TKStool allow creation of proper symmetric key for Nist SP800 derivation alg

dogtagpki / pki

The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.

https://www.dogtagpki.org

GNU General Public License v2.0

374 stars 138 forks source link

TKStool allow creation of proper symmetric key for Nist SP800 derivation alg #2248

Open pki-bot opened 4 years ago

pki-bot commented 4 years ago

This issue was migrated from Pagure Issue #1689. Originally filed by jmagne (@jmagne) on 2015-11-09 23:28:36:

Assigned to nobody

Currently we must employ a workaround by generating the master key on the hsm to be able to perform "hmac" operations needed by nist sp800 derivation code in the TKS.

See if we can modify tkstool to be able to choose what kind of key we want to make this happen. Right not it defaults to DES.

pki-bot commented 4 years ago

Comment from jmagne (@jmagne) at 2017-02-27 14:02:27

Metadata Update from @jmagne:

Issue set to the milestone: UNTRIAGED