Closed pushkarnk closed 3 months ago
MAC-based Signatures which use HMAC or CMAC use a shared secret key, unlike other Signatures that use public-private key pairs. The Signature SPI (and hence, the API) is not suited for symmetric-key signatures. It assumes signing with a PrivateKey and verifying with a PublicKey.
Users should be able to do HMAC/CMAC-based sign/verify using the respective Mac algorithms (HMACwithSHA3_512.java, HMACwithSHA1.java and CMACwithAes256CBC.java
The OpenSSL FIPS provider also supports HMAC and CMAC based Signatures.
https://www.openssl.org/docs/man3.0/man7/OSSL_PROVIDER-FIPS.html