Lab testing
HSM
gRPC cryptography service with partition-aware access control
Rust gRPC service exposing RSA, ECDSA, hash, PQC, symmetric, and curve operations with partition credential validation.
What ships on day one
- Service modules for RSA, ECDSA, SHA-2/SHA-3/SM3, AES, Curve25519/448, ML-DSA, and ML-KEM
- JSON-based partition id/secret validation hooks for request gating
- Protobuf/prost service boundaries with reusable middleware and partition crates
Deployment choices
Deploy as a dedicated cryptography service and attach it to your application stack through gRPC.
- Self Hosted
Engineering blueprint
Cryptography services with a practical rollout path.
Crypto service coverage
- Supports RSA, ECDSA, SHA-2/SHA-3/SM3, AES, Curve25519/448, ML-DSA, and ML-KEM
- Services are exposed over gRPC with clear API boundaries
- Modules can be evolved independently as the product grows
Access model
- Partition credentials are loaded from JSON config
- Requests can be checked against partition id and secret rules
- Defaults are safe when no partition file is provided
Operational structure
- Middleware, service, and partition crates are separated for maintainability
- Runs as a single Rust binary and exposes multiple crypto endpoints
- Built and shipped through the same dual-arch Bazel/OCI workflow as other products
Service inventory
Clear gRPC service boundaries for each supported algorithm family
Partition checks
Partition credentials can be validated before sensitive operations
Runtime logging
Structured service logs help operators trace startup and integration issues
Operational readiness
Practical deployment readiness.
- Linux binary and OCI images are available from Bazel targets
- Configuration supports straightforward JSON-based partition setup
- Modular crate layout keeps future API additions manageable
Next step
Ready to review your integration plan?
Email labs@titaniumguard.in to review service integration and rollout planning.