I bought a NitroKey HSM and manged to create an EC on it.
Now I want to derive a shared secret.
I found Pkcs11Interop, which seems to be the right tool for the job, but the handling is unclear.
A code snipplet or link to a working project would be very appreciated.
You can take a look at Pkcs11Admin application for a real world sample using Pkcs11Interop library.
As far as I remember NitroKey HSM should be used with OpenSC middleware so your unmanaged library implementing PKCS#11 API will be opensc-pkcs11.dll.
I believe these resources might be helpful for you:
- Getting started with Pkcs11Interop
- Pkcs11Interop code samples which contain also key derivation sample
- PKCS#11 specification
来源:https://stackoverflow.com/questions/42161179/how-to-use-pkcs11interop-with-an-nitrokey-hsm-to-derive-an-shared-secret-with-an