Info |
---|
This article is valid for Smart ID Identity Manager 24.R1 or later. |
...
Each descriptor is described in detail in the sections below, including requirements how it shall be bootstrapped.
EncryptedFields
David Banz here you can decide if you want to keep the bullet list-style, or if we should go for a table instead. What do you prefer? (Table first, then the bullet list directly under the table for reference.)
Josefin Klang (Deactivated) the table has a lot of ugly linebreaks because of long lines and many columns, so not sure if it looks that good… David Banz good point, let’s stick to the bullet lists then for now.below, including requirements how it shall be bootstrapped.
EncryptedFields
Info |
---|
Descriptor included in default configuration. Correct bootstrapping is required for productive use. Only dev- and test systems may use placeholders (for example created with bootstrap.zip package or the corresponding Docker container). |
use-case: Encryption and decryption of fields in the Identity Manager database
required: always
configured in these applications:
Identity Manager Admin (previously know as PRIME Designer) David Banz can we remove PRIME from here (and everywhere in the article) or it needs to stay?
Identity Manager Operator (previously known as PRIME Explorer)
configured in these special-case tools:
batch_secretfieldstore_change_encryption_key
(repair tool for secret fields)
batch_migration_smartact_to_prime
(for migration of data from Identity Manager's/PRIME's predecessor SmartAct, it has additional requirements for decrypting secret fields and config entries from the source system)
storage: pkcs12, HSM (recommended)
versioning: not supported, always uses version 1
supported asymClipher values:
for HSM
RSA/ECB/OAEPWithSHA-384AndMGF1Padding
RSA/ECB/OAEPWithSHA-512AndMGF1Padding
for PKCS#12
RSA/None/OAEPWithSHA384AndMGF1Padding
RSA/None/OAEPWithSHA512AndMGF1Padding
general requirements:
placeholder keys/certs forbidden for productive use
confidentiality of database secrets would be at risk
the key can only be changed with the tool batch_secretfieldstore_change_encryption_key once the first secret is stored in the database
key requirements:
supported types:
RSA 2048
RSA 3072
RSA 4096 (recommended)
certificate requirements:
no special requirements, as only the key-pair is used
may be self-signed
key usage is not checked (recommended for informational purposes: set dataEncipherment)
validity is ignored
certificate does not need to be trusted
...
use-case: Authentication of Smart ID Self-Service users to the Identity Manager backend
configured in this application:
Identity Manager Operator
storage: pkcs12, HSM (recommended)
versioning: possible, but unnecessary
general requirements:
placeholder keys forbidden for productive use
even if IDM SelfService Smart ID Self-Service is not deployed the related REST endpoints could face the risk of unauthenticated access
key requirements:
supported types:
RSA 2048
RSA 3072
RSA 4096 (recommended)
certificate requirements:
may be self-signed
validity is ignored
key usage is not checked (recommended for informational purposes: set digitalSignature)
certificate does not need to be trusted
...