Add support for ГОСТ Р 34.10 digital signatures

- Implemented the GostKeyValue class for handling public key parameters in ГОСТ Р 34.10 digital signatures.
- Created the GostSignedXml class to manage XML signatures using ГОСТ 34.10, including methods for computing and checking signatures.
- Developed the GostSignedXmlImpl class to encapsulate the signature computation logic and public key retrieval.
- Added specific key value classes for ГОСТ Р 34.10-2001, ГОСТ Р 34.10-2012/256, and ГОСТ Р 34.10-2012/512 to support different signature algorithms.
- Ensured compatibility with existing XML signature standards while integrating ГОСТ cryptography.

src/Concelier/StellaOps.Concelier.WebService/Program.cs

@@ -9,6 +9,7 @@ using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.IdentityModel.Tokens;
 using Microsoft.AspNetCore.Diagnostics;
 using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Http.HttpResults;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
@@ -105,6 +106,8 @@ builder.Services.AddConcelierLinksetMappers();
 builder.Services.AddAdvisoryRawServices();
 builder.Services.AddSingleton<IAdvisoryObservationQueryService, AdvisoryObservationQueryService>();
 builder.Services.AddSingleton<AdvisoryChunkBuilder>();
+builder.Services.AddSingleton<IAdvisoryChunkCache, AdvisoryChunkCache>();
+builder.Services.AddSingleton<IAdvisoryAiTelemetry, AdvisoryAiTelemetry>();
 
 var features = concelierOptions.Features ?? new ConcelierOptions.FeaturesOptions();
 
@@ -808,23 +811,37 @@ var advisoryChunksEndpoint = app.MapGet("/advisories/{advisoryKey}/chunks", asyn
     HttpContext context,
     [FromServices] IAdvisoryObservationQueryService observationService,
     [FromServices] AdvisoryChunkBuilder chunkBuilder,
+    [FromServices] IAdvisoryChunkCache chunkCache,
+    [FromServices] IAdvisoryAiTelemetry telemetry,
+    [FromServices] TimeProvider timeProvider,
     CancellationToken cancellationToken) =>
 {
     ApplyNoCache(context.Response);
 
+    var requestStart = timeProvider.GetTimestamp();
+
     if (!TryResolveTenant(context, requireHeader: false, out var tenant, out var tenantError))
     {
+        telemetry.TrackChunkFailure(null, advisoryKey ?? string.Empty, "tenant_unresolved", "validation_error");
         return tenantError;
     }
 
     var authorizationError = EnsureTenantAuthorized(context, tenant);
     if (authorizationError is not null)
     {
+        var failureResult = authorizationError switch
+        {
+            UnauthorizedHttpResult => "unauthorized",
+            _ => "forbidden"
+        };
+
+        telemetry.TrackChunkFailure(tenant, advisoryKey ?? string.Empty, "tenant_not_authorized", failureResult);
         return authorizationError;
     }
 
     if (string.IsNullOrWhiteSpace(advisoryKey))
     {
+        telemetry.TrackChunkFailure(tenant, string.Empty, "missing_key", "validation_error");
         return Problem(context, "advisoryKey is required", StatusCodes.Status400BadRequest, ProblemTypes.Validation, "Provide an advisory identifier.");
     }
 
@@ -845,9 +862,11 @@ var advisoryChunksEndpoint = app.MapGet("/advisories/{advisoryKey}/chunks", asyn
     var observationResult = await observationService.QueryAsync(queryOptions, cancellationToken).ConfigureAwait(false);
     if (observationResult.Observations.IsDefaultOrEmpty || observationResult.Observations.Length == 0)
     {
+        telemetry.TrackChunkFailure(tenant, normalizedKey, "advisory_not_found", "not_found");
         return Problem(context, "Advisory not found", StatusCodes.Status404NotFound, ProblemTypes.NotFound, $"No observations available for {normalizedKey}.");
     }
 
+    var observations = observationResult.Observations.ToArray();
     var buildOptions = new AdvisoryChunkBuildOptions(
         normalizedKey,
         chunkLimit,
@@ -856,9 +875,51 @@ var advisoryChunksEndpoint = app.MapGet("/advisories/{advisoryKey}/chunks", asyn
         formatFilter,
         minimumLength);
 
-    var response = chunkBuilder.Build(buildOptions, observationResult.Observations.ToArray());
-    return JsonResult(response);
+    var cacheDuration = chunkSettings.CacheDurationSeconds > 0
+        ? TimeSpan.FromSeconds(chunkSettings.CacheDurationSeconds)
+        : TimeSpan.Zero;
+
+    AdvisoryChunkBuildResult buildResult;
+    var cacheHit = false;
+
+    if (cacheDuration > TimeSpan.Zero)
+    {
+        var cacheKey = AdvisoryChunkCacheKey.Create(tenant, normalizedKey, buildOptions, observations);
+        if (chunkCache.TryGet(cacheKey, out var cachedResult))
+        {
+            buildResult = cachedResult;
+            cacheHit = true;
+        }
+        else
+        {
+            buildResult = chunkBuilder.Build(buildOptions, observations);
+            chunkCache.Set(cacheKey, buildResult, cacheDuration);
+        }
+    }
+    else
+    {
+        buildResult = chunkBuilder.Build(buildOptions, observations);
+    }
+
+    var duration = timeProvider.GetElapsedTime(requestStart);
+    var guardrailCounts = cacheHit
+        ? ImmutableDictionary<AdvisoryChunkGuardrailReason, int>.Empty
+        : buildResult.Telemetry.GuardrailCounts;
+
+    telemetry.TrackChunkResult(new AdvisoryAiChunkRequestTelemetry(
+        tenant,
+        normalizedKey,
+        "ok",
+        buildResult.Response.Truncated,
+        cacheHit,
+        observations.Length,
+        buildResult.Response.Chunks.Count,
+        duration,
+        guardrailCounts));
+
+    return JsonResult(buildResult.Response);
 });
+
 if (authorityConfigured)
 {
     advisoryChunksEndpoint.RequireAuthorization(AdvisoryReadPolicyName);