PKCS#11
|
| Cryptographic Token Interface Standard |
PKCS#11 |
Sections | |
| DSA domain parameter objects | |
| Diffie-Hellman domain parameter objects | |
| X9.42 Diffie-Hellman domain parameters objects | |
The following figure illustrates details of domain parameter objects:
Domain parameter objects (object class CKO_DOMAIN_PARAMETERS) hold public domain parameters. This version of Cryptoki recognizes the following types of domain parameters: DSA, Diffie-Hellman, and X9.42 Diffie-Hellman. The following common footnotes apply to all the tables describing attributes of domain parameters:
Table 59, Common footnotes for domain parameter attribute tables
| Footnote | Meaning |
| 1 | Must be specified when object is created with C_CreateObject. |
| 2 | Must not be specified when object is created with C_CreateObject. |
| 3 | Must be specified when object is generated with C_GenerateKey. |
| 4 | Must not be specified when object is generated with C_GenerateKey. |
The following table defines the attributes common to domain parameter objects in addition to the common attributes listed in Table 15 and Table 19 :
Table 60, Common Domain Parameter Attributes
| Attribute | Data Type | Meaning |
| CKA_KEY_TYPE1 | CK_KEY_TYPE | Type of key the domain parameters can be used to generate. |
| CKA_LOCAL2,4 | CK_BBOOL | TRUE only if domain parameters were either * generated locally (i.e., on the token) with a C_GenerateKey * created with a C_CopyObject call as a copy of domain parameters which had its CKA_LOCAL attribute set to TRUE |
The CKA_LOCAL attribute has the value TRUE if and only if the value of the domain parameters were originally generated on the token by a C_GenerateKey call.