NAME¶

p11sak_defined_attrs.conf - Configuration file for p11sak list-key command.

DESCRIPTION¶

p11sak uses a configuration file at /etc/opencryptoki/p11sak_defined_attrs.conf. This configuration file path can be overwritten by the user with the environment variable P11SAK_DEFAULT_CONF_FILE.

This is a text file that contains information used to configure non standard attributes that shall be printed with the p11sak list-key command.

SYNTAX¶

Each attribute description is composed of the attribute title, brackets and three key-value pairs. e.g.:

attribute
{
name = CKA_IBM_RESTRICTABLE
id = 0x80010001
type = CK_BBOOL
}

All three keywords name , id , type are required to define an attribute.

The name has to start with a letter followed by an arbitrary number of letters, numbers, underscores, dots, minuses, or slashes. The id is defined in the PKCS#11 standard and can be in decimal as well as in hexadecimal, when started with 0x, format. The only valid values for type are CK_BBOOL , CK_ULONG or CK_BYTE.

Notes¶

The pound sign ('#') is used to indicate a comment up to and including the end of line.

SEE ALSO¶

p11sak(1),