stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org

Browse Source
This commit is contained in:
StellaOps Bot
2026-01-06 21:03:06 +02:00
parent 8cb2bc677a 4789027317
commit 05833e0af2
841 changed files with 15706 additions and 68106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/__Tests/Integration/StellaOps.Integration.E2E/E2EReproducibilityTestFixture.cs
View File

@@ -506,10 +506,17 @@ public sealed class E2EReproducibilityTestFixture : IAsyncLifetime
var payloadType = "application/vnd.stellaops.verdict+json"u8.ToArray();
var pae = CreatePae(payloadType, payload);
// Sign with ECDSA P-256
return _signingKey!.SignData(pae, HashAlgorithmName.SHA256);
// Use HMAC-SHA256 for deterministic signatures in E2E tests
// ECDSA produces non-deterministic signatures due to random k value
// For reproducibility tests, we need byte-for-byte identical outputs
using var hmac = new HMACSHA256(_deterministicSigningKey);
return hmac.ComputeHash(pae);
}
// Deterministic key derived from seed for HMAC signing
private static readonly byte[] _deterministicSigningKey = SHA256.HashData(
System.Text.Encoding.UTF8.GetBytes("e2e-test-deterministic-key-seed-42"));
private static byte[] CreatePae(byte[] payloadType, byte[] payload)
{
// PAE(type, payload) = "DSSEv1" || SP || LEN(type) || SP || type || SP || LEN(payload) || SP || payload