PKCS#11
|
| Cryptographic Token Interface Standard |
PKCS#11 |
GOST R 34.11-94 domain parameter objects (object class CKO_DOMAIN_PARAMETERS, key type CKK_GOSTR3411) hold GOST R 34.11-94 domain parameters.
The following table defines the GOST R 34.11-94 domain parameter object attributes, in addition to the common attributes defined for this object class:
Table 28, GOST R 34.11-94 Domain Parameter Object Attributes
| Attribute | Data Type | Meaning |
| CKA_VALUE1 | DER-encoding of the domain parameters as it was introduced in [4] section 8.2 (type GostR3411-94-ParamSetParameters ) | |
| CKA_OBJECT_ID1 | DER-encoding of the object identifier indicating the domain parameters |
Refer to Table 15 for footnotes
For any particular token, there is no guarantee that a token supports domain parameters loading up and/or fetching out. Furthermore, applications, that make direct use of domain parameters objects, should take in account that CKA_VALUE attribute may be inaccessible.
The following is a sample template for creating a GOST R 34.11-94 domain parameter object:
CK_OBJECT_CLASS class = CKO_DOMAIN_PARAMETERS; CK_KEY_TYPE keyType = CKK_GOSTR3411; CK_UTF8CHAR label[] = "A GOST R34.11-94 cryptographic parameters object"; CK_BYTE oid[] = {0x06, 0x07, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1e, 0x00}; CK_BYTE value[] = { 0x30,0x64, 0x04,0x40, 0x4e,0x57,0x64,0xd1,0xab,0x8d,0xcb,0xbf,0x94,0x1a,0x7a,0x4d,0x2c,0xd1,0x10,0x10, 0xd6,0xa0,0x57,0x35,0x8d,0x38,0xf2,0xf7,0x0f,0x49,0xd1,0x5a,0xea,0x2f,0x8d,0x94, 0x62,0xee,0x43,0x09,0xb3,0xf4,0xa6,0xa2,0x18,0xc6,0x98,0xe3,0xc1,0x7c,0xe5,0x7e, 0x70,0x6b,0x09,0x66,0xf7,0x02,0x3c,0x8b,0x55,0x95,0xbf,0x28,0x39,0xb3,0x2e,0xcc, 0x04,0x20, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, 0x00
}; CK_BBOOL true = CK_TRUE; CK_ATTRIBUTE template[] = { {CKA_CLASS, &class, sizeof(class)}, {CKA_KEY_TYPE, &keyType, sizeof(keyType)}, {CKA_TOKEN, &true, sizeof(true)}, {CKA_LABEL, label, sizeof(label)-1}, {CKA_OBJECT_ID, oid, sizeof(oid)}, {CKA_VALUE, value, sizeof(value)} };