Does piv test cards contain sha2 signed certificate?

unread,

Jun 1, 2018, 3:42:22 AM6/1/18

to piv-test-cards

I plan to purchase some PIV Test Card from NIST, and I want to get confirmation whether the NIST PIV Test card using SHA2 signed certificates?

Thanks.

unread,

Jun 1, 2018, 9:23:04 AM6/1/18

to y...@vmware.com, piv-test-cards

On 06/01/2018 03:42 AM, y...@vmware.com wrote:

I plan to purchase some PIV Test Card from NIST, and I want to get confirmation whether the NIST PIV Test card using SHA2 signed certificates?

Yes, most of the certificates on the test cards are signed using SHA-2. There are only a few exceptions:

Card 7 is intended to represent an older card, so its certificates are signed with SHA-1 (and its authentication certificates have 1024-bit RSA keys).
Card 13 also represents an older card (one that has already expired), so its certificates are also signed with SHA-1 (and its authentication certificates have 1024-bit RSA keys).
Many of the certificates corresponding to retired key management keys on the cards are signed with SHA-1, as such certificates will also tend to be older certificates that have already expired.

If you are interested, https://csrc.nist.gov/CSRC/media/Projects/PIV/documents/test-piv-card-data-specifications.pdf provides detailed information about every data object on every card, including the hash algorithm used in creating the signature.

Thanks,

David

unread,

Jun 3, 2018, 9:32:01 PM6/3/18

to piv-test-cards

Thanks for your confirmation.

Reply all

Reply to author

Forward