Assortment of updates (#303)

- Change SBOM too from Cyclodex to Microsoft SBOM.
- Re-arrange files.
- Refactor, update, fix code and tests.
- Add comments (for documentation).

.config/dotnet-tools.json

@@ -9,7 +9,7 @@
       ]
     },
     "dotnet-stryker": {
-      "version": "3.12.0",
+      "version": "4.0.0",
       "commands": [
         "dotnet-stryker"
       ]
@@ -31,17 +31,17 @@
       "commands": [
         "sharpfuzz"
       ]
-    },
-    "cyclonedx": {
-      "version": "2.9.0",
+    },    
+    "dotnet-reportgenerator-globaltool": {
+      "version": "5.2.1",
       "commands": [
-        "dotnet-CycloneDX"
+        "reportgenerator"
       ]
     },
-    "dotnet-reportgenerator-globaltool": {
-      "version": "5.2.0",
+    "microsoft.sbom.dotnettool": {
+      "version": "2.2.3",
       "commands": [
-        "reportgenerator"
+        "sbom-tool"
       ]
     }
   }

.github/workflows/main.yml

@@ -68,11 +68,12 @@ jobs:
           dashboard.stryker-mutator.io:443
           dotnetcli.azureedge.net:443
           github.com:443
+          api.clearlydefined.io:443
     
     # Windows builds may have insufficient resource limits, so they're increased.
     - name: Configure Windows Pagefile
       if: ${{ matrix.os == 'windows-latest' }}
-      uses: al-cheb/configure-pagefile-action@86589fd789a4de3e62ba628dda2cb10027b66d67
+      uses: al-cheb/configure-pagefile-action@a3b6ebd6b634da88790d9c58d4b37a7f4a7b8708
       with:
           minimum-size: 8GB
           maximum-size: 32GB
@@ -132,10 +133,14 @@ jobs:
     # - name: Run dotnet format
     #  run: dotnet format --check
 
-    # There may a difference in libraries between platforms.
-    - name: Run BOM analysis
-      run: dotnet CycloneDX Verifiable.sln --json --out ${{ github.workspace }}/bom/${{ matrix.os }}    
+    # - name: The sbom-tool does not generate the output directory and fails if it not present.
+    - name: Install sbom-tool
+      run: mkdir -p "${{ github.workspace }}/${{ matrix.os }}/sbom/"
 
+    # There may a difference in libraries between platforms, so the tool is being run on all platforms.
+    - name: Run BOM analysis
+      run: dotnet tool run sbom-tool generate -DeleteManifestDirIfPresent true -BuildDropPath "${{ github.workspace }}/${{ matrix.os }}/sbom/" -FetchLicenseInformation true -EnablePackageMetadataParsing true -BuildComponentPath . -PackageName "Verifiable" -PackageSupplier "Lumoin" -NamespaceUriBase "https://lumoin.com/verifiable" -PackageVersion 1.0.0 -Verbosity Verbose  
+
     # The version numbers are determined and set here so it can be set appropriately to code and NuGet packages.
     # See explanation at https://dusted.codes/github-actions-for-dotnet-core-nuget-packages.
     - name: Set NuGet packages and suffix version
@@ -250,22 +255,22 @@ jobs:
 
     - name: Publish coverage summary
       if: ${{ matrix.os == 'ubuntu-latest' && github.event_name == 'pull_request' && github.actor != 'dependabot[bot]' }}
-      uses: marocchino/sticky-pull-request-comment@efaaab3fd41a9c3de579aba759d2552635e590fd
+      uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31
       with:
         header: Report
         path: '${{ github.workspace }}/reports/coverage/Summary.md'
         recreate: true
 
     - name: Create test summary
       if: ${{ matrix.os == 'ubuntu-latest' && github.event_name == 'pull_request' && github.actor != 'dependabot[bot]' }}
-      uses: test-summary/action@fee35d7df20790255fe6aa92cf0f6d28092ecf2f
+      uses: test-summary/action@032c8a9cec6aaa3c20228112cae6ca10a3b29336
       with:
         paths: '${{ github.workspace }}/reports/coverage/TestResults.xml'
         # output: '${{ github.workspace }}/${{ env.file_name }}'
 
     # - name: Comment PR with the generated test Markdown
     #  if: ${{ matrix.os == 'ubuntu-latest' && github.event_name == 'pull_request' && github.actor != 'dependabot[bot]' }}
-    #  uses: marocchino/sticky-pull-request-comment@efaaab3fd41a9c3de579aba759d2552635e590fd
+    #  uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31
     #  with:
     #    path: ${{ env.file_name }}
 
@@ -299,7 +304,7 @@ jobs:
 
     - name: Upload Verifiable Nuget packages
       if: ${{ matrix.os == 'ubuntu-latest' }}
-      uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v3.1.3
+      uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
       with:
         name: nupkg
         path: |
@@ -335,6 +340,7 @@ jobs:
               dotnetcli.azureedge.net:443
               github.com:443
               nuget.pkg.github.com:443
+              api.clearlydefined.io:443
 
         - name: Download NuGet artifacts
           uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe

.gitignore

@@ -33,7 +33,7 @@ bld/
 [Ll]ogs/
 
 # Script result directories
-bom-analysis/
+sbom/
 generated-reports/
 generated-nugets/
 

Verifiable.sln

@@ -9,13 +9,11 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution
 		.gitattributes = .gitattributes
 		.gitignore = .gitignore
 		BannedSymbols.txt = BannedSymbols.txt
-		.github\dependabot.yml = .github\dependabot.yml
 		resources\diagram.svg = resources\diagram.svg
 		Directory.Build.props = Directory.Build.props
 		Directory.Packages.props = Directory.Packages.props
 		global.json = global.json
 		LICENSE = LICENSE
-		.github\workflows\main.yml = .github\workflows\main.yml
 		README.md = README.md
 	EndProjectSection
 EndProject
@@ -48,6 +46,18 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Verifiable.DecentralizedWeb
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Verifiable.Jwt", "src\Verifiable.Jwt\Verifiable.Jwt.csproj", "{FF947DEC-29E7-4700-94A4-0E84B2917BF5}"
 EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = ".github", ".github", "{737B175F-5A06-480C-B93F-42B31EF4EFA7}"
+	ProjectSection(SolutionItems) = preProject
+		.github\dependabot.yml = .github\dependabot.yml
+	EndProjectSection
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "workflows", "workflows", "{1B79A5A8-0754-4F72-AD32-E791F9A8ED23}"
+	ProjectSection(SolutionItems) = preProject
+		.github\workflows\codeql-analysis.yml = .github\workflows\codeql-analysis.yml
+		.github\workflows\diagram.yml = .github\workflows\diagram.yml
+		.github\workflows\main.yml = .github\workflows\main.yml
+	EndProjectSection
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -114,6 +124,8 @@ Global
 		{5BDA0E33-003F-4500-8AFD-D51A8643E8CA} = {5E61E0DC-3195-4CE2-B9BD-A06D38FBE2BB}
 		{4256AF88-B47D-44E3-AEC7-D9F227749468} = {5E61E0DC-3195-4CE2-B9BD-A06D38FBE2BB}
 		{FF947DEC-29E7-4700-94A4-0E84B2917BF5} = {5E61E0DC-3195-4CE2-B9BD-A06D38FBE2BB}
+		{737B175F-5A06-480C-B93F-42B31EF4EFA7} = {35CAB8A9-7332-4D46-BBD3-83A37A747F5E}
+		{1B79A5A8-0754-4F72-AD32-E791F9A8ED23} = {737B175F-5A06-480C-B93F-42B31EF4EFA7}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {B3AC63DE-C110-4924-B7DB-FFAC4704246F}

generate-sbom.ps1

@@ -0,0 +1,3 @@
+Remove-Item "./sbom" -Recurse -Force -ErrorAction SilentlyContinue
+New-Item -ItemType Directory -Force -Path "./sbom"
+dotnet tool run sbom-tool generate -DeleteManifestDirIfPresent true -BuildDropPath "./sbom" -FetchLicenseInformation true -EnablePackageMetadataParsing true -BuildComponentPath . -PackageName "Verifiable" -PackageSupplier "Lumoin" -NamespaceUriBase "https://lumoin.com/verifiable" -PackageVersion 1.0.0 -Verbosity Verbose

global.json

@@ -1,6 +1,6 @@
 {
   "sdk": {
-    "version": "8.0.200",
+    "version": "8.0.201",
     "rollForward": "latestFeature"
   }
 }

src/Verifiable.Core/Assessment/KeyDidValidationRules.cs

@@ -4,6 +4,7 @@
 using System.Threading.Tasks;
 using Verifiable.Core;
 using Verifiable.Core.Did;
+using Verifiable.Core.Did.Methods;
 
 
 namespace Verifiable.Assessment
@@ -40,7 +41,7 @@ public static ValueTask<IList<Claim>> ValidateIdEncodingAsync(DidDocument docume
                 var idFormat = document.Id.Id.AsSpan();
                 var didNameAndVerb = idFormat[0..8];
                 var keyDidType = idFormat[8..];
-                if(didNameAndVerb.SequenceEqual(KeyDidId.Prefix))
+                if(didNameAndVerb.SequenceEqual(KeyDidMethod.Prefix))
                 {
                     if(
                         keyDidType.StartsWith(Base58BtcEncodedMulticodecHeaders.P256PublicKey)

src/Verifiable.Core/Assessment/TracingUtilities.cs

@@ -36,7 +36,7 @@ public static string GetOrCreateSpanId()
         /// <returns></returns>
         public static IReadOnlyDictionary<string, string> GetOrCreateBaggage()
         {
-            return Activity.Current?.Baggage?.ToDictionary(kv => kv.Key ?? string.Empty, kv => kv.Value ?? string.Empty) ?? new Dictionary<string, string>();
+            return Activity.Current?.Baggage?.ToDictionary(kv => kv.Key ?? string.Empty, kv => kv.Value ?? string.Empty) ?? [];
         }
     }
 }

src/Verifiable.Core/Builders/KeyDidBuilder.cs

@@ -1,5 +1,7 @@
 using Verifiable.Core.Cryptography;
+using Verifiable.Core.Cryptography.Context;
 using Verifiable.Core.Did;
+using Verifiable.Core.Did.Methods;
 using Verifiable.Cryptography;
 
 namespace Verifiable.Core.Builders
@@ -27,10 +29,10 @@ public KeyDidBuilder()
                 PublicKeyMemory publicKey = buildInvariant.PublicKey;
                 CryptoSuite cryptoSuiteChosen = buildInvariant.Suite;
 
-                var keyFormatSelected = SsiKeyFormatSelector.DefaultKeyFormatSelector(typeof(KeyDidId), cryptoSuiteChosen);
+                var keyFormatSelected = SsiKeyFormatSelector.DefaultKeyFormatSelector(typeof(KeyDidMethod), cryptoSuiteChosen);
                 var keyFormat = SsiKeyFormatSelector.DefaultKeyFormatCreator(keyFormatSelected, publicKey);
-                didDocument.VerificationMethod = new[]
-                {
+                didDocument.VerificationMethod =
+                [
                     new VerificationMethod
                     {
                         //TODO: Add a method to create 
@@ -39,7 +41,7 @@ public KeyDidBuilder()
                         Controller = $"did:key:{encodedPublicKey}",
                         KeyFormat = keyFormat
                     }
-                };
+                ];
 
                 return didDocument;
             })
@@ -52,7 +54,7 @@ public KeyDidBuilder()
                 var didId = $"did:key:{base58EncodedKey}";
                 var didFormalId = $"did:key:{base58EncodedKey}#{base58EncodedKey}";
 
-                didDocument.Id = new KeyDidId(didId);
+                didDocument.Id = new KeyDidMethod(didId);
 
                 didDocument.AssertionMethod = new[] { new AssertionMethod(didFormalId) };
                 didDocument.Authentication = new[] { new AuthenticationMethod(didFormalId) };

src/Verifiable.Core/Cryptography/CryptoAlgorithm.cs → src/Verifiable.Core/Cryptography/Context/CryptoAlgorithm.cs

@@ -1,14 +1,30 @@
 using System;
 using System.Collections.Generic;
-using System.Linq;
+using System.ComponentModel;
+using System.Diagnostics.CodeAnalysis;
 
-namespace Verifiable.Core.Cryptography
+
+namespace Verifiable.Core.Cryptography.Context
 {
+    [AttributeUsage(AttributeTargets.Property, Inherited = false, AllowMultiple = false)]
+    public sealed class CryptoAlgorithmRegistrationAttribute: Attribute
+    {
+    }
+
+
     /// <summary>
     /// This record represents different cryptographic algorithms that are used to generate key material.
     /// Each algorithm is represented by an integer constant.
     /// </summary>
-    public sealed class CryptoAlgorithm
+    /// <remarks>
+    /// This class is part of a structured tagging mechanism designed to clearly
+    /// define cryptographic contexts without relying on OIDs, JWT values, or other
+    /// identifiers that could be ambiguous over time or need extensive parsing. This works in
+    /// conjunction with <see cref="EncodingScheme"/> and <see cref="Purpose"/>
+    /// to provide a comprehensive framework for representing and manipulating 
+    /// cryptographic material.
+    /// </remarks>
+    public readonly struct CryptoAlgorithm: IEquatable<CryptoAlgorithm>
     {
         /// <summary>
         /// Secp256k1.
@@ -19,6 +35,7 @@ public sealed class CryptoAlgorithm
         /// Purpose (e.g. public or private key) is defined in <see cref="Purpose"/>.
         /// Encoding method is defined in <see cref="EncodingScheme"/>.
         /// </remarks>
+        [CryptoAlgorithmRegistration]
         public static CryptoAlgorithm Secp256k1 { get; } = new CryptoAlgorithm(0);
 
         /// <summary>
@@ -138,28 +155,84 @@ public sealed class CryptoAlgorithm
         /// </remarks>
         public static CryptoAlgorithm WindowsPlatformEncrypted { get; } = new CryptoAlgorithm(11);
 
-        private static List<CryptoAlgorithm> algorithms = new List<CryptoAlgorithm>(new[] { Rsa2048 });
+        private static List<CryptoAlgorithm> algorithms = new([Rsa2048]);
 
         public static IReadOnlyList<CryptoAlgorithm> Algorithms => algorithms.AsReadOnly();
 
         public int Algorithm { get; }
 
-        private CryptoAlgorithm(int algorithm)
-        {
-            Algorithm = algorithm;
-        }
 
         public static CryptoAlgorithm Create(int algorithm)
         {
-            if(algorithms.Any(p => p.Algorithm == algorithm))
+            for(int i = 0; i < algorithms.Count; ++i)
             {
-                throw new ArgumentException("Code already exists.");
+                if(algorithms[i].Algorithm == algorithm)
+                {
+                    throw new ArgumentException("Code already exists.");
+                }
             }
 
             var newAlgorithm = new CryptoAlgorithm(algorithm);
             algorithms.Add(newAlgorithm);
 
             return newAlgorithm;
         }
+
+
+        /// <inheritdoc />
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        public bool Equals(CryptoAlgorithm other)
+        {            
+            return Algorithm == other.Algorithm;
+        }
+
+
+        /// <inheritdoc />
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        public override bool Equals([NotNullWhen(true)] object? o) => o is CryptoAlgorithm cryptoAlgorithm && Equals(cryptoAlgorithm);
+
+
+        /// <inheritdoc />
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        public static bool operator ==(in CryptoAlgorithm cryptoAlgorithm1, in CryptoAlgorithm cryptoAlgorithm2) => Equals(cryptoAlgorithm1, cryptoAlgorithm2);
+
+
+        /// <inheritdoc />
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        public static bool operator !=(in CryptoAlgorithm cryptoAlgorithm1, in CryptoAlgorithm cryptoAlgorithm2) => !Equals(cryptoAlgorithm1, cryptoAlgorithm2);
+
+
+        /// <inheritdoc />
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        public static bool operator ==(in object cryptoAlgorithm1, in CryptoAlgorithm cryptoAlgorithm2) => Equals(cryptoAlgorithm1, cryptoAlgorithm2);
+
+
+        /// <inheritdoc />
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        public static bool operator ==(in CryptoAlgorithm cryptoAlgorithm1, in object cryptoAlgorithm2) => Equals(cryptoAlgorithm1, cryptoAlgorithm2);
+
+
+        /// <inheritdoc />
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        public static bool operator !=(in object cryptoAlgorithm1, in CryptoAlgorithm cryptoAlgorithm2) => !Equals(cryptoAlgorithm1, cryptoAlgorithm2);
+
+
+        /// <inheritdoc />
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        public static bool operator !=(in CryptoAlgorithm cryptoAlgorithm1, in object cryptoAlgorithm2) => !Equals(cryptoAlgorithm1, cryptoAlgorithm2);
+
+
+        /// <inheritdoc />
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        public override int GetHashCode()
+        {
+            return base.GetHashCode();
+        }
+
+
+        private CryptoAlgorithm(int algorithm)
+        {
+            Algorithm = algorithm;
+        }
     }
 }