public class LunaPkcs11AttributesConfig
extends java.lang.Object
Each line of the configuration file can be used to specify the attributes for a specific mechanism, attribute template key type and a list of the attributes types and values. Each attribute type can be assigned a 0 or 1 for boolean attributes, an integer or hex value for long attributes, and a string or hex value for byte array attributes.
Example configuration file:
CKM_RSA_PKCS_KEY_PAIR_GEN.public(CKA_VERIFY=1,CKA_ENCRYPT=0,CKA_WRAP=0,CKA_MODULUS_BITS=2048,CKA_KEY_TYPE=0x00000000,CKA_LABEL="My Public Key") CKM_RSA_PKCS_KEY_PAIR_GEN.private(CKA_SIGN=1,CKA_DECRYPT=0,CKA_UNWRAP=0,CKA_MODULUS_BITS=2048,CKA_KEY_TYPE=0x00000000,CKA_LABEL="My Private Key") CKM_AES_KEY_GEN.secret(CKA_SIGN=0,CKA_VERIFY=0,CKA_ENCRYPT=1,CKA_DECRYPT=0,CKA_WRAP=0,CKA_UNWRAP=0,CKA_DERIVE=0,CKA_EXTRACTABLE=1,CKA_VALUE_LEN=32,CKA_LABEL="My AES Key")
The LUNA_PKCS11_ATTRIBUTES_CONFIG environment variable can be set to point at a configuration file to be loaded.
For more control over the attribute settings for specific key generations, the LunaPkcs11AttributesParameterSpec
and LunaPkcs11Attributes
can be used.
Constructor and Description |
---|
LunaPkcs11AttributesConfig() |
Modifier and Type | Method and Description |
---|---|
LunaPkcs11Attributes |
getAttributes(long mechanism) |
void |
parseConfig(java.io.InputStream stream) |
void |
setAttributes(long mechanism,
LunaPkcs11Attributes attributes) |
public void parseConfig(java.io.InputStream stream) throws java.io.IOException
java.io.IOException
public LunaPkcs11Attributes getAttributes(long mechanism)
public void setAttributes(long mechanism, LunaPkcs11Attributes attributes)
Copyright 2014-2018 SafeNet. All rights reserved.