[Nitrokey HSM] Delete Object Cert also removes Pubkey

Nitrokeys
#1

After deleting a certificate, also the public key is gone. I think the public key should not be dependent directly to the certificate. Any idea what the problem or mistake on my side could be?

Can be reproduced with:

$ sc-hsm-tool --initialize --so-pin 3537363231383830 --pin 648219 --label "Testkey"
Using reader with a card: Nitrokey Nitrokey HSM (DENK01040070000         ) 00 00

$ pkcs11-tool --login --pin 648219 --keypairgen --key-type rsa:1024 --id 11 --usage-sign --label "TestKey 1" --sensitive --private
Using slot 0 with a present token (0x0)
Key pair generated:
Private Key Object; RSA 
label:      TestKey 1
ID:         11
Usage:      sign, unwrap
Access:     none
Public Key Object; RSA 1024 bits
label:      TestKey 1
ID:         11
Usage:      verify, wrap
Access:     none

$ openssl req -engine pkcs11 -keyform engine -new -key 11 -nodes -days 35600 -x509 -sha256 -out "id11-cert.pem" -subj "/CN=Test Cert 1" -key "pkcs11:pin-value=648219" engine "pkcs11" set.

$ pkcs11-tool --login --pin 648219 --write-object id11-cert.pem --type cert --id 11
Using slot 0 with a present token (0x0)
Created certificate:
   Certificate Object; type = X.509 cert
   label:      Certificate
   subject:    DN: CN=Test Cert 1
   ID:         11

$ pkcs11-tool --login --pin 648219 --list-objects 
Using slot 0 with a present token (0x0)
Private Key Object; RSA 
    label:      Certificate
    ID:         11
    Usage:      sign, unwrap
    Access:     sensitive, always sensitive, never extractable, local
Certificate Object; type = X.509 cert
    label:      Certificate
    subject:    DN: CN=Test Cert 1
    ID:         11
Public Key Object; RSA 1024 bits
    label:      Certificate
    ID:         11
    Usage:      encrypt, verify
    Access:     local

$ pkcs11-tool --login --pin 648219 --delete-object --type cert --id 11
Using slot 0 with a present token (0x0)

$ pkcs11-tool --login --pin 648219 --list-objects 
Using slot 0 with a present token (0x0)
Private Key Object; RSA 
    label:      Certificate
    ID:         11
    Usage:      sign, unwrap
    Access:     sensitive, always sensitive, never extractable, local

Versions:

$ opensc-tool --info
OpenSC 0.20.0 [gcc  9.2.1 20200123]
Enabled features: locking zlib readline openssl pcsc(libpcsclite.so.1)

$ pkcs11-tool -I | head
Using slot 0 with a present token (0x0)
Cryptoki version 2.20
Manufacturer     OpenSC Project
Library          OpenSC smartcard framework (ver 0.20)
[Nitrokey HSM] Re-Importing Public Key
#2

The behavior of the device is correct. It does not actually store the plain public key, but either a CVC or X.509 certificate. The public key is automatically extracted from the certificate and made available as separate PKCS#11 object. PKCS#11 mandates that the public key is visible at the interface, but there is no requirement to store the public key in addition to the certificate.

If you delete the certificate, then the public key disappears as well.

If you generate a new key pair, then the public key is automatically embedded in a CVC request, which is signed by the device authentication key for attestation. If you later write a X.509 certificate, then the CVC is overwritten.

1 Like