[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Proposal: New CKA_DESTROYABLE attribute
This defines a new boolean attribute CKA_DESTROYABLE. Currently it is ambiguous whether CKA_MODIFIABLE objects are destroyable with C_DestroyObject. Cheers, Stef 10.1.3 Copying objects *** Modify paragraph, adding constant The Cryptoki attributes which can be modified during the course of a C_CopyObject operation are the same as the Cryptoki attributes | which are described as being modifiable, plus the four special | attributes CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE and CKA_DESTROYABLE. ... 10.4 Storage Objects Table 21, Common Storage Object Attributes *** Add new row | | ---------------------------------------------------------------| | | CKA_DESTROYABLE | CK_BBOOL | CK_TRUE if the object can be | | | | | destroyed using C_DestroyObject. | | | | | Default is CK_TRUE. | | |----------------------------------------------------------------| *** Modify paragraph, removing last sentence The value of the CKA_MODIFIABLE attribute determines whether or not | an object is read-only. *** Add paragraph | The value of the CKA_DESTROYABLE attribute determines whether the | object can be destroyed using C_DestroyObject. 11.1.6 All other Cryptoki function return values *** Add paragraph | o CKR_NOT_DESTROYABLE: An attempt was made to destroy an object | which is may not be destroyed. 11.7 Object management functions o C_DestroyObject *** Add paragraph | Certain object may not be destroyed. Calling C_DestroyObject on such | objects will result in the CKR_NOT_DESTROYABLE error code. An | application can consult the object's CKA_DESTROYABLE attribute to | determine if an object may be destroyed or not. *** Add value Return values: ... | CKR_NOT_DESTROYABLE A. Manifest Constants *** Add constant | # define CKA_NOT_DESTROYABLE 0x0000001BUL
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]