feat(eidas): Implement eIDAS Crypto Plugin with dependency injection and signing capabilities
- Added ServiceCollectionExtensions for eIDAS crypto providers. - Implemented EidasCryptoProvider for handling eIDAS-compliant signatures. - Created LocalEidasProvider for local signing using PKCS#12 keystores. - Defined SignatureLevel and SignatureFormat enums for eIDAS compliance. - Developed TrustServiceProviderClient for remote signing via TSP. - Added configuration support for eIDAS options in the project file. - Implemented unit tests for SM2 compliance and crypto operations. - Introduced dependency injection extensions for SM software and remote plugins.
This commit is contained in:
master
@@ -18,6 +18,14 @@ public static class VerdictEndpoints
|
||||
.WithTags("Verdicts")
|
||||
.WithOpenApi();
|
||||
|
||||
// POST /api/v1/verdicts
|
||||
group.MapPost("/", StoreVerdictAsync)
|
||||
.WithName("StoreVerdict")
|
||||
.WithSummary("Store a verdict attestation")
|
||||
.Produces<StoreVerdictResponse>(StatusCodes.Status201Created)
|
||||
.Produces(StatusCodes.Status400BadRequest)
|
||||
.Produces(StatusCodes.Status500InternalServerError);
|
||||
|
||||
// GET /api/v1/verdicts/{verdictId}
|
||||
group.MapGet("/{verdictId}", GetVerdictAsync)
|
||||
.WithName("GetVerdict")
|
||||
@@ -44,6 +52,75 @@ public static class VerdictEndpoints
|
||||
.Produces(StatusCodes.Status500InternalServerError);
|
||||
}
|
||||
|
||||
private static async Task<IResult> StoreVerdictAsync(
|
||||
[FromBody] StoreVerdictRequest request,
|
||||
[FromServices] IVerdictRepository repository,
|
||||
[FromServices] ILogger<Program> logger,
|
||||
CancellationToken cancellationToken)
|
||||
{
|
||||
try
|
||||
{
|
||||
logger.LogInformation("Storing verdict attestation {VerdictId}", request.VerdictId);
|
||||
|
||||
// Validate request
|
||||
if (string.IsNullOrWhiteSpace(request.VerdictId))
|
||||
{
|
||||
return Results.BadRequest(new { error = "verdict_id is required" });
|
||||
}
|
||||
|
||||
if (string.IsNullOrWhiteSpace(request.FindingId))
|
||||
{
|
||||
return Results.BadRequest(new { error = "finding_id is required" });
|
||||
}
|
||||
|
||||
// Serialize envelope to JSON string
|
||||
var envelopeJson = JsonSerializer.Serialize(request.Envelope);
|
||||
|
||||
// Create repository record
|
||||
var record = new VerdictAttestationRecord
|
||||
{
|
||||
VerdictId = request.VerdictId,
|
||||
TenantId = request.TenantId,
|
||||
RunId = request.PolicyRunId,
|
||||
PolicyId = request.PolicyId,
|
||||
PolicyVersion = request.PolicyVersion,
|
||||
FindingId = request.FindingId,
|
||||
VerdictStatus = request.VerdictStatus,
|
||||
VerdictSeverity = request.VerdictSeverity,
|
||||
VerdictScore = request.VerdictScore,
|
||||
EvaluatedAt = request.EvaluatedAt,
|
||||
Envelope = envelopeJson,
|
||||
PredicateDigest = request.PredicateDigest,
|
||||
DeterminismHash = request.DeterminismHash,
|
||||
RekorLogIndex = request.RekorLogIndex,
|
||||
CreatedAt = DateTimeOffset.UtcNow
|
||||
};
|
||||
|
||||
// Store in repository
|
||||
var storedVerdictId = await repository.StoreVerdictAsync(record, cancellationToken);
|
||||
|
||||
logger.LogInformation("Successfully stored verdict attestation {VerdictId}", storedVerdictId);
|
||||
|
||||
var response = new StoreVerdictResponse
|
||||
{
|
||||
VerdictId = storedVerdictId,
|
||||
CreatedAt = record.CreatedAt,
|
||||
Stored = true
|
||||
};
|
||||
|
||||
return Results.Created($"/api/v1/verdicts/{storedVerdictId}", response);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
logger.LogError(ex, "Error storing verdict attestation {VerdictId}", request.VerdictId);
|
||||
return Results.Problem(
|
||||
title: "Internal server error",
|
||||
detail: "Failed to store verdict attestation",
|
||||
statusCode: StatusCodes.Status500InternalServerError
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
private static async Task<IResult> GetVerdictAsync(
|
||||
string verdictId,
|
||||
[FromServices] IVerdictRepository repository,
|
||||
|
||||
Reference in New Issue
Block a user