Symmetric Key Import2 (CSNDSYI2)

Use the Symmetric Key Import2 verb to import a symmetric key contained in an external variable-length symmetric key-token that has been exported by the Symmetric Key Export or the Key Generate2 verb into a variable-length symmetric key-token. The verb imports the key into an internal variable-length symmetric key-token or into an internal fixed-length DES key- token.

Beginning with CCA Release 7.5, you can use Symmetric Key Import2 to import external keys that have been previously formatted using the RSA AES key wrap mechanism.

The RSA AES key wrap mechanism, denoted CKM_RSA_AES_KEY_WRAP, is a PKCS #11 mechanism based on the RSA public key cryptography and the AES key wrap mechanism. It supports single-part key wrapping and key unwrapping. The RSA AES key wrap mechanism can wrap and unwrap a single-part target key of any length and type, using an RSA key. For importing (unwrapping), the RSA AES key wrap mechanism performs the following operations:

  • Splits the input into two parts. The first part is the wrapped AES key and the second part is the wrapped target key. The length of the first part is equal to the length of the unwrapping RSA key.
  • Un-wraps the temporary AES key from the first part with the private RSA key using CKM_RSA_PKCS_OAEP (PKOAEP2).
  • Wraps the target key with the temporary AES key using CKM_AES_KEY_WRAP_KWP (see Specifications of KW and KWP in NIST Special Publication 800-38F, December 2012).
    Note: Version 2.40 of the PKCS #11 documentation mentioned CKM_AES_KEY_WRAP_PAD as the wrapping method. Version 3.0 of the PKCS #11documentation mentions CKM_AES_KEY_WRAP_KWP. Both methods are essentially equivalent, and the resulting objects are compatible.
  • Zeroizes the temporary AES key.
  • Returns the newly unwrapped target key as a CCA token.

The enciphered input key to be imported can be one of the following, depending on what release is used:

  • In all releases, the input key cant be an HMAC key that has been previously formatted using key-formatting method PKOAEP2.
  • AES keys are supported along with support for the AES token algorithm. With this support, the input key can also be an HMAC key that has been previously formatted using key-formatting method AESKW, provided that the operational AES key-encrypting key used to encipher the key is provided. Likewise, an AES key can either be in an external AES variable-length symmetric key-token enciphered under an AES key-encrypting key (AESKW), or an RSA public-key (PKOAEP2).
  • DES keys are supported, along with support for the DES token algorithm. With this support, the input key must have a key type of DESUSECV. A DESUSECV key contains the control vector and other information necessary to recreate the original internal fixed-length DES key-token.

    When importing a DES key, the verb must decide whether to use the legacy ECB mode or the enhanced CBC mode when wrapping the key in the target key-token. New optional key-wrapping method keywords are added to select which key-wrapping method to use.

    Also when importing a DES key, a new optional translation control keyword allows the target key to be restricted to being wrapped only with the enhanced CBC method once it has been wrapped with the enhanced method.

Before importing a DES key (Release 4.4 or later), the verb must determine whether to wrap the target key in legacy ECB mode or in enhanced CBC mode. These factors influence the key-wrapping method used for the imported target key-token:

  1. The first is the default internal key-token key-wrapping preference of the receiving system where the target key token will be created. The receiving system can be set to a preference to wrap internal key tokens in either ECB or Enhanced modes.
  2. The second is the key-wrapping method used to wrap the original key which was exported from the originating system.
  3. The third is the key-wrapping method used by the verb which is specified by an optional key-wrapping method keyword or by default.
Note: This verb supports PCI-HSM 2016 compliant-tagged key tokens.
Table 1 and Table 2 show how the key-wrapping method will be determined for the target key, based on the previously explained factors.
Table 1. Symmetric Key Import2 key-wrapping method of target key with default ECB (Legacy)

Symmetric Key Import2 key-wrapping method of target key when default is ECB (Legacy)

Wrap method of original key that was exported Key-wrapping method keyword Key-wrapping method used for the imported target key
ECB (Legacy) USECONFG ECB (Legacy).
WRAP-ECB Under control of command Symmetric Key Import2 - Allow wrapping override keywords (offset X'02B9'):
  • If X'02B9' is enabled, ECB (Legacy).
  • If X'02B9' is not enabled, not authorized error is returned.
WRAP-ENH Under control of offset X'02B9':
  • If X'02B9' is enabled, Enhanced. In addition, if ENH-ONLY keyword, CV bit 56 is set to B'1' (ENH-ONLY).
  • If X'02B9' is not enabled, not authorized error is returned.
Enhanced with CV bit 56 = B'0' (not ENH-ONLY) USECONFG ECB (Legacy).
WRAP-ECB Under control of command offset X'02B9':
  • If X'02B9' is enabled, ECB (Legacy).
  • If X'02B9' is not enabled, not authorized error is returned.
WRAP-ENH Under control of offset X'02B9':
  • If X'02B9' is enabled, Enhanced. In addition, if ENH-ONLY keyword, CV bit 56 is set to B'1' (ENH-ONLY).
  • If X'02B9' is not enabled, not authorized error is returned.
Enhanced with CV bit 56 = B'1' (ENH-ONLY) USECONFG Control information in the key token conflicts with that in the rule array error is returned.
WRAP-ECB Under control of offset X'02B9':
  • If X'02B9' is enabled, control information in the key token conflicts with that in the rule array error is returned.
  • If X'02B9' is not enabled, not authorized error is returned.
WRAP-ENH Under control of offset X'02B9':
  • If X'02B9' is enabled, Enhanced and CV bit 56 is set to B'1' (ENH-ONLY).
  • If X'02B9' is not enabled, error not authorized is returned.
Note: Conversion of an original key-token wrapped in Enhanced mode to an imported target key-token wrapped in ECB mode reduces security for that key. In this case, a command to override the system key-wrapping default is required.
Table 2. Symmetric Key Import2 key-wrapping method of target key with default CBC (Enhanced)

Symmetric Key Import2 key-wrapping method of target key with default CBC (Enhanced)

Wrap method of original key that was exported Key-wrapping method keyword Key-wrapping method used for the imported target key
ECB (Legacy) USECONFG Enhanced. In addition, if ENH-ONLY keyword, CV bit 56 is set to B'1' (ENH-ONLY).
WRAP-ECB Under control of offset X'02B9':
  • If X'02B9' is enabled, ECB (Legacy).
  • If X'02B9' is not enabled, not authorized error is returned.
WRAP-ENH Enhanced. In addition, if ENH-ONLY keyword, CV bit 56 is set to B'1' (ENH-ONLY).
Enhanced with CV bit 56 = B'0' (not ENH-ONLY) USECONFG Enhanced. If ENH-ONLY keyword, CV bit 56 is set to B''1' (ENH-ONLY).
WRAP-ECB Under control of offset X'02B9':
  • If X'02B9' is enabled, ECB (Legacy).
  • If X'02B9' is not enabled, not authorized error is returned.
WRAP-ENH Enhanced. In addition, if ENH-ONLY keyword, CV bit 56 is set to B'1' (ENH-ONLY).
Enhanced with CV bit 56 = B'1' (ENH-ONLY) USECONFG Enhanced and CV bit 56 is set to B'1' (ENH-ONLY).
WRAP-ECB Under control of offset X'02B9':
  • If X'02B9' is enabled, control information in the key token conflicts with that in the rule array error is returned.
  • If X'02B9' is not enabled, not authorized error is returned.
WRAP-ENH Under control of offset X'02B9':
  • If X'02B9' is enabled, enhanced and CV bit 56 is set to B'1' (ENH-ONLY).
  • If X'02B9' is not enabled, not authorized error is returned.
Note: Conversion of an original key-token wrapped in ECB (Legacy) mode to an imported target key-token wrapped in Enhanced (CBC) mode improves security for that key.