PKCS11 symmetric keys could be created out of HSM

Registered by Julián Jiménez González on 2018-05-16

Since there are PKCS11 libraries/cryptographic devices which may limit symmetric keys creation, this feature would accept a new parameter in "barbican-manage hsm" command, which would allow users to generate MKEK and HMAC out of HSM (with some Python module like https://github.com/pyca/cryptography) and then use PKCS11 library to create objects inside HSM, wrapping it with an asymmetric key pair.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
Julián Jiménez González
Direction:
Needs approval
Assignee:
Julián Jiménez González
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.