Storage Objects
Only the CKA_LABEL
attribute can be modified after the object is created. The CKA_TOKEN
, CKA_PRIVATE
, and CKA_MODIFIABLE
attributes can be changed in the process of copying an object.
The CKA_TOKEN
attribute identifies whether the object is a token object or a session object.
When the CKA_PRIVATE
attribute is TRUE
, a user may not access the object until the user has been authenticated to the token.
The value of the CKA_MODIFIABLE
attribute determines whether or not an object is read-only.
ProtectToolkit-C unmodifiable objects can be deleted. Objects may, however, specify CKA_DELETABLE
to FALSE
, for token objects only, in which case the object may not be deleted using the C_DestroyObject function. Only by re-initializing the token can the object be destroyed.
The CKA_LABEL
attribute is intended to assist users in browsing.