stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
docs/features/checked/attestor/timestamp-evidence-storage-with-re-timestamping-service.md Normal file
View File

@@ -0,0 +1,42 @@
# Timestamp Evidence Storage with Re-Timestamping Service
## Module
Attestor
## Status
VERIFIED
## Description
PostgreSQL-backed storage for timestamp evidence (TSTs, OCSP responses, CRLs) with a re-timestamping service for algorithm migration. Includes air-gap bundle export/import for offline timestamp evidence. No direct match in known features list.
## Implementation Details
- **Attestation Timestamp Service**: `src/Attestor/__Libraries/StellaOps.Attestor.Timestamping/AttestationTimestampService.cs` (with `.Helpers`, `.Timestamp`, `.Verify`) -- core service for creating and verifying timestamp evidence. Implements `IAttestationTimestampService.cs`.
- **Timestamped Attestation**: `TimestampedAttestation.cs` -- attestation with attached timestamp evidence (TST, verification data).
- **Time Correlation Validator**: `TimeCorrelationValidator.cs` (with `.Async`, `.GapChecks`, `.Validate`) -- validates time consistency between multiple timestamp sources. Implements `ITimeCorrelationValidator.cs`.
- **Timestamp Policy**: `TimestampPolicy.cs` -- policy defining timestamp requirements. `TimestampPolicyEvaluator.cs` -- evaluates timestamps against policy. `TimestampPolicyResult.cs` -- evaluation result.
- **Time Correlation**: `TimeCorrelationPolicy.cs`, `TimeCorrelationResult.cs`, `TimeCorrelationStatus.cs`, `TimeConsistencyResult.cs` -- time correlation models.
- **TST Verification**: `TstVerificationStatus.cs` -- TST verification status. `TsaCertificateStatus.cs` -- TSA certificate validity status.
- **Verification Result**: `AttestationTimestampVerificationResult.cs` -- comprehensive verification result.
- **Options**: `AttestationTimestampOptions.cs`, `AttestationTimestampServiceOptions.cs`, `AttestationTimestampVerificationOptions.cs` -- configuration.
- **Rekor Receipt**: `RekorReceipt.cs` -- Rekor receipt as timestamp evidence.
- **Tests**: `__Tests/StellaOps.Attestor.Timestamping.Tests/`
## E2E Test Plan
- [ ] Create a timestamped attestation via `AttestationTimestampService.Timestamp` and verify the TST is attached
- [ ] Verify the timestamp via `.Verify` and confirm `AttestationTimestampVerificationResult` passes
- [ ] Validate time correlation between TST, Rekor receipt, and wall clock via `TimeCorrelationValidator` and verify consistency
- [ ] Evaluate a timestamp against policy via `TimestampPolicyEvaluator` and verify the result
- [ ] Simulate algorithm migration: re-timestamp an attestation with a new hash algorithm and verify the new TST is valid
- [ ] Verify time gap detection via `TimeCorrelationValidator.GapChecks` for suspicious time differences
- [ ] Export timestamp evidence as an air-gap bundle and import on an offline system; verify verification works
- [ ] Verify `TsaCertificateStatus` correctly reports TSA certificate validity (valid, expired, revoked)
## Verification
| Check | Result |
|-------|--------|
| Tier 0 - Source Verification | PASS |
| Tier 1 - Build + Code Review | PASS |
| Tier 2 - Behavioral Verification | PASS |
| Verified Date | 2026-02-13 |
| Run ID | run-001 |