Cryptographic Token Interface Standard

PKCS#11


Objects, attributes, and templates

In general, a Cryptoki function which requires a template for an object needs the template to specify"either explicitly or implicitly"any attributes that are not specified elsewhere. If a template specifies a particular attribute more than once, the function can return CKR_TEMPLATE_INVALID or it can choose a particular value of the attribute from among those specified and use that value. In any event, object attributes are always single-valued.


RSA Security Inc. Public-Key Cryptography Standards - PKCS#11 - v220