-
Notifications
You must be signed in to change notification settings - Fork 30
Keys
Endi S. Dewata edited this page May 16, 2023
·
6 revisions
private boolean temporaryPairMode = false; // 1: sensitive // 0: insensitive // -1: sensitive if temporaryPairMode is false, // insensitive if temporaryPairMode is true // (the default depends on temporaryPairMode for backward // compatibility) private int sensitivePairMode = -1; // 1: extractable // 0: unextractable // -1: unspecified (token dependent) private int extractablePairMode = -1;
See also:
PK11AttrFlags attrFlags = 0;
if (temporary) {
attrFlags |= PK11_ATTR_SESSION;
} else {
attrFlags |= PK11_ATTR_TOKEN;
}
if (extractable == 1) {
attrFlags |= PK11_ATTR_EXTRACTABLE;
} else if (extractable == 0) {
attrFlags |= PK11_ATTR_UNEXTRACTABLE;
}
// The default of sensitive is set this way to be backward compatible.
if (sensitive == -1) {
sensitive = !temporary;
}
// The PRIVATE/PUBLIC attributes are set this way to be backward
// compatible with the original PK11_GenerateKeyPair call.
if (sensitive) {
attrFlags |= (PK11_ATTR_SENSITIVE | PK11_ATTR_PRIVATE);
} else {
attrFlags |= (PK11_ATTR_INSENSITIVE | PK11_ATTR_PUBLIC);
}
*privk = PK11_GenerateKeyPairWithOpFlags(
slot,
mechanism,
params,
pubk,
attrFlags,
(CK_FLAGS) op_flags,
(CK_FLAGS) op_flags_mask /* the ones we don't want*/,
NULL /* default PW callback */);
See also: