50.2 Features

The following are key features of the HSM module:

• Advanced Crypto Engine (ACE) for Execution of All Cryptography Commands
• Fast Crypto Engine for SHA-256, HMAC and AES-CMAC Algorithms
• Sign/Verify Support:
  • ECDSA – P224, P256, P384, and 256-bit Brainpool elliptic curves
  • ECDSA – SECP256K1 (Bitcoin/Blockchain) curve
  • RSA 2048-bit signature generation and verification
  • RSA 3072-bit signature verification only
• ECDH/ECDHE/ECBD Key Agreement Support:
  • Elliptic-Curve Diffie-Hellman (ECDH) Support for P224, P256, P384, and 256-bit Brainpool
  • Elliptic-Curve Burmeiseter-Desmedt (ECBD) Support for P224 Curve
• Internal Symmetric and Asymmetric Key Generation and Derivation:
  • P224, P256, P384, and 256-Bit Brainpool
  • 2048-bit RSA keys
  • AES 16-byte keys
• AES and RSA Encryption/Decryption Support:
  • AES ECB/GCM Encryption/Decryption Supported directly
  • RSA 1024-bit and 2048-bit Keys Encryption/Decryption Support
• NIST SP800-90 A/B/C Random Number Generator (RNG)
• SPI Client Interface