SGNL-ai · kchiranjewee63 · Dec 19, 2024
diff --git a/secevent/README.md b/secevent/README.md
@@ -54,6 +54,7 @@ import (
     "crypto/rand"
     "fmt"
     "time"
+    "context"
 
     "github.com/sgnl-ai/caep.dev/secevent/pkg/schemes/caep"
     "github.com/sgnl-ai/caep.dev/secevent/pkg/builder"
@@ -98,7 +99,7 @@ func main() {
     }
 
     // Sign the SecEvent
-    signedToken, err := signer.Sign(secEvent)
+    signedToken, err := signer.Sign(context.Background(), secEvent)
     if err != nil {
         panic(err)
     }
@@ -328,14 +329,15 @@ import (
     "strings"
     "github.com/golang-jwt/jwt/v5"
     "github.com/sgnl-ai/caep.dev/secevent/pkg/signing"
+    "context"
 )
 
 // CustomSigner implements the Signer interface
 type CustomSigner struct {
     // Fields for HSM client or external service configuration
 }
 
-func (s *CustomSigner) Sign(claims jwt.Claims) (string, error) {
+func (s *CustomSigner) Sign(ctx context.Context, claims jwt.Claims) (string, error) {
     // Create token with claims
     token := jwt.NewWithClaims(s.signingMethod, claims)
 
@@ -350,7 +352,7 @@ func (s *CustomSigner) Sign(claims jwt.Claims) (string, error) {
     }
 
     // Use your HSM or external service to sign the string
-    signature, err := externalSign(signingString)
+    signature, err := externalSign(ctx, signingString)
     if err != nil {
         return "", err
     }
@@ -360,7 +362,7 @@ func (s *CustomSigner) Sign(claims jwt.Claims) (string, error) {
 }
 
 // externalSign is a placeholder function representing the external signing process
-func externalSign(signingString string) (string, error) {
+func externalSign(ctx context.Context, signingString string) (string, error) {
     // Implement the signing logic using your HSM or external service
     return "signature", nil
 }
@@ -373,7 +375,7 @@ func main() {
         WithIssuer("https://issuer.example.com")
         // ... other SecEvent configuration
 
-    signedToken, err := customSigner.Sign(secEvent)
+    signedToken, err := customSigner.Sign(context.Background(), secEvent)
     if err != nil {
         panic(err)
     }

diff --git a/.../buildingsecevents/caep/assurancelevelchange/building_assurance_level_change_sec_event.go b/.../buildingsecevents/caep/assurancelevelchange/building_assurance_level_change_sec_event.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"context"
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
@@ -50,7 +51,7 @@ func main() {
 	}
 
 	// Sign the SecEvent
-	signedToken, err := signer.Sign(secEvent)
+	signedToken, err := signer.Sign(context.Background(), secEvent)
 	if err != nil {
 		panic(err)
 	}

diff --git a/...vent/examples/buildingsecevents/caep/sessionrevoked/building_session_revoked_sec_event.go b/...vent/examples/buildingsecevents/caep/sessionrevoked/building_session_revoked_sec_event.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"context"
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
@@ -50,7 +51,7 @@ func main() {
 	}
 
 	// Sign the SecEvent
-	signedToken, err := signer.Sign(secEvent)
+	signedToken, err := signer.Sign(context.Background(), secEvent)
 	if err != nil {
 		panic(err)
 	}

diff --git a/secevent/examples/buildingsecevents/ssf/verification/building_verification_sec_event.go b/secevent/examples/buildingsecevents/ssf/verification/building_verification_sec_event.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"context"
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
@@ -47,7 +48,7 @@ func main() {
 	}
 
 	// Sign the SecEvent
-	signedToken, err := signer.Sign(secEvent)
+	signedToken, err := signer.Sign(context.Background(), secEvent)
 	if err != nil {
 		panic(err)
 	}

diff --git a/...ange/withoutverification/parsing_assurance_level_change_sec_event_without_verification.go b/...ange/withoutverification/parsing_assurance_level_change_sec_event_without_verification.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"context"
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
@@ -154,7 +155,7 @@ func generateSignedAssuranceLevelChangeSecEvent(privateKey *ecdsa.PrivateKey) (s
 	}
 
 	// Sign the SecEvent
-	signedToken, err := signer.Sign(secEvent)
+	signedToken, err := signer.Sign(context.Background(), secEvent)
 	if err != nil {
 		return "", fmt.Errorf("failed to sign event: %w", err)
 	}

diff --git a/...evelchange/withverification/parsing_assurance_level_change_sec_event_with_verification.go b/...evelchange/withverification/parsing_assurance_level_change_sec_event_with_verification.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"context"
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
@@ -155,7 +156,7 @@ func generateSignedAssuranceLevelChangeSecEvent(privateKey *ecdsa.PrivateKey) (s
 	}
 
 	// Sign the SecEvent
-	signedToken, err := signer.Sign(secEvent)
+	signedToken, err := signer.Sign(context.Background(), secEvent)
 	if err != nil {
 		return "", fmt.Errorf("failed to sign event: %w", err)
 	}

diff --git a/...sionrevoked/withoutverification/parsing_session_revoked_sec_event_without_verification.go b/...sionrevoked/withoutverification/parsing_session_revoked_sec_event_without_verification.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"context"
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
@@ -147,7 +148,7 @@ func generateSignedSessionRevokedSecEvent(privateKey *ecdsa.PrivateKey) (string,
 	}
 
 	// Sign the SecEvent
-	signedToken, err := signer.Sign(secEvent)
+	signedToken, err := signer.Sign(context.Background(), secEvent)
 	if err != nil {
 		return "", fmt.Errorf("failed to sign event: %w", err)
 	}

diff --git a/...ep/sessionrevoked/withverification/parsing_session_revoked_sec_event_with_verification.go b/...ep/sessionrevoked/withverification/parsing_session_revoked_sec_event_with_verification.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"context"
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
@@ -148,7 +149,7 @@ func generateSignedSessionRevokedSecEvent(privateKey *ecdsa.PrivateKey) (string,
 	}
 
 	// Sign the SecEvent
-	signedToken, err := signer.Sign(secEvent)
+	signedToken, err := signer.Sign(context.Background(), secEvent)
 	if err != nil {
 		return "", fmt.Errorf("failed to sign event: %w", err)
 	}

diff --git a/.../streamupdate/withoutverification/parsing_stream_update_sec_event_without_verification.go b/.../streamupdate/withoutverification/parsing_stream_update_sec_event_without_verification.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"context"
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
@@ -137,7 +138,7 @@ func generateSignedStreamUpdateSecEvent(privateKey *ecdsa.PrivateKey) (string, e
 	}
 
 	// Sign the SecEvent
-	signedToken, err := signer.Sign(secEvent)
+	signedToken, err := signer.Sign(context.Background(), secEvent)
 	if err != nil {
 		return "", fmt.Errorf("failed to sign event: %w", err)
 	}

diff --git a/...ts/ssf/streamupdate/withverification/parsing_stream_update_sec_event_with_verification.go b/...ts/ssf/streamupdate/withverification/parsing_stream_update_sec_event_with_verification.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"context"
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
@@ -138,7 +139,7 @@ func generateSignedStreamUpdateSecEvent(privateKey *ecdsa.PrivateKey) (string, e
 	}
 
 	// Sign the SecEvent
-	signedToken, err := signer.Sign(secEvent)
+	signedToken, err := signer.Sign(context.Background(), secEvent)
 	if err != nil {
 		return "", fmt.Errorf("failed to sign event: %w", err)
 	}

diff --git a/secevent/pkg/signing/signer.go b/secevent/pkg/signing/signer.go
@@ -1,6 +1,7 @@
 package signing
 
 import (
+	"context"
 	"crypto"
 	"crypto/ecdsa"
 	"crypto/rsa"
@@ -11,7 +12,7 @@ import (
 
 // Signer defines the interface for signing tokens
 type Signer interface {
-	Sign(claims jwt.Claims) (string, error)
+	Sign(ctx context.Context, claims jwt.Claims) (string, error)
 }
 
 // DefaultSigner uses the user supplied private key to sign
@@ -57,7 +58,8 @@ func NewSigner(signingKey crypto.PrivateKey, opts ...SignerOption) (*DefaultSign
 	return signer, nil
 }
 
-func (s *DefaultSigner) Sign(claims jwt.Claims) (string, error) {
+func (s *DefaultSigner) Sign(ctx context.Context, claims jwt.Claims) (string, error) {
+	// ctx is unused in this implementation since signing is purely local and operation is fast
 	token := jwt.NewWithClaims(s.signingMethod, claims)
 
 	if s.keyID != nil {