stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
5e514532df1ace958d098770e9a07fa1970f2f22
git.stella-ops.org/src/VexLens/StellaOps.VexLens/Extensions/VexLensServiceCollectionExtensions.cs
StellaOps Bot 5e514532df Implement VEX document verification system with issuer management and signature verification 
- Added IIssuerDirectory interface for managing VEX document issuers, including methods for registration, revocation, and trust validation.
- Created InMemoryIssuerDirectory class as an in-memory implementation of IIssuerDirectory for testing and single-instance deployments.
- Introduced ISignatureVerifier interface for verifying signatures on VEX documents, with support for multiple signature formats.
- Developed SignatureVerifier class as the default implementation of ISignatureVerifier, allowing extensibility for different signature formats.
- Implemented handlers for DSSE and JWS signature formats, including methods for verification and signature extraction.
- Defined various records and enums for issuer and signature metadata, enhancing the structure and clarity of the verification process.
2025-12-06 13:41:22 +02:00

172 lines
5.4 KiB
C#
Raw Blame History

using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.DependencyInjection.Extensions;
using StellaOps.VexLens.Api;
using StellaOps.VexLens.Consensus;
using StellaOps.VexLens.Integration;
using StellaOps.VexLens.Mapping;
using StellaOps.VexLens.Normalization;
using StellaOps.VexLens.Observability;
using StellaOps.VexLens.Options;
using StellaOps.VexLens.Storage;
using StellaOps.VexLens.Trust;
using StellaOps.VexLens.Verification;
namespace StellaOps.VexLens.Extensions;
/// <summary>
/// Extension methods for registering VexLens services.
/// </summary>
public static class VexLensServiceCollectionExtensions
{
/// <summary>
/// Adds VexLens consensus engine services to the service collection.
/// </summary>
public static IServiceCollection AddVexLens(
this IServiceCollection services,
IConfiguration configuration)
{
var section = configuration.GetSection(VexLensOptions.SectionName);
services.Configure<VexLensOptions>(section);
var options = section.Get<VexLensOptions>() ?? new VexLensOptions();
return services.AddVexLensCore(options);
}
/// <summary>
/// Adds VexLens consensus engine services with explicit options.
/// </summary>
public static IServiceCollection AddVexLens(
this IServiceCollection services,
Action<VexLensOptions> configure)
{
var options = new VexLensOptions();
configure(options);
services.Configure(configure);
return services.AddVexLensCore(options);
}
/// <summary>
/// Adds VexLens services for testing with in-memory storage.
/// </summary>
public static IServiceCollection AddVexLensForTesting(this IServiceCollection services)
{
var options = new VexLensOptions
{
Storage = { Driver = "memory" },
Telemetry = { MetricsEnabled = false, TracingEnabled = false }
};
return services.AddVexLensCore(options);
}
private static IServiceCollection AddVexLensCore(
this IServiceCollection services,
VexLensOptions options)
{
// Normalization
services.TryAddSingleton<IVexNormalizerRegistry>(sp =>
{
var registry = new VexNormalizerRegistry();
RegisterNormalizers(registry, options.Normalization);
return registry;
});
// Product mapping
services.TryAddSingleton<IProductMapper, ProductMapper>();
// Verification
services.TryAddSingleton<ISignatureVerifier, SignatureVerifier>();
// Issuer directory - use in-memory by default, can be replaced
services.TryAddSingleton<IIssuerDirectory, InMemoryIssuerDirectory>();
// Trust engine
services.TryAddSingleton<ITrustWeightEngine, TrustWeightEngine>();
// Consensus engine
services.TryAddSingleton<IVexConsensusEngine, VexConsensusEngine>();
// Storage
RegisterStorage(services, options.Storage);
// Event emitter - in-memory for now
services.TryAddSingleton<IConsensusEventEmitter, InMemoryConsensusEventEmitter>();
// API service
services.TryAddScoped<IVexLensApiService, VexLensApiService>();
// Rationale service for AI/ML consumption
services.TryAddScoped<IConsensusRationaleService, ConsensusRationaleService>();
// Integration services
services.TryAddScoped<IPolicyEngineIntegration, PolicyEngineIntegration>();
services.TryAddScoped<IVulnExplorerIntegration, VulnExplorerIntegration>();
// Metrics
if (options.Telemetry.MetricsEnabled)
{
services.TryAddSingleton<VexLensMetrics>();
}
return services;
}
private static void RegisterNormalizers(
VexNormalizerRegistry registry,
VexLensNormalizationOptions options)
{
var enabledFormats = new HashSet<string>(
options.EnabledFormats,
StringComparer.OrdinalIgnoreCase);
if (enabledFormats.Contains("OpenVEX"))
{
registry.Register(new OpenVexNormalizer());
}
if (enabledFormats.Contains("CSAF"))
{
registry.Register(new CsafVexNormalizer());
}
if (enabledFormats.Contains("CycloneDX"))
{
registry.Register(new CycloneDxVexNormalizer());
}
}
private static void RegisterStorage(
IServiceCollection services,
VexLensStorageOptions options)
{
switch (options.Driver.ToLowerInvariant())
{
case "memory":
services.TryAddSingleton<IConsensusProjectionStore>(sp =>
{
var emitter = sp.GetRequiredService<IConsensusEventEmitter>();
return new InMemoryConsensusProjectionStore(emitter);
});
break;
case "mongo":
// MongoDB storage would be registered here
// For now, fall back to in-memory
services.TryAddSingleton<IConsensusProjectionStore>(sp =>
{
var emitter = sp.GetRequiredService<IConsensusEventEmitter>();
return new InMemoryConsensusProjectionStore(emitter);
});
break;
default:
throw new InvalidOperationException(
$"Unknown VexLens storage driver: {options.Driver}");
}
}
}
Reference in New Issue View Git Blame Copy Permalink