Importing keys
You can import keys of type CKK_AES, CKK_3DES, CKK_DSA, CKK_RSA, CKK_DH, and CKK_EC from
plain text key values using function C_CreateObject. The resulting key objects
are secure (CKA_SENSITIVE = CK_TRUE and CKA_ALWAYS_SENSITIVE = CK_FALSE).
To import keys of type CKK_AES, CKK_DES2, CKK_3DES, and CKK_GENERIC_SECRET, you must provide a template that contains the following attributes:
- CKA_VALUE
To import keys of type CKK_DSA, you must provide a template that contains the following attributes:
- CKA_PRIME (also called p)
- CKA_SUBPRIME (also called q)
- CKA_BASE (also called g)
- CKA_VALUE (private key x or public key y)
To import keys of type CKK_RSA, you must provide a template that contains the following attributes:
- CKA_MODULUS
- CKA_PUBLIC_EXPONENT
- CKA_PRIVATE_EXPONENT (for private key import only)
- CKA_PRIME_1 (for private key import only)
- CKA_PRIME_2 (for private key import only)
- CKA_EXPONENT_1 (for private key import only)
- CKA_EXPONENT_2 (for private key import only)
- CKA_COEFFICIENT (for private key import only)
To import keys of type CKK_DH, you must provide a template that contains the following attributes:
- CKA_PRIME (also called p)
- CKA_BASE (also called g)
- CKA_VALUE (private key x or public key y)
To import keys of type CKK_EC (synonym CKK_ECDSA), you must provide a template that contains the following attributes:
- CKA_EC_PARAMS
- CKA_EC_POINT
- CKA_VALUE (for private key import only)