Getting key attributes of a versioned key
To retrieve key attributes of a versioned key
Call the I_C_GetKeyAttributes API. To retrieve information on the latest version, you can call the function as you do when using a non-versioned key. To retrieve information for a specific key, use the version number prefix (#n).
Example
rc = I_C_GetKeyAttributes(sess, my_versioned_key, &systemAttributeList,&customAttributeList);
rc = I_C_GetKeyAttributes(sess, "my_versioned_key#4", &systemAttributeList,&customAttributeList);
All attributes (except KeyVersionNumber and Fingerprint) are the same for all key versions.
This function returns the following values - in the system and custom attribute lists. The values specific to versioned keys are in bold.
| Attribute | Description |
|---|---|
| KeySize | The size of the key (in bits). |
| Algorithm | An algorithm that can be used with the key. Multiple instances may be present - one for each supported algorithm. |
| Fingerprint | A hash of the key bytes. |
| Versioned | Is this a versioned key? |
| KeyVersionNumber | The version number of this key. |
| NumKeyVersions | The total number of key versions for this key. |
| NumActiveVersions | The number of versions in the active state. |
| NumRestrictedVersions | The number of versions in the restricted state. |
| NumRetiredVersions | The number of versions in the retired state. |
| NumWipedVersions | The number of versions in the wiped state. |
| Deletable | Can this key be deleted? |
| Exportable | Can this key be exported? |
| Encrypt | Can session user encrypt with this key? |
| Decrypt | Can session user decrypt with this key? |
| Sign | Can session user sign with this key? |
| SignV | Can session user verify signature with this key? |
| MAC | Can session user compute a MAC with this key? |
| MACV | Can session user verify a MAC with this key? |
| UsePrivate | Can session user decrypt with the private key? |
| UsePublic | Can session user encrypt with this public key? |
| CustomAttributeList | The list of custom attributes, if they exist. |
