feat: Implement DefaultCryptoHmac for compliance-aware HMAC operations

- Added DefaultCryptoHmac class implementing ICryptoHmac interface.
- Introduced purpose-based HMAC computation methods.
- Implemented verification methods for HMACs with constant-time comparison.
- Created HmacAlgorithms and HmacPurpose classes for well-known identifiers.
- Added compliance profile support for HMAC algorithms.
- Included asynchronous methods for HMAC computation from streams.

docs/risk/overview.md

@@ -1,6 +1,6 @@
-# Risk Overview (draft outline)
+# Risk Overview
 
-> Draft scaffold only. Populate content after PLLG0104 risk profile schema approval and risk engine/API samples land. Keep all fixtures deterministic (UTC timestamps, stable ordering, sealed sample payloads) and avoid external assets.
+> Source of truth: `CONTRACT-RISK-SCORING-002` (published 2025-12-05). Keep fixtures deterministic (UTC timestamps, stable ordering, sealed sample payloads) and avoid external assets.
 
 ## Purpose
 - Explain the risk model at a glance: factors, formulas, scoring semantics (0–100), and severity bands.
@@ -11,36 +11,37 @@
 - In scope: concepts, glossary, lifecycle, artifacts, cross-module data flow diagrams (add after schema approval).
 - Out of scope: detailed factor math (goes to `formulas.md`), API specifics (goes to `api.md`).
 
-## Core Concepts (to fill)
-- Risk factor vs. evidence vs. signal
-- Profile vs. formula vs. severity mapping
-- Provenance and attestations
-- Explainability payloads and UI/CLI displays
-- Determinism expectations (ordering, timestamps, hashing)
+## Core Concepts
+- **Signal → evidence → factor:** raw events (scanner, VEX, runtime) become evidence once validated; evidence is normalized into factors listed under profile `signals[]`.
+- **Profile vs. formula:** a profile bundles factor weights, thresholds, overrides, and severity mapping; formulas describe how weighted signals aggregate and when gates short-circuit.
+- **Provenance:** every input keeps its attestation/signature and source hash; explainability echoes `profile_hash`, factor hashes, and job correlation IDs.
+- **Explainability payloads:** UI/CLI show per-factor contributions (`signal_contributions`), source hashes, and rule gates; exports reuse the same envelope.
+- **Determinism:** stable ordering (factor type → source → timestamp), UTC ISO-8601 timestamps, fixed precision math, sealed fixtures.
 
-Interim notes (from legacy doc and sprint context): profiles take normalized factors (exploit likelihood, VEX status, reachability, runtime evidence, fix availability, asset criticality, provenance trust) and output 0–100 scores with severity buckets; same code path for simulation and production to ensure determinism.
+Profiles use normalized factors (exploit likelihood, KEV flag, reachability, runtime evidence, fix availability, asset criticality, provenance trust) to produce 0–1 scores mapped to severity buckets. Simulation and production share the exact code path.
 
-## Lifecycle (outline)
-1. Evidence ingestion (signals, VEX, reachability, runtime)
-2. Factor normalization
-3. Profile evaluation
-4. Severity assignment + gating
-5. Explainability + observability
-6. Export/archival paths
+## Lifecycle
+1. **Job submit:** POST `/api/v1/risk/jobs` with `tenant_id`, `context_id`, `profile_id`, finding list; request is signed and queued.
+2. **Evidence ingestion:** scanner surface + reachability graphs, Zastava runtime signals, VEX/KEV feeds, mirror bundles (offline).
+3. **Normalization:** clamp units to 0–1, apply TTL/decay, dedupe by provenance hash, map to canonical factor catalog.
+4. **Profile evaluation:** apply weighted sum and overrides; respect gates (e.g., KEV + reachability) and Authority-imposed rules.
+5. **Severity assignment:** map `normalized_score` to severity levels (critical/high/medium/low/informational) with rationale.
+6. **Explainability & observability:** emit per-factor contribution table, provenance pointers, evaluation latency metrics; surface via `/risk/jobs/{id}` and export bundles.
+7. **Export/archival:** package explainability + profile version/hash for Findings Ledger/Export Center; mirror-friendly.
 
-## Artifacts & Schemas (pending)
-- Risk profile schema: `<pending PLLG0104>`
-- Risk factor catalog: shared shapes reused by `factors.md`
-- Explainability envelope: shared with UI/CLI; add JSON examples once provided.
+## Artifacts & Schemas
+- Contract: `CONTRACT-RISK-SCORING-002` (2025-12-05) — risk scoring jobs, results, and profile model.
+- Profile schema fields: `id`, `version`, `description`, optional `extends`, `signals[] {name, source, type, path, transform, unit}`, `weights{}`, `overrides{severity[], decisions[]}`, `metadata`, `provenance`.
+- Job/result fields: `job_id`, `profile_hash`, `normalized_score`, `severity`, `signal_values`, `signal_contributions`, optional overrides and timestamps.
+- Explainability envelope: reuse `signal_contributions` + `profile_hash`; store fixtures under `docs/risk/samples/explain/`.
 
 ## Determinism & Offline Posture
-- Use frozen fixture sets with SHA256 tables.
-- Document regeneration steps (no live network calls) once payloads arrive.
+- Use frozen fixture sets with SHA256 tables; keep manifests in `docs/risk/samples/*/SHA256SUMS`.
+- Regenerate examples via documented scripts only; no live network calls.
+- Simulation, API, UI, and export consumers must share the same deterministic ordering and precision.
 
 ## Open Items
-- PLLG0104 schema approval
-- Risk engine API payload samples
-- UI telemetry captures for explainability walkthroughs
+- Need real payload fixtures (jobs + explainability traces) and UI telemetry captures; placeholders remain in samples folders.
 
 ## References (to link once available)
 - `docs/risk/profiles.md`