p11sak_defined_attrs.conf - Man Page

Configuration file for p11sak list-key command.

Description

p11sak uses a configuration file at /etc/opencryptoki/p11sak_defined_attrs.conf. This configuration file path can be overwritten by the user with the environment  variable P11SAK_DEFAULT_CONF_FILE.

This is a text file that contains information used to configure non standard attributes that shall be printed with the p11sak list-key command.

Syntax

Each attribute description is composed of the attribute title, brackets and three key-value pairs. e.g.:

attribute
{
    name = CKA_IBM_RESTRICTABLE
    id = 0x80010001
    type = CK_BBOOL
}

All three keywords name , id , type are required to define an attribute.

The name has to start with a letter followed by an arbitrary number of letters, numbers, underscores, dots, minuses, or slashes. The id is defined in the PKCS#11 standard and can be  in decimal as well as in hexadecimal, when started with 0x, format. The only valid values for type are CK_BBOOL , CK_ULONG or CK_BYTE.

Notes

The pound sign ('#') is used to indicate a comment up to and including the end of line.

See Also

p11sak(1),

Referenced By

p11sak(1).

September 2021 3.17.0 openCryptoki