stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
cef4cb2c5a2d29b5b40a4a25cd7f8426c8c5dd4f
git.stella-ops.org/docs/implplan/SPRINT_115_concelier_iv.md
master cef4cb2c5a Add support for ГОСТ Р 34.10 digital signatures 
- Implemented the GostKeyValue class for handling public key parameters in ГОСТ Р 34.10 digital signatures.
- Created the GostSignedXml class to manage XML signatures using ГОСТ 34.10, including methods for computing and checking signatures.
- Developed the GostSignedXmlImpl class to encapsulate the signature computation logic and public key retrieval.
- Added specific key value classes for ГОСТ Р 34.10-2001, ГОСТ Р 34.10-2012/256, and ГОСТ Р 34.10-2012/512 to support different signature algorithms.
- Ensured compatibility with existing XML signature standards while integrating ГОСТ cryptography.
2025-11-09 21:59:57 +02:00

4.8 KiB
Raw Blame History

Sprint 115 - Ingestion & Evidence · 110.B) Concelier.IV

Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).

[Ingestion & Evidence] 110.B) Concelier.IV Depends on: Sprint 110.B - Concelier.III Summary: Ingestion & Evidence focus on Concelier (phase IV).

Task ID State Task description Owners (Source)
CONCELIER-POLICY-20-002 Linkset enrichment for policy TODO Expand linkset builders with vendor-specific equivalence tables, NEVRA/PURL normalization, and version-range parsing so policy joins become more accurate without Concelier prioritizing sources. Depends on CONCELIER-POLICY-20-001. Concelier Core Guild, Policy Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core)
CONCELIER-POLICY-20-003 Selection cursors TODO Introduce advisory selection cursors + change-stream checkpoints that let Policy Engine process deltas deterministically; include offline migration scripts. Depends on CONCELIER-POLICY-20-002. Concelier Storage Guild (src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo)
CONCELIER-POLICY-23-001 Evidence indexes TODO Add secondary indexes/materialized views (alias, provider severity, correlation confidence) so policy lookups stay fast without caching derived verdicts; document the supported query patterns. Depends on CONCELIER-POLICY-20-003. Concelier Core Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core)
CONCELIER-POLICY-23-002 Event guarantees TODO Ensure advisory.linkset.updated events ship with idempotent IDs, confidence summaries, and tenant metadata so policy consumers can replay evidence feeds safely. Depends on CONCELIER-POLICY-23-001. Concelier Core Guild, Platform Events Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core)
CONCELIER-RISK-66-001 CVSS/KEV providers TODO Surface vendor-provided CVSS/KEV/fix data exactly as published (with provenance anchors) through provider APIs so risk engines can reason about upstream intent. Concelier Core Guild, Risk Engine Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core)
CONCELIER-RISK-66-002 Fix availability signals TODO Emit structured fix-availability metadata per observation/linkset (release version, advisory link, evidence timestamp) without guessing exploitability. Depends on CONCELIER-RISK-66-001. Concelier Core Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core)
CONCELIER-RISK-67-001 Source coverage metrics TODO Publish per-source coverage/conflict metrics (counts, disagreements) so explainers can cite which upstream statements exist; no weighting is applied inside Concelier. Depends on CONCELIER-RISK-66-001. Concelier Core Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core)
CONCELIER-RISK-68-001 Policy Studio integration TODO Wire advisory signal pickers into Policy Studio so curators can select which raw advisory fields feed policy gating; validation must confirm fields are provenance-backed. Depends on POLICY-RISK-68-001. Concelier Core Guild, Policy Studio Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core)
CONCELIER-RISK-69-001 Notification hooks TODO Emit notifications when upstream advisory fields change (e.g., fix available) with observation IDs + provenance so Notifications service can alert without inferring severity. Depends on CONCELIER-RISK-66-002. Concelier Core Guild, Notifications Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core)
CONCELIER-SIG-26-001 Vulnerable symbol exposure TODO Expose upstream-provided affected symbol/function lists via APIs to help reachability scoring; maintain provenance and do not infer exploitability. Depends on SIGNALS-24-002. Concelier Core Guild, Signals Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core)
CONCELIER-STORE-AOC-19-005 Raw linkset backfill TODO (2025-11-04) Execute the raw-linkset backfill/rollback plan (docs/dev/raw-linkset-backfill-plan.md) so Mongo + Offline Kit bundles reflect Link-Not-Merge data; rehearse rollback. Depends on CONCELIER-CORE-AOC-19-004. Concelier Storage Guild, DevOps Guild (src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo)
CONCELIER-TEN-48-001 Tenant-aware linking TODO Enforce tenant scoping throughout normalization/linking, expose capability endpoint advertising merge=false, and ensure events include tenant IDs. Depends on AUTH-TEN-47-001. Concelier Core Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core)
CONCELIER-VEXLENS-30-001 Advisory rationale bridges TODO Guarantee advisory key consistency and cross-links consumed by VEX Lens so consensus explanations can cite Concelier evidence without requesting merges. Depends on CONCELIER-VULN-29-001, VEXLENS-30-005. Concelier WebService Guild, VEX Lens Guild (src/Concelier/StellaOps.Concelier.WebService)