CDCavell.AsiBackbone.Signing.LocalDevelopment 1.2.1

Suggested Alternatives

AsiBackbone.Signing.LocalDevelopment

Additional Details

This package ID has been superseded by the simplified AsiBackbone.* package line starting with version 2.0.0. This is a project/package namespace rename, not a critical bug or security deprecation. Please migrate to the corresponding AsiBackbone.* package and update using statements from CDCavell.AsiBackbone.* to AsiBackbone.*.

dotnet add package CDCavell.AsiBackbone.Signing.LocalDevelopment --version 1.2.1
                    
NuGet\Install-Package CDCavell.AsiBackbone.Signing.LocalDevelopment -Version 1.2.1
                    
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="CDCavell.AsiBackbone.Signing.LocalDevelopment" Version="1.2.1" />
                    
For projects that support PackageReference, copy this XML node into the project file to reference the package.
<PackageVersion Include="CDCavell.AsiBackbone.Signing.LocalDevelopment" Version="1.2.1" />
                    
Directory.Packages.props
<PackageReference Include="CDCavell.AsiBackbone.Signing.LocalDevelopment" />
                    
Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.
paket add CDCavell.AsiBackbone.Signing.LocalDevelopment --version 1.2.1
                    
#r "nuget: CDCavell.AsiBackbone.Signing.LocalDevelopment, 1.2.1"
                    
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
#:package CDCavell.AsiBackbone.Signing.LocalDevelopment@1.2.1
                    
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.
#addin nuget:?package=CDCavell.AsiBackbone.Signing.LocalDevelopment&version=1.2.1
                    
Install as a Cake Addin
#tool nuget:?package=CDCavell.AsiBackbone.Signing.LocalDevelopment&version=1.2.1
                    
Install as a Cake Tool

CDCavell.AsiBackbone.Signing.LocalDevelopment

CDCavell.AsiBackbone.Signing.LocalDevelopment provides a local-development RSA signing and verification provider for exercising AsiBackbone signing abstractions without Azure Key Vault, HSM, cloud KMS, certificate-store, or external infrastructure dependencies.

New to AsiBackbone? Start with the concept, not this package: Intent to Execution: An Accountability Pattern and the documentation site. This README covers one package in the family.

Important: This package is intended for local development, samples, and tests. It is not a production managed-key provider and does not provide tamper-evidence, immutability, legal non-repudiation, compliance certification, or protected key custody by itself.

Boundary

This package implements:

  • IAsiBackboneSigningService
  • IAsiBackboneSignatureVerificationService

It signs the SigningRequest.SigningHash value using an in-process RSA key generated for the service instance and returns provider-neutral SigningMetadata.

Core remains provider-neutral. CDCavell.AsiBackbone.Core does not reference this package.

Metadata returned

Successful signing results include:

  • signing hash
  • hash algorithm
  • Base64 signature value
  • signature algorithm descriptor
  • key ID
  • key version
  • provider descriptor
  • signed UTC timestamp
  • local-development warning metadata

Signing failures in normal flow return unsigned signing metadata with explicit signing_status, failure_code, and failure_message values unless the host opts out by setting ReturnUnsignedOnFailure = false.

Example registration

var localSigningOptions = LocalDevelopmentSigningOptions.Create(
    keyId: "sample-local-dev-key",
    keyVersion: "dev");

var localSigningService = new LocalDevelopmentSigningService(localSigningOptions);

builder.Services.AddSingleton(localSigningService);
builder.Services.AddSingleton<IAsiBackboneSigningService>(localSigningService);
builder.Services.AddSingleton<IAsiBackboneSignatureVerificationService>(localSigningService);

Example flow

AuditLedgerRecord
  -> CanonicalPayloadBuilder.ForAuditLedgerRecord(...)
  -> CanonicalPayloadHasher.ComputeHash(...)
  -> SigningRequest
  -> LocalDevelopmentSigningService.SignAsync(...)
  -> SignatureVerificationRequest
  -> LocalDevelopmentSigningService.VerifyAsync(...)

Non-goals

This package does not:

  • integrate with Azure Key Vault, Managed HSM, local machine certificate stores, or cloud KMS services;
  • persist private key material;
  • provide production key rotation;
  • provide legal non-repudiation;
  • verify an audit hash chain;
  • provide immutable storage or external anchoring;
  • make unsigned, signed, or verified records tamper-evident by default.

Use a managed-key or HSM-backed provider for production workflows where signing is part of a security or audit-control boundary.

Product Compatible and additional computed target framework versions.
.NET net10.0 is compatible.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.