Comments (4)
We would be reporting the error returned from SoftHSM2. You could test VALUE
is correct by doing an encrypt operation both locally and in the HSM. Or set the key as extractable and then pull it back out.
However, be mindful of what you're using the HSM for. HSMs are rarely, if ever, encryption accelerators. Your computer is almost always faster than any (hard) HSM. HSMs are a secure domain in which to hold keys and do crypto with secrets that mustn't touch real hardware. Importing externally created secret/private keys into your HSM defeats this goal. Instead create keys in your HSM that you can never read.
from python-pkcs11.
My use case is that I only need to encrypt few MB of data. Speed is not my main concern. I import the key into HSM because decryption will happen somewhere else.
I understand keys should be generated in HSM for security. However, anyone with physical access to the computer the HSM is attached to can just request the key from HSM. In most cases for a dedicated attacker it is not that hard to find user pin in binaries, and etc.
In issue 48 you said
If you were looking to do symmetric crypto you could generate a symmetric session key using diffie-hellman against a private key on the device and then do the AES on the computer. There's an example of this in the tests.
but as I said the decryption will be made somewhere else. I might be missing something as I'm new to this field. If you have any suggestions I'm happy to listen.
from python-pkcs11.
I question then why you want to use a HSM at all for this setup. Why not just do the crypto on your much faster real CPU? Be aware that a number of HSMs won't even let you import key material.
I understand keys should be generated in HSM for security. However, anyone with physical access to the computer the HSM is attached to can just request the key from HSM. In most cases for a dedicated attacker it is not that hard to find user pin in binaries, and etc.
HSM setups are about limiting the damage. The key material can never be extracted. This means that while if someone acquires the pin, they can only carry out operations while they have the pin and the token. If the pin is changed or the token is removed from the HSM they can no longer use the key. In a compromise scenario this means you can limit the amount of damage caused by unauthorised access to the HSM.
Many commercial HSMs also have a number of features for protecting especially valuable keys, e.g. split tokens (2 or 3 tokens are required to access the key) or out-of-computer PIN interfaces.
In #48 I was suggesting using hybrid crypto to achieve symmetric crypto on devices that only support asymmetric crypto, while protecting the key material. TLS and PGP both have standardised protocols/formats and encapsulations for this. Avoid reinventing the cryptographic wheel where possible.
from python-pkcs11.
Closing due to lack of activity.
from python-pkcs11.
Related Issues (20)
- Broken by unpinned Cython 0.29.31: CYTHON_ATOMICS error: lvalue required as left operand of assignment HOT 10
- OverflowError: Python int too large to convert to C ssize_t
- lack of support for generation of `CKK_GENERIC_SECRET` key type.
- Errors in _pkcs11.pyx file: change operand "is" by "=="
- Error received when installing: 'TypeError: can only concatenate tuple (not "list") to tuple' is back HOT 2
- Small Typo in _pkcs11.pyx HOT 5
- How to import X.509v3 digital certificate inside the token or hsm
- 0.7.0: issue with testing🤔 HOT 6
- Can't extract public key from Nitrokey HSM after creation HOT 3
- test opensession softhsmv2 HOT 1
- BUG: sign DATA over 512 bytes doesn't work HOT 3
- Typo in "Applied" docs - Generating Keys
- Python3.6 and earlier do not have annotations HOT 3
- Question regarding get_keys()
- New realese with support for python >= 3.10 on Windows HOT 4
- Cannot install python-pkcs11 using python 3.12 HOT 2
- New release needed HOT 6
- Unable to use 64-bit PKCS#11 libraries (drivers) HOT 2
- segfaulting only on github action
- get_objects() fails with missing enum value HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from python-pkcs11.