Storage Objects

Table 1: Common Storage Object Attributes

Attribute

Data Type

Meaning
CKA_TOKEN CK_BBOOL

TRUE if object is a token object.  FALSE if object is a session object.  Default is FALSE.

CKA_PRIVATE CK_BBOOL

TRUE if object is a private object.  FALSE if object is a public object.  Default value is token-specific, and may depend on the values of other attributes of the object.

CKA_MODIFIABLE CK_BBOOL

TRUE if object can be modified. FALSE if object can not be modified.  Default is TRUE.

CKA_LABEL

RFC2279 string

Description of the object.  Default is empty.

Only the CKA_LABEL attribute can be modified after the object is created. The CKA_TOKEN, CKA_PRIVATE, and CKA_MODIFIABLE attributes can be changed in the process of copying an object.

The CKA_TOKEN attribute identifies whether the object is a token object or a session object.

When the CKA_PRIVATE attribute is TRUE, a user may not access the object until the user has been authenticated to the token.

The value of the CKA_MODIFIABLE attribute determines whether or not an object is read-only.

SafeNet ProtectToolkit-C unmodifiable objects can be deleted.  Objects may, however, specify CKA_DELETABLE to FALSE, for token objects only, in which case the object may not be deleted using the C_DestroyObject function.  Only by re-initializing the token can the object be destroyed.

The CKA_LABEL attribute is intended to assist users in browsing.


Customer Support Portal

SafeNet ProtectToolkit 5.5 Product Documentation  08 January 2020  Copyright 2009-2020 Gemalto. All rights reserved.