Cryptographic Token Interface Standard |
PKCS#11 |
Table 15, Common footnotes for object attribute tables
Footnote | Meaning |
1 | Must be specified when object is created with C_CreateObject. |
2 | Must not be specified when object is created with C_CreateObject. |
3 | Must be specified when object is generated with C_GenerateKey or C_GenerateKeyPair. |
4 | Must not be specified when object is generated with C_GenerateKey or C_GenerateKeyPair. |
5 | Must be specified when object is unwrapped with C_UnwrapKey. |
6 | Must not be specified when object is unwrapped with C_UnwrapKey. |
7 | Cannot be revealed if object has its CKA_SENSITIVE attribute set to CK_TRUE or its CKA_EXTRACTABLE attribute set to CK_FALSE. |
8 | May be modified after object is created with a C_SetAttributeValue call, or in the process of copying object with a C_CopyObject call. However, it is possible that a particular token may not permit modification of the attribute during the course of a C_CopyObject call. |
9 | Default value is token-specific, and may depend on the values of other attributes. |
10 | Can only be set to CK_TRUE by the SO user. |
11 | Attribute cannot be changed once set to CK_TRUE. It becomes a read only attribute. |
12 | Attribute cannot be changed once set to CK_FALSE. It becomes a read only attribute. |
Table 16, Common Object Attributes
Attribute | Data Type | Meaning |
CKA_CLASS1 | CK_OBJECT_CLASS | Object class (type) |
- Refer to Table 15 for footnotes
The above table defines the attributes common to all objects.