Skip to content

potentialdiffer/dice-star

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

471 Commits
.docker
.docker
 
 
dist
dist
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE.md
LICENSE.md
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
contributing.md
contributing.md
 
 
governance.md
governance.md
 
 
maintainers.md
maintainers.md
 
 
trademarks.md
trademarks.md
 
 

Repository files navigation

Verified DICE/RIoT Implementation

Introduction

This project intends to build a verified version of microsoft/RIoT using

  • F*: verification system for effectful programs
  • KreMLin: a tool for extracting low-level F* programs to readable C code
  • HACL*: a formally verified cryptographic library written in F*
  • EverParse: a F* library for write secure parser and serializer

File Organization

      ASN.1
     /  |
  X.509 |   C        C
     \  |  /         |
       RIoT         DICE
  • src/c: C source files
  • src/dice: F* source files for DICE
  • src/riot: F* source files for RIoT
    • RIoT.Base: X.509 base definitions
    • RIoT.Declassify: Interface for declassification functions
    • RIoT.X509.*: X.509 certificate-related definitions
    • RIoT.Spec.*: Specification for crypto and X.509 certificate-related functions
    • RIoT.Impl.*: Implementation for crypto and X.509 certificate-related functions
    • RIoT.Core: RIoT Core functionality
    • src/riot/asn1: F* source files for ASN.1 serializer
      • ASN1.Base: Base ASN.1 definitions
      • ASN1.Spec.*: Specification serializers and combinators
      • ASN1.Low.*: Implementation serializers and combinators
    • src/riot/x509: F* source files for X.509 serializer
      • X509.Base: X.509 base definitions
      • X509.Crypto: Crypto-related serializer
      • X509.BasicFields: Serializer for X.509 certificate basic fields
      • X509.ExtFields: Serializer for X.509 certificate extension fields
  • src/test Test scripts
  • src/obj F* outputs (after build)

Installation

(recommend) Docker

Execute the following command and you will be in the project root directory. This Dockerfile depends on the official F* build packaged with Emacs : fstarlang/fstar-emacs:latest.

$ docker build -t verifiedhardware:checkpoint -f .docker/stable/Dockerfile .
$ docker run -it --rm verifiedhardware:checkpoint bash

Build and Test

You can prepend OTHERFLAGS='--admit_smt_queries true' before any commands below to (largely) speed up the verification process (by assuming SMT queries) if you are sure the F* definitions are correct.

Verify F* Source Files

You can verify F* source files for any project (and their dependencies) of DICE, RIoT, ASN1 and X509 by entering the corresponding directory and executing

make verify-all -j4

Test Projects (and Generate C Files)

You can test RIoT or ASN1 by executing

make test-riot -j4

or

make test-asn1 -j4

at the src/test directory or the root directory. The test executable src/test/test.exe will be complied and executed. Generated C files lie in src/obj.

Generate C Files for RIoT

After executing

make test-riot -j4

C files will be generated in src/obj.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license

Contributing

Contributing
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • F* 96.8%
  • Python 1.1%
  • Shell 0.5%
  • Makefile 0.5%
  • C 0.5%
  • Dockerfile 0.4%
  • Emacs Lisp 0.2%