Importing an ECC key onto Nitrokey (that already uses DKEK)


I have used the "Import from PKCS#12 with success in some tests but i now need to do the same thing on a nitrokey that has already been setup with DKEK.

The current import option forces you to create a new DKEK - or maybe it doesn’t and i have misunderstood? My nitrokey already has DKEK setup - i tried the import option by giving it the .pbe files i already have but scsh complained about the password being incorrect (but my pbe files weren’t setup with a password).

I see in keymanager.js the code is there for importing the PKCS#12 file (i just need to strip out the dkek creation code and replace it with my existing dkek object) - so i’m happy to do that but i just wanted to make sure i wasn’t misunderstanding how to use the “Import from PKCS#12” option.


(moved into HSM category)

Haven’t tried this yet but it should work. The key gets decrypted from the PKCS#12 container anyway (if I see correctly in the code) so I see no additional security benefit of having to create an extra share.


Thanks for your response - do you know how I can get the DKEK object instance from an existing DKEK node?

The DKEK class only seems to be used when a completely new DKEK is being created for the import of p12 file. But my DKEK node already exists on the Nitrokey - i have examined the object but i find no instance of the DKEK class. I didn’t find any use of class DKEK in the Keymanager either (other than creating brand new DKEK for p12 import).

I’ve modified the Keymanager so that plugins can register a context menu option for key domains. The actionListener gets the node that was right-clicked. From that node, i can get it’s kdid - but I can’t find anything about getting an instance of a DKEK from that.

The reason I’m asking how to get an instance of a DKEK object from an existing DKEK node is because the import process seems to require a call to “DKDK.encodeKey(…)”.


DKEK.decryptKeyShare() and then DKEK.importDKEKShare() look promising, but I haven’t tried them yet.

Thanks for replying but I’m not sure how these help - I need access to the DKEK object, not the shares. The DKEK on my nitrokey has already been setup with 3 shares. Everything is initialised and working. I can generate RSA and ECC keys (in the normal way via context menu) and they get put under the node called “DKEK with KCV xxxxxxx”.

I would like to import a p12 file of an ECC key into that same node.

Unless there is an alternative way to import an ECC (and hopefully RSA) key? The current “Import Key and Certificate” requires a .wky file and I don’t know what that is needing (I’ve tried pem and der format keys without success).


You need the DKEK shares again to import a key from the PKCS#12 container.

The DKEK shares are then assembled into a final KEK in the DKEK class and that key is then used to wrap the private key for import into the HSM.

With the import function you basically create a .wky file in software that is suitable for import into the HSM.

One other way is to create multiple key domain slots and use a single slot with a random DKEK for import. After that you remove the DKEK from the device, which locks further extraction.

Key domain slots are cheap, so we generally advice to create some spare ones when initializing the device.

Thanks but when I import the p12 file, it asks for the dkek shares - my dkek was setup with 3. So I have 3 pbe files to import. When I select them, the plugin errors - implying incorrect password.

But my dkek shares don’t have a password. I have tried leaving the password entry box blank and I have tried using the prime.

Any ideas what I’m doing wrong?

How did you generate the DKEK shares ? With sc-hsm-tool or using the Smart Card Shell ?

With sc-hsm-tool

How did you set an empty password for the DKEK share ? sc-hsm-tool does not allow that.

During initialisation of the nitrokey I set the number of dkek shares to 3. then I used the command line tool sc-hsm-tool three times:

$ sc-hsm-tool --reader 0 --create-dkek-share A.pbe --pwd-shares-threshold 3 --pwd-shares-total 6
$ sc-hsm-tool --reader 0 --create-dkek-share B.pbe --pwd-shares-threshold 3 --pwd-shares-total 6
$ sc-hsm-tool --reader 0 --create-dkek-share C.pbe --pwd-shares-threshold 3 --pwd-shares-total 6

None of the calls asked me to choose a password.

For each call above, it presented 6 lots of share values, each having Share IDs 1 through 6, with a Prime (repeated for each of the 6 values) and a Share Value.

There is no single “password” but the Share Values are “password shares”?

When I try to import A.pbe, B.pbe and C.pbe into the DKEK when importing the p12, it only asks for a single password - I have tried the info I was given but when the import continues it errors and suggests the password is incorrect.


I think that the problem is simply that the password sharing scheme as provided by sc-hsm-tool is not supported by scsh3.

Can you (as an experiment) prepare a share without --pwd-shares-threshold 3 --pwd-shares-total 6 and using just the password?

Hi @saper,

I tried your test (thank you for the suggestion):

$ sc-hsm-tool --reader 0 --create-dkek-share myshare.pbe

I can confirm that it now asks for a password - whereas when doing shares with threshold/total of 3/6 i do not get asked to create a password.

I imported the single share “myshare.pbe” into my dkek to finish it’s setup. i was then able to “import from PKCS #12”, i specified the same myshare.pbe and my p12 file. it seems to have imported correctly (adding my imported key to the existing dkek - though from the code i expected it to create a completely new dkek).

Unfortunately this does not solve my problem - since the company’s security procedure uses a DKEK with threshold/total of 3/6.

@sc-hsm do you think smartcard shell will ever support dkek/import pkcs12 that isn’t just a single share with a password? or perhaps a more recent version is already out? we’ve had some compatibility issues with our plugin (which i can’t remember right now) so we still use (from Help->About):

Smart Card Shell 3.17.566
Smart Card Shell Scripting Engine (scdp4j) 3.17.459


1 Like