The following figure illustrates details of key objects:
Figure 6, Key Attribute Detail
Key objects hold encryption or authentication keys, which can be public keys, private keys, or secret keys. The following common footnotes apply to all the tables describing attributes of keys:
1 Must be specified when object is created with C_CreateObject.
2 Must not be specified when object is created with C_CreateObject.
3 Must be specified when object is generated with C_GenerateKey or C_GenerateKeyPair.
4 Must not be specified when object is generated with C_GenerateKey or C_GenerateKeyPair.
5 Must be specified when object is unwrapped with C_UnwrapKey.
6 Must not be specified when object is unwrapped with C_Unwrap.
7 Cannot be revealed if object has its CKA_SENSITIVE attribute set to TRUE or its attribute set to FALSE.
8 May be modified after object is created with a C_SetAttributeValue call, or in the process of copying object with a C_CopyObject call. As mentioned previously, however, it is possible that a particular token may not permit modification of the attribute, or may not permit modification of the attribute during the course of a C_CopyObject call.
9 Default value is token-specific, and may depend on the values of other attributes.
|
The following table defines the attributes common to public key, private key and secret key classes, in addition to the common attributes listed in Table 14:
Table 19, Common Key Attributes
Share with your friends: |
