(matches!(decode_d_ng(raw), Err(Error::Parse(_))));
+    }
+
+    #[test]
+    fn decode_d_ng_missing_colon_before_nul() {
+        // "sha1\0<digest>" without the ':' before NUL.
+        let mut raw = Vec::from(*b"sha1");
+        raw.push(0);
+        raw.extend_from_slice(&[0xAA; 20]);
+        assert!(matches!(decode_d_ng(&raw), Err(Error::Parse(_))));
+    }
+
+    #[test]
+    fn decode_d_ng_unknown_algo() {
+        let mut raw = Vec::from(*b"bogus");
+        raw.push(b':');
+        raw.push(0);
+        raw.extend_from_slice(&[0; 20]);
+        assert!(matches!(
+            decode_d_ng(&raw),
+            Err(Error::UnknownHashAlgorithm(_))
+        ));
+    }
+
+    #[test]
+    fn decode_d_ng_wrong_digest_length() {
+        // sha256 expects 32 bytes; supply 10.
+        let raw = d_ng_field(HashAlgorithm::Sha256, &[0; 10]);
+        assert!(matches!(
+            decode_d_ng(&raw),
+            Err(Error::InvalidLength { .. })
+        ));
+    }
+
+    #[test]
+    fn decode_d_ng_invalid_utf8_algo() {
+        let mut raw = vec![0xFF, 0xFE];
+        raw.push(b':');
+        raw.push(0);
+        raw.extend_from_slice(&[0; 20]);
+        assert!(matches!(decode_d_ng(&raw), Err(Error::InvalidUtf8 { .. })));
+    }
+
+    // ---------------- decode_d_ngv2 ----------------
+
+    #[test]
+    fn decode_d_ngv2_ima_sha256() {
+        let raw = d_ngv2_field("ima", HashAlgorithm::Sha256, &[0x11; 32]);
+        let d = decode_d_ngv2(&raw).unwrap();
+        assert_eq!(d.digest_type, DigestType::Ima);
+        assert_eq!(d.digest.algorithm, HashAlgorithm::Sha256);
+        assert_eq!(d.digest.bytes, vec![0x11; 32]);
+    }
+
+    #[test]
+    fn decode_d_ngv2_verity_sha512() {
+        let raw = d_ngv2_field("verity", HashAlgorithm::Sha512, &[0x22; 64]);
+        let d = decode_d_ngv2(&raw).unwrap();
+        assert_eq!(d.digest_type, DigestType::Verity);
+        assert_eq!(d.digest.algorithm, HashAlgorithm::Sha512);
+        assert_eq!(d.digest.bytes, vec![0x22; 64]);
+    }
+
+    #[test]
+    fn decode_d_ngv2_other_digest_type() {
+        let raw = d_ngv2_field("future", HashAlgorithm::Sha1, &[0x33; 20]);
+        let d = decode_d_ngv2(&raw).unwrap();
+        assert_eq!(d.digest_type, DigestType::Other("future".to_owned()));
+    }
+
+    #[test]
+    fn decode_d_ngv2_roundtrip_with_encoder() {
+        // Verify the decoder accepts what encode_d_ngv2 produces.
+        let dv2 = DigestV2 {
+            digest_type: DigestType::Ima,
+            digest: Digest::new(HashAlgorithm::Sha256, vec![0x55; 32]),
+        };
+        let encoded = crate::log::template_hash::encode_d_ngv2(&dv2);
+        assert_eq!(decode_d_ngv2(&encoded).unwrap(), dv2);
+    }
+
+    #[test]
+    fn decode_d_ngv2_missing_nul() {
+        // No NUL anywhere.
+        let raw = b"ima:sha256:abcdef";
+        assert!(matches!(decode_d_ngv2(raw), Err(Error::Parse(_))));
+    }
+
+    #[test]
+    fn decode_d_ngv2_missing_colon_before_nul() {
+        // "ima:sha256\0<digest>" — last colon is missing.
+        let mut raw = Vec::from(*b"ima:sha256");
+        raw.push(0);
+        raw.extend_from_slice(&[0; 32]);
+        assert!(matches!(decode_d_ngv2(&raw), Err(Error::Parse(_))));
+    }
+
+    #[test]
+    fn decode_d_ngv2_nul_at_start() {
+        let mut raw = Vec::new();
+        raw.push(0);
+        raw.extend_from_slice(&[0; 32]);
+        assert!(matches!(decode_d_ngv2(&raw), Err(Error::Parse(_))));
+    }
+
+    #[test]
+    fn decode_d_ngv2_no_inner_colon() {
+        // "ima:\0<digest>" — only one colon, so no algo name.
+        let mut raw = Vec::from(*b"ima:");
+        raw.push(0);
+        raw.extend_from_slice(&[0; 32]);
+        assert!(matches!(decode_d_ngv2(&raw), Err(Error::Parse(_))));
+    }
+
+    #[test]
+    fn decode_d_ngv2_unknown_algo() {
+        let mut raw = b"ima:bogus:".to_vec();
+        raw.push(0);
+        raw.extend_from_slice(&[0; 20]);
+        assert!(matches!(
+            decode_d_ngv2(&raw),
+            Err(Error::UnknownHashAlgorithm(_))
+        ));
+    }
+
+    #[test]
+    fn decode_d_ngv2_wrong_digest_length() {
+        let raw = d_ngv2_field("ima", HashAlgorithm::Sha256, &[0; 8]);
+        assert!(matches!(
+            decode_d_ngv2(&raw),
+            Err(Error::InvalidLength { .. })
+        ));
+    }
+
+    #[test]
+    fn decode_d_ngv2_invalid_utf8_header() {
+        let mut raw = vec![0xFF, b':', b'x', b':'];
+        raw.push(0);
+        raw.extend_from_slice(&[0; 20]);
+        assert!(matches!(
+            decode_d_ngv2(&raw),
+            Err(Error::InvalidUtf8 { .. })
+        ));
+    }
+
+    // ---------------- decode_n_ng ----------------
+
     #[test]
     fn decode_n_ng_strips_nul() {
-        let raw = b"/usr/bin/ls\0";
-        assert_eq!(decode_n_ng(raw).unwrap(), "/usr/bin/ls");
+        assert_eq!(decode_n_ng(b"/usr/bin/ls\0").unwrap(), "/usr/bin/ls");
     }
 
     #[test]
-    fn parse_ima_ng_roundtrip() {
-        // Construct a single ima-ng event by hand.
-        let digest = [0xCDu8; 20];
-        let mut d_ng = Vec::new();
-        d_ng.extend_from_slice(b"sha1");
-        d_ng.push(b':');
-        d_ng.push(0);
-        d_ng.extend_from_slice(&digest);
+    fn decode_n_ng_no_trailing_nul() {
+        assert_eq!(decode_n_ng(b"/etc/hosts").unwrap(), "/etc/hosts");
+    }
+
+    #[test]
+    fn decode_n_ng_empty() {
+        assert_eq!(decode_n_ng(b"").unwrap(), "");
+    }
+
+    #[test]
+    fn decode_n_ng_invalid_utf8() {
+        assert!(matches!(
+            decode_n_ng(&[0xFF, 0xFE, 0]),
+            Err(Error::InvalidUtf8 { .. })
+        ));
+    }
+
+    // ---------------- parse_u32_le / parse_u16_le ----------------
+
+    #[test]
+    fn parse_u32_le_ok() {
+        assert_eq!(
+            parse_u32_le(&[0x01, 0x02, 0x03, 0x04], "ctx").unwrap(),
+            0x04030201
+        );
+    }
+
+    #[test]
+    fn parse_u32_le_wrong_length() {
+        assert!(matches!(
+            parse_u32_le(&[0x01, 0x02], "ctx"),
+            Err(Error::InvalidLength { .. })
+        ));
+    }
+
+    #[test]
+    fn parse_u16_le_ok() {
+        assert_eq!(parse_u16_le(&[0xCD, 0xAB], "ctx").unwrap(), 0xABCD);
+    }
+
+    #[test]
+    fn parse_u16_le_wrong_length() {
+        assert!(matches!(
+            parse_u16_le(&[0x01], "ctx"),
+            Err(Error::InvalidLength { .. })
+        ));
+    }
 
-        let mut n_ng = Vec::new();
-        n_ng.extend_from_slice(b"/etc/hosts");
-        n_ng.push(0);
+    // ---------------- split_fields ----------------
 
+    #[test]
+    fn split_fields_empty() {
+        assert!(split_fields(&[]).unwrap().is_empty());
+    }
+
+    #[test]
+    fn split_fields_single() {
+        let raw = frame_fields(&[b"hello"]);
+        let f = split_fields(&raw).unwrap();
+        assert_eq!(f, vec![b"hello".to_vec()]);
+    }
+
+    #[test]
+    fn split_fields_multiple() {
+        let raw = frame_fields(&[b"abc", b"", b"defg"]);
+        let f = split_fields(&raw).unwrap();
+        assert_eq!(f, vec![b"abc".to_vec(), Vec::<u8>::new(), b"defg".to_vec()]);
+    }
+
+    #[test]
+    fn split_fields_truncated_length_header() {
+        // Only 2 bytes where 4 are needed.
+        assert!(matches!(
+            split_fields(&[0x01, 0x00]),
+            Err(Error::UnexpectedEof { .. })
+        ));
+    }
+
+    #[test]
+    fn split_fields_truncated_body() {
+        // length says 10 but only 2 body bytes are present.
+        let mut raw = 10u32.to_le_bytes().to_vec();
+        raw.extend_from_slice(&[0xAA, 0xBB]);
+        assert!(matches!(
+            split_fields(&raw),
+            Err(Error::UnexpectedEof { .. })
+        ));
+    }
+
+    // ---------------- decode_legacy_ima ----------------
+
+    #[test]
+    fn decode_legacy_ima_ok() {
         let mut td = Vec::new();
-        td.extend_from_slice(&(d_ng.len() as u32).to_le_bytes());
-        td.extend_from_slice(&d_ng);
-        td.extend_from_slice(&(n_ng.len() as u32).to_le_bytes());
-        td.extend_from_slice(&n_ng);
+        td.extend_from_slice(&[0xAA; 20]);
+        let mut name = [0u8; IMA_EVENT_NAME_LEN_MAX + 1];
+        name[..5].copy_from_slice(b"/init");
+        td.extend_from_slice(&name);
+        let entry = decode_legacy_ima(&td).unwrap();
+        assert_eq!(entry.digest, [0xAA; 20]);
+        assert_eq!(entry.filename, "/init");
+    }
 
-        let mut event = Vec::new();
-        event.extend_from_slice(&10u32.to_le_bytes()); // pcr
-        event.extend_from_slice(&[0xEE; 20]); // template hash (sha1 sized)
-        event.extend_from_slice(&(b"ima-ng".len() as u32).to_le_bytes());
-        event.extend_from_slice(b"ima-ng");
-        event.extend_from_slice(&(td.len() as u32).to_le_bytes());
-        event.extend_from_slice(&td);
+    #[test]
+    fn decode_legacy_ima_wrong_length() {
+        assert!(matches!(
+            decode_legacy_ima(&[0; 10]),
+            Err(Error::InvalidLength { .. })
+        ));
+    }
+
+    #[test]
+    fn decode_legacy_ima_invalid_utf8_name() {
+        let mut td = vec![0u8; 20];
+        let mut name = [0u8; IMA_EVENT_NAME_LEN_MAX + 1];
+        name[0] = 0xFF;
+        name[1] = 0xFE;
+        td.extend_from_slice(&name);
+        assert!(matches!(
+            decode_legacy_ima(&td),
+            Err(Error::InvalidUtf8 { .. })
+        ));
+    }
+
+    // ---------------- per-template field-count errors ----------------
+
+    #[test]
+    fn decode_ima_ng_wrong_field_count() {
+        let only_one = vec![b"a".to_vec()];
+        assert!(matches!(decode_ima_ng(&only_one), Err(Error::Parse(_))));
+    }
+
+    #[test]
+    fn decode_ima_sig_wrong_field_count() {
+        let two = vec![b"a".to_vec(), b"b".to_vec()];
+        assert!(matches!(decode_ima_sig(&two), Err(Error::Parse(_))));
+    }
+
+    #[test]
+    fn decode_ima_buf_wrong_field_count() {
+        let two = vec![b"a".to_vec(), b"b".to_vec()];
+        assert!(matches!(decode_ima_buf(&two), Err(Error::Parse(_))));
+    }
 
-        let parser = EventLogParser::new(event.as_slice(), ParseOptions::default());
-        let events: Vec<_> = parser.collect::<Result<Vec<_>>>().unwrap();
+    #[test]
+    fn decode_ima_modsig_wrong_field_count() {
+        let four = vec![Vec::new(); 4];
+        assert!(matches!(decode_ima_modsig(&four), Err(Error::Parse(_))));
+    }
+
+    #[test]
+    fn decode_ima_ngv2_wrong_field_count() {
+        let one = vec![Vec::<u8>::new()];
+        assert!(matches!(decode_ima_ngv2(&one), Err(Error::Parse(_))));
+    }
+
+    #[test]
+    fn decode_ima_sigv2_wrong_field_count() {
+        let two = vec![Vec::<u8>::new(); 2];
+        assert!(matches!(decode_ima_sigv2(&two), Err(Error::Parse(_))));
+    }
+
+    #[test]
+    fn decode_evm_sig_wrong_field_count() {
+        let three = vec![Vec::<u8>::new(); 3];
+        assert!(matches!(decode_evm_sig(&three), Err(Error::Parse(_))));
+    }
+
+    // ---------------- end-to-end roundtrips ----------------
+
+    #[test]
+    fn parse_ima_ng_roundtrip() {
+        let digest = [0xCDu8; 20];
+        let td = frame_fields(&[
+            &d_ng_field(HashAlgorithm::Sha1, &digest),
+            &n_ng_field("/etc/hosts"),
+        ]);
+        let event = build_event(10, &[0xEE; 20], "ima-ng", &td);
+
+        let events: Vec<_> = EventLogParser::new(event.as_slice(), ParseOptions::default())
+            .collect::<Result<Vec<_>>>()
+            .unwrap();
         assert_eq!(events.len(), 1);
         let ev = &events[0];
         assert_eq!(ev.pcr_index, 10);
-        assert_eq!(ev.template_name, "ima-ng");
+        assert_eq!(ev.template, Template::ImaNg);
         match &ev.template_data {
             TemplateData::ImaNg(e) => {
                 assert_eq!(e.filename, "/etc/hosts");
@@ -508,6 +1046,7 @@ mod tests {
         name[..5].copy_from_slice(b"/init");
         td.extend_from_slice(&name);
 
+        // Legacy "ima" template has no template_data length prefix.
         let mut event = Vec::new();
         event.extend_from_slice(&10u32.to_le_bytes());
         event.extend_from_slice(&[0x22; 20]);
@@ -527,4 +1066,279 @@ mod tests {
             other => panic!("expected Ima, got {:?}", other),
         }
     }
+
+    #[test]
+    fn parse_ima_sig_roundtrip() {
+        let digest = [0xABu8; 32];
+        let sig = b"signature-bytes";
+        let td = frame_fields(&[
+            &d_ng_field(HashAlgorithm::Sha256, &digest),
+            &n_ng_field("/bin/sh"),
+            sig,
+        ]);
+        let event = build_event(7, &[0; 20], "ima-sig", &td);
+        let ev = EventLogParser::new(event.as_slice(), ParseOptions::default())
+            .next()
+            .unwrap()
+            .unwrap();
+        match ev.template_data {
+            TemplateData::ImaSig(e) => {
+                assert_eq!(e.filename, "/bin/sh");
+                assert_eq!(e.digest.algorithm, HashAlgorithm::Sha256);
+                assert_eq!(e.digest.bytes, digest);
+                assert_eq!(e.signature, sig);
+            }
+            other => panic!("expected ImaSig, got {:?}", other),
+        }
+    }
+
+    #[test]
+    fn parse_ima_buf_roundtrip() {
+        let digest = [0x44u8; 20];
+        let buf = b"opaque-buffer-payload";
+        let td = frame_fields(&[
+            &d_ng_field(HashAlgorithm::Sha1, &digest),
+            &n_ng_field(".builtin_trusted_keys"),
+            buf,
+        ]);
+        let event = build_event(11, &[0; 20], "ima-buf", &td);
+        let ev = EventLogParser::new(event.as_slice(), ParseOptions::default())
+            .next()
+            .unwrap()
+            .unwrap();
+        match ev.template_data {
+            TemplateData::ImaBuf(e) => {
+                assert_eq!(e.name, ".builtin_trusted_keys");
+                assert_eq!(e.buf, buf);
+                assert_eq!(e.digest.bytes, digest);
+            }
+            other => panic!("expected ImaBuf, got {:?}", other),
+        }
+    }
+
+    #[test]
+    fn parse_ima_modsig_roundtrip() {
+        let digest = [0x55u8; 20];
+        let sig = b"sig";
+        let modsig_d = b"modsig-digest";
+        let modsig = b"modsig-payload";
+        let td = frame_fields(&[
+            &d_ng_field(HashAlgorithm::Sha1, &digest),
+            &n_ng_field("/lib/modules/x.ko"),
+            sig,
+            modsig_d,
+            modsig,
+        ]);
+        let event = build_event(12, &[0; 20], "ima-modsig", &td);
+        let ev = EventLogParser::new(event.as_slice(), ParseOptions::default())
+            .next()
+            .unwrap()
+            .unwrap();
+        match ev.template_data {
+            TemplateData::ImaModsig(e) => {
+                assert_eq!(e.filename, "/lib/modules/x.ko");
+                assert_eq!(e.signature, sig);
+                assert_eq!(e.modsig_digest, modsig_d);
+                assert_eq!(e.modsig, modsig);
+                assert_eq!(e.digest.bytes, digest);
+            }
+            other => panic!("expected ImaModsig, got {:?}", other),
+        }
+    }
+
+    #[test]
+    fn parse_ima_ngv2_roundtrip() {
+        let digest = [0x66u8; 32];
+        let td = frame_fields(&[
+            &d_ngv2_field("ima", HashAlgorithm::Sha256, &digest),
+            &n_ng_field("/usr/bin/ls"),
+        ]);
+        let event = build_event(10, &[0; 20], "ima-ngv2", &td);
+        let ev = EventLogParser::new(event.as_slice(), ParseOptions::default())
+            .next()
+            .unwrap()
+            .unwrap();
+        match ev.template_data {
+            TemplateData::ImaNgV2(e) => {
+                assert_eq!(e.filename, "/usr/bin/ls");
+                assert_eq!(e.digest.digest_type, DigestType::Ima);
+                assert_eq!(e.digest.digest.algorithm, HashAlgorithm::Sha256);
+                assert_eq!(e.digest.digest.bytes, digest);
+            }
+            other => panic!("expected ImaNgV2, got {:?}", other),
+        }
+    }
+
+    #[test]
+    fn parse_ima_sigv2_roundtrip() {
+        let digest = [0x77u8; 32];
+        let sig = b"sigv2";
+        let td = frame_fields(&[
+            &d_ngv2_field("verity", HashAlgorithm::Sha256, &digest),
+            &n_ng_field("/etc/passwd"),
+            sig,
+        ]);
+        let event = build_event(10, &[0; 20], "ima-sigv2", &td);
+        let ev = EventLogParser::new(event.as_slice(), ParseOptions::default())
+            .next()
+            .unwrap()
+            .unwrap();
+        match ev.template_data {
+            TemplateData::ImaSigV2(e) => {
+                assert_eq!(e.filename, "/etc/passwd");
+                assert_eq!(e.digest.digest_type, DigestType::Verity);
+                assert_eq!(e.signature, sig);
+            }
+            other => panic!("expected ImaSigV2, got {:?}", other),
+        }
+    }
+
+    #[test]
+    fn parse_evm_sig_roundtrip() {
+        let digest = [0x88u8; 20];
+        let td = frame_fields(&[
+            &d_ng_field(HashAlgorithm::Sha1, &digest),
+            &n_ng_field("/var/log/messages"),
+            b"evm-sig-bytes",
+            &n_ng_field("user.foo\0user.bar"),
+            b"\x01\x02\x03",
+            b"\xAA\xBB",
+            &1234u32.to_le_bytes(),
+            &5678u32.to_le_bytes(),
+            &0o644u16.to_le_bytes(),
+        ]);
+        let event = build_event(10, &[0; 20], "evm-sig", &td);
+        let ev = EventLogParser::new(event.as_slice(), ParseOptions::default())
+            .next()
+            .unwrap()
+            .unwrap();
+        match ev.template_data {
+            TemplateData::EvmSig(e) => {
+                assert_eq!(e.filename, "/var/log/messages");
+                assert_eq!(e.iuid, 1234);
+                assert_eq!(e.igid, 5678);
+                assert_eq!(e.imode, 0o644);
+                assert_eq!(e.evmsig, b"evm-sig-bytes");
+            }
+            other => panic!("expected EvmSig, got {:?}", other),
+        }
+    }
+
+    #[test]
+    fn parse_unknown_template_preserves_raw_fields() {
+        let td = frame_fields(&[b"alpha", b"beta", b"gamma"]);
+        let event = build_event(10, &[0; 20], "exotic-template", &td);
+        let ev = EventLogParser::new(event.as_slice(), ParseOptions::default())
+            .next()
+            .unwrap()
+            .unwrap();
+        assert_eq!(ev.template, Template::Other("exotic-template".to_owned()));
+        match ev.template_data {
+            TemplateData::Unknown(fields) => {
+                let datas: Vec<&[u8]> = fields.iter().map(|f| f.data.as_slice()).collect();
+                assert_eq!(datas, vec![&b"alpha"[..], &b"beta"[..], &b"gamma"[..]]);
+            }
+            other => panic!("expected Unknown, got {:?}", other),
+        }
+    }
+
+    // ---------------- iterator semantics ----------------
+
+    #[test]
+    fn empty_input_yields_no_events() {
+        let events: Vec<_> = EventLogParser::new(&[][..], ParseOptions::default())
+            .collect::<Result<Vec<_>>>()
+            .unwrap();
+        assert!(events.is_empty());
+    }
+
+    #[test]
+    fn truncated_record_is_unexpected_eof() {
+        // Just a 2-byte sliver where the PCR header (4 bytes) was expected.
+        let mut p = EventLogParser::new(&[0x01, 0x02][..], ParseOptions::default());
+        match p.next() {
+            Some(Err(Error::UnexpectedEof { .. })) => {}
+            other => panic!("expected UnexpectedEof, got {:?}", other),
+        }
+        // After an error the iterator must be fused.
+        assert!(p.next().is_none());
+    }
+
+    #[test]
+    fn truncated_template_hash_errors() {
+        // Valid PCR but template_hash field cut short.
+        let mut bytes = Vec::new();
+        bytes.extend_from_slice(&10u32.to_le_bytes());
+        bytes.extend_from_slice(&[0xAA; 5]); // sha1 needs 20
+        let mut p = EventLogParser::new(bytes.as_slice(), ParseOptions::default());
+        assert!(matches!(p.next(), Some(Err(Error::UnexpectedEof { .. }))));
+    }
+
+    #[test]
+    fn multiple_events_parsed_in_order() {
+        let d = d_ng_field(HashAlgorithm::Sha1, &[0xAA; 20]);
+        let td = frame_fields(&[&d, &n_ng_field("/a")]);
+        let mut log = build_event(10, &[0; 20], "ima-ng", &td);
+        let td2 = frame_fields(&[&d, &n_ng_field("/b")]);
+        log.extend_from_slice(&build_event(11, &[1; 20], "ima-ng", &td2));
+
+        let events: Vec<_> = EventLogParser::new(log.as_slice(), ParseOptions::default())
+            .collect::<Result<Vec<_>>>()
+            .unwrap();
+        assert_eq!(events.len(), 2);
+        assert_eq!(events[0].pcr_index, 10);
+        assert_eq!(events[1].pcr_index, 11);
+    }
+
+    #[test]
+    fn big_endian_parses_lengths() {
+        // Same record as parse_ima_ng_roundtrip but with the *outer* u32 fields
+        // (PCR, name length, template_data length) encoded big-endian.
+        let digest = [0xCDu8; 20];
+        let td = frame_fields(&[
+            &d_ng_field(HashAlgorithm::Sha1, &digest),
+            &n_ng_field("/etc/hosts"),
+        ]);
+        let mut event = Vec::new();
+        event.extend_from_slice(&10u32.to_be_bytes());
+        event.extend_from_slice(&[0; 20]);
+        event.extend_from_slice(&(b"ima-ng".len() as u32).to_be_bytes());
+        event.extend_from_slice(b"ima-ng");
+        event.extend_from_slice(&(td.len() as u32).to_be_bytes());
+        event.extend_from_slice(&td);
+
+        let opts = ParseOptions::default().with_endianness(Endianness::Big);
+        let events: Vec<_> = EventLogParser::new(event.as_slice(), opts)
+            .collect::<Result<Vec<_>>>()
+            .unwrap();
+        assert_eq!(events.len(), 1);
+        assert_eq!(events[0].pcr_index, 10);
+    }
+
+    #[test]
+    fn max_field_len_caps_allocations() {
+        // Announce a 1 MiB template hash but cap the parser at 32 bytes.
+        let mut bytes = Vec::new();
+        bytes.extend_from_slice(&10u32.to_le_bytes());
+        // The next read is the template hash, which is sized by the algo
+        // (sha512 = 64 bytes). Cap below that to trip the limit.
+        let opts = ParseOptions::default()
+            .with_template_hash_algorithm(HashAlgorithm::Sha512)
+            .with_max_field_len(32);
+        let mut p = EventLogParser::new(bytes.as_slice(), opts);
+        assert!(matches!(p.next(), Some(Err(Error::InvalidLength { .. }))));
+    }
+
+    #[test]
+    fn options_accessor_returns_configured_values() {
+        let opts = ParseOptions::default()
+            .with_endianness(Endianness::Big)
+            .with_template_hash_algorithm(HashAlgorithm::Sha384);
+        let parser = EventLogParser::new(&[][..], opts);
+        assert_eq!(parser.options().endianness(), Endianness::Big);
+        assert_eq!(
+            parser.options().template_hash_algorithm(),
+            HashAlgorithm::Sha384
+        );
+    }
 }
diff --git a/src/log/template.rs b/src/log/template.rs
index 916c636..ae3446a 100644
--- a/src/log/template.rs
+++ b/src/log/template.rs
@@ -21,6 +21,46 @@ pub struct Digest {
     /// Raw digest bytes. Length matches [`HashAlgorithm::digest_size`].
     pub bytes: Vec<u8>,
 }
+/// `d-ngv2` digest prefix: differentiates regular IMA vs fs-verity digests.
+#[derive(Debug, Clone, PartialEq, Eq, Hash)]
+pub enum DigestType {
+    /// `ima` digest type.
+    Ima,
+    /// `verity` digest type.
+    Verity,
+    /// Future/unknown digest type.
+    Other(String),
+}
+
+impl DigestType {
+    /// Parse a digest-type string.
+    #[must_use]
+    pub fn parse(s: &str) -> Self {
+        match s {
+            "ima" => Self::Ima,
+            "verity" => Self::Verity,
+            other => Self::Other(other.to_owned()),
+        }
+    }
+    /// Return canonical digest-type name.
+    #[must_use]
+    pub fn as_str(&self) -> &str {
+        match self {
+            Self::Ima => "ima",
+            Self::Verity => "verity",
+            Self::Other(s) => s,
+        }
+    }
+}
+
+/// Decoded `d-ngv2` value: `<digest_type>:<algorithm>:<digest>`.
+#[derive(Debug, Clone, PartialEq, Eq)]
+pub struct DigestV2 {
+    /// Digest namespace discriminator (`ima` vs `verity`).
+    pub digest_type: DigestType,
+    /// Algorithm-qualified digest payload.
+    pub digest: Digest,
+}
 
 impl Digest {
     /// Convenience constructor.
@@ -104,6 +144,63 @@ pub struct ImaBufEntry {
     /// Raw buffer bytes.
     pub buf: Vec<u8>,
 }
+/// `ima-modsig` payload: `d-ng | n-ng | sig | d-modsig | modsig`.
+#[derive(Debug, Clone, PartialEq, Eq)]
+pub struct ImaModsigEntry {
+    /// File-data digest (`d-ng`).
+    pub digest: Digest,
+    /// Measured file name (`n-ng`).
+    pub filename: String,
+    /// Raw `security.ima` signature (`sig`).
+    pub signature: Vec<u8>,
+    /// Module-signature digest field (`d-modsig`).
+    pub modsig_digest: Vec<u8>,
+    /// Raw appended module signature (`modsig`).
+    pub modsig: Vec<u8>,
+}
+
+/// `ima-ngv2` payload: `d-ngv2 | n-ng`.
+#[derive(Debug, Clone, PartialEq, Eq)]
+pub struct ImaNgV2Entry {
+    /// Typed digest with namespace (`d-ngv2`).
+    pub digest: DigestV2,
+    /// Measured object name (`n-ng`).
+    pub filename: String,
+}
+
+/// `ima-sigv2` payload: `d-ngv2 | n-ng | sig`.
+#[derive(Debug, Clone, PartialEq, Eq)]
+pub struct ImaSigV2Entry {
+    /// Typed digest with namespace (`d-ngv2`).
+    pub digest: DigestV2,
+    /// Measured object name (`n-ng`).
+    pub filename: String,
+    /// Raw `security.ima` signature (`sig`).
+    pub signature: Vec<u8>,
+}
+
+/// `evm-sig` payload as documented by the IMA template specification.
+#[derive(Debug, Clone, PartialEq, Eq)]
+pub struct EvmSigEntry {
+    /// Digest field (`d-ng`).
+    pub digest: Digest,
+    /// Object name (`n-ng`).
+    pub filename: String,
+    /// EVM signature bytes (`evmsig`).
+    pub evmsig: Vec<u8>,
+    /// Serialized xattr-name list (`xattrnames`).
+    pub xattrnames: String,
+    /// Encoded xattr lengths (`xattrlengths`).
+    pub xattrlengths: Vec<u8>,
+    /// Encoded xattr values (`xattrvalues`).
+    pub xattrvalues: Vec<u8>,
+    /// Inode owner uid (`iuid`).
+    pub iuid: u32,
+    /// Inode owner gid (`igid`).
+    pub igid: u32,
+    /// Inode mode bits (`imode`).
+    pub imode: u16,
+}
 
 /// Decoded `template_data` for the built-in IMA templates.
 #[derive(Debug, Clone, PartialEq, Eq)]
@@ -116,7 +213,119 @@ pub enum TemplateData {
     ImaSig(ImaSigEntry),
     /// `ima-buf` template.
     ImaBuf(ImaBufEntry),
+    /// `ima-modsig` template.
+    ImaModsig(ImaModsigEntry),
+    /// `ima-ngv2` template.
+    ImaNgV2(ImaNgV2Entry),
+    /// `ima-sigv2` template.
+    ImaSigV2(ImaSigV2Entry),
+    /// `evm-sig` template.
+    EvmSig(EvmSigEntry),
     /// Any other template: we preserve the per-field raw bytes as they were
     /// framed by `u32 length | data` records on the wire.
     Unknown(Vec<TemplateField>),
 }
+
+/// IMA template identifier.
+#[derive(Debug, Clone, PartialEq, Eq, Hash)]
+pub enum Template {
+    /// Legacy fixed-format template (`ima`).
+    Ima,
+    /// Next-generation digest+name template (`ima-ng`).
+    ImaNg,
+    /// Digest+name+signature template (`ima-sig`).
+    ImaSig,
+    /// Digest+name+buffer template (`ima-buf`).
+    ImaBuf,
+    /// Module-signature-aware template (`ima-modsig`).
+    ImaModsig,
+    /// V2 digest namespace template (`ima-ngv2`).
+    ImaNgV2,
+    /// Signature template using v2 digest field (`ima-sigv2`).
+    ImaSigV2,
+    /// EVM signature template (`evm-sig`).
+    EvmSig,
+    /// Any non built-in template name.
+    Other(String),
+}
+
+impl Template {
+    /// Parse a template name.
+    #[must_use]
+    pub fn parse(s: &str) -> Self {
+        match s {
+            "ima" => Self::Ima,
+            "ima-ng" => Self::ImaNg,
+            "ima-sig" => Self::ImaSig,
+            "ima-buf" => Self::ImaBuf,
+            "ima-modsig" => Self::ImaModsig,
+            "ima-ngv2" => Self::ImaNgV2,
+            "ima-sigv2" => Self::ImaSigV2,
+            "evm-sig" => Self::EvmSig,
+            other => Self::Other(other.to_owned()),
+        }
+    }
+
+    /// Render this template identifier using kernel spelling.
+    #[must_use]
+    pub fn as_str(&self) -> &str {
+        match self {
+            Self::Ima => "ima",
+            Self::ImaNg => "ima-ng",
+            Self::ImaSig => "ima-sig",
+            Self::ImaBuf => "ima-buf",
+            Self::ImaModsig => "ima-modsig",
+            Self::ImaNgV2 => "ima-ngv2",
+            Self::ImaSigV2 => "ima-sigv2",
+            Self::EvmSig => "evm-sig",
+            Self::Other(s) => s,
+        }
+    }
+}
+
+/// Template data field identifiers from the IMA specification.
+#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)]
+pub enum TemplateFieldId {
+    /// `d`
+    D,
+    /// `d-ng`
+    DNg,
+    /// `d-modsig`
+    DModsig,
+    /// `d-ngv2`
+    DNgV2,
+    /// `n`
+    N,
+    /// `n-ng`
+    NNg,
+    /// `sig`
+    Sig,
+    /// `evmsig`
+    EvmSig,
+    /// `buf`
+    Buf,
+    /// `modsig`
+    Modsig,
+    /// `uuid`
+    Uuid,
+    /// `uid`
+    Uid,
+    /// `iuid`
+    Iuid,
+    /// `igid`
+    Igid,
+    /// `imode`
+    Imode,
+    /// `xattrnames`
+    XattrNames,
+    /// `xattrlengths`
+    XattrLengths,
+    /// `xattrvalues`
+    XattrValues,
+}
+
+impl core::fmt::Display for Template {
+    fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
+        f.write_str(self.as_str())
+    }
+}
diff --git a/src/log/template_hash.rs b/src/log/template_hash.rs
index 3cc4dbd..685fbea 100644
--- a/src/log/template_hash.rs
+++ b/src/log/template_hash.rs
@@ -7,9 +7,9 @@
 use crate::hash::HashAlgorithm;
 use crate::hash::Hasher;
 
+use super::IMA_EVENT_NAME_LEN_MAX;
 use super::event::Event;
-use super::template::{TemplateData, TemplateField};
-use super::{IMA_EVENT_NAME_LEN_MAX, IMA_TEMPLATE_NAME};
+use super::template::{Template, TemplateData, TemplateField};
 
 /// Internal: reconstruct the per-field framing that appears on the wire so
 /// we can feed it into a hash.
@@ -22,7 +22,7 @@ use super::{IMA_EVENT_NAME_LEN_MAX, IMA_TEMPLATE_NAME};
 ///
 /// For every other template each field becomes `<u32 LE length> || <bytes>`.
 pub(super) fn feed_event_into<H: Hasher + ?Sized>(hasher: &mut H, event: &Event) {
-    if event.template_name == IMA_TEMPLATE_NAME {
+    if event.template == Template::Ima {
         feed_legacy_ima(hasher, &event.template_data);
     } else {
         feed_generic(hasher, &event.template_data, &event.template_data_raw);
@@ -122,6 +122,71 @@ fn collect_fields(data: &TemplateData) -> Vec<TemplateField> {
                 data: e.buf.clone(),
             },
         ],
+        TemplateData::ImaModsig(e) => vec![
+            TemplateField {
+                data: encode_d_ng(&e.digest),
+            },
+            TemplateField {
+                data: encode_n_ng(&e.filename),
+            },
+            TemplateField {
+                data: e.signature.clone(),
+            },
+            TemplateField {
+                data: e.modsig_digest.clone(),
+            },
+            TemplateField {
+                data: e.modsig.clone(),
+            },
+        ],
+        TemplateData::ImaNgV2(e) => vec![
+            TemplateField {
+                data: encode_d_ngv2(&e.digest),
+            },
+            TemplateField {
+                data: encode_n_ng(&e.filename),
+            },
+        ],
+        TemplateData::ImaSigV2(e) => vec![
+            TemplateField {
+                data: encode_d_ngv2(&e.digest),
+            },
+            TemplateField {
+                data: encode_n_ng(&e.filename),
+            },
+            TemplateField {
+                data: e.signature.clone(),
+            },
+        ],
+        TemplateData::EvmSig(e) => vec![
+            TemplateField {
+                data: encode_d_ng(&e.digest),
+            },
+            TemplateField {
+                data: encode_n_ng(&e.filename),
+            },
+            TemplateField {
+                data: e.evmsig.clone(),
+            },
+            TemplateField {
+                data: encode_n_ng(&e.xattrnames),
+            },
+            TemplateField {
+                data: e.xattrlengths.clone(),
+            },
+            TemplateField {
+                data: e.xattrvalues.clone(),
+            },
+            TemplateField {
+                data: e.iuid.to_le_bytes().to_vec(),
+            },
+            TemplateField {
+                data: e.igid.to_le_bytes().to_vec(),
+            },
+            TemplateField {
+                data: e.imode.to_le_bytes().to_vec(),
+            },
+        ],
         TemplateData::Unknown(fields) => fields.clone(),
     }
 }
@@ -142,6 +207,16 @@ pub(crate) fn encode_n_ng(name: &str) -> Vec<u8> {
     out.push(0);
     out
 }
+pub(crate) fn encode_d_ngv2(digest: &crate::log::DigestV2) -> Vec<u8> {
+    let mut out = Vec::new();
+    out.extend_from_slice(digest.digest_type.as_str().as_bytes());
+    out.push(b':');
+    out.extend_from_slice(digest.digest.algorithm.name().as_bytes());
+    out.push(b':');
+    out.push(0);
+    out.extend_from_slice(&digest.digest.bytes);
+    out
+}
 
 #[cfg(feature = "hash")]
 pub(super) fn calculate_with(event: &Event, algo: HashAlgorithm) -> Option<Vec<u8>> {
diff --git a/tests/integration.rs b/tests/integration.rs
index 862f697..e9af580 100644
--- a/tests/integration.rs
+++ b/tests/integration.rs
@@ -50,7 +50,7 @@ fn binary_parser_yields_multiple_events() {
         .collect::<Result<Vec<_>, _>>()
         .unwrap();
     assert_eq!(events.len(), 2);
-    assert_eq!(events[0].template_name, "ima-ng");
+    assert_eq!(events[0].template.as_str(), "ima-ng");
 }
 
 #[cfg(feature = "hash")]
@@ -154,7 +154,7 @@ fn ascii_and_binary_agree_on_decoded_form() {
     let from_ascii = parse_ascii_log(&ascii_line).unwrap().remove(0);
 
     assert_eq!(from_binary.pcr_index, from_ascii.pcr_index);
-    assert_eq!(from_binary.template_name, from_ascii.template_name);
+    assert_eq!(from_binary.template.as_str(), from_ascii.template.as_str());
     match (&from_binary.template_data, &from_ascii.template_data) {
         (TemplateData::ImaNg(a), TemplateData::ImaNg(b)) => {
             assert_eq!(a, b);
diff --git a/tests/testdata.rs b/tests/testdata.rs
index 9143c47..67292aa 100644
--- a/tests/testdata.rs
+++ b/tests/testdata.rs
@@ -105,7 +105,7 @@ fn ascii_logs_template_hashes_verify() {
                 Some(true),
                 "{}: event {i} ({}) failed template-hash verification",
                 path.display(),
-                ev.template_name,
+                ev.template.as_str(),
             );
         }
     }
@@ -154,7 +154,7 @@ fn binary_logs_template_hashes_verify() {
                 Some(true),
                 "{}: event {i} ({}) failed template-hash verification",
                 path.display(),
-                ev.template_name,
+                ev.template.as_str(),
             );
         }
     }
@@ -186,7 +186,8 @@ fn ascii_and_binary_logs_agree() {
         for (i, (a, b)) in ascii_events.iter().zip(binary_events.iter()).enumerate() {
             assert_eq!(a.pcr_index, b.pcr_index, "event {i}: pcr differs");
             assert_eq!(
-                a.template_name, b.template_name,
+                a.template.as_str(),
+                b.template.as_str(),
                 "event {i}: template name differs",
             );
             // The first event is `boot_aggregate`; its template_hash differs
@@ -194,13 +195,14 @@ fn ascii_and_binary_logs_agree() {
             assert!(
                 template_payload_eq(&a.template_data, &b.template_data),
                 "event {i} ({}): template_data differs between ASCII and binary",
-                a.template_name,
+                a.template.as_str(),
             );
             if i > 0 {
                 assert_eq!(
-                    a.template_hash, b.template_hash,
+                    a.template_hash,
+                    b.template_hash,
                     "event {i} ({}): template_hash differs between ASCII and binary",
-                    a.template_name,
+                    a.template.as_str(),
                 );
             }
         }