Add Canonical JSON serialization library with tests and documentation

- Implemented CanonJson class for deterministic JSON serialization and hashing. - Added unit tests for CanonJson functionality, covering various scenarios including key sorting, handling of nested objects, arrays, and special characters. - Created project files for the Canonical JSON library and its tests, including necessary package references. - Added README.md for library usage and API reference. - Introduced RabbitMqIntegrationFactAttribute for conditional RabbitMQ integration tests.
2025-12-19 15:35:00 +02:00
parent 43882078a4
commit 951a38d561
192 changed files with 27550 additions and 2611 deletions
--- a/docs/contracts/witness-v1.md
+++ b/docs/contracts/witness-v1.md
@@ -161,6 +161,28 @@ var witnessHash = $"blake3:{Convert.ToHexString(hash.AsSpan()).ToLowerInvariant(

 ---

+## DSSE Constants
+
+> **Sprint:** SPRINT_3700_0001_0001 (WIT-007C)
+
+The following constants are used for DSSE envelope creation and verification:
+
+| Constant | Value | Location |
+|----------|-------|----------|
+| **Predicate Type** | `stella.ops/pathWitness@v1` | `PredicateTypes.StellaOpsPathWitness` |
+| **Payload Type** | `application/vnd.stellaops.witness.v1+json` | `WitnessSchema.DssePayloadType` |
+| **Schema Version** | `stellaops.witness.v1` | `WitnessSchema.Version` |
+| **JSON Schema URI** | `https://stellaops.org/schemas/witness-v1.json` | `WitnessSchema.JsonSchemaUri` |
+
+### Witness Types
+
+| Value | Description |
+|-------|-------------|
+| `reachability_path` | Path witness from entrypoint to vulnerable sink |
+| `gate_proof` | Evidence of mitigating control (gate) along path |
+
+---
+
 ## DSSE Signing

 Witnesses are signed using [DSSE (Dead Simple Signing Envelope)](https://github.com/secure-systems-lab/dsse):