PKCS#11 tabel atribut perpustakaan untuk AWS CloudHSM Klien SDK 5

Tabel pustaka PKCS #11 untuk AWS CloudHSM berisi daftar atribut yang berbeda menurut jenis kunci. Ini menunjukkan apakah atribut yang diberikan didukung untuk jenis kunci tertentu saat menggunakan fungsi kriptografi tertentu dengan AWS CloudHSM.

Legenda:

✔ menunjukkan bahwa Cloud HSM mendukung atribut untuk jenis kunci tertentu.
✖ menunjukkan bahwa Cloud HSM tidak mendukung atribut untuk jenis kunci tertentu.
R menunjukkan bahwa nilai atribut diatur ke hanya-baca untuk jenis kunci tertentu.
S menunjukkan bahwa atribut tidak dapat dibaca oleh GetAttributeValue karena sensitif.
Sel kosong di kolom Nilai Default menunjukkan bahwa tidak ada nilai default tertentu yang ditetapkan untuk atribut.

Atribut	Tipe Kunci				Nilai Default
	EC pribadi	EC publik	RSApribadi	RSApublik
`CKA_CLASS`	✔	✔	✔	✔
`CKA_KEY_TYPE`	✔	✔	✔	✔
`CKA_LABEL`	✔	✔	✔	✔
`CKA_ID`	✔	✔	✔	✔
`CKA_LOCAL`	R	R	R	R	Benar
`CKA_TOKEN`	✔	✔	✔	✔	Salah
`CKA_PRIVATE`	✔¹	✔¹	✔¹	✔¹	Benar
`CKA_ENCRYPT`	✖	✔	✖	✔	Salah
`CKA_DECRYPT`	✔	✖	✔	✖	Salah
`CKA_DERIVE`	✔	✔	✔	✔	Salah
`CKA_MODIFIABLE`	✔¹	✔¹	✔¹	✔¹	Benar
`CKA_DESTROYABLE`	✔	✔	✔	✔	Benar
`CKA_SIGN`	✔	✖	✔	✖	Salah
`CKA_SIGN_RECOVER`	✖	✖	✖	✖
`CKA_VERIFY`	✖	✔	✖	✔	Salah
`CKA_VERIFY_RECOVER`	✖	✖	✖	✖
`CKA_WRAP`	✖	✔	✖	✔	Salah
`CKA_WRAP_TEMPLATE`	✖	✔	✖	✔
`CKA_TRUSTED`	✖	✔	✖	✔	Salah
`CKA_WRAP_WITH_TRUSTED`	✔	✖	✔	✖	Salah
`CKA_UNWRAP`	✔	✖	✔	✖	Salah
`CKA_UNWRAP_TEMPLATE`	✔	✖	✔	✖
`CKA_SENSITIVE`	✔¹	✖	✔¹	✖	Benar
`CKA_ALWAYS_SENSITIVE`	R	✖	R	✖
`CKA_EXTRACTABLE`	✔	✖	✔	✖	Benar
`CKA_NEVER_EXTRACTABLE`	R	✖	R	✖
`CKA_MODULUS`	✖	✖	✖	✖
`CKA_MODULUS_BITS`	✖	✖	✖	✔²
`CKA_PRIME_1`	✖	✖	✖	✖
`CKA_PRIME_2`	✖	✖	✖	✖
`CKA_COEFFICIENT`	✖	✖	✖	✖
`CKA_EXPONENT_1`	✖	✖	✖	✖
`CKA_EXPONENT_2`	✖	✖	✖	✖
`CKA_PRIVATE_EXPONENT`	✖	✖	✖	✖
`CKA_PUBLIC_EXPONENT`	✖	✖	✖	✔²
`CKA_EC_PARAMS`	✖	✔²	✖	✖
`CKA_EC_POINT`	✖	✖	✖	✖
`CKA_VALUE`	✖	✖	✖	✖
`CKA_VALUE_LEN`	✖	✖	✖	✖
`CKA_CHECK_VALUE`	R	R	R	R

Atribut	Tipe Kunci			Nilai Default
	AES	DES3	Rahasia Generik
`CKA_CLASS`	✔	✔	✔
`CKA_KEY_TYPE`	✔	✔	✔
`CKA_LABEL`	✔	✔	✔
`CKA_ID`	✔	✔	✔
`CKA_LOCAL`	R	R	R	Benar
`CKA_TOKEN`	✔	✔	✔	Salah
`CKA_PRIVATE`	✔¹	✔¹	✔¹	Benar
`CKA_ENCRYPT`	✔	✔	✖	Salah
`CKA_DECRYPT`	✔	✔	✖	Salah
`CKA_DERIVE`	✔	✔	✔	Salah
`CKA_MODIFIABLE`	✔¹	✔¹	✔¹	Benar
`CKA_DESTROYABLE`	✔	✔	✔	Benar
`CKA_SIGN`	✔	✔	✔	Benar
`CKA_SIGN_RECOVER`	✖	✖	✖
`CKA_VERIFY`	✔	✔	✔	Benar
`CKA_VERIFY_RECOVER`	✖	✖	✖
`CKA_WRAP`	✔	✔	✖	Salah
`CKA_WRAP_TEMPLATE`	✔	✔	✖
`CKA_TRUSTED`	✔	✔	✖	Salah
`CKA_WRAP_WITH_TRUSTED`	✔	✔	✔	Salah
`CKA_UNWRAP`	✔	✔	✖	Salah
`CKA_UNWRAP_TEMPLATE`	✔	✔	✖
`CKA_SENSITIVE`	✔	✔	✔	Benar
`CKA_ALWAYS_SENSITIVE`	✖	✖	✖
`CKA_EXTRACTABLE`	✔	✔	✔	Benar
`CKA_NEVER_EXTRACTABLE`	R	R	R
`CKA_MODULUS`	✖	✖	✖
`CKA_MODULUS_BITS`	✖	✖	✖
`CKA_PRIME_1`	✖	✖	✖
`CKA_PRIME_2`	✖	✖	✖
`CKA_COEFFICIENT`	✖	✖	✖
`CKA_EXPONENT_1`	✖	✖	✖
`CKA_EXPONENT_2`	✖	✖	✖
`CKA_PRIVATE_EXPONENT`	✖	✖	✖
`CKA_PUBLIC_EXPONENT`	✖	✖	✖
`CKA_EC_PARAMS`	✖	✖	✖
`CKA_EC_POINT`	✖	✖	✖
`CKA_VALUE`	✖	✖	✖
`CKA_VALUE_LEN`	✔²	✖	✔²
`CKA_CHECK_VALUE`	R	R	R

Atribut	Tipe Kunci							Nilai Default
	EC pribadi	EC publik	RSApribadi	RSApublik	AES	DES3	Rahasia Generik
`CKA_CLASS`	✔²	✔²	✔²	✔²	✔²	✔²	✔²
`CKA_KEY_TYPE`	✔²	✔²	✔²	✔²	✔²	✔²	✔²
`CKA_LABEL`	✔	✔	✔	✔	✔	✔	✔
`CKA_ID`	✔	✔	✔	✔	✔	✔	✔
`CKA_LOCAL`	R	R	R	R	R	R	R	Salah
`CKA_TOKEN`	✔	✔	✔	✔	✔	✔	✔	Salah
`CKA_PRIVATE`	✔¹	✔¹	✔¹	✔¹	✔¹	✔¹	✔¹	Benar
`CKA_ENCRYPT`	✖	✖	✖	✔	✔	✔	✖	Salah
`CKA_DECRYPT`	✖	✖	✔	✖	✔	✔	✖	Salah
`CKA_DERIVE`	✔	✔	✔	✔	✔	✔	✔	Salah
`CKA_MODIFIABLE`	✔¹	✔¹	✔¹	✔¹	✔¹	✔¹	✔¹	Benar
`CKA_DESTROYABLE`	✔	✔	✔	✔	✔	✔	✔	Benar
`CKA_SIGN`	✔	✖	✔	✖	✔	✔	✔	Salah
`CKA_SIGN_RECOVER`	✖	✖	✖	✖	✖	✖	✖	Salah
`CKA_VERIFY`	✖	✔	✖	✔	✔	✔	✔	Salah
`CKA_VERIFY_RECOVER`	✖	✖	✖	✖	✖	✖	✖
`CKA_WRAP`	✖	✖	✖	✔	✔	✔	✖	Salah
`CKA_WRAP_TEMPLATE`	✖	✔	✖	✔	✔	✔	✖
`CKA_TRUSTED`	✖	✔	✖	✔	✔	✔	✖	Salah
`CKA_WRAP_WITH_TRUSTED`	✔	✖	✔	✖	✔	✔	✔	Salah
`CKA_UNWRAP`	✖	✖	✔	✖	✔	✔	✖	Salah
`CKA_UNWRAP_TEMPLATE`	✔	✖	✔	✖	✔	✔	✖
`CKA_SENSITIVE`	✔	✖	✔	✖	✔	✔	✔	Benar
`CKA_ALWAYS_SENSITIVE`	R	✖	R	✖	R	R	R
`CKA_EXTRACTABLE`	✔	✖	✔	✖	✔	✔	✔	Benar
`CKA_NEVER_EXTRACTABLE`	R	✖	R	✖	R	R	R
`CKA_MODULUS`	✖	✖	✔²	✔²	✖	✖	✖
`CKA_MODULUS_BITS`	✖	✖	✖	✖	✖	✖	✖
`CKA_PRIME_1`	✖	✖	✔	✖	✖	✖	✖
`CKA_PRIME_2`	✖	✖	✔	✖	✖	✖	✖
`CKA_COEFFICIENT`	✖	✖	✔	✖	✖	✖	✖
`CKA_EXPONENT_1`	✖	✖	✔	✖	✖	✖	✖
`CKA_EXPONENT_2`	✖	✖	✔	✖	✖	✖	✖
`CKA_PRIVATE_EXPONENT`	✖	✖	✔²	✖	✖	✖	✖
`CKA_PUBLIC_EXPONENT`	✖	✖	✔²	✔²	✖	✖	✖
`CKA_EC_PARAMS`	✔²	✔²	✖	✖	✖	✖	✖
`CKA_EC_POINT`	✖	✔²	✖	✖	✖	✖	✖
`CKA_VALUE`	✔²	✖	✖	✖	✔²	✔²	✔²
`CKA_VALUE_LEN`	✖	✖	✖	✖	✖	✖	✖
`CKA_CHECK_VALUE`	R	R	R	R	R	R	R

Atribut	Tipe Kunci					Nilai Default
	EC pribadi	RSApribadi	AES	DES3	Rahasia Generik
`CKA_CLASS`	✔²	✔²	✔²	✔²	✔²
`CKA_KEY_TYPE`	✔²	✔²	✔²	✔²	✔²
`CKA_LABEL`	✔	✔	✔	✔	✔
`CKA_ID`	✔	✔	✔	✔	✔
`CKA_LOCAL`	R	R	R	R	R	Salah
`CKA_TOKEN`	✔	✔	✔	✔	✔	Salah
`CKA_PRIVATE`	✔¹	✔¹	✔¹	✔¹	✔¹	Benar
`CKA_ENCRYPT`	✖	✖	✔	✔	✖	Salah
`CKA_DECRYPT`	✖	✔	✔	✔	✖	Salah
`CKA_DERIVE`	✔	✔	✔	✔	✔	Salah
`CKA_MODIFIABLE`	✔¹	✔¹	✔¹	✔¹	✔¹	Benar
`CKA_DESTROYABLE`	✔	✔	✔	✔	✔	Benar
`CKA_SIGN`	✔	✔	✔	✔	✔	Salah
`CKA_SIGN_RECOVER`	✖	✖	✖	✖	✖	Salah
`CKA_VERIFY`	✖	✖	✔	✔	✔	Salah
`CKA_VERIFY_RECOVER`	✖	✖	✖	✖	✖
`CKA_WRAP`	✖	✖	✔	✔	✖	Salah
`CKA_UNWRAP`	✖	✔	✔	✔	✖	Salah
`CKA_SENSITIVE`	✔	✔	✔	✔	✔	Benar
`CKA_EXTRACTABLE`	✔	✔	✔	✔	✔	Benar
`CKA_NEVER_EXTRACTABLE`	R	R	R	R	R
`CKA_ALWAYS_SENSITIVE`	R	R	R	R	R
`CKA_MODULUS`	✖	✖	✖	✖	✖
`CKA_MODULUS_BITS`	✖	✖	✖	✖	✖
`CKA_PRIME_1`	✖	✖	✖	✖	✖
`CKA_PRIME_2`	✖	✖	✖	✖	✖
`CKA_COEFFICIENT`	✖	✖	✖	✖	✖
`CKA_EXPONENT_1`	✖	✖	✖	✖	✖
`CKA_EXPONENT_2`	✖	✖	✖	✖	✖
`CKA_PRIVATE_EXPONENT`	✖	✖	✖	✖	✖
`CKA_PUBLIC_EXPONENT`	✖	✖	✖	✖	✖
`CKA_EC_PARAMS`	✖	✖	✖	✖	✖
`CKA_EC_POINT`	✖	✖	✖	✖	✖
`CKA_VALUE`	✖	✖	✖	✖	✖
`CKA_VALUE_LEN`	✖	✖	✖	✖	✖
`CKA_CHECK_VALUE`	R	R	R	R	R

Atribut	Tipe Kunci			Nilai Default
	AES	DES3	Rahasia Generik
`CKA_CLASS`	✔²	✔²	✔²
`CKA_KEY_TYPE`	✔²	✔²	✔²
`CKA_LABEL`	✔	✔	✔
`CKA_ID`	✔	✔	✔
`CKA_LOCAL`	R	R	R	Benar
`CKA_TOKEN`	✔	✔	✔	Salah
`CKA_PRIVATE`	✔¹	✔¹	✔¹	Benar
`CKA_ENCRYPT`	✔	✔	✖	Salah
`CKA_DECRYPT`	✔	✔	✖	Salah
`CKA_DERIVE`	✔	✔	✔	Salah
`CKA_MODIFIABLE`	✔¹	✔¹	✔¹	Benar
`CKA_DESTROYABLE`	✔¹	✔¹	✔¹	Benar
`CKA_SIGN`	✔	✔	✔	Salah
`CKA_SIGN_RECOVER`	✖	✖	✖
`CKA_VERIFY`	✔	✔	✔	Salah
`CKA_VERIFY_RECOVER`	✖	✖	✖
`CKA_WRAP`	✔	✔	✖	Salah
`CKA_UNWRAP`	✔	✔	✖	False
`CKA_SENSITIVE`	R	R	R	True
`CKA_EXTRACTABLE`	✔	✔	✔	Benar
`CKA_NEVER_EXTRACTABLE`	R	R	R
`CKA_ALWAYS_SENSITIVE`	R	R	R
`CKA_MODULUS`	✖	✖	✖
`CKA_MODULUS_BITS`	✖	✖	✖
`CKA_PRIME_1`	✖	✖	✖
`CKA_PRIME_2`	✖	✖	✖
`CKA_COEFFICIENT`	✖	✖	✖
`CKA_EXPONENT_1`	✖	✖	✖
`CKA_EXPONENT_2`	✖	✖	✖
`CKA_PRIVATE_EXPONENT`	✖	✖	✖
`CKA_PUBLIC_EXPONENT`	✖	✖	✖
`CKA_EC_PARAMS`	✖	✖	✖
`CKA_EC_POINT`	✖	✖	✖
`CKA_VALUE`	✖	✖	✖
`CKA_VALUE_LEN`	✔²	✖	✔²
`CKA_CHECK_VALUE`	R	R	R

Atribut	Tipe Kunci
	EC pribadi	EC publik	RSApribadi	RSApublik	AES	DES3	Rahasia Generik
`CKA_CLASS`	✔	✔	✔	✔	✔	✔	✔
`CKA_KEY_TYPE`	✔	✔	✔	✔	✔	✔	✔
`CKA_LABEL`	✔	✔	✔	✔	✔	✔	✔
`CKA_ID`	✔	✔	✔	✔	✔	✔	✔
`CKA_LOCAL`	✔	✔	✔	✔	✔	✔	✔
`CKA_TOKEN`	✔	✔	✔	✔	✔	✔	✔
`CKA_PRIVATE`	✔¹	✔¹	✔¹	✔¹	✔¹	✔¹	✔¹
`CKA_ENCRYPT`	✖	✖	✖	✔	✔	✔	✖
`CKA_DECRYPT`	✖	✖	✔	✖	✔	✔	✖
`CKA_DERIVE`	✔	✔	✔	✔	✔	✔	✔
`CKA_MODIFIABLE`	✔	✔	✔	✔	✔	✔	✔
`CKA_DESTROYABLE`	✔	✔	✔	✔	✔	✔	✔
`CKA_SIGN`	✔	✖	✔	✖	✔	✔	✔
`CKA_SIGN_RECOVER`	✖	✖	✔	✖	✖	✖	✖
`CKA_VERIFY`	✖	✔	✖	✔	✔	✔	✔
`CKA_VERIFY_RECOVER`	✖	✖	✖	✔	✖	✖	✖
`CKA_WRAP`	✖	✖	✖	✔	✔	✔	✖
`CKA_WRAP_TEMPLATE`	✖	✔	✖	✔	✔	✔	✖
`CKA_TRUSTED`	✖	✔	✖	✔	✔	✔	✔
`CKA_WRAP_WITH_TRUSTED`	✔	✖	✔	✖	✔	✔	✔
`CKA_UNWRAP`	✖	✖	✔	✖	✔	✔	✖
`CKA_UNWRAP_TEMPLATE`	✔	✖	✔	✖	✔	✔	✖
`CKA_SENSITIVE`	✔	✖	✔	✖	✔	✔	✔
`CKA_EXTRACTABLE`	✔	✖	✔	✖	✔	✔	✔
`CKA_NEVER_EXTRACTABLE`	✔	✖	✔	✖	✔	✔	✔
`CKA_ALWAYS_SENSITIVE`	R	R	R	R	R	R	R
`CKA_MODULUS`	✖	✖	✔	✔	✖	✖	✖
`CKA_MODULUS_BITS`	✖	✖	✖	✔	✖	✖	✖
`CKA_PRIME_1`	✖	✖	S	✖	✖	✖	✖
`CKA_PRIME_2`	✖	✖	S	✖	✖	✖	✖
`CKA_COEFFICIENT`	✖	✖	S	✖	✖	✖	✖
`CKA_EXPONENT_1`	✖	✖	S	✖	✖	✖	✖
`CKA_EXPONENT_2`	✖	✖	S	✖	✖	✖	✖
`CKA_PRIVATE_EXPONENT`	✖	✖	S	✖	✖	✖	✖
`CKA_PUBLIC_EXPONENT`	✖	✖	✔	✔	✖	✖	✖
`CKA_EC_PARAMS`	✔	✔	✖	✖	✖	✖	✖
`CKA_EC_POINT`	✖	✔	✖	✖	✖	✖	✖
`CKA_VALUE`	S	✖	✖	✖	✔	✔	✔
`CKA_VALUE_LEN`	✖	✖	✖	✖	✔	✖	✔
`CKA_CHECK_VALUE`	✔	✔	✔	✔	✔	✔	✖

Anotasi atribut

[1] Atribut ini sebagian didukung oleh firmware dan harus secara eksplisit diatur hanya ke nilai default.
[2] Atribut wajib.

Awas Javascript dinonaktifkan atau tidak tersedia di browser Anda.

Untuk menggunakan Dokumentasi AWS, Javascript harus diaktifkan. Lihat halaman Bantuan browser Anda untuk petunjuk.

Konvensi Dokumen

Atribut kunci

Memodifikasi atribut