SM Remote (SM Cipher Suite Service)
Stateless cryptographic operations microservice for Chinese national standard algorithms (SM2/SM3/SM4).
Purpose
SM Remote provides Chinese national standard cryptographic algorithms (SM2 signing/verification, SM3 hashing, SM4 encryption/decryption) as a stateless microservice for regional compliance requirements. It enables Stella Ops deployments to satisfy GB/T standards by offering both soft-provider (BouncyCastle) and optional HSM/remote provider modes for production key management.
Quick Links
Status
| Attribute | Value |
|---|---|
| Maturity | Production |
| Source | src/SmRemote/ |
Key Features
- SM2 digital signatures (P-256v1 curve)
- SM3 cryptographic hashing
- SM4-ECB encryption with PKCS7 padding
- Ephemeral key management
- Soft provider and optional HSM/remote provider modes
Dependencies
Upstream
- Authority - authentication for service-to-service calls
- Cryptography - shared cryptographic primitives and abstractions
Downstream
- Signer - SM cipher operations for signing workflows
- AirGap - regional crypto support in offline environments