RSA SecurID

RSA SecurID secret key objects (object class CKO_OTP_KEY, key type CKK_SECURID) hold RSA SecurID secret keys. The following table defines the RSA SecurID secret key object attributes, in addition to the common attributes defined for this object class:

Table 90: RSA SecurID secret key object attributes

Attribute	Data type	Meaning
CKA_OTP_TIME_INTERVAL¹	CK_ULONG	Interval between OTP values produced with this key, in seconds. Default is 60.

The following is a sample template for creating an RSA SecurID secret key object:

CK_OBJECT_CLASS class = CKO_OTP_KEY;
CK_KEY_TYPE keyType = CKK_SECURID;
CK_DATE endDate = {...};
CK_UTF8CHAR label[] = "RSA SecurID secret key object";
CK_BYTE keyId[]= {...};
CK_ULONG outputFormat = CK_OTP_FORMAT_DECIMAL;
CK_ULONG outputLength = 6;
CK_ULONG needPIN = CK_OTP_PARAM_MANDATORY;
CK_ULONG timeInterval = 60;
CK_BYTE value[] = {...};
CK_BBOOL true = CK_TRUE;
CK_ATTRIBUTE template[] = {
{CKA_CLASS, &class, sizeof(class)},
{CKA_KEY_TYPE, &keyType, sizeof(keyType)},
{CKA_END_DATE, &endDate, sizeof(endDate)},
{CKA_TOKEN, &true, sizeof(true)},
{CKA_SENSITIVE, &true, sizeof(true)},
{CKA_LABEL, label, sizeof(label)-1},
{CKA_SIGN, &true, sizeof(true)},
{CKA_VERIFY, &true, sizeof(true)},
{CKA_ID, keyId, sizeof(keyId)},
{CKA_OTP_FORMAT, &outputFormat, sizeof(outputFormat)},
{CKA_OTP_LENGTH, &outputLength, sizeof(outputLength)},
{CKA_OTP_PIN_REQUIREMENT, &needPIN, sizeof(needPIN)},
{CKA_OTP_TIME_INTERVAL, &timeInterval, sizeof(timeInterval)},
{CKA_VALUE, value, sizeof(value)}
};