Verifying an attestation bundle

An attestation bundle can be verified as follows.

$ nfkmattest verify PATH

This will output information about the key in JSON format. The fields are:

Key Syntax Meaning

path

string

The path of the bundle file

protection

string

Type of protection, either module, softcard or cardset

recovery

boolean

Whether key recovery is enabled for the key, if available

permissions

list

Key usage permissions

esn

string

Electronic Serial Number (ESN) of the HSM used to generate the key

hknso

string

The hash of the nShield Security Officer key (KNSO) for the Security World used to generate the key

k

object

Public key parameters (a more detailed breakdown can be seen in the section below)

Private key operations

The permissions field is a list of the permitted private key operations. The following are the possible options.

Permission Description

decrypt

Key can decrypt messages, yielding plaintext

unwrap

Key can decrypt messages, yielding a key inside the HSM (this includes loading of key blobs)

sign

Key can sign messages

Public key parameters

The k field is the public key is an nCore M_KeyData structure in JSON format. The key object has two fields.

Key Syntax Meaning

k.type

string

The public key type, described in sections below

k.data

object

Public key material

In almost all cases, integers are represented as the RFC4648 section 4 base64 encoding of the big-endian form of the integer value. The representation is normally minimal, meaning that a value of 0 is represented by the empty string.

The fields in k.data will depend on the key type.

RSA public keys

The key type is RSAPublic. The data object has two fields.

Key Syntax Meaning

k.data.n

base64(integer)

Public modulus

k.data.e

base64(integer)

Public exponent

DSA and KCDSA public keys

The key types are DSAPublic and KCDSAPublic. The data object has the following fields.

Key Syntax Meaning

k.data.dlg

object

Container for domain parameters

k.data.dlg.p

base64(integer)

Field modulus

k.data.dlg.q

base64(integer)

Subgroup order

k.data.dlg.g

base64(integer)

Subgroup generator

k.data.y

base64(integer)

Public key

ECC public keys

The key types are ECDSAPublic (signature only), ECDHPublic (key agreement only) and ECPublic. The data object has the following fields.

Key Syntax Meaning

k.data.curve

object

Container for domain parameters

k.data.curve.name

string

Domain parameters of curve (see below for supported values)

k.data.Q

object

Public point

k.data.Q.flags

list

Always empty

k.data.Q.x

base64(integer)

X coordinate of public point

k.data.Q.y

base64(integer)

Y coordinate of public point

Supported values for k.data.curve.name

The supported named curves are as follows.

NISTP192

NISTP224

NISTP256

NISTP384

NISTP521

NISTB163

NISTB233

NISTB283

NISTB409

NISTB571

NISTK163

NISTK233

NISTK283

NISTK409

NISTK571

BrainpoolP160r1

BrainpoolP160t1

BrainpoolP192r1

BrainpoolP192t1

BrainpoolP224r1

BrainpoolP224t1

BrainpoolP256r1

BrainpoolP256t1

BrainpoolP320r1

BrainpoolP320t1

BrainpoolP384r1

BrainpoolP384t1

BrainpoolP512r1

BrainpoolP512t1

ANSIB163v1

ANSIB191v1

SECP160r1

SECP256k1

If this field is Custom or CustomLCF, the full domain parameters of the curve are given in further fields. These are described in the nCore API documentation.

Ed25519 public keys

The key type is Ed25519Public. The data object has the following field.

Key Syntax Meaning

k.data.k

base64(bytes)

RFC8032-format public key