Supported Algorithms

SignServer supports the following algorithm types:

Classic
Post-quantum Cryptographic (PQC): Indicated with a PQC label.
Composite: A combination of a classic and a quantum-safe algorithms.

What is post-quantum cryptography?

Post-quantum or quantum-safe cryptography is cryptography that is resistant to the theoretical threat that a cryptographically relevant quantum computer could port. While such a quantum computer does not yet exist, governments and standardization organizations are working towards a migration from classic asymmetric cryptography to new quantum-safe cryptography algorithms. The largest actor in this process is the National Institute of Standards and Technology (NIST).

NIST has announced the standardization of three post-quantum cryptography (PQC) algorithms, FIPS 203 for ML-KEM (derived from CRYSTALS-KYBER), FIPS 204 for ML-DSA (derived from CRYSTALS-Dilithium), and FIPS 205 for SLH-DSA (derived from SPHINCS+).

A fourth digital signature standard FN-DSA (derived from FALCON) will follow. In addition, there are two stateful hash-based signature (SHBS) algorithms standardized in NIST SP800-208 and IETF.

What are composite algorithms?

Composite certificates are advanced digital certificates (X.509) that combine multiple cryptographic keys and signatures, typically a traditional algorithm (like RSA) and a quantum-safe cryptographic algorithm, into a single, secure entity. This dual-algorithm design enables defense in depth during the transition to quantum-safe cryptography, ensuring security remains intact even if one algorithm is compromised.

See SignServer Composite Certificates.

For more information, see the individual algorithm support pages under each Worker or Crypto Token.

Signers also rely on support for the algorithm in the Crypto Token used. Ensure that the desired algorithm is supported by the configured Crypto Token.

Compliant with NSA SUITE B algorithms and certificates. For an external reference of the message digests, see FIPS PUB 180-4.

This document provides a high-level reference and may not reflect recent changes to individual features or components. In case of inconsistencies, the component-specific or feature-specific documentation is considered authoritative.

Supported Algorithms

SignServer supports the following algorithm types and key specifications:

Key Algorithm Key Specification	Signature Algorithm	Signer Support	Crypto Token Support	HSM Support ^{Supported HSMs}	External Reference
ECDSA
Algorithm with named curves.	SHA1withECDSA	Plain, CMS, MS Authenticode, MS Signer	PKCS#11, Keystore	Entrust nShield Connect/5c Fortanix Data Security Manager (DSM) Thales Luna 7 Utimaco u.trust Anchor	X9.62, FIPS PUB 186-5, RFC 5639, RFC 6979, SP 800-56A
	SHA224withECDSA	Plain, CMS	P11NG
	SHA256withECDSA	Plain, CMS, OpenPGP, MS Authenticode, MS Signer	Fortanix, Azure Key Vault^*, PKCS#11, P11NG, Keystore
	SHA384withECDSA	Plain, CMS, OpenPGP	Azure Key Vault^*, PKCS#11, P11NG, Keystore
	SHA512withECDSA	Plain, CMS, OpenPGP, MS Authenticode, MS Signer	Fortanix, Azure Key Vault^*, PKCS#11, P11NG, Keystore
	NONEwithECDSA	Plain	Fortanix^, PKCS#11^, P11NG^*, Keystore
EdDSA
Ed25519	Ed25519	Plain, CMS	Fortanix^*, P11NG		RFC 7748, RFC 8032 RFC 8410
Ed448	Ed448	Plain, CMS	P11NG		RFC 7748, RFC 8032 RFC 8410
RSA (RSASSA-PKCS1_v1.5 and RSASSA-PSS)
Keys up to and including 8192 bits.	SHA1withRSA	Plain, CMS, OpenPGP	PKCS#11, P11NG, Keystore	Entrust nShield Connect/5c Fortanix Data Security Manager (DSM) Thales Luna 7 Utimaco u.trust Anchor	RFC 8017, FIPS PUB 186-5, SP 800-56B
	SHA224withRSA	Plain, CMS, OpenPGP, MS Signer	PKCS#11, P11NG
	SHA256withRSA	Plain, CMS, OpenPGP, MS Signer	Fortanix, Azure Key Vault, PKCS#11, P11NG, Keystore
	SHA384withRSA	Plain, CMS, OpenPGP, MS Signer	Azure Key Vault, PKCS#11, P11NG, Keystore
	SHA512withRSA	Plain, CMS, AdES, OpenPGP, MS Signer	Fortanix, Azure Key Vault, PKCS#11, P11NG, Keystore
	NONEwithRSA	Plain	PKCS#11^, P11NG^, Keystore
	SHA1withRSAandMGF1	Plain, CMS, MRTD SOD	PKCS#11, P11NG, Keystore
	SHA224withRSAandMGF1	Plain, CMS, MRTD SOD	PKCS#11, P11NG
	SHA256withRSAandMGF1	Plain, CMS, AdES, MRTD SOD	Fortanix, PKCS#11, P11NG, Keystore
	SHA384withRSAandMGF1	Plain, CMS, AdES, MRTD SOD	PKCS#11, P11NG, Keystore
	SHA512withRSAandMGF1	CMS, AdES, MRTD SOD	Fortanix, PKCS#11, P11NG, Keystore
	NONEwithRSAandMGF1	Plain	P11NG^*, Keystore
ML-DSA PQC
ML-DSA-44	ML-DSA-44	Plain, CMS^*	P11NG, Keystore	Entrust nShield Connect/5c Fortanix Data Security Manager (DSM) Thales Luna 7 Utimaco u.trust Anchor	FIPS PUB 204
ML-DSA-65	ML-DSA-65	Plain, CMS^*	P11NG, Keystore
ML-DSA-87	ML-DSA-87	Plain, CMS^*	P11NG, Keystore
ML-DSA	ML-DSA-EXTERNAL-MU	Plain, CMS^*	Keystore
SLH-DSA PQC
SLH-DSA	SLH-DSA-SHA2-128F	Plain, CMS^*	Keystore		FIPS PUB 205
SLH-DSA	SLH-DSA-SHA2-128S	Plain, CMS^*	Keystore
SLH-DSA	SLH-DSA-SHA2-192F	Plain, CMS^*	Keystore
SLH-DSA	SLH-DSA-SHA2-192S	Plain, CMS^*	Keystore
SLH-DSA	SLH-DSA-SHA2-256F	Plain, CMS^*	Keystore
SLH-DSA	SLH-DSA-SHA2-256S	Plain, CMS^*	Keystore
SLH-DSA	SLH-DSA-SHAKE-128F	Plain, CMS^*	Keystore
SLH-DSA	SLH-DSA-SHAKE-128S	Plain, CMS^*	Keystore
SLH-DSA	SLH-DSA-SHAKE-192F	Plain, CMS^*	Keystore
SLH-DSA	SLH-DSA-SHAKE-192S	Plain, CMS^*	Keystore
SLH-DSA	SLH-DSA-SHAKE-256F	Plain, CMS^*	Keystore
SLH-DSA	SLH-DSA-SHAKE-256S	Plain, CMS^*	Keystore
ML-DSA Composite
ML-DSA-44 & RSA 2048	MLDSA44-RSA2048-PSS-SHA256	Plain	P11NG, Keystore	Entrust nShield Connect/5c Fortanix Data Security Manager (DSM) Thales Luna 7 Utimaco u.trust Anchor
ML-DSA-44 & ECDSA	MLDSA44-ECDSA-P256-SHA256	Plain	P11NG, Keystore
ML-DSA-44 & Ed25519	MLDSA44-Ed25519-SHA512	Plain	P11NG
ML-DSA-65 & RSA 3072	MLDSA65-RSA3072-PSS-SHA512	Plain	P11NG, Keystore
ML-DSA-65 & RSA 4096	MLDSA65-RSA4096-PSS-SHA512	Plain	P11NG, Keystore
ML-DSA-65 & ECDSA	MLDSA65-ECDSA-P256-SHA512	Plain	P11NG, Keystore
ML-DSA-65 & ECDSA	MLDSA65-ECDSA-P384-SHA512	Plain	P11NG, Keystore
ML-DSA-65 & ECDSA	MLDSA65-ECDSA-brainpoolP256r1-SHA512	Plain	P11NG, Keystore
ML-DSA-65 & Ed25519	MLDSA65-Ed25519-SHA512	Plain	P11NG
ML-DSA-87 & RSA 3072	MLDSA87-RSA3072-PSS-SHA512	Plain	P11NG, Keystore
ML-DSA-87 & RSA 4096	MLDSA87-RSA4096-PSS-SHA512	Plain	P11NG, Keystore
ML-DSA-87 & ECDSA	MLDSA87-ECDSA-P384-SHA512	Plain	P11NG, Keystore
ML-DSA-87 & ECDSA	MLDSA87-ECDSA-P521-SHA512	Plain	P11NG, Keystore
ML-DSA-87 & ECDSA	MLDSA87-ECDSA-brainpoolP384r1-SHA512	Plain	P11NG, Keystore
ML-DSA-87 & Ed448	MLDSA87-Ed448-SHAKE256	Plain	P11NG

^*^{Refer to individual algorithm support page for more information.}