Add post-quantum cryptography support with PqSoftCryptoProvider
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
wine-csp-build / Build Wine CSP Image (push) Has been cancelled
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
wine-csp-build / Build Wine CSP Image (push) Has been cancelled
- Implemented PqSoftCryptoProvider for software-only post-quantum algorithms (Dilithium3, Falcon512) using BouncyCastle. - Added PqSoftProviderOptions and PqSoftKeyOptions for configuration. - Created unit tests for Dilithium3 and Falcon512 signing and verification. - Introduced EcdsaPolicyCryptoProvider for compliance profiles (FIPS/eIDAS) with explicit allow-lists. - Added KcmvpHashOnlyProvider for KCMVP baseline compliance. - Updated project files and dependencies for new libraries and testing frameworks.
This commit is contained in:
StellaOps Bot
@@ -4,6 +4,7 @@ using System.Linq;
|
||||
using System.Threading;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using StellaOps.Cli.Services;
|
||||
using StellaOps.Cli.Extensions;
|
||||
using StellaOps.Infrastructure.Postgres.Migrations;
|
||||
|
||||
namespace StellaOps.Cli.Commands;
|
||||
@@ -32,30 +33,38 @@ internal static class SystemCommandBuilder
|
||||
Option<bool> verboseOption,
|
||||
CancellationToken cancellationToken)
|
||||
{
|
||||
var moduleOption = new Option<string?>(
|
||||
"--module",
|
||||
description: "Module name (Authority, Scheduler, Concelier, Policy, Notify, Excititor, all)");
|
||||
var categoryOption = new Option<string?>(
|
||||
"--category",
|
||||
description: "Migration category (startup, release, seed, data)");
|
||||
var dryRunOption = new Option<bool>("--dry-run", description: "List migrations without executing");
|
||||
var connectionOption = new Option<string?>(
|
||||
"--connection",
|
||||
description: "PostgreSQL connection string override (otherwise uses STELLAOPS_POSTGRES_* env vars)");
|
||||
var timeoutOption = new Option<int?>(
|
||||
"--timeout",
|
||||
description: "Command timeout in seconds for each migration (default 300).");
|
||||
var forceOption = new Option<bool>(
|
||||
"--force",
|
||||
description: "Allow execution of release migrations without --dry-run.");
|
||||
var moduleOption = new Option<string?>("--module")
|
||||
{
|
||||
Description = "Module name (Authority, Scheduler, Concelier, Policy, Notify, Excititor, all)"
|
||||
};
|
||||
var categoryOption = new Option<string?>("--category")
|
||||
{
|
||||
Description = "Migration category (startup, release, seed, data)"
|
||||
};
|
||||
var dryRunOption = new Option<bool>("--dry-run")
|
||||
{
|
||||
Description = "List migrations without executing"
|
||||
};
|
||||
var connectionOption = new Option<string?>("--connection")
|
||||
{
|
||||
Description = "PostgreSQL connection string override (otherwise uses STELLAOPS_POSTGRES_* env vars)"
|
||||
};
|
||||
var timeoutOption = new Option<int?>("--timeout")
|
||||
{
|
||||
Description = "Command timeout in seconds for each migration (default 300)."
|
||||
};
|
||||
var forceOption = new Option<bool>("--force")
|
||||
{
|
||||
Description = "Allow execution of release migrations without --dry-run."
|
||||
};
|
||||
|
||||
var run = new Command("migrations-run", "Run migrations for the selected module(s).");
|
||||
run.AddOption(moduleOption);
|
||||
run.AddOption(categoryOption);
|
||||
run.AddOption(dryRunOption);
|
||||
run.AddOption(connectionOption);
|
||||
run.AddOption(timeoutOption);
|
||||
run.AddOption(forceOption);
|
||||
run.Add(moduleOption);
|
||||
run.Add(categoryOption);
|
||||
run.Add(dryRunOption);
|
||||
run.Add(connectionOption);
|
||||
run.Add(timeoutOption);
|
||||
run.Add(forceOption);
|
||||
run.SetAction(async parseResult =>
|
||||
{
|
||||
var modules = MigrationModuleRegistry.GetModules(parseResult.GetValue(moduleOption)).ToList();
|
||||
@@ -91,8 +100,8 @@ internal static class SystemCommandBuilder
|
||||
});
|
||||
|
||||
var status = new Command("migrations-status", "Show migration status for the selected module(s).");
|
||||
status.AddOption(moduleOption);
|
||||
status.AddOption(connectionOption);
|
||||
status.Add(moduleOption);
|
||||
status.Add(connectionOption);
|
||||
status.SetAction(async parseResult =>
|
||||
{
|
||||
var modules = MigrationModuleRegistry.GetModules(parseResult.GetValue(moduleOption)).ToList();
|
||||
@@ -117,8 +126,8 @@ internal static class SystemCommandBuilder
|
||||
});
|
||||
|
||||
var verify = new Command("migrations-verify", "Verify migration checksums for the selected module(s).");
|
||||
verify.AddOption(moduleOption);
|
||||
verify.AddOption(connectionOption);
|
||||
verify.Add(moduleOption);
|
||||
verify.Add(connectionOption);
|
||||
verify.SetAction(async parseResult =>
|
||||
{
|
||||
var modules = MigrationModuleRegistry.GetModules(parseResult.GetValue(moduleOption)).ToList();
|
||||
|
||||
Reference in New Issue
Block a user