Data Objects

Data objects (object class CKO_DATA) hold information defined by an application.  Other than providing access to it, Cryptoki does not attach any special meaning to a data object.  The following table lists the attributes supported by data objects, in addition to the common attributes listed in Common Object Attributes and Common Storage Object Attributes:

Table 1: Data Object Attributes

Attribute

Data Type

Meaning
CKA_APPLICATION

RFC2279 string

Description of the application that manages the object (default empty)

CKA_OBJECT_ID

Byte Array

DER-encoding of the object identifier indicating the data object type (default empty)

CKA_VALUE

Byte array

Value of the object (default empty)

Each of these attributes may be modified after the object is created.

The CKA_APPLICATION attribute provides a means for applications to indicate ownership of the data objects they manage.  However, Cryptoki does not provide a means of ensuring that only a particular application has access to a data object.

The CKA_OBJECT_ID attribute provides an independent and expandable way for an application to indicate the type of a data object.  Cryptoki does not provide a means of ensuring that the data object identifier matches the data object type.


Customer Support Portal

SafeNet ProtectToolkit 5.5 Product Documentation  08 January 2020  Copyright 2009-2020 Gemalto. All rights reserved.