CMS Signature Mechanism Objects

These objects provide information relating to the CKM_CMS_SIG mechanism. CKM_CMS_SIG mechanism object attributes represent information about supported CMS signature attributes in the token. They are only present on tokens supporting the CKM_CMS_SIG mechanism, but must be present on those tokens.

Table 145, CMS Signature Mechanism Object Attributes
Attribute Data type Meaning

CKA_REQUIRED_CMS_ATTRIBUTES Byte array Attributes the token always will include in the set of CMS signed attributes

CKA_DEFAULT_CMS_ATTRIBUTES Byte array Attributes the token will include in the set of CMS signed attributes in the absence of any attributes specified by the application

CKA_SUPPORTED_CMS_ATTRIBUTES Byte array Attributes the token may include in the set of CMS signed attributes upon request by the application

The contents of each byte array will be a DER-encoded list of CMS Attributes with optional accompanying values. Any attributes in the list shall be identified with its object identifier, and any values shall be DER-encoded. The list of attributes is defined in ASN.1 as:

Attributes ::= SET SIZE (1..MAX) OF Attribute
Attribute ::= SEQUENCE {
attrType OBJECT IDENTIFIER,
attrValues SET OF ANY DEFINED BY OBJECT IDENTIFIER OPTIONAL
}

The client may not set any of the attributes.

RSA Security Inc. Public-Key Cryptography Standards - PKCS#11 - v220

Attribute	Data type	Meaning
CKA_REQUIRED_CMS_ATTRIBUTES	Byte array	Attributes the token always will include in the set of CMS signed attributes
CKA_DEFAULT_CMS_ATTRIBUTES	Byte array	Attributes the token will include in the set of CMS signed attributes in the absence of any attributes specified by the application
CKA_SUPPORTED_CMS_ATTRIBUTES	Byte array	Attributes the token may include in the set of CMS signed attributes upon request by the application