I apologize is this has been discussed already but I would like to clarify how to inject AES key inside Nitrokey HSM2 with pkcs11-tool (if that is doable).
From previous discussions here I understand that a direct object creation (pkcs11-tool –write-object) is not supported.
I have tried an alternative approach using an RSA wrapping key and the RSA-OAEP mechanism, but that did not work either, resulting in CKR_GENERAL_ERROR.
First create an RSA key for wrapping :
pkcs11-tool --login --login-type user --pin 648219 --keypairgen --mechanism RSA-PKCS-KEY-PAIR-GEN --key-type RSA:2048 --id 57524150 --label ‘Wrapping key’ --usage-wrap --usage-decrypt
Then extract the public key and convert to PEM :
pkcs11-tool --login --login-type user --pin 648219 --read-object --id 57524150 --type pubkey --output-file wrapping_key.pub
openssl rsa -pubin -inform DER -in wrapping_key.pub -outform PEM -out wrapping_key.pem
Finally perform OAEP wrapping of the plaintext secret (16 bytes) :
openssl pkeyutl -encrypt -in AES.key -inkey wrapping_key.pem -pubin -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha1 -pkeyopt rsa_mgf1_md:sha1
pkcs11-tool --login --login-type user --pin 648219 --unwrap --mechanism RSA-PKCS-OAEP --hash-algorithm SHA-1 --mgf MGF1-SHA1 --id 57524150 -i wrapped_secret.bin --key-type AES:16 --application-id 414553 --application-label 'AES key'
which results in
error: PKCS11 function C_UnwrapKey failed: rv = CKR_GENERAL_ERROR (0x5)
I am suspicious that I might have to add a template around the wrapped key raw value, is that the case ? What would be the format then ?
This all assuming the unwrap is supported by the card. Maybe pkcs11-tool isn’t the right tool for this job.