stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
9ca2de05dff9c7db11eb49df6d4e47bbfe7a99f6
git.stella-ops.org/docs/features/checked/airgap/dsse-receipt-schema-for-authority-sbomer-vexer-flows.md
master 5bca406787 save checkpoint: save features
2026-02-12 10:27:23 +02:00

2.0 KiB
Raw Blame History

DSSE/Receipt Schema for Authority/Sbomer/Vexer Flows

Module

AirGap

Status

VERIFIED

Description

DSSE envelope signing/verification across multiple modules with schema types, SPDX3 integration, and air-gap bundle signing. The receipt schema supports Authority, Sbomer, and Vexer flows.

Implementation Details

  • DSSE signing: src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Signing/DsseEnvelope.cs, DsseSignature.cs, ProofChainSigner.Verification.cs
  • DSSE SPDX3: src/Attestor/__Libraries/StellaOps.Attestor.Spdx3/DsseSpdx3Envelope.cs, DsseSpdx3Signature.cs, DsseSpdx3Signer.SignAsync.cs, DsseSpdx3Signer.Verify.cs
  • DSSE verification: src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Verification/DsseSignatureVerificationStep.cs
  • Importer DSSE parsing: src/AirGap/StellaOps.AirGap.Importer/Reconciliation/Parsers/DsseAttestationParser.cs
  • Receipt models: src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Receipts/VerificationReceipt.cs, VerificationResult.cs, VerificationCheck.cs, VerificationContext.cs
  • Signing profiles: src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Signing/SigningKeyProfile.cs
  • Source: Feature matrix scan

E2E Test Plan

  • Verify DSSE envelope creation for Authority/Sbomer/Vexer flows
  • Test DSSE signature verification with multiple key profiles
  • Verify receipt schema captures all required verification checks
  • Test SPDX3 DSSE integration

Verification

  • Run ID: run-001
  • Date (UTC): 2026-02-11
  • Tier 0: docs/qa/feature-checks/runs/airgap/dsse-receipt-schema-for-authority-sbomer-vexer-flows/run-001/tier0-source-check.json (verdict=pass)
  • Tier 1: docs/qa/feature-checks/runs/airgap/dsse-receipt-schema-for-authority-sbomer-vexer-flows/run-001/tier1-build-check.json (buildResult=pass, testResult=pass)
  • Tier 2: docs/qa/feature-checks/runs/airgap/dsse-receipt-schema-for-authority-sbomer-vexer-flows/run-001/tier2-integration-check.json (verdict=pass)