Security standards and NIST compliance in Digital Access component
This article describes the compliance of the Smart ID Digital Access component to security standards and NIST-approved cryptographic algorithms.
Security standards
PKI – Public Key Infrastructure, see https://en.wikipedia.org/wiki/PKCS
Javascript Object Signing and Encryption (JOSE), see https://www.iana.org/assignments/jose/jose.xhtml
RSA2048 key size, or higher.
RSA PKCS#1 signature with SHA-256, see https://tools.ietf.org/html/rfc8017
AES encryption, see https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf
X.509 certificates support, see https://tools.ietf.org/html/rfc2459
PKCS#10 Certificate Signing Request, see https://tools.ietf.org/html/rfc2986
PKCS#12 archive file format bundling private keys with X.509 Certificates, see https://tools.ietf.org/html/rfc7292