nCore Key Hash
Considerations with key hashing in nCore
In the nCore API and documentation, keys are referred to by their hash. This document describes how the hash of a given key is calculated.
| For information about which key type is supported in which nShield firmware or Security World release, see the nShield Security World Release Notes. |
The hash of a private key is always the hash of a corresponding public key, therefore you can use key hashes to tie together the two halves of a key pair. This implies that computing the hash of a private key involves a private-to-public derivation step.
No Security World parameters are included in this algorithm. If you import the same key in to HSMs that are enrolled in different Security Worlds, you get the same key hash.
The subject of the hash is not simply the M_KeyData structure, marshaled in a consistent way.
This is because:
-
A single ECC key may have multiple types:
ECDHPublicorECDHLaxPublic. nCore gives them the same hash, because they are the same key, used in much the same way, just with slightly different restrictions. -
A single ECC key may have multiple representations: either using a named curve, or as one of two types of a custom curve. nCore gives them the same hash because they are just different representations of the same key.
-
An AES key may have the same raw value as an HMAC key. nCore gives them different hashes because the way they are used is fundamentally different.
-
An ECDH key may have the same raw value as an ECDSA key. nCore gives them different hashes because the way they are used is fundamentally different.