PKCS#11
|
| Cryptographic Token Interface Standard |
PKCS#11 |
Sections | |
| RSA private key objects | |
| DSA private key objects | |
| ECDSA private key objects | |
| Diffie-Hellman private key objects | |
| KEA private key objects | |
Private key objects (object class CKO_PRIVATE_KEY) hold private keys. This version of Cryptoki recognizes five types of private key: RSA, DSA, ECDSA, Diffie-Hellman, and KEA. The following table defines the attributes common to all private keys, in addition to the common attributes listed in Table 14 and Table 19 :
Table 26, Common Private Key Attributes
| Attribute | Data type | Meaning |
| CKA_SUBJECT8 | Byte array | DER-encoding of certificate subject name (default empty) |
| CKA_SENSITIVE8 (see below) | CK_BBOOL | TRUE if key is sensitive9 |
| CKA_DECRYPT8 | CK_BBOOL | TRUE if key supports decryption9 |
| CKA_SIGN8 | CK_BBOOL | TRUE if key supports signatures where the signature is an appendix to the data9 |
| CKA_SIGN_RECOVER8 | CK_BBOOL | TRUE if key supports signatures where the data can be recovered from the signature9 |
| CKA_UNWRAP8 | CK_BBOOL | TRUE if key supports unwrapping (i.e., can be used to unwrap other keys)9 |
| CKA_EXTRACTABLE8 (see below) | CK_BBOOL | TRUE if key is extractable9 |
| CKA_ALWAYS_SENSITIVE2,4,6 | CK_BBOOL | TRUE if key has always had the CKA_SENSITIVE attribute set to TRUE |
| CKA_NEVER_EXTRACTABLE2,4,6 | CK_BBOOL | TRUE if key has never had the CKA_EXTRACTABLE attribute set to TRUE |
After an object is created, the CKA_SENSITIVE attribute may be changed, but only to the value TRUE. Similarly, after an object is created, the CKA_EXTRACTABLE attribute may be changed, but only to the value FALSE. Attempts to make other changes to the values of these attributes should return the error code CKR_ATTRIBUTE_READ_ONLY.
If the CKA_SENSITIVE attribute is TRUE, or if the CKA_EXTRACTABLE attribute is FALSE, then certain attributes of the private key cannot be revealed in plaintext outside the token. Which attributes these are is specified for each type of private key in the attribute table in the section describing that type of key.
If the CKA_EXTRACTABLE attribute is FALSE, then the key cannot be wrapped.
It is intended in the interests of interoperability that the subject name and key identifier for a private key will be the same as those for the corresponding certificate and public key. However, this is not enforced by Cryptoki, and it is not required that the certificate and public key also be stored on the token.