CKM_AES_CBC_CMAC

CKM_AES_CBC_CMAC_WRAP

This mechanism is used to wrap keys that can be loaded on a GlobalPlatform Card supporting SCP03 while using the HSM in FIPS approved configuration. This allows you to wrap any keys including PrivateKeyFormatted, such as RSA CRT keys. It cannot wrap BER-encoded private keys. Keys are wrapped using the CKM_AES_CBC mechanism.

Two AES key handles are passed in, one for encryption and one for signature computation. The encryption key must have its CKA_WRAP attribute set to true. The signing key must have its CKA_SIGN attribute set to true, and should also have CKA_VERIFY set to true if verification is required. The CMAC signature is computed and appended to the encrypted data. The HSM checks that the signing key value and the encryption key value are different.

The mechanism parameters are defined as follows:

typedef struct CK_AES_CBC_CMAC_WRAP_PARAMS {
    CK_OBJECT_HANDLE signingKey;
    CK_BYTE_PTR      iv;
    CK_ULONG         ulIvLen;
    CK_BYTE_PTR      pFormatData;
    CK_ULONG         ulFormatDataLen;
}

The IV must be present in the mechanism parameter structure.

The pFormatData array is expected only for RSA private key wrapping; for other key types it must not be included, and thus ulFormatDataLen must be set to 0 or an error is returned. Refer to Key Export Features for information on how to set up pFormatData.

If the key to wrap is an RSA private key, only CRT component(s) can be wrapped out. If KM_CUSTOM_FORMAT is not received, the wrap command will fail.

If KM_GEMPLUS_GPK4000_FORMAT is received, the wrap command will fail.

Firmware 7.8.9 and Newer Summary

FIPS approved?	Yes
Supported functions	Wrap
Functions restricted from FIPS use	None
Minimum key length (bits)	128
Minimum key length for FIPS use (bits)	128
Minimum legacy key length for FIPS use (bits)	N/A
Maximum key length (bits)	256
Block size	16
Digest size	0
Key types	AES
Algorithms	AES
Modes	CBC
Flags	None

Example using CKDEMO

Here is an example of how to use this mechanism with CKdemo option (60) Wrap key.

Enter your choice : 60
[1]DES-ECB        [2]DES-CBC        [3]DES3-ECB       [4]DES3-CBC
                                    [7]CAST3-ECB      [8]CAST3-CBC
[9]RSA            [10]TRANSLA       [11]DES3-CBC-PAD  [12]DES3-CBC-PAD-IPSEC
[13]SEED-ECB      [14]SEED-CBC      [15]SEED-CBC-PAD  [16]DES-CBC-PAD
[17]CAST3-CBC-PAD [18]CAST5-CBC-PAD [19]AES-ECB       [20]AES-CBC
[21]AES-CBC-PAD   [22]AES-CBC-PAD-IPSEC [23]ARIA-ECB  [24]ARIA-CBC
[25]ARIA-CBC-PAD  [26]RSA_OAEP      [27]SET_OAEP      [28]AES-CTR
[29]DES3-CTR      [30]AES-KW        [31]AES-KWP       [34]AES-KEY-WRAP
[35]AES-GCM       [36]AES_CBC_CMAC_WRAP
Select mechanism for wrapping: 36
Use external IV? [0 = no, 1 = yes]: 1
 
Enter IV in hex format (required size is 16 bytes): 00000000000000000000000000000000
Wrap RSA components? [0 = no, 1 = yes]: 1
 
Enter data in hex format: 00000000000000010000012300000001000001240000000100000125000000010000012600000001000001270000000100000128
 
Enter handle of signing key (0 to list available objects) : 0
 
handle        517 (0x00000205) -- label: Generated RSA Private Key
handle        516 (0x00000204) -- label: Generated RSA Public Key
handle        513 (0x00000201) -- label: Generated AES Key
handle        510 (0x000001fe) -- label: Generated AES Key
 
Number of objects found = 4
 
 
Enter handle of signing key (0 to list available objects) : 513
 
Enter handle of wrapping key (0 to list available objects) : 510
 
Enter handle of key to wrap (0 to list available objects) : 517
Wrapped key was saved in file wrapped.key
 
Status: Doing great, no errors (CKR_OK)



	SUPPORT	LEGAL
Luna PCIe HSM 7 Documentation © Copyright 2001-2025, Thales Group Last Updated: 2025-09-05 07:23:03 GMT-05:00	Customer Release Notes Customer Support Portal Support Contacts	End User License Agreement Third Party Software Licenses Document Information