1P11SAK_DEFINED_ATTRS.CONF(5) openCryptoki P11SAK_DEFINED_ATTRS.CONF(5)
2
3
4
6 p11sak_defined_attrs.conf - Configuration file for p11sak list-key com‐
7 mand.
8
10 The p11sak tool uses the configuration files ~/.p11sak_defined_at‐
11 trs.conf and /etc/opencryptoki/p11sak_defined_attrs.conf to read infor‐
12 mation about custom attributes that shall be printed with the p11sak
13 list-key command.
14
15 This configuration file path can be overwritten by the user with the
16 environment variable P11SAK_DEFAULT_CONF_FILE. If the environment
17 variable is not set, then .p11sak_defined_attrs.conf is first tried to
18 be read from the current user's home directory. If this is not avail‐
19 able, the global /etc/opencryptoki/p11sak_defined_attrs.conf config
20 file is read. If none of these files are available, a warning message
21 is displayed, and printing of custom attributes is not available.
22
24 Each attribute description is composed of the attribute title, brackets
25 and three key-value pairs.
26
27 Example:
28
29 attribute
30 {
31 name = CKA_IBM_RESTRICTABLE
32 id = 0x80010001
33 type = CK_BBOOL
34 }
35
36 All three keywords name , id , type are required to define an attri‐
37 bute.
38
39 The name must start with a letter followed by an arbitrary number of
40 letters, numbers, underscores, dots, minuses, or slashes. The id can
41 be in decimal as well as in hexadecimal, when started with 0x, format.
42 The only valid values for type are:
43
44 • CK_BBOOL
45
46 • CK_ULONG
47
48 • CK_BYTE
49
50 • CK_DATE
51
53 The pound sign ('#') is used to indicate a comment up to and including
54 the end of line.
55
56
58 p11sak(1)
59
60
61
623.21.0 September 2021 P11SAK_DEFINED_ATTRS.CONF(5)