stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
16f2f784628402de5acd29ce4b0dce4fa5313db4
git.stella-ops.org/src/__Libraries/StellaOps.Evidence.Pack/IEvidencePackSigner.cs

73 lines
2.3 KiB
C#
Raw Blame History

// <copyright file="IEvidencePackSigner.cs" company="StellaOps">
// Copyright (c) StellaOps. Licensed under the BUSL-1.1.
// </copyright>
using StellaOps.Evidence.Pack.Models;
namespace StellaOps.Evidence.Pack;
/// <summary>
/// Signs and verifies evidence packs using DSSE.
/// Sprint: SPRINT_20260109_011_005 Task: EVPK-003
/// </summary>
public interface IEvidencePackSigner
{
/// <summary>
/// Signs an evidence pack and creates a DSSE envelope.
/// </summary>
/// <param name="pack">The evidence pack to sign.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>The DSSE envelope containing the signature.</returns>
Task<DsseEnvelope> SignAsync(
EvidencePack pack,
CancellationToken cancellationToken);
/// <summary>
/// Verifies a DSSE envelope signature.
/// </summary>
/// <param name="envelope">The envelope to verify.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>The verification result.</returns>
Task<SignatureVerificationResult> VerifyAsync(
DsseEnvelope envelope,
CancellationToken cancellationToken);
}
/// <summary>
/// Result of verifying a signature.
/// </summary>
public sealed record SignatureVerificationResult
{
/// <summary>Gets whether the signature is valid.</summary>
public required bool Valid { get; init; }
/// <summary>Gets the signing key identifier.</summary>
public string? KeyId { get; init; }
/// <summary>Gets the verification timestamp.</summary>
public required DateTimeOffset VerifiedAt { get; init; }
/// <summary>Gets the failure reason if invalid.</summary>
public string? FailureReason { get; init; }
/// <summary>
/// Creates a successful verification result.
/// </summary>
public static SignatureVerificationResult Success(string keyId, DateTimeOffset verifiedAt) => new()
{
Valid = true,
KeyId = keyId,
VerifiedAt = verifiedAt
};
/// <summary>
/// Creates a failed verification result.
/// </summary>
public static SignatureVerificationResult Failure(string reason, DateTimeOffset verifiedAt) => new()
{
Valid = false,
VerifiedAt = verifiedAt,
FailureReason = reason
};
}
Reference in New Issue View Git Blame Copy Permalink