stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
cf5b72974f923126944f4dcd47e85864ebb31a3b
git.stella-ops.org/docs/features/unchecked/evidencelocker/doctor-evidence-integrity-check.md

2.5 KiB
Raw Blame History

Doctor Evidence Integrity Check (DSSE + Rekor + Hash Verification)

Module

EvidenceLocker

Status

IMPLEMENTED

Description

Doctor health check that validates DSSE signature validity, Rekor inclusion (or offline ledger), and evidence hash consistency using canonical JSON, with deterministic and offline-friendly output.

Implementation Details

  • Modules: src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/, src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Core/
  • Key Classes:
    • EvidenceSignatureService (src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/Signing/EvidenceSignatureService.cs) - validates DSSE signatures on evidence bundles
    • Rfc3161TimestampAuthorityClient (src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/Signing/Rfc3161TimestampAuthorityClient.cs) - RFC 3161 timestamp verification for Rekor receipts
    • NullTimestampAuthorityClient (src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/Signing/NullTimestampAuthorityClient.cs) - no-op timestamp client for offline mode
    • MerkleTreeCalculator (src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Core/Builders/MerkleTreeCalculator.cs) - recomputes Merkle tree hashes for integrity verification
    • EvidenceAuditLogger (src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.WebService/Audit/EvidenceAuditLogger.cs) - logs integrity check results
    • OfflineTimestampVerifier (src/EvidenceLocker/__Libraries/StellaOps.EvidenceLocker.Timestamping/Verification/OfflineTimestampVerifier.cs) - verifies timestamps offline without network access
  • Interfaces: IEvidenceSignatureService, ITimestampAuthorityClient
  • Source: SPRINT_20260112_004_LB_doctor_evidence_integrity_checks.md

E2E Test Plan

  • Run doctor integrity check on a valid evidence bundle and verify DSSE signature, Rekor inclusion, and hash consistency all pass
  • Tamper with an evidence bundle payload and verify EvidenceSignatureService detects the DSSE signature mismatch
  • Verify MerkleTreeCalculator recomputes the Merkle root and detects a modified evidence item
  • Verify OfflineTimestampVerifier validates timestamps without network access using bundled Rekor receipts
  • Verify Rfc3161TimestampAuthorityClient validates RFC 3161 timestamps against the authority
  • Verify integrity check output is deterministic: same bundle produces identical check results across runs