--- checkId: check.crypto.eidas plugin: stellaops.doctor.crypto severity: fail tags: [crypto, eidas, eu, compliance, signature] --- # eIDAS Compliance ## What It Checks Verifies that eIDAS-compliant signature algorithms are available for EU deployments. The check references ETSI TS 119 312 (Cryptographic Suites) and validates availability of the following required algorithms: - **RSA-PSS-SHA256** (RSA-PSS with SHA-256) - **RSA-PSS-SHA384** (RSA-PSS with SHA-384) - **RSA-PSS-SHA512** (RSA-PSS with SHA-512) - **ECDSA-P256-SHA256** (ECDSA with P-256 and SHA-256) - **ECDSA-P384-SHA384** (ECDSA with P-384 and SHA-384) - **Ed25519** (EdDSA with Curve25519) The check also validates the minimum RSA key size. Per eIDAS guidelines post-2024, RSA keys must be at least 3072 bits. The configured minimum is read from `Crypto:MinRsaKeySize` (default 2048). | Condition | Result | |---|---| | Any required algorithms missing | Fail | | All algorithms available but RSA key size < 3072 | Warn | | All algorithms available and key size >= 3072 | Pass | Evidence collected: `CryptoProfile`, `AvailableAlgorithms`, `MissingAlgorithms`, `MinRsaKeySize`, `RequiredMinRsaKeySize`. The check only runs when `Crypto:Profile` or `Cryptography:Profile` contains "eidas", "eu", or "european". ## Why It Matters eIDAS (Electronic Identification, Authentication and Trust Services) is an EU regulation that establishes standards for electronic signatures and trust services. Deployments in the EU that create qualified electronic signatures or seals must use algorithms approved by ETSI. Using non-compliant algorithms means signatures may not be legally recognized, and the deployment may fail regulatory requirements. RSA keys below 3072 bits are considered insufficient for long-term security under current eIDAS guidelines. ## Common Causes - OpenSSL version too old to support all required algorithms - Crypto libraries compiled without required algorithm support - Configuration restricting the set of available algorithms - Legacy RSA key size configuration not updated for post-2024 requirements - Using LibreSSL instead of OpenSSL (missing some algorithms) ## How to Fix ### Docker Compose ```bash # Check OpenSSL version and available algorithms docker compose exec gateway openssl version docker compose exec gateway openssl list -signature-algorithms # Update minimum RSA key size # Crypto__MinRsaKeySize=3072 # Crypto__Profile=eu # Restart services after configuration change docker compose restart gateway ``` ### Bare Metal / systemd ```bash # Check OpenSSL version openssl version # Verify available signature algorithms openssl list -signature-algorithms # Update OpenSSL if algorithms are missing sudo apt update && sudo apt install openssl libssl-dev # Configure eIDAS crypto profile stella crypto profile set --profile eu # Set minimum RSA key size in appsettings.json # "Crypto": { "Profile": "eu", "MinRsaKeySize": 3072 } sudo systemctl restart stellaops-platform ``` ### Kubernetes / Helm ```yaml # values.yaml crypto: profile: eu minRsaKeySize: 3072 ``` ```bash # Verify algorithm support in pod kubectl exec deploy/stellaops-gateway -- openssl list -signature-algorithms helm upgrade stellaops ./charts/stellaops -f values.yaml ``` ## Verification ``` stella doctor run --check check.crypto.eidas ``` ## Related Checks - `check.crypto.certchain` — certificate chain must use eIDAS-compliant algorithms - `check.crypto.fips` — FIPS and eIDAS have overlapping but distinct algorithm requirements - `check.crypto.hsm` — HSM may be required for qualified eIDAS signatures - `check.compliance.attestation-signing` — attestation signing should use eIDAS-compliant algorithms in EU deployments