stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
56c687253fbacabc25d8e1944f4fd43cb8dcef9c
git.stella-ops.org/docs/modules/excititor/README.md
master cef4cb2c5a Add support for ГОСТ Р 34.10 digital signatures 
- Implemented the GostKeyValue class for handling public key parameters in ГОСТ Р 34.10 digital signatures.
- Created the GostSignedXml class to manage XML signatures using ГОСТ 34.10, including methods for computing and checking signatures.
- Developed the GostSignedXmlImpl class to encapsulate the signature computation logic and public key retrieval.
- Added specific key value classes for ГОСТ Р 34.10-2001, ГОСТ Р 34.10-2012/256, and ГОСТ Р 34.10-2012/512 to support different signature algorithms.
- Ensured compatibility with existing XML signature standards while integrating ГОСТ cryptography.
2025-11-09 21:59:57 +02:00

2.8 KiB
Raw Blame History

StellaOps Excititor

Excititor converts heterogeneous VEX feeds into raw observations and linksets that honour the Aggregation-Only Contract.

Latest updates (2025-11-05)

  • Link-Not-Merge readiness: release note Excitor consensus beta captures how Excititor feeds power the Excititor consensus beta (sample payload in consensus JSON).
  • README now points policy/UI teams to the upcoming consensus integration work.
  • DSSE packaging for consensus bundles and Export Center hooks are documented in the beta release note; operators mirroring Excititor exports must verify detached JWS artefacts (bundle.json.jws) alongside each bundle.
  • Follow-ups called out in the release note (Policy weighting knobs POLICY-ENGINE-30-101, CLI verb CLI-VEX-30-002) remain in-flight and are tracked in /docs/implplan/SPRINT_200_documentation_process.md.

Release references

Responsibilities

  • Fetch OpenVEX/CSAF/CycloneDX statements via restart-only connectors.
  • Store immutable VEX observations with full provenance.
  • Publish linksets and events that drive policy suppression decisions.
  • Provide deterministic exports for Offline Kit and downstream tooling.

Key components

  • StellaOps.Excititor.WebService scheduler/API host.
  • Connector libraries under StellaOps.Excititor.Connector.*.
  • Normalization helpers and exporters in StellaOps.Excititor.*.

Integrations & dependencies

  • Policy Engine for evidence queries.
  • UI/CLI for conflict visibility and explanation.
  • Notify for VEX-driven alerts.

Operational notes

  • MongoDB for observation storage and job metadata.
  • Offline kit packaging aligned with Concelier merges.
  • Connector-specific runbooks (see docs/modules/concelier/operations/connectors).
  • Ubuntu CSAF provenance knobs: operations/ubuntu-csaf.md captures TrustWeight/Tier, cosign, and fingerprint configuration for the sprint 120 enrichment.

Backlog references

  • DOCS-LNM-22-006 / DOCS-LNM-22-007 (shared with Concelier).
  • CLI-EXC-25-001..002 follow-up for CLI parity.

Epic alignment

  • Epic 1 AOC enforcement: maintain immutable VEX observations, provenance, and AOC verifier coverage.
  • Epic 7 VEX Consensus Lens: supply trustworthy raw inputs, trust metadata, and consensus hooks for the lens computations.
  • Epic 8 Advisory AI: expose citation-ready VEX payloads for the advisory assistant pipeline.