Attribute Key Types
Summary of PKCS #11 attributes and its key types.
Following are the attributes supported in PKCS #11 standard to perform cryptographic operations:
Attribute |
Key Type |
||||
---|---|---|---|---|---|
EC Private |
EC Public |
RSA Private |
RSA Public |
AES |
|
CKA Class | yes | yes | yes | yes | yes |
CKA_KEY_TYPE | yes | yes | yes | yes | yes |
CKA_LABEL | yes | yes | yes | yes | yes |
CKA_ID | yes | yes | yes | yes | yes |
CKA_LOCAL | yes | yes | yes | yes | yes |
CKA_TOKEN | yes | yes | yes | yes | yes |
CKA_PRIVATE | yes | yes | yes | yes | yes |
CKA_ENCRYPT | No | No | No | yes | yes |
CKA_DECRYPT | No | No | yes | No | yes |
CKA_DERIVE | yes | yes | yes | yes | yes |
CKA_MODIFIABLE | yes | yes | yes | yes | yes |
CKA_DESTROYABLE | yes | yes | yes | yes | yes |
CKA_SIGN | yes | No | yes | No | yes |
CKA_SIGN_RECOVER | No | No | yes | No | No |
CKA_VERIFY | No | yes | No | yes | yes |
CKA_VERIFY_RECOVER | No | No | No | yes | No |
CKA_WRAP | No | No | No | yes | yes |
CKA_WRAP_TEMPLATE | No | yes | No | yes | yes |
CKA_TRUSTED | No | yes | No | yes | yes |
CKA_WRAP_WITH_TRUSTED | yes | No | yes | No | yes |
CKA_UNWRAP | No | No | yes | No | yes |
CKA_UNWRAP_TEMPLATE | yes | No | yes | No | yes |
CKA_SENSITIVE | yes | No | yes | No | yes |
CKA_EXTRACTABLE | yes | No | yes | No | yes |
CKA_NEVER_EXTRACTABLE | yes | No | yes | No | yes |
CKA_ALWAYS_SENSITIVE | R | R | R | R | R |
CKA_MODULUS | No | No | yes | yes | No |
CKA_MODULUS_BITS | No | No | No | yes | No |
CKA_PRIME_1 | No | No | S | No | No |
CKA_PRIME_2 | No | No | S | No | No |
CKA_COEFFICIENT | No | No | S | ||
CKA_EXPONENT_1 | No | No | S | No | No |
CKA_EXPONENT_2 | No | No | S | No | No |
CKA_PRIVATE_EXPONENT | No | No | S | No | No |
CKA_PUBLIC_EXPONENT | No | yes | yes | yes | |
CKA_EC_PARAMS | Yes | yes | No | No | No |
CKA_EC_POINT | No | yes | No | No | No |
CKA_VALUE | S | No | No | No | yes |
CKA_VALUE_LEN | No | No | No | No | yes |
CKA_CHECK_VALUE | yes | yes | yes | yes | yes |