I am trying to use the gen_key_pair method from the python documentation and I am getting an error.
I am using the following code: zymkey.client.gen_key_pair(‘secp256k1’)
The key_type was found in the codebase as it is not documented so I am not sure if I am using the correct key_type.
The error is:
File “/usr/local/lib/python2.7/dist-packages/zymkey/module.py”, line 582, in gen_key_pair
raise AssertionError(‘bad return code %d’ % ret)
AssertionError: bad return code -1
Unfortunately, that also is not supported in the current product. It will be supported in the HSM6 product early 2021. Apologies that the python api doc needs updating. You can check function/method support in the C or C++ API document(s) for now.
@sanish - With the Zymkey, there are three private keys that remain in hardware from which you can generate a public key. The public key can also be saved to a file. This gives you a Public/Private key pair in which there is no way for someone to view the private key, unlike a software key that resides on a filesystem. See get_public_key() and create_public_key_file() in our API (python) doc.
We are close to releasing our HSM6 product which provides the same private key store and also allows the user to generate up to 512 of their own Public/Private key pairs. It also has storage for up to 128 foreign key pairs.
I did not understand what you meant about generating a public key from private key. My requirement from a keystore is to generate a new private and public key pair and replace it with old key pair, once in a day. Please confirm, if zymkey 4i has this capability or not. If not, then the api gen_key_pair is misleading, or atleast in documentation it should explicitly be mentioned that it is not supported.
The Zymkey 4i does not have the capability to do what you are asking. There are 3 private keys pre-programmed in manufacturing and you cannot change them. You would need the HSM6 which we are close to making available.
The documentation for gen_key_pair() references “(model >= HSM6)”, meaning it is not supported on the Zymkey or the HSM4; it requires an HSM6 or other future products. Thank you for the input that this is misleading. We will try and make that more clear in the future.