We are evaluating the Nitrokey HSM2. Everthing is working as expected but would like an authoritative answer from Nitrokey before proceeding further.
Is it possible to extract an imported or generated RSA or EC Private key if one has the SO and User passwords? How about if neither is available? For example, with sufficient knowlege of the device using hardware probes, etc.?
Please let us know.