By using AWS re:Post, you agree to the Terms of Use

AWS Cloud HSM: Client SDK 5: Isn't SDK 5 supports RSA Wrap and Unwrap?

0

Hello community, I am looking for Cloud HSM JCE based HSM connection. One of my requirements is to generate Plain AES key and Wrap it with RSA key. This is to implement something similar to what is called "Envelope Encryption" - https://www.google.com/search?q=envelope+encryption&rlz=1C5GCEM_enUS984US984&oq=envelope+en&aqs=chrome.2.69i57j35i39j0i512j0i20i263i512j0i512l3j69i60.21307j0j4&sourceid=chrome&ie=UTF-8.

What I am founding is that RSA wrap Unwrap code samples presents in SDK 3 code - https://github.com/aws-samples/aws-cloudhsm-jce-examples/blob/master/src/main/java/com/amazonaws/cloudhsm/examples/RSAWrappingRunner.java. HOWEVER THIS IS NOT PRESENT IN SDK 5 code.

Does that mean SDK 5 does not support AES RSA WRAP UNWRAP. I have tried running this with SDK 5 and getting "UNSUPPORTED OPERATION EXCEPTION" which strengthen my doubt. PLEASE CONFIRM.

If this is true, then when it be supported? I want to use latest SDK provided that it can have more fixes on top of what SDK 3 already has.

asked 3 months ago57 views