2

I am trying to write a software that will inject keys generated inside an HSM into a POS device, in the same way as described here

I'm using the Safenet emulator(software-mode) + the wrap/unwrap functionality to achieve this but I've not been able to decrypt/unwrap the data I'm getting out of the HSM through the Key Management Utility.

It seems I'm just getting garbage trying to decrypt the file which supposedly is the private key encrypted with a mock AES key that would be all zeroes for this test, and the same happens when trying to get an AES key wrapped with another AES key(even when both are all zeroes!) (for the RSA one, I've tried looking at the hex to see if it's a DER format, and I've also tried using openssl commands with it hoping there would be a key there but I think not...)

Could anyone advise me on what could be going wrong here? Is there more to the wrap/unwrap algorithm than a simple encryption/decription procedure? Is there a default Block and Padding mode being used that I'm not aware of? Any help is appreciated

Community
  • 1
Breno Salgado
  • 121
  • 2
  • 1
    Have you contacted Safenet's tech support? It sounds like something they should be able to help you with. – Neil Smithline Aug 18 '15 at 22:05
  • I'm voting to close this question as off-topic because you need to ask the vendor. – schroeder Aug 19 '15 at 04:03
  • I don't know if this kind of functionality has a standard(maybe if it's only encryption, the mode, padding or IV could be different than what I'm trying) or at least a "least-surprise-rule" so I'd put it under "using cryptography" :P but I'm in contact with the vendor, too.. But if it's really off topic then np – Breno Salgado Aug 19 '15 at 13:39

0 Answers0