stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
e74657738086bd216ffac712ed9331401adbbbc1
git.stella-ops.org/docs/modules/verifier/README.md

1.2 KiB
Raw Blame History

Verifier

Standalone CLI tool for offline verification of evidence bundles in air-gapped environments.

Purpose

Verifier is a self-contained, cross-platform CLI binary that validates evidence bundles without requiring network access or external dependencies. It checks DSSE signatures, RFC 3161 timestamps, SHA-256 digests, and SBOM integrity, enabling compliance verification in air-gapped environments where no Stella Ops services are reachable.

Quick Links

Status

Attribute Value
Maturity Production
Source src/Verifier/

Key Features

  • Self-contained single-file binary (cross-platform: win-x64, linux-x64, linux-musl-x64, osx-x64, osx-arm64)
  • Bundle extraction (gzip+tar)
  • Manifest validation
  • DSSE signature verification
  • RFC 3161 timestamp verification
  • SHA-256 digest checking
  • Trust profile support (key whitelisting)
  • Output formats (text/JSON/markdown)

Dependencies

Upstream

  • None (standalone, offline-first design with zero runtime dependencies on Stella Ops services)

Downstream

  • AirGap - offline bundle verification workflows
  • CLI - integrated verification commands for operator use