![]() | Cryptographic Token Interface Standard |
PKCS#11 |
GOST 28147-89 secret key objects (object class CKO_SECRET_KEY, key type CKK_GOST28147) hold GOST 28147-89 keys. The following table defines the GOST 28147-89 secret key object attributes, in addition to the common attributes defined for this object class:
Table 22, GOST 28147-89 Secret Key Object Attributes
Attribute | Data type | Meaning |
CKA_VALUE1,4,6,7 | Byte array | 32 bytes in little endian order |
CKA_GOST28147_PARAMS1,3,5 | Byte array | DER-encoding of the object identifier indicating the data object type of GOST 28147-89. When key is used the domain parameter object of key type CKK_GOST28147 must be specified with the same attribute CKA_OBJECT_ID |
Refer to Table 15 for footnotes
The following is a sample template for creating a GOST 28147-89 secret key object:
CK_OBJECT_CLASS class = CKO_SECRET_KEY; CK_KEY_TYPE keyType = CKK_GOST28147; CK_UTF8CHAR label[] = "A GOST 28147-89 secret key object"; CK_BYTE value[32] = {...}; CK_BYTE params_oid[] = {0x06, 0x07, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x00}; CK_BBOOL true = CK_TRUE; CK_ATTRIBUTE template[] = { {CKA_CLASS, &class, sizeof(class)}, {CKA_KEY_TYPE, &keyType, sizeof(keyType)}, {CKA_TOKEN, &true, sizeof(true)}, {CKA_LABEL, label, sizeof(label)-1}, {CKA_ENCRYPT, &true, sizeof(true)}, {CKA_GOST28147_PARAMS, params_oid, sizeof(params_oid)}, {CKA_VALUE, value, sizeof(value)} };