Nitrokey HSM cannot figure out how to import key from PKCS#12

tony_k · March 29, 2019, 10:10pm

I understand importing a key into the HSM is not a ‘normal’ use case,
but (as others on this board) I have an existing key which has already been used for certificate signing
and I would like to secure it rather than starting over with a new key.

Nitro HSM, using the Smart Card shell tool, on Ubuntu 16.04.

Using scsh3gui
Smart Card Shell 3.15.359

I have initialized the Nitrokey HSM device, defined a SO PIN, User PIN, one DKEK share.

Then,
defined a DKEK,
imported the DKEK,
then attempted “Import from PKCS#12” on the smart card shell.

Answered the prompt for the DKEK import file and password,
answered the prompt for the .p12 file,
then got an error

Importing key and certificate...
GPError: Card (CARD_INVALID_SW/27264) - "Unexpected SW1/SW2=6A80 (Checking error: Incorrect parameter in the command data field) received" in /home/tony/temp_security3/nitrokey/SmartCardShell/scsh3.15.359/scsh/sc-hsm/SmartCardHSM.js#1238
    at /home/tony/temp_security3/nitrokey/SmartCardShell/scsh3.15.359/scsh/sc-hsm/SmartCardHSM.js#1238
    at /home/tony/temp_security3/nitrokey/SmartCardShell/scsh3.15.359/scsh/sc-hsm/HSMKeyStore.js#300
    at /home/tony/temp_security3/nitrokey/SmartCardShell/scsh3.15.359/keymanager/keymanager.js#1889
    at /home/tony/temp_security3/nitrokey/SmartCardShell/scsh3.15.359/keymanager/keymanager.js#2043

And so: what is the best method for import of a PKCS#12 file?
Is there a way around this error, or is there a better method to accomplish this.

Regards,
Tony

nitroalex · April 1, 2019, 2:50pm

What are the key attributes of the p12 file? What algorithm used, what length etc? The Card did not accept the card, so either there is an error in the code or there is something wrong with the key.

tony_k · April 1, 2019, 4:14pm

Something wrong with the key? Hmm. I did not consider that possibility.
The p12 file contains a certificate, and a private key.

The private key:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)

Does anything about the certificate matter?
It has a number of extensions

      X509v3 extensions:
         X509v3 Basic Constraints: critical
             CA:TRUE, pathlen:0
         X509v3 Key Usage:
             Digital Signature, Key Encipherment, Certificate Sign,

CRL Sign
X509v3 Subject Key Identifier:

X509v3 Authority Key Identifier:
keyid:
X509v3 CRL Distribution Points:
Full Name:
URI:
Authority Information Access:
CA Issuers - URI:
OCSP - URI:

Re: error in the code
Heads up: I put a bunch of diagnostic prints in the code (attempting to
figure this out), thus the line numbers in the error message in my
posting won’t match the published code … sorry for possible confusion …

szszszsz · April 6, 2019, 9:07am

Hi @tony_k !

I’ve noticed your SDK is outdated. Could you try again with SCSH 3.15.376 or later?

tony_k · April 8, 2019, 6:27pm

Updated to SCSH 3.15.376: same problem remains.

sc-hsm · April 9, 2019, 9:03am

For 3072 and 4096 bit RSA keys the private keys must be in private exponent / modulus format rather than the common CRT format. A conversion function that allows creating the key import blob from a CRT keys is not yet available.

shoragan · April 18, 2019, 3:31pm

Is it possible to create the necessary format via the openssl conversion applets (x509 or rsa)?

sc-hsm · April 18, 2019, 3:40pm

Not that I’m aware of.