Expand description
§Synqro — Zero-Trust Over-The-Air Updater
libsynqro is a C-compatible dynamic/static library that provides a
secure, cryptographically-verified over-the-air update mechanism.
All secrets are loaded exclusively from the OS keychain. All update manifests and payloads are verified with Ed25519 before use. All network traffic uses TLS 1.3 only (via rustls, no OpenSSL).
§Safety policy
The crate root forbids all unsafe code. The only exception is the ffi
module below, where raw pointers must be handled at the C boundary. Every
pointer is null-checked before dereferencing, and every allocation has a
paired free function. Panics are caught before crossing the FFI boundary.
§Standards compliance
OWASP ASVS Level 3 | NIST SP 800-193 | FIPS 140-3 (algorithm selection)
Re-exports§
pub use error::SynqroError;pub use error::SynqroStatus;pub use error::SYNQRO_MAX_INPUT_LEN;pub use ffi::*;
Modules§
- audit
- Tamper-evident JSONL audit logger. Synqro Audit Logger — Tamper-evident JSONL audit log.
- config
- Configuration loading and validation. Configuration loading and validation for the Synqro OTA updater.
- downloader
- Secure payload downloader (TLS 1.3 + cert pinning + crypto verification). Synqro Secure Downloader
- error
- Structured error types and C-ABI result structs. Error types and C-FFI result structures for the Synqro OTA updater.
- ffi
- The public C FFI surface of Synqro.
- keychain
- Platform-specific OS keychain abstraction.
- rollback
- Self-heal engine: snapshot, watchdog, rollback, blacklist. Synqro Self-Heal Engine
Constants§
- SYNQRO_
VERSION - Synqro engine version. Exposed through the C API via
synqro_version().