39 lines
1.2 KiB
Markdown
39 lines
1.2 KiB
Markdown
# SM Remote (SM Cipher Suite Service)
|
|
|
|
> Stateless cryptographic operations microservice for Chinese national standard algorithms (SM2/SM3/SM4).
|
|
|
|
## Purpose
|
|
|
|
SM Remote provides Chinese national standard cryptographic algorithms (SM2 signing/verification, SM3 hashing, SM4 encryption/decryption) as a stateless microservice for regional compliance requirements. It enables Stella Ops deployments to satisfy GB/T standards by offering both soft-provider (BouncyCastle) and optional HSM/remote provider modes for production key management.
|
|
|
|
## Quick Links
|
|
|
|
- [Architecture](./architecture.md)
|
|
|
|
## Status
|
|
|
|
| Attribute | Value |
|
|
|-------------|----------------------|
|
|
| **Maturity** | Production |
|
|
| **Source** | `src/SmRemote/` |
|
|
|
|
## Key Features
|
|
|
|
- SM2 digital signatures (P-256v1 curve)
|
|
- SM3 cryptographic hashing
|
|
- SM4-ECB encryption with PKCS7 padding
|
|
- Ephemeral key management
|
|
- Soft provider and optional HSM/remote provider modes
|
|
|
|
## Dependencies
|
|
|
|
### Upstream
|
|
|
|
- Authority - authentication for service-to-service calls
|
|
- Cryptography - shared cryptographic primitives and abstractions
|
|
|
|
### Downstream
|
|
|
|
- Signer - SM cipher operations for signing workflows
|
|
- AirGap - regional crypto support in offline environments
|