Symmetric Key Import2 (CSNDSYI2)
Use the Symmetric Key Import2 verb to import a symmetric key contained in an external variable-length symmetric key-token that has been exported by the Symmetric Key Export or the Key Generate2 verb into a variable-length symmetric key-token. The verb imports the key into an internal variable-length symmetric key-token or into an internal fixed-length DES key- token.
Beginning with CCA Release 7.5, you can use Symmetric Key Import2 to import external keys that have been previously formatted using the RSA AES key wrap mechanism.
The RSA AES key wrap mechanism, denoted CKM_RSA_AES_KEY_WRAP, is a PKCS #11 mechanism based on the RSA public key cryptography and the AES key wrap mechanism. It supports single-part key wrapping and key unwrapping. The RSA AES key wrap mechanism can wrap and unwrap a single-part target key of any length and type, using an RSA key. For importing (unwrapping), the RSA AES key wrap mechanism performs the following operations:
- Splits the input into two parts. The first part is the wrapped AES key and the second part is the wrapped target key. The length of the first part is equal to the length of the unwrapping RSA key.
- Un-wraps the temporary AES key from the first part with the private RSA key using CKM_RSA_PKCS_OAEP (PKOAEP2).
- Wraps the target key with the temporary AES key using CKM_AES_KEY_WRAP_KWP (see
Specifications of KW and KWP in NIST Special Publication
800-38F, December 2012). Note: Version 2.40 of the PKCS #11 documentation mentioned CKM_AES_KEY_WRAP_PAD as the wrapping method. Version 3.0 of the PKCS #11documentation mentions CKM_AES_KEY_WRAP_KWP. Both methods are essentially equivalent, and the resulting objects are compatible.
- Zeroizes the temporary AES key.
- Returns the newly unwrapped target key as a CCA token.
The enciphered input key to be imported can be one of the following, depending on what release is used:
- In all releases, the input key cant be an HMAC key that has been previously formatted using key-formatting method PKOAEP2.
- AES keys are supported along with support for the AES token algorithm. With this support, the input key can also be an HMAC key that has been previously formatted using key-formatting method AESKW, provided that the operational AES key-encrypting key used to encipher the key is provided. Likewise, an AES key can either be in an external AES variable-length symmetric key-token enciphered under an AES key-encrypting key (AESKW), or an RSA public-key (PKOAEP2).
- DES keys are supported, along with support for the DES token algorithm. With this support, the
input key must have a key type of DESUSECV. A DESUSECV key contains the control vector and other
information necessary to recreate the original internal fixed-length DES key-token.
When importing a DES key, the verb must decide whether to use the legacy ECB mode or the enhanced CBC mode when wrapping the key in the target key-token. New optional key-wrapping method keywords are added to select which key-wrapping method to use.
Also when importing a DES key, a new optional translation control keyword allows the target key to be restricted to being wrapped only with the enhanced CBC method once it has been wrapped with the enhanced method.
Before importing a DES key (Release 4.4 or later), the verb must determine whether to wrap the target key in legacy ECB mode or in enhanced CBC mode. These factors influence the key-wrapping method used for the imported target key-token:
- The first is the default internal key-token key-wrapping preference of the receiving system where the target key token will be created. The receiving system can be set to a preference to wrap internal key tokens in either ECB or Enhanced modes.
- The second is the key-wrapping method used to wrap the original key which was exported from the originating system.
- The third is the key-wrapping method used by the verb which is specified by an optional key-wrapping method keyword or by default.
| Wrap method of original key that was exported | Key-wrapping method keyword | Key-wrapping method used for the imported target key |
|---|---|---|
| ECB (Legacy) | USECONFG | ECB (Legacy). |
| WRAP-ECB | Under control of command Symmetric Key Import2 - Allow wrapping override
keywords (offset X'02B9'):
|
|
| WRAP-ENH | Under control of offset X'02B9':
|
|
| Enhanced with CV bit 56 = B'0' (not ENH-ONLY) | USECONFG | ECB (Legacy). |
| WRAP-ECB | Under control of command offset X'02B9':
|
|
| WRAP-ENH | Under control of offset X'02B9':
|
|
| Enhanced with CV bit 56 = B'1' (ENH-ONLY) | USECONFG | Control information in the key token conflicts with that in the rule array error is returned. |
| WRAP-ECB | Under control of offset X'02B9':
|
|
| WRAP-ENH | Under control of offset X'02B9':
|
|
|
Note: Conversion of an original key-token wrapped in Enhanced mode to an imported target key-token
wrapped in ECB mode reduces security for that key. In this case, a command to override the system
key-wrapping default is required.
|
||
| Wrap method of original key that was exported | Key-wrapping method keyword | Key-wrapping method used for the imported target key |
|---|---|---|
| ECB (Legacy) | USECONFG | Enhanced. In addition, if ENH-ONLY keyword, CV bit 56 is set to B'1' (ENH-ONLY). |
| WRAP-ECB | Under control of offset X'02B9':
|
|
| WRAP-ENH | Enhanced. In addition, if ENH-ONLY keyword, CV bit 56 is set to B'1' (ENH-ONLY). | |
| Enhanced with CV bit 56 = B'0' (not ENH-ONLY) | USECONFG | Enhanced. If ENH-ONLY keyword, CV bit 56 is set to B''1' (ENH-ONLY). |
| WRAP-ECB | Under control of offset X'02B9':
|
|
| WRAP-ENH | Enhanced. In addition, if ENH-ONLY keyword, CV bit 56 is set to B'1' (ENH-ONLY). | |
| Enhanced with CV bit 56 = B'1' (ENH-ONLY) | USECONFG | Enhanced and CV bit 56 is set to B'1' (ENH-ONLY). |
| WRAP-ECB | Under control of offset X'02B9':
|
|
| WRAP-ENH | Under control of offset X'02B9':
|
|
|
Note: Conversion of an original key-token wrapped in ECB (Legacy) mode to an imported target
key-token wrapped in Enhanced (CBC) mode improves security for that key.
|
||