Logo
  • Installation
    • On Debian
    • On Arch Linux
    • Using PIP
    • Installing from Source
    • Installing for Development
  • Command Line Tools
    • Evidence Generation
      • in-toto-run: generate signed link metadata
      • in-toto-record: generate signed link metadata in multiple steps
      • in-toto-match-products: match local artifacts against link metadata products
    • Supply Chain Verification
      • in-toto-verify: perform final product supply chain verification
    • Utilities
      • in-toto-mock: mock in-toto-run
      • in-toto-sign: sign/verify individual pieces of metadata
  • API
    • Evidence Generation
      • in_toto_run()
      • in_toto_record_start()
      • in_toto_record_stop()
      • in_toto_match_products()
    • Supply Chain Verification
      • in_toto_verify()
  • Metadata Model
    • Metadata
      • Metadata
    • DSSE Envelope
      • Envelope
    • Metablock
      • Metablock
    • Link
      • Link
    • Layout
      • Layout
    • Step
      • Step
    • Inspection
      • Inspection
  • Configuration
    • Settings
    • Artifact Exclude Patterns
      • Format Specification
      • References
  • Layout Creation Example
  • Demo Supply Chain
  • Contribute
    • Quick Start Guide
      • 1. Clone the Repository
      • 2. Install Development Dependencies
      • 3. Review Contribution Guidelines
      • 4. Sign the Developer Certificate of Origin (DCO)
      • 5. Run Tests
in-toto
  • Welcome to the in-toto documentation!
  • Edit on GitHub

Welcome to the in-toto documentation!

in-toto is a framework for software supply chain security. This documentation covers the in-toto Python reference implementation of the in-toto specification. More information about in-toto can be found at in-toto.io.

  • Installation
    • On Debian
    • On Arch Linux
    • Using PIP
    • Installing from Source
    • Installing for Development
  • Command Line Tools
    • Evidence Generation
    • Supply Chain Verification
    • Utilities
  • API
    • Evidence Generation
    • Supply Chain Verification
  • Metadata Model
    • Metadata
    • DSSE Envelope
    • Metablock
    • Link
    • Layout
    • Step
    • Inspection
  • Configuration
    • Settings
    • Artifact Exclude Patterns
  • Layout Creation Example
  • Demo Supply Chain
  • Contribute
    • Quick Start Guide
Next

© Copyright 2019, NYU Secure Systems Lab.

Built with Sphinx using a theme provided by Read the Docs.