Data objects (object class CKO_DATA) hold information defined by an application. Other than providing access to it, Cryptoki does not attach any special meaning to a data object. The following table lists the attributes supported by data objects, in addition to the common attributes listed in Table 14:
Table 15, Data Object Attributes
Attribute
|
Data type
|
Meaning
|
CKA_APPLICATION
|
Local string
|
Description of the application that manages the object (default empty)
|
CKA_VALUE
|
Byte array
|
Value of the object (default empty)
|
Both of these attributes may be modified after the object is created.
The CKA_APPLICATION attribute provides a means for applications to indicate ownership of the data objects they manage. Cryptoki does not provide a means of ensuring that only a particular application has access to a data object, however.
The following is a sample template containing attributes for creating a data object:
CK_OBJECT_CLASS class = CKO_DATA;
CK_CHAR label[] = “A data object”;
CK_CHAR application[] = “An application”;
CK_BYTE data[] = “Sample data”;
CK_BBOOL true = TRUE;
CK_ATTRIBUTE template[] = {
{CKA_CLASS, &class, sizeof(class)},
{CKA_TOKEN, &true, sizeof(true)},
{CKA_LABEL, label, sizeof(label)},
{CKA_APPLICATION, application, sizeof(application)},
{CKA_VALUE, data, sizeof(data)}
};
Share with your friends: |
