Cryptographic Token Interface Standard

PKCS#11


GOST 28147-89 domain parameter objects

GOST 28147-89 domain parameter objects (object class CKO_DOMAIN_PARAMETERS, key type CKK_GOST28147) hold GOST 28147-89 domain parameters.

The following table defines the GOST 28147-89 domain parameter object attributes, in addition to the common attributes defined for this object class:

Table 23, GOST 28147-89 Domain Parameter Object Attributes
Attribute Data Type Meaning
CKA_VALUE1
Byte array
DER-encoding of the domain parameters as it was introduced in [4] section 8.1 (type Gost28147-89-ParamSetParameters )
CKA_OBJECT_ID1
Byte array
DER-encoding of the object identifier indicating the domain parameters

Refer to Table 15 for footnotes

For any particular token, there is no guarantee that a token supports domain parameters loading up and/or fetching out. Furthermore, applications, that make direct use of domain parameters objects, should take in account that CKA_VALUE attribute may be inaccessible.

The following is a sample template for creating a GOST 28147-89 domain parameter object:

CK_OBJECT_CLASS class = CKO_DOMAIN_PARAMETERS;
CK_KEY_TYPE keyType = CKK_GOST28147;
CK_UTF8CHAR label[] = "A GOST 28147-89 cryptographic parameters object";
CK_BYTE oid[] = {0x06, 0x07, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x00};
CK_BYTE value[] = {
0x30,0x62,
0x04,0x40,
0x4c,0xde,0x38,0x9c,0x29,0x89,0xef,0xb6,0xff,0xeb,0x56,0xc5,0x5e,0xc2,0x9b,0x02,
0x98,0x75,0x61,0x3b,0x11,0x3f,0x89,0x60,0x03,0x97,0x0c,0x79,0x8a,0xa1,0xd5,0x5d,
0xe2,0x10,0xad,0x43,0x37,0x5d,0xb3,0x8e,0xb4,0x2c,0x77,0xe7,0xcd,0x46,0xca,0xfa,
0xd6,0x6a,0x20,0x1f,0x70,0xf4,0x1e,0xa4,0xab,0x03,0xf2,0x21,0x65,0xb8,0x44,0xd8,
0x02,0x01,0x00,
0x02,0x01,0x40,

0x30,0x0b,0x06,0x07,0x2a,0x85,0x03,0x02,0x02,0x0e,0x00,0x05,0x00

};
CK_BBOOL true = CK_TRUE;
CK_ATTRIBUTE template[] = {
{CKA_CLASS, &class, sizeof(class)},
{CKA_KEY_TYPE, &keyType, sizeof(keyType)},
{CKA_TOKEN, &true, sizeof(true)},
{CKA_LABEL, label, sizeof(label)-1},
{CKA_OBJECT_ID, oid, sizeof(oid)},
{CKA_VALUE, value, sizeof(value)}
};


RSA Security Inc. Public-Key Cryptography Standards - PKCS#11 - v230