Add HMAC and CMAC Signatures

canonical / openssl-fips-java

A Java security provider based on FIPS-compliant openssl

GNU General Public License v3.0

0 stars 0 forks source link

Add HMAC and CMAC Signatures #1

Closed pushkarnk closed 3 months ago

pushkarnk commented 4 months ago

The OpenSSL FIPS provider also supports HMAC and CMAC based Signatures.

https://www.openssl.org/docs/man3.0/man7/OSSL_PROVIDER-FIPS.html

pushkarnk commented 3 months ago

MAC-based Signatures which use HMAC or CMAC use a shared secret key, unlike other Signatures that use public-private key pairs. The Signature SPI (and hence, the API) is not suited for symmetric-key signatures. It assumes signing with a PrivateKey and verifying with a PublicKey.

Users should be able to do HMAC/CMAC-based sign/verify using the respective Mac algorithms (HMACwithSHA3_512.java, HMACwithSHA1.java and CMACwithAes256CBC.java