Sovereign Crypto Routing for Evidence Locker

Module

EvidenceLocker

Status

IMPLEMENTED

Description

Regional crypto profile routing within the Evidence Locker, directing signing and verification operations to the appropriate crypto provider (FIPS, eIDAS, GOST, SM) based on tenant configuration.

Implementation Details

Modules: src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/Signing/, src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.WebService/
Key Classes:
- EvidenceSignatureService (src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/Signing/EvidenceSignatureService.cs) - routes signing operations to regional crypto providers
- TenantResolution (src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.WebService/Security/TenantResolution.cs) - resolves tenant context for crypto profile selection
- EvidenceLockerOptions (src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Core/Configuration/EvidenceLockerOptions.cs) - configuration including regional crypto profile settings
Interfaces: IEvidenceSignatureService
Source: SPRINT_0161_0001_0001_evidencelocker.md

E2E Test Plan

Configure a tenant with FIPS crypto profile and verify EvidenceSignatureService uses FIPS-compliant signing algorithms
Configure a tenant with eIDAS crypto profile and verify eIDAS-compliant signatures are produced
Verify TenantResolution correctly resolves the tenant's crypto profile from the request context
Verify signing and verification round-trip: sign with one crypto profile and verify with the same profile
Verify cross-profile verification: an evidence bundle signed with FIPS can be verified using the correct public key
Verify EvidenceLockerOptions rejects invalid crypto profile configurations at startup

1.9 KiB Raw Blame History