Class PublicKey

Public key objects (object class CKO_PUBLIC_KEY) hold public keys

Hierarchy (view full)

Constructors

constructor

Properties

class derive encrypt endDate handle id label lib local mechanism modifiable private session startDate subject token trusted type verify verifyRecover wrap

Accessors

allowedMechanisms size template

Methods

copy destroy get getAttribute getInfo set setAttribute toType

Constructors

constructor

Properties

class

class: ObjectClass

Object class (type)

derive

derive: boolean

CK_TRUE if key supports key derivation (i.e., if other keys can be derived from this one (default CK_FALSE)

  • May be modified after object is created with a C_SetAttributeValue call, or in the process of copying object with a C_CopyObject call. However, it is possible that a particular token may not permit modification of the attribute during the course of a C_CopyObject call.

Returns

boolean

encrypt

encrypt: boolean

true if key supports encryption

  • May be modified after object is created with a C_SetAttributeValue call, or in the process of copying object with a C_CopyObject call. However, it is possible that a particular token may not permit modification of the attribute during the course of a C_CopyObject call.
  • Default value is token-specific, and may depend on the values of other attributes.

endDate

endDate: Date

End date for the key (default empty)

  • May be modified after object is created with a C_SetAttributeValue call, or in the process of copying object with a C_CopyObject call. However, it is possible that a particular token may not permit modification of the attribute during the course of a C_CopyObject call.

handle

handle: Buffer

ID of PKCS#11 object

id

id: Buffer

Key identifier for key (default empty)

  • May be modified after object is created with a C_SetAttributeValue call, or in the process of copying object with a C_CopyObject call. However, it is possible that a particular token may not permit modification of the attribute during the course of a C_CopyObject call.

label

label: string

Description of the object (default empty)

lib

lib: PKCS11

PKCS#11 module

local

local: boolean

CK_TRUE only if key was either * generated locally (i.e., on the token) with a C_GenerateKey or C_GenerateKeyPair call * created with a C_CopyObject call as a copy of a key which had its CKA_LOCAL attribute set to CK_TRUE

  • Must not be specified when object is created with C_CreateObject.
  • Must not be specified when object is generated with C_GenerateKey or C_GenerateKeyPair.
  • Must not be specified when object is unwrapped with C_UnwrapKey.

mechanism

mechanism: KeyGenMechanism

Identifier of the mechanism used to generate the key material.

  • Must not be specified when object is created with C_CreateObject.
  • Must not be specified when object is generated with C_GenerateKey or C_GenerateKeyPair.
  • Must not be specified when object is unwrapped with C_UnwrapKey.

modifiable

modifiable: boolean

true if object can be modified. Default is false

private

private: boolean

true if object is a private object and false if object is a public object. Default value is token-specific, and may depend on the values of other attributes of the object.

session

session: Session

PKCS#11 session

startDate

startDate: Date

Start date for the key (default empty)

  • May be modified after object is created with a C_SetAttributeValue call, or in the process of copying object with a C_CopyObject call. However, it is possible that a particular token may not permit modification of the attribute during the course of a C_CopyObject call.

subject

subject: Buffer

DER-encoding of the key subject name (default empty)

  • May be modified after object is created with a C_SetAttributeValue call, or in the process of copying object with a C_CopyObject call. However, it is possible that a particular token may not permit modification of the attribute during the course of a C_CopyObject call.

token

token: boolean

true if object is a token object and false if object is a session object. Default is false.

trusted

trusted: boolean

The key can be trusted for the application that it was created.

  • The wrapping key can be used to wrap keys with CKA_WRAP_WITH_TRUSTED set to true.
  • Can only be set to CK_TRUE by the SO user.

type

type: KeyType

Type of key

  • Must be specified when object is created with C_CreateObject
  • Must be specified when object is unwrapped with C_UnwrapKey

verify

verify: boolean

true if key supports verification where the signature is an appendix to the data

  • May be modified after object is created with a C_SetAttributeValue call, or in the process of copying object with a C_CopyObject call. However, it is possible that a particular token may not permit modification of the attribute during the course of a C_CopyObject call.
  • Default value is token-specific, and may depend on the values of other attributes.

verifyRecover

verifyRecover: boolean

true if key supports verification where the data is recovered from the signature

  • May be modified after object is created with a C_SetAttributeValue call, or in the process of copying object with a C_CopyObject call. However, it is possible that a particular token may not permit modification of the attribute during the course of a C_CopyObject call.
  • Default value is token-specific, and may depend on the values of other attributes.

wrap

wrap: boolean

true if key supports wrapping (i.e., can be used to wrap other keys)

  • May be modified after object is created with a C_SetAttributeValue call, or in the process of copying object with a C_CopyObject call. However, it is possible that a particular token may not permit modification of the attribute during the course of a C_CopyObject call.
  • Default value is token-specific, and may depend on the values of other attributes.

Accessors

allowedMechanisms

  • get allowedMechanisms(): void

  • Returns void

  • set allowedMechanisms(v): void

  • Parameters

    • v: void

    Returns void

size

  • get size(): number

  • Gets the size of an object in bytes

    Returns number

template

  • get template(): void

  • For wrapping keys. The attribute template to match against any keys wrapped using this wrapping key. Keys that do not match cannot be wrapped.

    Returns void

  • set template(v): void

  • Parameters

    • v: void

    Returns void

Methods

copy

destroy

get

getAttribute

  • getAttribute(type): Buffer

  • Returns attribute value

    Parameters

    • type: number

      Attribute type

    Returns Buffer

    Attribute value in Buffer format

  • getAttribute(name): any

  • Returns attribute value

    Parameters

    Returns any

    Attribute value. Depends on the attribute name

  • getAttribute(attrs): ITemplate

  • Returns a list of attributes

    Parameters

    • attrs: ITemplate

      The list of attributes for receiving

    Returns ITemplate

    The list of attributes

ProtectedgetInfo

  • getInfo(): void

  • Retrieves information about PKCS#11 object and fills fields

    Returns void

set

  • set(type, value): void

  • Alias for setAttribute

    Parameters

    • type: number
    • value:
          | string
          | number
          | boolean
          | Buffer

    Returns void

  • set(name, value): void

  • Parameters

    • name: string
    • value: any

    Returns void

setAttribute

  • setAttribute(type, value): void

  • Sets attribute value

    Parameters

    • type: number

      Attribute type

    • value:
          | string
          | number
          | boolean
          | Buffer

      Attribute value

    Returns void

  • setAttribute(name, value): void

  • Sets attribute value

    Parameters

    • name: string

      Attribute name. See ITemplate

    • value: any

      Attribute value. Depends on attribute name

    Returns void

  • setAttribute(attrs): void

  • Sets attributes from the list of attributes

    Parameters

    Returns void

toType

Settings

Member Visibility

On This Page

Constructors
Properties
Accessors
Methods