Nitrokey HSM - SmartCard-HSM version

jimmypw · March 15, 2019, 6:46am

Hi can somebody tell me what version of smartcard-hsm both NK HSM version 1 and version 2 conform too?

Peacekeeper · March 15, 2019, 9:37am

Not sure if I get it right what you want. My HSM ( 1 & 2 ) are supporting FW 2.6 of the smart card.
If you mean the SmartCard-HSM SDK Software, then I can’t answer that as I am not using that SDK.

jimmypw · March 15, 2019, 9:58am

Yup that’s what I am after. So there is no change in firmware version between NK HSM 1 & 2?

Peacekeeper · March 15, 2019, 1:39pm

Oh, I mixed the HSM up with the Pro v1 and v2 I received. I think I have only HSM v1 currently plugged in - not in use as I just start to configure my personal servers. They also worked with a smartcard with FW2.5 which I bought separately . Sorry for the confusion !

And just ordered the new HSM 2

jimmypw · March 16, 2019, 11:09am

I received my Nitro Key HSM 2 this morning.

For the record:

Nitrokey HSM - smartcard-hsm V 2.6
Nitrokey HSM2 - smartcard-hsm V3.1

Peacekeeper · March 20, 2019, 7:47am

Me2 - same here. HW is NK Pro Rev 3

mike · March 21, 2019, 2:22pm

PeaceKeeper, jimmypw, or anyone else,

I was hoping that you could list all of the mechanisms supported by the Nitrokey HSM 2. It can be acquired with the following:

$ pkcs11-tool -M

I wanted to confirm if PSS padding is supported in the latest version of the HSM. Thanks in advance!

Peacekeeper · March 21, 2019, 3:46pm

I need to verify as both HSM1 & HSM2 report the same . Need to go to the server room to pull out HSM1. Until now the following should be for both HSM valid

Supported mechanisms:
SHA-1, digest
SHA256, digest
SHA384, digest
SHA512, digest
MD5, digest
RIPEMD160, digest
GOSTR3411, digest
ECDSA, keySize={192,521}, hw, sign, other flags=0x1d00000
ECDSA-SHA1, keySize={192,521}, hw, sign, other flags=0x1d00000
ECDH1-COFACTOR-DERIVE, keySize={192,521}, hw, derive, other flags=0x1d00000
ECDH1-DERIVE, keySize={192,521}, hw, derive, other flags=0x1d00000
ECDSA-KEY-PAIR-GEN, keySize={192,521}, hw, generate_key_pair, other flags=0x1d00000
RSA-X-509, keySize={1024,4096}, hw, decrypt, sign, verify
RSA-PKCS, keySize={1024,4096}, hw, decrypt, sign, verify
SHA1-RSA-PKCS, keySize={1024,4096}, sign, verify
SHA256-RSA-PKCS, keySize={1024,4096}, sign, verify
SHA384-RSA-PKCS, keySize={1024,4096}, sign, verify
SHA512-RSA-PKCS, keySize={1024,4096}, sign, verify
MD5-RSA-PKCS, keySize={1024,4096}, sign, verify
RIPEMD160-RSA-PKCS, keySize={1024,4096}, sign, verify
RSA-PKCS-PSS, keySize={1024,4096}, hw, sign
SHA1-RSA-PKCS-PSS, keySize={1024,4096}, sign
SHA256-RSA-PKCS-PSS, keySize={1024,4096}, sign
RSA-PKCS-KEY-PAIR-GEN, keySize={1024,4096}, generate_key_pair

mike · March 21, 2019, 5:28pm

Perfect, thanks so much!

I see the Nitrokey HSM 2 supports PSS. I was hoping that it did. I currently have a Nitrokey HSM 1 with firmware 2.5. It supports the following mechanisms:

Supported mechanisms:
  SHA-1, digest

  SHA256, digest
  SHA384, digest
  SHA512, digest
  MD5, digest
  RIPEMD160, digest
  GOSTR3411, digest
  ECDSA, keySize={192,320}, hw, sign, other flags=0x1d00000
  ECDSA-SHA1, keySize={192,320}, hw, sign, other flags=0x1d00000
  ECDH1-COFACTOR-DERIVE, keySize={192,320}, hw, derive, other flags=0x1d00000
  ECDH1-DERIVE, keySize={192,320}, hw, derive, other flags=0x1d00000
  ECDSA-KEY-PAIR-GEN, keySize={192,320}, hw, generate_key_pair, other flags=0x1d00000
  RSA-X-509, keySize={1024,2048}, hw, decrypt, sign, verify
  RSA-PKCS, keySize={1024,2048}, hw, decrypt, sign, verify
  SHA1-RSA-PKCS, keySize={1024,2048}, sign, verify
  SHA256-RSA-PKCS, keySize={1024,2048}, sign, verify
  SHA384-RSA-PKCS, keySize={1024,2048}, sign, verify
  SHA512-RSA-PKCS, keySize={1024,2048}, sign, verify
  MD5-RSA-PKCS, keySize={1024,2048}, sign, verify
  RIPEMD160-RSA-PKCS, keySize={1024,2048}, sign, verify
  RSA-PKCS-KEY-PAIR-GEN, keySize={1024,2048}, generate_key_pair

I’ll attempt to update the firmware and check the mechanisms again. If anything changes, I’ll update the thread.

pieska · March 21, 2019, 7:38pm

HSM2 is 2-3 times slower than HSM1:

HSM1:
$ time pkcs11-tool -M
|real|0m6,462s|
|user|0m0,018s|
|sys|0m0,008s|

HSM2:
$ time pkcs11-tool -M
|real|0m16,432s|
|user|0m0,019s|
|sys|0m0,013s|

Can anyone confirm that? Thanks.

-ap

jimmypw · March 21, 2019, 9:12pm

HSM 1

$ time pkcs11-tool -M > /dev/null
Using slot 0 with a present token (0x0)

real	0m2.296s
user	0m0.005s
sys	0m0.003s

HSM 2

$ time pkcs11-tool -M > /dev/null
Using slot 0 with a present token (0x0)

real	0m3.679s
user	0m0.003s
sys	0m0.011s

I see a marginal slowdown on my device Centos 7.6 opensc 0.19 (compiled from source). NK HSM 2 does not work with the system provided opensc 0.16.

The actual signing operations and especially key generation is slower on the NKHSM2 which is to be expected, especially at highter key sizes.

hexa · March 22, 2019, 3:00pm

I just received HSM 2. Smart card version shows 3.1 but pkcs11-tool -M does not show new mechanisms?

$ sc-hsm-tool
Using reader with a card: Nitrokey Nitrokey HSM (DENK01019700000 ) 00 00
Version : 3.1
Config options :
User PIN reset with SO-PIN enabled
SO-PIN tries left : 15
User PIN tries left : 3

But when I run pkcs11-tool -M it does not seem to show new features like 4096 RSA keys.

Supported mechanisms:
SHA-1, digest
SHA256, digest
SHA384, digest
SHA512, digest
MD5, digest
RIPEMD160, digest
GOSTR3411, digest
ECDSA, keySize={192,320}, hw, sign, other flags=0x1d00000
ECDSA-SHA1, keySize={192,320}, hw, sign, other flags=0x1d00000
ECDH1-COFACTOR-DERIVE, keySize={192,320}, hw, derive, other flags=0x1d00000
ECDH1-DERIVE, keySize={192,320}, hw, derive, other flags=0x1d00000
ECDSA-KEY-PAIR-GEN, keySize={192,320}, hw, generate_key_pair, other flags=0x1d00000
RSA-X-509, keySize={1024,2048}, hw, decrypt, sign, verify
RSA-PKCS, keySize={1024,2048}, hw, decrypt, sign, verify
SHA1-RSA-PKCS, keySize={1024,2048}, sign, verify
SHA256-RSA-PKCS, keySize={1024,2048}, sign, verify
SHA384-RSA-PKCS, keySize={1024,2048}, sign, verify
SHA512-RSA-PKCS, keySize={1024,2048}, sign, verify
MD5-RSA-PKCS, keySize={1024,2048}, sign, verify
RIPEMD160-RSA-PKCS, keySize={1024,2048}, sign, verify
RSA-PKCS-PSS, keySize={1024,2048}, hw, sign
SHA1-RSA-PKCS-PSS, keySize={1024,2048}, sign
SHA256-RSA-PKCS-PSS, keySize={1024,2048}, sign
RSA-PKCS-KEY-PAIR-GEN, keySize={1024,2048}, generate_key_pair

Also the data sheet mentions AES, how does one access AES crypto in the card?

Thanks
Rafal

Peacekeeper · March 24, 2019, 7:55pm

Just want to mention, that on a FreeBSD Box pkcs11-too -M it is not possible to select the token-slot. Only a slot is possible. So when both Token are enabled, it looks like pkcs11 is using the higher token-slot number.

Peacekeeper · March 24, 2019, 8:35pm

Do you have two HSM in your system ? Try

pkcs11-tool -T

to see all tokens. pkcs11 will take the highest token-slot only or teh one you have configured in the drivers conf file

AES encryption - to my mind - this is on a HSM only used for backup and communication channel.

hexa · March 25, 2019, 12:31pm

Only one card, here is the output:

pkcs11-tool -T
Available slots:
Slot 0 (0x0): Nitrokey Nitrokey HSM (DENK01019700000 ) 00 00
token label : UserPIN (rafal-test)
token manufacturer : www.CardContact.de
token model : PKCS#15 emulated
token flags : login required, rng, token initialized, PIN initialized
hardware version : 24.13
firmware version : 3.1
serial num : DENK0101970
pin min/max : 6/15

I run opensc with debug, in the log clearly can see version 3.1

0x7fe91d13d0c0 20:21:15.857 [opensc-pkcs11] card.c:327:sc_connect_card: card info name:‘SmartCard-HSM version 3.1’, type:26000, flags:0x0, max_send/recv_size:255/65536

pkcs11-tool -M still not showing new capabilities, tried creating RSA 4096 key but not support.

Any advice please?

Thanks
Rafal

Peacekeeper · March 26, 2019, 12:39pm

Sorry, I am also stuck. Think you will need to contact NK