Components
Code Signing API
Section titled “Code Signing API”The Code Signing API acts as the external entry point for signing requests.
Responsibilities:
- Authentication and authorization
- Request validation
- Policy enforcement
- Request routing to the signing engine
The API never has direct access to private signing keys.
Signing Engine
Section titled “Signing Engine”The Signing Engine performs cryptographic signing operations.
Responsibilities:
- Validate approved signing requests
- Invoke cryptographic providers
- Generate digital signatures
- Return signed artifacts
The signing engine operates within a restricted execution boundary.
Key Management Layer
Section titled “Key Management Layer”The Key Management Layer provides controlled access to signing keys.
Supported options include:
- Software keystore (non-production)
- Hardware Security Module (HSM)
- Cloud or on-prem KMS via PKCS#11
Private keys are never exposed outside this layer.
Policy and Metadata Store
Section titled “Policy and Metadata Store”This component maintains:
- Signing policies
- Certificate metadata
- Key associations
- Configuration state
It does not store private key material.
Audit Logging Service
Section titled “Audit Logging Service”The audit subsystem records all security-relevant actions, including:
- Signing requests
- Policy changes
- Key usage events
- Administrative access
Audit logs are immutable and suitable for compliance review.