<p>Following up from my previous writeup on <ahref="2016-03-21-elliptic-curve-certificate-authority.html">creating an EC CA</a>, let’s talk about key security.</p>
<p><ahref="https://en.wikipedia.org/wiki/Hardware_security_module">Hardware security modules</a> are physical devices that manage keys. Generally, the rule is that they let you use the keys for operations (e.g. signing) given correct authentication, but don’t let you extract the raw key material. This means that if you’re holding the HSM, you know that no one else is currently abusing your key (though they may have done so in the past).</p>
<p>Searching for reasonably-priced options, I found the <ahref="https://shop.nitrokey.com/shop/product/nitrokey-hsm-7">Nitrokey HSM</a>. Open source hardware, firmware, and software. Supports EC keys. Supports lots of keys. Supports Linux. Awesome.</p>
<p><rant>Open source gets a bad rap sometimes, for the same reason PHP does: it has a low barrier to entry (that’s a simplification in pretty much all directions, but roll with it). That means there’s a lot of crap out there, because it’s so easy to start things without a significant audience and not hold to rigorous standards. Open source hardware, however, doesn’t have this excuse. You’re selling it. The fact that you publish the designs and the firmware is secondary; you’re still making money from it, and there’s no excuse for shipping shit that you haven’t actually finished turning into a product.</rant></p>
<p>Below are the steps to get the Nitrokey HSM to a working state where it can generate an EC key pair, and (self-)sign a cert with it. Hopefully many of these go away in the future, as support percolates into release versions and distribution packages.</p>
<p>You’ll need a <ahref="https://www.nitrokey.com/documentation/frequently-asked-questions#which-gnupg,-opensc-and-libccid-versions-are-required">newer version of libccid</a> than currently exists in Raspbian Jessie (1.4.22 > 1.4.18). You can download it for your platform here, or use the commands below for an RPi.</p>
<p>engine_pkcs11 requires >= 0.3.1. Raspbian Jessie has 0.2.8. Debian sid <ahref="https://packages.debian.org/sid/libp11-2">has a package</a>, but you need the dev package as well, so you might as well build it.</p>
<p>EC <ahref="https://www.nitrokey.com/forum/viewtopic.php?t=1549">requires engine_pkcs11 >= 0.2.0</a>. Raspbian Jessie has 0.1.8. Debian <ahref="https://packages.debian.org/sid/libengine-pkcs11-openssl">sid also has a package</a> that I haven’t tested.</p>
<p>As of writing (2016/Mar/26), working support for the Nitrokey HSM <ahref="https://www.nitrokey.com/documentation/frequently-asked-questions#which-gnupg,-opensc-and-libccid-versions-are-required">requires a build of OpenSC</a> that hasn’t made it into a package yet (0.16.0). They’ve also screwed up their repository branching, so master is behind the release branch and won’t work.</p>
<p>If this tells you that it can’t find the device, you probably forgot to update libccid, and need to start over. You’ll need to set an SO PIN and PIN the first time. The SO PIN should be 16 characters, and the PIN 6. Both should be all digits. They can technically be hex, but some apps get confused if they see letters.</p>
<p>If you now have a cert.pem file, you’re golden. If you see “error in req”, you probably have a <ahref="https://www.nitrokey.com/forum/viewtopic.php?t=1549">bad version of OpenSC</a>.</p>
<p>Now, delete the file, re-initialize the device, and you’re good to go.</p>
<p>More instructions on various Nitrokey HSM operations can be found <ahref="https://github.com/OpenSC/OpenSC/wiki/SmartCardHSM#init">here</a>.</p>
<p>Instructions for running a complete certificate authority (CA) with your Nitrokey are <ahref="2016-03-27-ec-ca-redux-now-with-more-nitrokey.html">here</a>.</p>
