README
¶
Binary Transparency
The software supply chain has many areas where an increase in discoverability of artifacts and the claims which surround them can help improve the security and trust in the output of those chains.
Applying the transparency models, patterns, and techniques is a good way to achieve this discoverability.
This directory will contain some examples of how to apply binary transparency to particular use cases.
Index
- Firmware Transparency This is an example of applying transparency to firmware for a small compute platform. You can imagine this in the context of phones, or IoT devices etc., but the same principles apply for larger systems such as compute servers etc., too.
Directories
¶
| Path | Synopsis |
|---|---|
|
firmware
|
|
|
cmd/emulator/dummy
dummy_emu is an "emulator" for the dummy device.
|
dummy_emu is an "emulator" for the dummy device. |
|
cmd/emulator/dummy/impl
Package impl is the implementation of the emulator for the dummy device.
|
Package impl is the implementation of the emulator for the dummy device. |
|
cmd/flash_tool
flash_tool is a util to flash firmware update packages created by the publisher tool onto devices.
|
flash_tool is a util to flash firmware update packages created by the publisher tool onto devices. |
|
cmd/flash_tool/impl
Package impl is the implementation of a util to flash firmware update packages created by the publisher tool onto devices.
|
Package impl is the implementation of a util to flash firmware update packages created by the publisher tool onto devices. |
|
cmd/ft_monitor
This package is the entrypoint for the Firmware Transparency monitor.
|
This package is the entrypoint for the Firmware Transparency monitor. |
|
cmd/ft_monitor/impl
Package impl is the implementation of the Firmware Transparency monitor.
|
Package impl is the implementation of the Firmware Transparency monitor. |
|
cmd/ft_personality
This package is the entrypoint for the Firmware Transparency personality server.
|
This package is the entrypoint for the Firmware Transparency personality server. |
|
cmd/ft_personality/impl
Package impl is the implementation of the Firmware Transparency personality server.
|
Package impl is the implementation of the Firmware Transparency personality server. |
|
cmd/ft_personality/internal/cas
Package cas contains a Content Addressable Store.
|
Package cas contains a Content Addressable Store. |
|
cmd/ft_personality/internal/http
Package http contains private implementation details for the FirmwareTransparency personality server.
|
Package http contains private implementation details for the FirmwareTransparency personality server. |
|
cmd/ft_personality/internal/trees
Package trees contains the personality tree configuration.
|
Package trees contains the personality tree configuration. |
|
cmd/ft_personality/internal/trillian
Package trillian represents the log for the needs of this personality.
|
Package trillian represents the log for the needs of this personality. |
|
cmd/ft_witness
This package is the entrypoint for the Firmware Transparency witness server.
|
This package is the entrypoint for the Firmware Transparency witness server. |
|
cmd/ft_witness/impl
Package impl is the implementation of the Firmware Transparency witness server.
|
Package impl is the implementation of the Firmware Transparency witness server. |
|
cmd/ft_witness/internal/http
Package http contains private implementation details for the FirmwareTransparency witness.
|
Package http contains private implementation details for the FirmwareTransparency witness. |
|
cmd/ft_witness/internal/ws
Package ws contains a Witness Store backed by a file.
|
Package ws contains a Witness Store backed by a file. |
|
cmd/ftmap
map constructs a verifiable map from the firmware in the FT log.
|
map constructs a verifiable map from the firmware in the FT log. |
|
cmd/ftmapserver
This package is the entrypoint for the Firmware Transparency map server.
|
This package is the entrypoint for the Firmware Transparency map server. |
|
cmd/ftmapserver/impl
Package impl is the implementation of the Firmware Transparency map server.
|
Package impl is the implementation of the Firmware Transparency map server. |
|
cmd/hacker/modify_bundle
modify_bundle is a hacker tool for modifying proof bundles.
|
modify_bundle is a hacker tool for modifying proof bundles. |
|
cmd/hacker/modify_bundle/impl
Package impl is the implementation of a hacker tool for modifying proof bundles.
|
Package impl is the implementation of a hacker tool for modifying proof bundles. |
|
cmd/publisher
publish is a demo tool to put firmware metadata into the log.
|
publish is a demo tool to put firmware metadata into the log. |
|
cmd/publisher/impl
Package impl is a the implementation of a tool to put firmware metadata into the log.
|
Package impl is a the implementation of a tool to put firmware metadata into the log. |
|
devices/dummy
Package dummy provides a fake device to demo flashing firmware.
|
Package dummy provides a fake device to demo flashing firmware. |
|
devices/usbarmory/flash
Package flash holds code to deal with the USB armory SD card storage.
|
Package flash holds code to deal with the USB armory SD card storage. |
|
internal/ftmap
Package ftmap contains Beam pipeline library functions for the FT verifiable map.
|
Package ftmap contains Beam pipeline library functions for the FT verifiable map. |
|
internal/verify
Package verify holds helpers for validating the correctness of various artifacts and proofs used in the system.
|
Package verify holds helpers for validating the correctness of various artifacts and proofs used in the system. |
Click to show internal directories.
Click to hide internal directories.