Use a key stored in HSM as "plain text input" for encryption

Chesnet · October 14, 2025, 7:53am

Hello,

I am probably asking for something impossible, but I ask just in case..

We want to sign/encrypt our bootloaders using a Nitrokey HSM 2 (with OpenSSL + PKCS11 Engine (sc-hsm)).

The manufacturer does not provide any support about doing it with HSM. They provide a method with “key files” and “scripts that generate keys”

Currently our implementation with HSM works but there is one “really bad thing”: We need to import the key’s in the HSM!

It means : keys are not created by the HSM
It means : someone have access to the keys when he prepare the HSM

I am watching if it’s possible to create the key’s directly from the HSM but there are some particularities that make it maybe impossible.

First we have to generate a key “X”, they generate it like this:

openssl rand -hex "16" > "X.txt"
openssl rand -hex "16" >> "X.txt"

openssl rand -hex "16" > "X_IV.txt"

The first 16 bytes of “X.txt” is called: X_ENC_KEY
The second 16 bytes of “X.txt” is called: X_MAC_KEY

And a Y key like this:

openssl rand -hex "16" > "Y.txt"
openssl rand -hex "16" >> "Y.txt"

openssl rand -hex "16" > "Y_IV.txt"

Remarks:

As we work with HSM, we maybe have to create two keys of 16 bytes in the HSM (instead of one that is the concat of ENC_KEY + MAC_KEY)
The IV can stay outside (or should be extractible)

Then we need to generate an “encrypted_Y.bin”:

This is an encrypted variant of the key and it can be shared.
- Contat of [encrypted key + mac (to check integrity/validity)]

They do it like this:

Y.txt (converted as binary) | openssl enc -aes-128-cbc -e -nosalt -nopad -K “${X_ENC_KEY}” -iv “${X_ENC_IV0}” > “encrypted_Y.bin”

Y.txt (converted as binary) | openssl dgst -mac cmac -macopt cipher:aes-128-cbc -macopt hexkey:“${X_MAC_KEY}” -binary >> “encrypted_Y.bin”

Problem:

They use a “key” (Y.txt (converted as binary)) (supposed to be private) as input of the openssl commands. If this key is stored in HSM, I think it’s not possible to use it as input of OpenSSL command. (Do you confirm ? or is there some black-magic with Smard Card Shell that make it possible ? (like a custom aes-128-cbc command..))
For the “-iv”, it’s maybe impossible to pass the IV in PKCS11 URI, so IV must be extractible (if stored in HSM). (maybe : no problems)
For the MAC command, I don’t know yet if it’s possible or not.

The biggest issue is the point 1.

Chesnet · October 14, 2025, 12:32pm

Another related question, around this process..

Is it possible to do this :

Generate an AES key in the HSM (called : ZZZ)
Export this key with some PGP encryption
Then we transmit it to the webserver of the manufacturer (this is how their things works) and we get a “Wrapped-ZZZ.bin” file (pgp encrypted)
Import the “Wrapped-ZZZ.bin” file (pgp encrypted) in the HSM

Step 2 and 4 are maybe not possible ? We have to transmit the key using PGP this is how the thing work with the manufacturer.

Chesnet · October 20, 2025, 7:39am

@sc-hsm Did you know if the Nitrokey HSM 2 has the possibility to use an internal key as AES-CBC encryption or CMAC input ?

sc-hsm · October 20, 2025, 5:11pm

No, the SmartCard-HSM has no mechanism to wrap internal AES keys other than with the Key Encryption Key.

There are just too many variants in key wrapping to implement them all in a device like this.