Sorry, I mis-read your note. The comments are about having a card
do the hash then use it with an RSA key, rather then do a HMAC
with a secret key.
But see below too.
Damiano ALBANI wrote:
--- "Douglas E. Engert" <[EMAIL PROTECTED]> wrote :
Are you trying force the card to do the HMAC, becaus
--- "Douglas E. Engert" <[EMAIL PROTECTED]> wrote :
>
> Are you trying force the card to do the HMAC, because you don't trust
> the software to do it? Like trying to enforce some policy that hashs
> must be done on the card? Or are you willing to let the PKCS#11
> software
> to the hash?
I'd li
On Monday 22 January 2007 21:38, William Wanders wrote:
> The Aladdin eToken NG-OTP devices use a internally generated
> random private key with the onboard SHA1-HMAC engine to generate
> HMAC-based One-Time Passwords (HOTP rfc4226). However no public
> information seems to be available to directly
On Sat, Jan 20, 2007 at 04:02:29PM +0100, Damiano ALBANI wrote:
> Hello,
>
> Is it possible with PKCS#11 to ask a token to calculate a HMAC using a
> private/secret key stored inside ?
> What are the products on the market with this capability ?
The Aladdin eToken NG-OTP devices use a internally g
Damiano ALBANI wrote:
Hello,
Is it possible with PKCS#11 to ask a token to calculate a HMAC using a
private/secret key stored inside ?
Are you trying force the card to do the HMAC, because you don't trust
the software to do it? Like trying to enforce some policy that hashs
must be done on t
