stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity

Add post-quantum cryptography support with PqSoftCryptoProvider
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Details
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Details
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Details
wine-csp-build / Build Wine CSP Image (push) Has been cancelled
Details

Browse Source 
- Implemented PqSoftCryptoProvider for software-only post-quantum algorithms (Dilithium3, Falcon512) using BouncyCastle.
- Added PqSoftProviderOptions and PqSoftKeyOptions for configuration.
- Created unit tests for Dilithium3 and Falcon512 signing and verification.
- Introduced EcdsaPolicyCryptoProvider for compliance profiles (FIPS/eIDAS) with explicit allow-lists.
- Added KcmvpHashOnlyProvider for KCMVP baseline compliance.
- Updated project files and dependencies for new libraries and testing frameworks.
This commit is contained in:
StellaOps Bot
2025-12-07 15:04:19 +02:00
parent 862bb6ed80
commit 98e6b76584
119 changed files with 11436 additions and 1732 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
ops/devops/findings-ledger/offline-kit/scripts/verify-install.sh Normal file
View File

@@ -0,0 +1,70 @@
#!/usr/bin/env bash
# Verify Findings Ledger installation
# Usage: ./verify-install.sh [service-url]
set -euo pipefail
SERVICE_URL="${1:-http://localhost:8188}"
# Color output helpers
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m'
log_info() { echo -e "${GREEN}[INFO]${NC} $*"; }
log_warn() { echo -e "${YELLOW}[WARN]${NC} $*"; }
log_error() { echo -e "${RED}[ERROR]${NC} $*"; }
log_pass() { echo -e "${GREEN}${NC} $*"; }
log_fail() { echo -e "${RED}${NC} $*"; }
CHECKS_PASSED=0
CHECKS_FAILED=0
run_check() {
local name="$1"
local cmd="$2"
if eval "$cmd" &>/dev/null; then
log_pass "$name"
((CHECKS_PASSED++))
else
log_fail "$name"
((CHECKS_FAILED++))
fi
}
main() {
log_info "Findings Ledger - Installation Verification"
log_info "==========================================="
log_info "Service URL: $SERVICE_URL"
echo ""
log_info "Health Checks:"
run_check "Readiness endpoint" "curl -sf ${SERVICE_URL}/health/ready"
run_check "Liveness endpoint" "curl -sf ${SERVICE_URL}/health/live"
echo ""
log_info "Metrics Checks:"
run_check "Metrics endpoint available" "curl -sf ${SERVICE_URL}/metrics | head -1"
run_check "ledger_write_latency_seconds present" "curl -sf ${SERVICE_URL}/metrics | grep -q ledger_write_latency_seconds"
run_check "ledger_projection_lag_seconds present" "curl -sf ${SERVICE_URL}/metrics | grep -q ledger_projection_lag_seconds"
run_check "ledger_merkle_anchor_duration_seconds present" "curl -sf ${SERVICE_URL}/metrics | grep -q ledger_merkle_anchor_duration_seconds"
echo ""
log_info "API Checks:"
run_check "OpenAPI spec available" "curl -sf ${SERVICE_URL}/swagger/v1/swagger.json | head -1"
echo ""
log_info "========================================"
log_info "Results: ${CHECKS_PASSED} passed, ${CHECKS_FAILED} failed"
if [[ $CHECKS_FAILED -gt 0 ]]; then
log_error "Some checks failed. Review service logs for details."
exit 1
fi
log_info "All checks passed. Installation verified."
}
main "$@"