Using CKM_AES_KW with and without VALUE_LEN
Historically in Luna HSMs, CKM_AES_KW has required CKA_VALUE_LEN. Regarding standards compliance, the following observations are notable.
For PKCS#11 v3.0 – AES Key Wrap, CKA_VALUE_LEN is not needed — the size can be inferred from the wrapped data itself.
Some customers have adopted procedures conforming to that aspect of v3.0.
For PKCS#11 v2.40, v3.1 and v3.2, the AES key wrap (CKM_AES_KW) the HSM operation requires the CKA_VALUE_LEN attribute.
Beginning with firmware version 7.9.3 and client UC 10.9.3 both options are supported.
Example: Unwrap a 32 byte AES key with the AES-KW mechanism without providing a key length
NOTE The CKDemo prompt "Do you wish to explicitly specify the key length in the template - Yes[1] No[0] : 1" was added to the unwrap step for AES-KW and ARIA; otherwise, it does not appear.
The option to include VALUE_LEN, or not, is provided by firmware version 7.9.3, so you can code your calls to CKM_AES_KW with or without VALUE_LEN specified; there is no dependency on Client version, except to see the prompt in CKDemo.
1. Create two AES 32 byte keys
Enter your choice : 45 Select type of key to generate [ 1] DES [ 2] DES2 [ 3] DES3 [ 5] CAST3 [ 6] Generic [ 7] RSA [ 8] DSA [ 9] DH [10] CAST5 [11] RC2 [12] RC4 [13] RC5 [14] SSL3 [15] ECDSA [16] AES [17] SEED [18] KCDSA-1024 [19] KCDSA-2048 [20] DSA Domain Param [21] KCDSA Domain Param [22] RSA X9.31 [23] DH X9.42 [24] ARIA [25] DH PKCS Domain Param [26] RSA 186-3 Aux Primes [27] RSA 186-3 Primes [28] DH X9.42 Domain Param [29] ECDSA with Extra Bits [30] EC Edwards 25519 [31] EC Montgomery 25519 [32] EC Edwards 448 [33] EC Montgomery 448 [40] SM4 [41] SM2 [42] HSS [43] ML-KEM [44] ML-DSA > 16 Enter Key Length in bytes (16, 24, 32): 32 Enter Is Token Attribute [0-1]: 1 Enter Is Sensitive Attribute [0-1]: 1 Enter Is Private Attribute [0-1]: 1 Enter Is Modifiable Attribute [0-1]: 1 Enter Encrypt Attribute [0-1]: 1 Enter Decrypt Attribute [0-1]: 1 Enter Sign Attribute [0-1]: 1 Enter Verify Attribute [0-1]: 1 Enter Wrap Attribute [0-1]: 1 Enter Unwrap Attribute [0-1]: 1 Enter Derive Attribute [0-1]: 1 Enter Extractable Attribute [0-1]: 1 Generated AES Key: 61 (0x0000003d) Status: Doing great, no errors (CKR_OK)
2.Second key
Status: Doing great, no errors (CKR_OK) Enter your choice : 45 Select type of key to generate [ 1] DES [ 2] DES2 [ 3] DES3 [ 5] CAST3 [ 6] Generic [ 7] RSA [ 8] DSA [ 9] DH [10] CAST5 [11] RC2 [12] RC4 [13] RC5 [14] SSL3 [15] ECDSA [16] AES [17] SEED [18] KCDSA-1024 [19] KCDSA-2048 [20] DSA Domain Param [21] KCDSA Domain Param [22] RSA X9.31 [23] DH X9.42 [24] ARIA [25] DH PKCS Domain Param [26] RSA 186-3 Aux Primes [27] RSA 186-3 Primes [28] DH X9.42 Domain Param [29] ECDSA with Extra Bits [30] EC Edwards 25519 [31] EC Montgomery 25519 [32] EC Edwards 448 [33] EC Montgomery 448 [40] SM4 [41] SM2 [42] HSS [43] ML-KEM [44] ML-DSA > 16 Enter Key Length in bytes (16, 24, 32): 32 Enter Is Token Attribute [0-1]: 1 Enter Is Sensitive Attribute [0-1]: 1 Enter Is Private Attribute [0-1]: 1 Enter Is Modifiable Attribute [0-1]: 1 Enter Encrypt Attribute [0-1]: 1 Enter Decrypt Attribute [0-1]: 1 Enter Sign Attribute [0-1]: 1 Enter Verify Attribute [0-1]: 1 Enter Wrap Attribute [0-1]: 1 Enter Unwrap Attribute [0-1]: 1 Enter Derive Attribute [0-1]: 1 Enter Extractable Attribute [0-1]: 1 Generated AES Key: 53 (0x00000035) Status: Doing great, no errors (CKR_OK)
3. Wrap the AES key with AES-KW mechanism
Status: Doing great, no errors (CKR_OK) Enter your choice : 60 [1]DES-ECB [2]DES-CBC [3]DES3-ECB [4]DES3-CBC [7]CAST3-ECB [8]CAST3-CBC [9]RSA [10]TRANSLA [11]DES3-CBC-PAD [12]DES3-CBC-PAD-IPSEC [13]SEED-ECB [14]SEED-CBC [15]SEED-CBC-PAD [16]DES-CBC-PAD [17]CAST3-CBC-PAD [18]CAST5-CBC-PAD [19]AES-ECB [20]AES-CBC [21]AES-CBC-PAD [22]AES-CBC-PAD-IPSEC [23]ARIA-ECB [24]ARIA-CBC [25]ARIA-CBC-PAD [26]RSA_OAEP [27]SET_OAEP [28]AES-CTR [29]DES3-CTR [30]AES-KW [31]AES-KWP [34]AES-KEY-WRAP [35]AES-GCM [36]AES_CBC_CMAC_WRAP Select mechanism for wrapping: 30 Use external IV? [0 = no, 1 = yes]: 0 Enter handle of wrapping key (0 to list available objects) : 0 handle 53 (0x00000035) -- label: Generated AES Key handle 61 (0x0000003d) -- label: Generated AES Key Number of objects found = 2 Enter handle of wrapping key (0 to list available objects) : 53 Enter handle of key to wrap (0 to list available objects) : 61 Wrapped key was saved in file wrapped.key Status: Doing great, no errors (CKR_OK))
4. Unwrap AES key without key length specified. Note the highlighted prompt, below.
Status: Doing great, no errors (CKR_OK)
Enter your choice : 61
[1]DES-ECB [2]DES-CBC [3]DES3-ECB [4]DES3-CBC
[7]CAST3-ECB [8]CAST3-CBC
[9]RSA [10]TRANSLA [11]DES3-CBC-PAD [12]DES3-CBC-PAD-IPSEC
[13]SEED-ECB [14]SEED-CBC [15]SEED-CBC-PAD [16]DES-CBC-PAD
[17]CAST3-CBC-PAD [18]CAST5-CBC-PAD [19]AES-ECB [20]AES-CBC
[21]AES-CBC-PAD [22]AES-CBC-PAD-IPSEC [23]ARIA-ECB [24]ARIA-CBC
[25]ARIA-CBC-PAD [26]RSA_OAEP [27]SET_OAEP [28]AES-CTR
[29]DES3-CTR [30]AES-KW [31]AES-KWP [34]AES-KEY-WRAP
[35]AES-GCM [36]AES_CBC_CMAC_WRAP
Select mechanism for unwrapping: 30
Use external IV? [0 = no, 1 = yes]: 0
Type of key to be unwrapped
DES[1] DES2[2] DES3[3]
RSA Private[4] DSA Private[5] DH Private[6]
ECDSA Private[7] SEED[8] AES[9]
ARIA[10] GENERIC Secret[11] KCDSA Private[12]
X9.42 DH Private[13] EC Edwards Private[14] ECMONT Private[15]
BIP32/SLIP10 Private [16]
RC2[17] RC4[18] RC5[19]
CAST-3[20] CAST-5[21]
ML-KEM[22] ML-DSA[23]
9
Do you wish to explicitly specify the key length in the template - Yes[1] No[0] : 0
Token attribute [0-1]: 1
Sensitive attribute [0-1]: 1
Private attribute [0-1]: 1
Encrypt attribute [0-1]: 1
Sign attribute [0-1]: 1
Wrap attribute [0-1]: 1
Derive attribute [0-1]: 1
Modifiable attribute [0-1]: 1
Extractable attribute [0-1]: 1
Enter handle of unwrapping key (0 to list available objects) : 0
handle 53 (0x00000035) -- label: Generated AES Key
handle 61 (0x0000003d) -- label: Generated AES Key
Number of objects found = 2
Enter handle of unwrapping key (0 to list available objects) : 53
Enter filename with key to unwrap: wrapped.key
Unwrapped key is 85 (0x00000055)
Status: Doing great, no errors (CKR_OK)
The same could be repeated with a 16 or 24 byte AES key to wrap and unwrap without specifying key length.
Example: Unwrap AES key with AES-KW mechanism when key length is specified (showing that firmware 7.9.3 and newer works as before)
1.Create two AES 32 byte keys.
Enter your choice : 45 Select type of key to generate [ 1] DES [ 2] DES2 [ 3] DES3 [ 5] CAST3 [ 6] Generic [ 7] RSA [ 8] DSA [ 9] DH [10] CAST5 [11] RC2 [12] RC4 [13] RC5 [14] SSL3 [15] ECDSA [16] AES [17] SEED [18] KCDSA-1024 [19] KCDSA-2048 [20] DSA Domain Param [21] KCDSA Domain Param [22] RSA X9.31 [23] DH X9.42 [24] ARIA [25] DH PKCS Domain Param [26] RSA 186-3 Aux Primes [27] RSA 186-3 Primes [28] DH X9.42 Domain Param [29] ECDSA with Extra Bits [30] EC Edwards 25519 [31] EC Montgomery 25519 [32] EC Edwards 448 [33] EC Montgomery 448 [40] SM4 [41] SM2 [42] HSS [43] ML-KEM [44] ML-DSA > 16 Enter Key Length in bytes (16, 24, 32): 32 Enter Is Token Attribute [0-1]: 1 Enter Is Sensitive Attribute [0-1]: 1 Enter Is Private Attribute [0-1]: 1 Enter Is Modifiable Attribute [0-1]: 1 Enter Encrypt Attribute [0-1]: 1 Enter Decrypt Attribute [0-1]: 1 Enter Sign Attribute [0-1]: 1 Enter Verify Attribute [0-1]: 1 Enter Wrap Attribute [0-1]: 1 Enter Unwrap Attribute [0-1]: 1 Enter Derive Attribute [0-1]: 1 Enter Extractable Attribute [0-1]: 1 Generated AES Key: 21 (0x00000015) Status: Doing great, no errors (CKR_OK)
2. Second key
Status: Doing great, no errors (CKR_OK) Enter your choice : 45 Select type of key to generate [ 1] DES [ 2] DES2 [ 3] DES3 [ 5] CAST3 [ 6] Generic [ 7] RSA [ 8] DSA [ 9] DH [10] CAST5 [11] RC2 [12] RC4 [13] RC5 [14] SSL3 [15] ECDSA [16] AES [17] SEED [18] KCDSA-1024 [19] KCDSA-2048 [20] DSA Domain Param [21] KCDSA Domain Param [22] RSA X9.31 [23] DH X9.42 [24] ARIA [25] DH PKCS Domain Param [26] RSA 186-3 Aux Primes [27] RSA 186-3 Primes [28] DH X9.42 Domain Param [29] ECDSA with Extra Bits [30] EC Edwards 25519 [31] EC Montgomery 25519 [32] EC Edwards 448 [33] EC Montgomery 448 [40] SM4 [41] SM2 [42] HSS [43] ML-KEM [44] ML-DSA > 16 Enter Key Length in bytes (16, 24, 32): 32 Enter Is Token Attribute [0-1]: 1 Enter Is Sensitive Attribute [0-1]: 1 Enter Is Private Attribute [0-1]: 1 Enter Is Modifiable Attribute [0-1]: 1 Enter Encrypt Attribute [0-1]: 1 Enter Decrypt Attribute [0-1]: 1 Enter Sign Attribute [0-1]: 1 Enter Verify Attribute [0-1]: 1 Enter Wrap Attribute [0-1]: 1 Enter Unwrap Attribute [0-1]: 1 Enter Derive Attribute [0-1]: 1 Enter Extractable Attribute [0-1]: 1 Generated AES Key: 53 (0x00000035) Status: Doing great, no errors (CKR_OK)
3.Wrap the AES key with AES-KW mechanism
Status: Doing great, no errors (CKR_OK) Enter your choice : 60 [1]DES-ECB [2]DES-CBC [3]DES3-ECB [4]DES3-CBC [7]CAST3-ECB [8]CAST3-CBC [9]RSA [10]TRANSLA [11]DES3-CBC-PAD [12]DES3-CBC-PAD-IPSEC [13]SEED-ECB [14]SEED-CBC [15]SEED-CBC-PAD [16]DES-CBC-PAD [17]CAST3-CBC-PAD [18]CAST5-CBC-PAD [19]AES-ECB [20]AES-CBC [21]AES-CBC-PAD [22]AES-CBC-PAD-IPSEC [23]ARIA-ECB [24]ARIA-CBC [25]ARIA-CBC-PAD [26]RSA_OAEP [27]SET_OAEP [28]AES-CTR [29]DES3-CTR [30]AES-KW [31]AES-KWP [34]AES-KEY-WRAP [35]AES-GCM [36]AES_CBC_CMAC_WRAP Select mechanism for wrapping: 30 Use external IV? [0 = no, 1 = yes]: 0 Enter handle of wrapping key (0 to list available objects) : 0 handle 21 (0x0000003d) -- label: Generated AES Key handle 53 (0x00000035) -- label: Generated AES Key Number of objects found = 2 Enter handle of wrapping key (0 to list available objects) : 53 Enter handle of key to wrap (0 to list available objects) : 21 Wrapped key was saved in file wrapped.key Status: Doing great, no errors (CKR_OK))
4. Unwrap AES key without key length specified. Note the highlighted prompt, below.
Status: Doing great, no errors (CKR_OK)
Enter your choice : 61
[1]DES-ECB [2]DES-CBC [3]DES3-ECB [4]DES3-CBC
[7]CAST3-ECB [8]CAST3-CBC
[9]RSA [10]TRANSLA [11]DES3-CBC-PAD [12]DES3-CBC-PAD-IPSEC
[13]SEED-ECB [14]SEED-CBC [15]SEED-CBC-PAD [16]DES-CBC-PAD
[17]CAST3-CBC-PAD [18]CAST5-CBC-PAD [19]AES-ECB [20]AES-CBC
[21]AES-CBC-PAD [22]AES-CBC-PAD-IPSEC [23]ARIA-ECB [24]ARIA-CBC
[25]ARIA-CBC-PAD [26]RSA_OAEP [27]SET_OAEP [28]AES-CTR
[29]DES3-CTR [30]AES-KW [31]AES-KWP [34]AES-KEY-WRAP
[35]AES-GCM [36]AES_CBC_CMAC_WRAP
Select mechanism for unwrapping: 30
Use external IV? [0 = no, 1 = yes]: 0
Type of key to be unwrapped
DES[1] DES2[2] DES3[3]
RSA Private[4] DSA Private[5] DH Private[6]
ECDSA Private[7] SEED[8] AES[9]
ARIA[10] GENERIC Secret[11] KCDSA Private[12]
X9.42 DH Private[13] EC Edwards Private[14] ECMONT Private[15]
BIP32/SLIP10 Private [16]
RC2[17] RC4[18] RC5[19]
CAST-3[20] CAST-5[21]
ML-KEM[22] ML-DSA[23]
9
Do you wish to explicitly specify the key length in the template - Yes[1] No[0] : 1
Token attribute [0-1]: 1
Sensitive attribute [0-1]: 1
Private attribute [0-1]: 1
Encrypt attribute [0-1]: 1
Sign attribute [0-1]: 1
Wrap attribute [0-1]: 1
Derive attribute [0-1]: 1
Modifiable attribute [0-1]: 1
Extractable attribute [0-1]: 1
Enter handle of unwrapping key (0 to list available objects) : 0
handle 53 (0x00000035) -- label: Generated AES Key
handle 61 (0x0000003d) -- label: Generated AES Key
Number of objects found = 2
Enter handle of unwrapping key (0 to list available objects) : 53
Enter the length in bytes of the key being unwrapped [0-4096]: 32
Enter filename with key to unwrap: wrapped.key
Unwrapped key is 85 (0x00000055)
Status: Doing great, no errors (CKR_OK)