Documentation
¶
Overview ¶
Package verify holds helpers for validating the correctness of various artifacts and proofs used in the system.
Index ¶
- func BundleConsistency(pb api.ProofBundle, rc api.LogCheckpoint, cpFunc ConsistencyProofFunc, ...) error
- func BundleForBoot(bundleRaw, measurement []byte, logSigVerifier note.Verifier) error
- func BundleForUpdate(bundleRaw, fwHash []byte, dc api.LogCheckpoint, cpFunc ConsistencyProofFunc, ...) (api.ProofBundle, api.FirmwareMetadata, error)
- type ConsistencyProofFunc
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BundleConsistency ¶
func BundleConsistency(pb api.ProofBundle, rc api.LogCheckpoint, cpFunc ConsistencyProofFunc, logSigVerifier note.Verifier) error
BundleConsistency verifies the log checkpoint in the bundle is consistent against a given checkpoint (e.g. one fetched from a witness).
func BundleForBoot ¶
BundleForBoot checks that the manifest, checkpoint, and proofs in a bundle are all self-consistent, and that the provided firmware measurement matches the one expected by the bundle.
func BundleForUpdate ¶
func BundleForUpdate(bundleRaw, fwHash []byte, dc api.LogCheckpoint, cpFunc ConsistencyProofFunc, logSigVerifier note.Verifier) (api.ProofBundle, api.FirmwareMetadata, error)
BundleForUpdate checks that the manifest, checkpoint, and proofs in a raw bundle are all self-consistent, and that the provided firmware image hash matches the one in the bundle. It also checks consistency proof between update log point and device log point (for non zero device tree size). Upon successful verification returns a proof bundle
Types ¶
type ConsistencyProofFunc ¶
ConsistencyProofFunc is a function which returns a consistency proof between two tree sizes.
Source Files