How to compare certificate (not inside hsm) and private key(inside hsm) to be valid?

esumit · May 23, 2022, 11:18am

@sc-hsm @saper
How do compare certificate (not inside hsm) and private key(inside hsm) to be valid and match? , since private key can not be exported so can’t be read its public content ? e.g. privKey.PublicKey.N.Cmp(pubKey.N)

sc-hsm · May 23, 2022, 11:46am

The most obvious way is to perform a cryptographic operation with one key and validate with the other.

For a RSA you could encrypt using the public key and try to decrypt using the private key. For ECC you could sign with the private and verify with the public key.

esumit · May 23, 2022, 12:00pm

Got it @sc-hsm

esumit · May 23, 2022, 12:11pm

https://cryptobook.nakov.com/asymmetric-key-ciphers/elliptic-curve-cryptography-ecc

saper · May 23, 2022, 12:15pm

@sc-hsm @saper
How do compare certificate (not inside hsm) and private key(inside hsm) to be valid and match? , since private key can not be exported so can’t be read its public content ? e.g. privKey.PublicKey.N.Cmp(pubKey.N)

PKCS#11 inteface will provide you a public key object in addition to the
private key object. They can be matched with the CKA_ID attribute.

Example from my HSM:

Private Key Object; EC
label: key 100
ID: 0100
Usage: sign, derive
Access: sensitive, always sensitive, never extractable, local

Public Key Object; EC EC_POINT 256 bits
EC_POINT: 044104814c8cdb3b9a6f96feb5a1eb2a3f4582133b7248ea58e052a78d7ac1820d37747f63556098b30d6501db1e180bb99760216b544c62f96d15044d441532ec3ece
EC_PARAMS: 06082a8648ce3d030107
label: key 100
ID: 0100
Usage: verify
Access: none

sc-hsm · May 23, 2022, 12:24pm

The public key object is generated from the certificate object. If the certificate does not match the private key, the public key won’t as well.

In the HSM there is no separate public key information at the private key. It’s always taken from the associate X.509 or CV-certificate. For a newly generated key pairs, the public key is stored as part of the CVC that is automatically generated internally and signed by the PrK.DevKey key.

esumit · May 23, 2022, 3:44pm

@saper so here CKA_ID is 100, and that can be matched to validate the pair. correct ?

so on my case CKA_ID is : 34414d666d464d744c59364236764e337134535174436b43513655593566366755463372445245347771443459445572756e755a626d5a70566b387a737a6b74383679656e504255474532614351435a6d5146636d6e6a33556178794c7a66544d6a436e6170416533 ?

Private EC Key [4AMfmFMtLY6B6vN3q4SQtCkCQ6UY5f6gUF3rDRE4wqD4YDUrunuZbmZpVk8zszkt86yenPBUGE2aCQCZmQFcmnj3UaxyLzfTMjCnapAe3]
Object Flags : [0x03], private, modifiable
Usage : [0x0C], sign, signRecover
Access Flags : [0x1D], sensitive, alwaysSensitive, neverExtract, local
Algo_refs : 0
FieldLength : 256
Key ref : 4 (0x04)
Native : yes
Auth ID : 01
ID : 34414d666d464d744c59364236764e337134535174436b43513655593566366755463372445245347771443459445572756e755a626d5a70566b387a737a6b74383679656e504255474532614351435a6d5146636d6e6a33556178794c7a66544d6a436e6170416533
MD:guid : 08d49daf-77fb-7e6c-7f20-8559ef30665c

Public EC Key [4AMfmFMtLY6B6vN3q4SQtCkCQ6UY5f6gUF3rDRE4wqD4YDUrunuZbmZpVk8zszkt86yenPBUGE2aCQCZmQFcmnj3UaxyLzfTMjCnapAe3]
Object Flags : [0x00]
Usage : [0x40], verify
Access Flags : [0x02], extract
FieldLength : 256
Key ref : 0 (0x00)
Native : no
ID : 34414d666d464d744c59364236764e337134535174436b43513655593566366755463372445245347771443459445572756e755a626d5a70566b387a737a6b74383679656e504255474532614351435a6d5146636d6e6a33556178794c7a66544d6a436e6170416533
DirectValue :