Supported Key Types - AWS CloudHSM

Supported Key Types

The PKCS #11 library supports the following key types.

  • RSA – 2048-bit to 4096-bit RSA keys, in increments of 256 bits.

  • ECDSA – Generate keys with the P-224, P-256, P-384, P-521, and secp256k1 curves. Only the P-256, P-384, and secp256k1 curves are supported for sign and verify.

  • AES – 128, 192, and 256-bit AES keys.

  • Triple DES (3DES) – 192-bit keys.

  • GENERIC_SECRET – 1 to 64 bytes.