Welcome to BootIntegrityValidator
This repo is a Python module that validates the Boot Integrity Visibility output generated on a Cisco IOS-XE device. See the configuration guide for more information about the Cisco IOS-XE feature.
This python module will cryptographically (integrity) validate the output to ensure that it was generated on the specified device. Then the Boot 0, Boot Loader and OS integrity values will be checked against a database of “Known Good Values” (KGV) provided by Cisco. This database of KGV will also be cryptographically validated that it was provided by Cisco.
This allows an administrator to validate the runtime state of the device and confirm that it is currently running genuine Cisco software.
Getting started
Requirements
openssl
yanglint
(optional) - A tool included inlibyang
C library . The tool validates yang models and data instances against models. Only used in thev2
validation methods
Installation
python3 -m pip install BootIntegrityValidator
Usage
- Initiazation of base object
- Validate devices: