PKCS #7 xml signing capabilities in Azure Key Vault Managed HSM

ericleigh007 1 Reputation point


We have a client who is using an on prem hardware HSM to sign XML documents using PKCS #7 (RFC 2315) compliant signatures.

It looks like the Managed HSMs in Azure recently changed from Thales Luna devices, which should support that capability, to Marvell LiquidSecurity devices.

My company is looking to assist the client in migrating to Azure Key Vault Managed HSM and we need to know that such a capability is supported.

We should be able to assume that Azure wouldn't provide a new HSM option that is less compliant with PCKS #7 than their previous offering, but such assumptions can be dangerous.

Thanks for any authoritative insights.

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
712 questions
Azure Dedicated HSM
Azure Dedicated HSM
An Azure service that provides hardware security module management.
13 questions
{count} votes