SID-CRYPTO-04 — COSE Sign1 and mDOC Cryptography

Property	Value
Status	verified
Owner	platform
Category	technical
CSF Function	protect
Group	Cryptography Controls

Description

COSE_Sign1 signing/verification for mDOC (ISO 18013-5): ES256/ES384/ ES512/EdDSA. Ephemeral ECDH P-256 key generation for OID4VP response encryption with TTL-based auto-eviction cache. MSO digest verification ensures per-element integrity.

Components

VC Issuer/Verifier

Source References

vc/mdoc/cose.go
vc/openid4vp/encryption_key_cache.go

Audit Findings

Finding	Severity	Status
EN-S-2 — Partial asset classification and cryptographic documentation	medium	in progress

Description​

Components​

Source References​

Audit Findings​

Description

Components

Source References

Audit Findings