4

We are migrating from Thales 8000 to Thales Payshield 9000. We generated an RSA Key Pair in 8000 (with EI - Generate a Public/Private Key Pair command). We stored the public key on the host and loaded the private key to the HSM's tamper-protected memory (with EK - Load a Private Key command).

The problem is we didn't keep the private key and we don't want to create a new key pair because we have to start a new certification process with the vendor if we do this. Is there a solution like storing this key on a smartcard and moving to the new version like LMK.

I read the Thales console - command reference and programmers manual but wasn't able to find a solution.

Panagiotis Giannakis
  • 400
  • 1
  • 9
  • 19
adaptor
  • 43
  • 2
  • 5
  • 1
    There probably aren't many people on Stack Overflow who would know the answer to this. If it's an option, I'd suggest contacting Thales support. I've added the `cryptography` tag, which will get it a bit more visibility. – softwariness Apr 03 '15 at 13:27
  • Unfortunately we couldn't contact to Thales support directly. Thank you very much for the corrections and the cryptography tag. – adaptor Apr 03 '15 at 13:50
  • Hi, Can you pls tell me how you loaded the private key to Thales HSM with EK command? I am getting invalid data every time. It would be very helpful if you could pls let me know the process for extracting public, and private keys from the EI command and loading the private key using the EK command. Code would be helpful if you can provide it here. – CoderXT Aug 30 '23 at 07:35

3 Answers3

5

The private key that is returned from a Thales HSM keypair generation command (this is command EI on the Payshield 9000 that I have access to) is encrypted under LMK keypair 34-35. You will never see this in the clear i.e unencrypted form.

The only way you could extract this from the HSM would be if you knew that LMK keypair; you could then use this to decrypt it. This is often possible in a test environment where a set of known test LMK keypairs are sometimes used. In a production environment, however, doing this would obviously compromise the security of the entire HSM and any system dependent upon it.

In your situation, you really have little option but to generate a new keypair and then store the encrypted private key bytes.

The problem, however, with only ever having the private key encrypted under this LMK key pair is that you need to use the HSM to sign a CSR, instead of an established tool like openssl.

I did this by using the EI command (generate an RSA keypair) to generate a keypair, storing the raw encrypted private key bytes returned in a file, constructing an unsigned CSR structure, sending that to the HSM with the private key bytes under command EW (Generate a signature), and then appending the signature to my CSR structure.

Bannatyne84
  • 162
  • 2
  • 12
  • 2
    Hi, how do you construct an unsigned CSR structure and what do you mean "appending the signature to my csr structure"? Can you give an example of it, I need to use an HSM to create a CSR signed by the private **encrypted** key provided by HSM – Domenico Luciani Sep 26 '18 at 14:00
  • Here's a question I asked while I was trying to work through this. Constructing a CSR will depend on what you intend to construct it with. In Java, I used ASN1 objects provided by bouncycastle libraries. https://stackoverflow.com/questions/46078230/why-does-the-symantec-csr-checker-think-my-csr-is-missing-a-null-value-in-algori – Bannatyne84 Sep 27 '18 at 14:08
0

If you did not save the output (key block) of the EI command, then the chances of getting that key out of there are practically non-existant. Sorry!

Enavr0
  • 21
  • 1
0

Yes, on two conditions only you can Export an RSA Private Key from payshield 9000 HSM to another payshield 9000 HSM:

1st condition: by purchasing certain license which is HSM9-LIC016 and using the host command L8 which is used to export an RSA Private Key under ZMK. Please refer to "1270A548-037 Card & Mobile Issuance LIC011,016" manual to see detailed steps of host command L8 2nd condition:You should have recorded the Private Key in a secure manner, which you firstly generated it by EI host command, it is generated encrypted under the old LMK, so you can document it securely for future usage like your critical situation you face now.

The Host command L8 function supports the export of an RSA Private Key from encryption under the LMK to encryption under a Zone Master Key.

The following security settings must be configured by console command CS to allow use of this command:

1- 'Enable import / export of RSA Private Keys?' MUST be set to 'YES' (defaults to NO).

2- 'Key export and import in trusted format only?' MUST be set to 'NO' (defaults to YES)

On the other HSM2:

Import an RSA Private Key using the Host command L6

Although, I can send you the steps in deep details if you want.

Refer to manual: 1270A548-037 Card & Mobile Issuance LIC011,016,018,023 v3.4 Release:October 2018

Amir Omran
  • 1
  • 2