PKI

Codegic provides expert services on Public Key Infrastructure and related techologies. We have practical development experience in the following PKI domains:

Digital Certificates

Digital Signatures

Timestamping, OCSP, SCEP

CA/B Forum Guidelines

PKCS standards, Algorithms

Misc Standards, Common Criteria, Smart Cards, HSM

Certification Authorities

PKI

Expertise Details

Digital Certificates

  • X509 v3 certificates

Certification Authorities

  • Microsoft CA
  • ADSS Server

OCSP standards

  • RFC 2560
  • RFC 6960

CA/B forum

  • SSL
  • EVSSL
  • EV CodeSign

Timestamping

  • RFC 3161
  • Microsoft Authenticode
  • RFC 5816
  • ETSI TS 101 861

Digital Signatures

  • XAdES (XML DSig, XAdES-EPES, XAdES2-BES, XAdES-T, XAdES-C, XAdES-X (Type 2), XAdES-X-L, XAdES-A)
  • PAdES (Visible Signatures, Invisible Signatures, Certify (Author) Signatures, Approval Signatures, Adobe® CDS Signatures, PAdES Part 2 (Basic), PAdES Part 3 (Enhanced), PAdES Part 4 (Long term)
  • CAdES (CMS/PKCS#7/ and S/MIME, CAdES-BES, CAdES-EPES, CAdES-T, CAdES-C, CAdES-X-L, CAdES-A)
  • ETSI TS 102 778
  • OASIS DSS

Algorithms

  • RSA – 2048, 4096, 8192
  • ECDSA – 256, 384, 521
  • Hashing – SHA1, SHA-256, SHA-384, SHA-512, RIPEMD

PKCS standards

  • PKCS#1
  • PKCS#7
  • PKCS#9
  • PKCS#10
  • PKCS#11
  • PKCS#12

Misc standards

  • eIDAS
  • CAPI/CNG integrations
  • SCEP
  • CWA 14167-1
  • HMAC
  • FIPS 201
  • NTP
  • SNMP
  • SCVP

Common Criteria

  • EN 419 241-2

HSM / Smart Cards

  • Utimaco (CryptoServer CP5)
  • Safenet
  • Thales
  • Azure Key Vault
  • Amazon AWS Cloud HSM