50.2 Features
The following are key features of the HSM module:
- Advanced Crypto Engine (ACE) for Execution of All Cryptography Commands
- Fast Crypto Engine for SHA-256, HMAC and AES-CMAC Algorithms
- Sign/Verify Support:
- ECDSA – P224, P256, P384, and 256-bit Brainpool elliptic curves
- ECDSA – SECP256K1 (Bitcoin/Blockchain) curve
- RSA 2048-bit signature generation and verification
- RSA 3072-bit signature verification only
- ECDH/ECDHE/ECBD Key Agreement Support:
- Elliptic-Curve Diffie-Hellman (ECDH) Support for P224, P256, P384, and 256-bit Brainpool
- Elliptic-Curve Burmeiseter-Desmedt (ECBD) Support for P224 Curve
- Internal Symmetric and Asymmetric Key Generation and Derivation:
- P224, P256, P384, and 256-Bit Brainpool
- 2048-bit RSA keys
- AES 16-byte keys
- AES and RSA Encryption/Decryption
Support:
- AES ECB/GCM Encryption/Decryption Supported directly
- RSA 1024-bit and 2048-bit Keys Encryption/Decryption Support
- NIST SP800-90 A/B/C Random Number Generator (RNG)
- SPI Client Interface