Google Git
Sign in
vanadium / release.go.x.ref / 13c0038ea7098d6ab9dec2aa9c8e51eba481b6de
commit13c0038ea7098d6ab9dec2aa9c8e51eba481b6de[log] [tgz]
authorArup Mukherjee <arup@google.com>Thu Jun 04 15:54:38 2015 -0700
committerArup Mukherjee <arup@google.com>Thu Jun 04 15:54:41 2015 -0700
treec0280d604f7c051f43704f2b5cab1b8ac8d21af0
parent2dd947e087eac55abf85bb5ab9564b4363ace0ed [diff]
services/device/internal/impl: Add publisher blessings

Add publisher blessings, and make sure that binary signatures are
checked properly, by ensuring that the publisher blessing from the
signer of the binary is a blessing that's recognized by the
device manager.

Specific changes:
    app_service.go: Provides a publisher blessing to signed apps
    app_life_test.go: Check that publisher blessings are as expected
    signature_match_test.go: Test that signed binaries are only
       accepted from trusted publishers
    util.go: Reject envelopes have a signed binary whose publisher
       is not trusted. (Continue to accept unsigned binaries though.)
    (plus a few other files changed that provides utilities for tests)

Change-Id: I2b559f16de294d7e20fd0184c0ace1e8645c5007
8 files changed
tree: c0280d604f7c051f43704f2b5cab1b8ac8d21af0
  1. cmd/
  2. examples/
  3. internal/
  4. lib/
  5. runtime/
  6. services/
  7. test/
  8. .gitignore
  9. AUTHORS
  10. CONTRIBUTORS
  11. envvar.go
  12. envvar_test.go
  13. LICENSE
  14. PATENTS
  15. README.md
  16. VERSION
README.md

Vanadium

This repository contains a reference implementation of the Vanadium APIs.

Unlike the APIs in https://github.com/vanadium/go.v23, which promises to provide backward compatibility this repository makes no such promises.