stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
1bf6bbf3955ecbd8d20f5eeb767da5c7f8324b57
git.stella-ops.org/docs/features/unchecked/cryptography/additional-crypto-profiles.md

2.2 KiB
Raw Blame History

Additional Crypto Profiles (GOST, SM2, eIDAS, PQC)

Status

IMPLEMENTED (PARTIALLY)

Description

The advisory explicitly deferred GOST R 34.10-2012, SM2, eIDAS, and post-quantum crypto profiles to future work. Note: the broader repo does have crypto modules under src/Cryptography and src/SmRemote, but those are part of separate efforts.

Why Marked as Dropped (Correction)

FINDING: These crypto profiles ARE implemented as plugins. The following plugin projects exist under src/Cryptography/:

  • StellaOps.Cryptography.Plugin.Gost -- GOST R 34.10-2012 support via GostPlugin.cs
  • StellaOps.Cryptography.Plugin.Eidas -- eIDAS support via EidasPlugin.cs, includes ETSI conformance test vectors
  • StellaOps.Cryptography.Plugin.Sm -- SM2/SM3 support
  • StellaOps.Cryptography.Plugin.Fips -- FIPS 140 compliance plugin
  • StellaOps.Cryptography.Plugin.Hsm -- HSM integration plugin

Additional infrastructure: StellaOps.Cryptography.Plugin base class (CryptoPluginBase.cs), MultiProfileSigner.cs, SignatureProfile.cs, ECDSA and EdDSA profile libraries. PQC (post-quantum) is the only profile that does not appear to have a dedicated plugin yet.

Implementation Details

  • Plugin architecture: src/Cryptography/StellaOps.Cryptography.Plugin/CryptoPluginBase.cs
  • GOST: src/Cryptography/StellaOps.Cryptography.Plugin.Gost/GostPlugin.cs
  • eIDAS: src/Cryptography/StellaOps.Cryptography.Plugin.Eidas/EidasPlugin.cs
  • SM2: src/Cryptography/StellaOps.Cryptography.Plugin.Sm/
  • FIPS: src/Cryptography/StellaOps.Cryptography.Plugin.Fips/
  • HSM: src/Cryptography/StellaOps.Cryptography.Plugin.Hsm/
  • Tests: src/Cryptography/__Tests/, plus tests in src/__Libraries/__Tests/StellaOps.Cryptography.Tests/

E2E Test Plan

  • Verify each crypto plugin can sign and verify payloads
  • Validate ETSI conformance test vectors pass for eIDAS plugin
  • Test multi-profile signing via MultiProfileSigner
  • Confirm plugin discovery and loading via CryptoPluginBase

Source

  • Feature matrix scan

Notes

  • Module: Cryptography
  • Modules referenced: src/Cryptography/, src/SmRemote/
  • Status should be reclassified from NOT_FOUND to IMPLEMENTED (PARTIALLY) -- only PQC remains unimplemented