SDF Support for Commercial Cryptography Application

The Kunpeng commercial cryptographic module relies on a TA built in the Huawei-developed iTrustee OS. During system startup, TA firmware and the iTrustee OS are securely booted to ensure integrity protection.

• Cryptographic services and key management operate in the hardware-secured TEE to ensure key and data security.
• The multi-threading and high-concurrency scenarios are supported by leveraging CPU instructions and coprocessor capabilities.
• This software-defined cryptographic module can be quickly upgraded to support new capabilities such as the post-quantum cryptography (PQC) algorithm.
• This module supports SM4 in multiple modes (including CBC, ECB, and GCM), and single-packet and multi-packet interface capabilities.