Hi,
On 30/03/21 20:58, Ron Kundla wrote:
Hello!
I have a requirement to generate a HMAC value using a secret/symmetric
key inside the HSM. I have seen examples that use public/private keys
to do such a thing, but nothing that would use an AES or a
nCipher-specific HMAC key.
Does OpenSSL support this function using the ENGINE subsystem?
OpenSSL supports this, but not many HSMs do; you can take a look at the
/dev/crypto engine for an example; the corresponding bits in the
OpenSSL source code are in .../engine/crypto/eng_devcrypto.c
I have never seen a PKCS#11 device that support symmetric keys though -
but there will be plenty of SSL accelerator cards out there that do (but
I would not call them HSMs).
HTH,
JJK
