![]() | Cryptographic Token Interface Standard |
PKCS#11 |
GOST 28147-89 domain parameter objects (object class CKO_DOMAIN_PARAMETERS, key type CKK_GOST28147) hold GOST 28147-89 domain parameters.
The following table defines the GOST 28147-89 domain parameter object attributes, in addition to the common attributes defined for this object class:
Table 3, GOST 28147-89 Domain Parameter Object Attributes
Attribute | Data Type | Meaning |
CKA_VALUE1 | DER-encoding of the domain parameters as it was introduced in [4] section 8.1 (type Gost28147-89-ParamSetParameters ) | |
CKA_OBJECT_ID1 | DER-encoding of the object identifier indicating the domain parameters |
Refer to [PKCS #11-B] Table 15 for footnotes
For any particular token, there is no guarantee that a token supports domain parameters loading up and/or fetching out. Furthermore, applications, that make direct use of domain parameters objects, should take in account that CKA_VALUE attribute may be inaccessible.
The following is a sample template for creating a GOST 28147-89 domain parameter object:
CK_OBJECT_CLASS class = CKO_DOMAIN_PARAMETERS; CK_KEY_TYPE keyType = CKK_GOST28147; CK_UTF8CHAR label[] = "A GOST 28147-89 cryptographic parameters object"; CK_BYTE oid[] = {0x06, 0x07, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x00}; CK_BYTE value[] = { 0x30,0x62, 0x04,0x40, 0x4c,0xde,0x38,0x9c,0x29,0x89,0xef,0xb6,0xff,0xeb,0x56,0xc5,0x5e,0xc2,0x9b,0x02, 0x98,0x75,0x61,0x3b,0x11,0x3f,0x89,0x60,0x03,0x97,0x0c,0x79,0x8a,0xa1,0xd5,0x5d, 0xe2,0x10,0xad,0x43,0x37,0x5d,0xb3,0x8e,0xb4,0x2c,0x77,0xe7,0xcd,0x46,0xca,0xfa, 0xd6,0x6a,0x20,0x1f,0x70,0xf4,0x1e,0xa4,0xab,0x03,0xf2,0x21,0x65,0xb8,0x44,0xd8, 0x02,0x01,0x00, 0x02,0x01,0x40,
0x30,0x0b,0x06,0x07,0x2a,0x85,0x03,0x02,0x02,0x0e,0x00,0x05,0x00
}; CK_BBOOL true = CK_TRUE; CK_ATTRIBUTE template[] = { {CKA_CLASS, &class, sizeof(class)}, {CKA_KEY_TYPE, &keyType, sizeof(keyType)}, {CKA_TOKEN, &true, sizeof(true)}, {CKA_LABEL, label, sizeof(label)-1}, {CKA_OBJECT_ID, oid, sizeof(oid)}, {CKA_VALUE, value, sizeof(value)} };