Versions Compared

Version Old Version 68 New Version 69
Changes made by

Paul Zachos

Paul Zachos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

This article is valid for Smart ID Identity Manager 24.R1 or later.

...

  • Encryption and decryption of fields in the Identity Manager database (“encryptedFields“)

  • Signing and verification of the object history (“objectHistorySigner“)

  • Signing , validation and encryption and validation of the configuration files (“configZipSigner“)

  • Encryption of the configuration files (“configZipEncrypter“)

  • Signing and encryption of emails (“signEmailDescriptor“, what about encryption?)

  • Creation of device encryption certificates that are used in Smart ID messaging (“hermodDeviceEnc“)

  • Creation of JWS signatures used for Smart ID messaging content provider API (“ContentProviderJWSSigner“)

  • Authentication of Smart ID Self-Service users to the Identity Manager backend (“SelfServiceJWTSigner“)

  • Decryption of PIN blobs from pre-personalized smart-cards created with the Personal Desktop Client

  • Attestation for provisioning to Smart ID Mobile / Desktop Apps (“att_*“)

The sign and encrypt engine provides a consistent configuration of keys and certificates for both signing and encryption. You can define algorithms and parameters and reference keys from an HSM (for most use-cases) or from PKCS#12 files (for all use cases).

...