Add SBOM, symbols, traces, and VEX files for CVE-2022-21661 SQLi case

- Created CycloneDX and SPDX SBOM files for both reachable and unreachable images.
- Added symbols.json detailing function entry and sink points in the WordPress code.
- Included runtime traces for function calls in both reachable and unreachable scenarios.
- Developed OpenVEX files indicating vulnerability status and justification for both cases.
- Updated README for evaluator harness to guide integration with scanner output.

src/__Libraries/StellaOps.Configuration/StellaOps.Configuration.csproj

@@ -20,6 +20,9 @@
   <ItemGroup>
     <ProjectReference Include="../../Authority/StellaOps.Authority/StellaOps.Authority.Plugins.Abstractions/StellaOps.Authority.Plugins.Abstractions.csproj" />
     <ProjectReference Include="..\StellaOps.Cryptography\StellaOps.Cryptography.csproj" />
+    <ProjectReference Include="..\StellaOps.Cryptography.Plugin.CryptoPro\StellaOps.Cryptography.Plugin.CryptoPro.csproj" />
+    <ProjectReference Include="..\StellaOps.Cryptography.Plugin.Pkcs11Gost\StellaOps.Cryptography.Plugin.Pkcs11Gost.csproj" />
+    <ProjectReference Include="..\StellaOps.Cryptography.DependencyInjection\StellaOps.Cryptography.DependencyInjection.csproj" />
   </ItemGroup>
 
-</Project>
+</Project>

src/__Libraries/StellaOps.Configuration/StellaOpsAuthorityOptions.cs

@@ -84,6 +84,11 @@ public sealed class StellaOpsAuthorityOptions
     /// </summary>
     public AuthorityPluginSettings Plugins { get; } = new();
 
+    /// <summary>
+    /// Sovereign cryptography configuration (provider registry + plugins).
+    /// </summary>
+    public StellaOpsCryptoOptions Crypto { get; } = new();
+
     /// <summary>
     /// Security-related configuration for the Authority host.
     /// </summary>

src/__Libraries/StellaOps.Configuration/StellaOpsCryptoOptions.cs

@@ -0,0 +1,20 @@
+using StellaOps.Cryptography;
+using StellaOps.Cryptography.DependencyInjection;
+using StellaOps.Cryptography.Plugin.CryptoPro;
+using StellaOps.Cryptography.Plugin.Pkcs11Gost;
+
+namespace StellaOps.Configuration;
+
+/// <summary>
+/// Shared crypto configuration (registry ordering + provider settings) consumed by hosts and tooling.
+/// </summary>
+public sealed class StellaOpsCryptoOptions
+{
+    public CryptoProviderRegistryOptions Registry { get; } = new();
+
+    public Pkcs11GostProviderOptions Pkcs11 { get; } = new();
+
+    public CryptoProGostProviderOptions CryptoPro { get; } = new();
+
+    public string DefaultHashAlgorithm { get; set; } = HashAlgorithms.Sha256;
+}

src/__Libraries/StellaOps.Configuration/StellaOpsCryptoServiceCollectionExtensions.cs

@@ -0,0 +1,101 @@
+using System;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.DependencyInjection.Extensions;
+using Microsoft.Extensions.Options;
+using StellaOps.Cryptography;
+using StellaOps.Cryptography.DependencyInjection;
+using StellaOps.Cryptography.Plugin.CryptoPro;
+using StellaOps.Cryptography.Plugin.Pkcs11Gost;
+
+namespace StellaOps.Configuration;
+
+public static class StellaOpsCryptoServiceCollectionExtensions
+{
+    public static IServiceCollection AddStellaOpsCrypto(
+        this IServiceCollection services,
+        StellaOpsCryptoOptions? options)
+    {
+        ArgumentNullException.ThrowIfNull(services);
+
+        var resolved = options ?? new StellaOpsCryptoOptions();
+
+        services.AddStellaOpsCrypto(registryOptions =>
+        {
+            ApplyRegistry(registryOptions, resolved.Registry);
+        });
+
+        services.AddPkcs11GostProvider();
+        services.Configure<Pkcs11GostProviderOptions>(target =>
+        {
+            CopyPkcs11Options(target, resolved.Pkcs11);
+        });
+
+        services.AddCryptoProGostProvider();
+        services.Configure<CryptoProGostProviderOptions>(target =>
+        {
+            CopyCryptoProOptions(target, resolved.CryptoPro);
+        });
+
+        services.Configure<CryptoHashOptions>(hash =>
+        {
+            hash.DefaultAlgorithm = string.IsNullOrWhiteSpace(resolved.DefaultHashAlgorithm)
+                ? HashAlgorithms.Sha256
+                : resolved.DefaultHashAlgorithm.Trim();
+        });
+
+        return services;
+    }
+
+    private static void ApplyRegistry(
+        CryptoProviderRegistryOptions target,
+        CryptoProviderRegistryOptions source)
+    {
+        target.ActiveProfile = source.ActiveProfile;
+        target.PreferredProviders.Clear();
+        foreach (var provider in source.PreferredProviders)
+        {
+            if (!string.IsNullOrWhiteSpace(provider))
+            {
+                target.PreferredProviders.Add(provider.Trim());
+            }
+        }
+
+        target.Profiles.Clear();
+        foreach (var kvp in source.Profiles)
+        {
+            if (kvp.Value is null)
+            {
+                continue;
+            }
+
+            var profile = new CryptoProviderProfileOptions();
+            foreach (var provider in kvp.Value.PreferredProviders)
+            {
+                if (!string.IsNullOrWhiteSpace(provider))
+                {
+                    profile.PreferredProviders.Add(provider.Trim());
+                }
+            }
+
+            target.Profiles[kvp.Key] = profile;
+        }
+    }
+
+    private static void CopyPkcs11Options(Pkcs11GostProviderOptions target, Pkcs11GostProviderOptions source)
+    {
+        target.Keys.Clear();
+        foreach (var key in source.Keys)
+        {
+            target.Keys.Add(key.Clone());
+        }
+    }
+
+    private static void CopyCryptoProOptions(CryptoProGostProviderOptions target, CryptoProGostProviderOptions source)
+    {
+        target.Keys.Clear();
+        foreach (var key in source.Keys)
+        {
+            target.Keys.Add(key.Clone());
+        }
+    }
+}