A1 response HSM is missing the U in key under ZMK when mode in A0 is a 1

Jul 10, 2015 at 2:19 PM
Edited Jul 10, 2015 at 2:21 PM
A0 command with mode 1 (generate and encrypt under ZMK)

Simulator trace
=== [A0], starts 19:50:58.122 =======
[Key,Value]=[Key Scheme LMK,U]
[Key,Value]=[Key Scheme ZMK,Z]
[Key,Value]=[Key Type,009]
[Key,Value]=[Mode,1]
[Key,Value]=[ZMK,BB839220AE2F70A754F05D356107D6E3]
[Key,Value]=[ZMK Scheme,U]

Key generated (clear): 8F02BA5BCE67C254E064DF8AB6DA139D
Key generated (LMK): UE02E8A668D9CFFD9443FB8D65BA5F087
Check value: 67CA48
ZMK (clear): 3E3BEC0BC2BCF789E3BFB0F8BF8F9EF2
Key under ZMK: AE5FF819A5D88A9EC62761564EB81339
=== [A0],   ends 19:50:58.142 =======
Hexdump

127.0.0.1:60279
30 30 30 30 41 31 30 30 | 0000A100
55 45 30 32 45 38 41 36 | UE02E8A6
36 38 44 39 43 46 46 44 | 68D9CFFD
39 34 34 33 46 42 38 44 | 9443FB8D
36 35 42 41 35 46 30 38 | 65BA5F08
37 41 45 35 46 46 38 31 | 7AE5FF81
39 41 35 44 38 38 41 39 | 9A5D88A9
45 43 36 32 37 36 31 35 | EC627615
36 34 45 42 38 31 33 33 | 64EB8133
39 36 37 43 41 34 38    | 967CA48
The spec indicates key under lmk to be 1 A + 32/48 H, the 1A part is not being sent by the HSM in the response.
Jul 10, 2015 at 4:16 PM
'U' is the key scheme and it is exactly the 1A part
Jul 14, 2015 at 3:02 AM
Edited Jul 14, 2015 at 3:06 AM
teryakif wrote:
'U' is the key scheme and it is exactly the 1A part
Not sure what you are stating, the U is present . The problem is the the 1A part in the response for "Key under ZMK" [AE5FF819A5D88A9EC62761564EB81339] is missing. Its coming back without the scheme and is required as part of the Thales spec if is wider than 16 then a scheme is required (16 H or 1A + 32/48 H).
If you look at the hexdump its evident.
55 45 30 32 45 38 41 36 | UE02E8A6.....
This U is for the key generated under LMK , I am talking about the key under ZMK.
Jul 14, 2015 at 10:51 AM
You are right. If you have downloaded it from download tab codes are different. Try to download from source code tab and build them. It should work. They are different then in the downloads tab.
Jul 14, 2015 at 11:20 AM
I have used the installable version. Will try building it and use. Thanks for the tip.
Jul 14, 2015 at 2:22 PM
What do you guys use to build, Visual Studio 2008 is no longer available and the 2013 community edition does not like the project format. I dont use the Dev Studio environment so any tips would be appreciated.