Excalibur.AuditLogging.Abstractions
3.0.0-alpha.216
dotnet add package Excalibur.AuditLogging.Abstractions --version 3.0.0-alpha.216
NuGet\Install-Package Excalibur.AuditLogging.Abstractions -Version 3.0.0-alpha.216
<PackageReference Include="Excalibur.AuditLogging.Abstractions" Version="3.0.0-alpha.216" />
<PackageVersion Include="Excalibur.AuditLogging.Abstractions" Version="3.0.0-alpha.216" />
<PackageReference Include="Excalibur.AuditLogging.Abstractions" />
paket add Excalibur.AuditLogging.Abstractions --version 3.0.0-alpha.216
#r "nuget: Excalibur.AuditLogging.Abstractions, 3.0.0-alpha.216"
#:package Excalibur.AuditLogging.Abstractions@3.0.0-alpha.216
#addin nuget:?package=Excalibur.AuditLogging.Abstractions&version=3.0.0-alpha.216&prerelease
#tool nuget:?package=Excalibur.AuditLogging.Abstractions&version=3.0.0-alpha.216&prerelease
Excalibur.AuditLogging.Abstractions
Backend-agnostic audit-trail integrity abstractions for the Excalibur framework.
This package defines the single shared tamper-evidence contract consumed by every audit sink
(Excalibur.AuditLogging, Excalibur.Data.ElasticSearch security audit, …), so all backends provide the
same guarantee instead of each rolling its own scheme.
Contents
IAuditIntegrityStrategy— the keyed-MAC + hash-chain tamper-evidence contract. Operates on opaque canonical bytes so one implementation serves every backend. Keyed (HMAC), fail-closed on a missing key, constant-time verification, versioned tags (v1:{keyId}:{mac}).AuditRecordCanonicalizer— the deterministic, version-prefixed, length-prefixed (boundary-injective) canonicalization helper. Each backend canonicalizes its own record's integrity-covered fields through this before computing or verifying a tag.AuditChainLink/AuditChainVerificationResult— the chain-verification value types.IAuditSigningKeyProvider(added in a follow-up) — supplies the secret signing key, held outside the audit store.
Design
- Provider → abstraction. Audit sinks depend on this package; this package depends on no sink.
- Keyed and chained. The MAC covers
canonicalize(record) ‖ priorTag, so forging a record or inserting / deleting / reordering records is detectable without the key. - Verify live fields. Verification re-canonicalizes the reloaded record's live fields — never a persisted canonical blob — so it checks the queryable record an attacker could tamper with.
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net10.0 is compatible. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
-
net10.0
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 10.0.7)
- Microsoft.Extensions.Options (>= 10.0.7)
NuGet packages (2)
Showing the top 2 NuGet packages that depend on Excalibur.AuditLogging.Abstractions:
| Package | Downloads |
|---|---|
|
Excalibur.Data.ElasticSearch
ElasticSearch provider implementation for Excalibur data access layer. |
|
|
Excalibur.AuditLogging
Audit logging implementation for the Excalibur framework. Provides SHA-256 hash-chained, tamper-evident audit logging SOC2 compliance requirements. |
GitHub repositories
This package is not used by any popular GitHub repositories.
| Version | Downloads | Last Updated |
|---|---|---|
| 3.0.0-alpha.216 | 64 | 6/30/2026 |