stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity
Files
4bdc298ec1fc821ee0d9dda6d2d4643dcedf6b35
git.stella-ops.org/docs/features/unchecked/cryptography/additional-crypto-profiles.md

41 lines
2.2 KiB
Markdown
Raw Blame History

# Additional Crypto Profiles (GOST, SM2, eIDAS, PQC)
## Status
IMPLEMENTED (PARTIALLY)
## Description
The advisory explicitly deferred GOST R 34.10-2012, SM2, eIDAS, and post-quantum crypto profiles to future work. Note: the broader repo does have crypto modules under src/Cryptography and src/SmRemote, but those are part of separate efforts.
## Why Marked as Dropped (Correction)
**FINDING: These crypto profiles ARE implemented as plugins.** The following plugin projects exist under `src/Cryptography/`:
- `StellaOps.Cryptography.Plugin.Gost` -- GOST R 34.10-2012 support via `GostPlugin.cs`
- `StellaOps.Cryptography.Plugin.Eidas` -- eIDAS support via `EidasPlugin.cs`, includes ETSI conformance test vectors
- `StellaOps.Cryptography.Plugin.Sm` -- SM2/SM3 support
- `StellaOps.Cryptography.Plugin.Fips` -- FIPS 140 compliance plugin
- `StellaOps.Cryptography.Plugin.Hsm` -- HSM integration plugin
Additional infrastructure: `StellaOps.Cryptography.Plugin` base class (`CryptoPluginBase.cs`), `MultiProfileSigner.cs`, `SignatureProfile.cs`, ECDSA and EdDSA profile libraries. PQC (post-quantum) is the only profile that does not appear to have a dedicated plugin yet.
## Implementation Details
- Plugin architecture: `src/Cryptography/StellaOps.Cryptography.Plugin/CryptoPluginBase.cs`
- GOST: `src/Cryptography/StellaOps.Cryptography.Plugin.Gost/GostPlugin.cs`
- eIDAS: `src/Cryptography/StellaOps.Cryptography.Plugin.Eidas/EidasPlugin.cs`
- SM2: `src/Cryptography/StellaOps.Cryptography.Plugin.Sm/`
- FIPS: `src/Cryptography/StellaOps.Cryptography.Plugin.Fips/`
- HSM: `src/Cryptography/StellaOps.Cryptography.Plugin.Hsm/`
- Tests: `src/Cryptography/__Tests/`, plus tests in `src/__Libraries/__Tests/StellaOps.Cryptography.Tests/`
## E2E Test Plan
- Verify each crypto plugin can sign and verify payloads
- Validate ETSI conformance test vectors pass for eIDAS plugin
- Test multi-profile signing via MultiProfileSigner
- Confirm plugin discovery and loading via CryptoPluginBase
## Source
- Feature matrix scan
## Notes
- Module: Cryptography
- Modules referenced: `src/Cryptography/`, `src/SmRemote/`
- **Status should be reclassified from NOT_FOUND to IMPLEMENTED (PARTIALLY) -- only PQC remains unimplemented**
Reference in New Issue View Git Blame Copy Permalink