Comment 1 for bug 1615211

Utimaco doing some integration work:

From: Praktikant HSM <email address hidden>
To: "<email address hidden>" <email address hidden>
Thread-Topic: Barbican: Secure Setup & HSM-plugin
Thread-Index: AdH0mCnWx551uMSwSpSTrernHO3+eg==
Date: Fri, 12 Aug 2016 12:51:22 +0000
List-Id: "OpenStack Development Mailing List \(not for usage questions\)"
 <openstack-dev.lists.openstack.org>
List-Unsubscribe: <http://lists.openstack.org/cgi-bin/mailman/options/openstack-dev>,
 <mailto:<email address hidden>?subject=unsubscribe>
List-Archive: <http://lists.openstack.org/pipermail/openstack-dev>

Hi all,

As a member of Utimaco's pre-sales team I am currently testing an integration of Barbican with one of our HSMs.

We were able to generate MKEKs and HMAC keys on the HSM with the 'pkcs11-key-generation' as well as 'barbican-manage hsm' commands. However, it is not fully clear to us how to use these keys to encrypt or sign data.

Additionally, we would appreciate further information concerning the secure setup of Barbican with an HSM-plugin.

Thank you in advance for your support.

Best regards,

Manuel Roth

-------------------------------
System Engineering HSM

Utimaco IS GmbH
Germanusstr. 4
52080 Aachen
Germany

www.utimaco.com