Canmove, confirm
937
edits
Changes
→AS06.17
To prevent recording secret and private key values in the audit log due to programming errors, we only record key attributes whose values are very different from an array of bytes:
* <code>CKA_CLASS</code>: object class, e.g., secret key<code>CKO_PUBLIC_KEY</code> (0x00000002), <code>CKO_PRIVATE_KEY</code> (0x00000003), public key<code>CKO_SECRET_KEY</code> (0x00000004), or private keyetc.* <code>CKA_KEY_TYPE</code>: key type, e.g., AES key<code>CKK_RSA</code> (0x00000000), <code>CKK_DSA</code> (0x00000001), RSA keys<code>CKK_EC</code> (0x00000003), DSA keys<code>CKK_GENERIC_SECRET</code> (0x00000010), EC keys<code>CKK_AES</code> (0x0000001F), etc.
* <code>CKA_TOKEN</code>: token (persistent) or session (temporary) object. a boolean.
* <code>CKA_MODULUS_BITS</code>: (RSA keys only) length in bits of the RSA modulus in bits. an unsigned long.* <code>CKA_PRIME_BITS</code>: (DSA and Diffie-Hellman keys only) length in bits of the DSA or Diffie-Hellman prime p in bits. an unsigned long.
* <code>CKA_EC_PARAMS</code>: (EC keys only) the elliptic curve's name.
* <code>CKA_VALUE_LEN</code>: (secret keys) length in bytes of keyvalue. an unsigned long.
Moreover, if a function has an object handle pointer argument (e.g., ''phKey''), on a successful return we also record the object handle we store in the location pointed to by the argument (e.g., "''"*phKey = 0x01234567"''").
Below we list the functions that we audit and specify the format of the audit messages. For brevity we omit the optional attribute values and returned object handles in the audit message specification.
* Object management functions, where the object is a cryptographic key (object class <code>CKO_PUBLIC_KEY</code>, <code>CKO_PRIVATE_KEY</code>, and <code>CKO_SECRET_KEY</code>)
** <code>[http://developer.mozilla.org/en/docs/FC_CreateObject FC_CreateObject]</code>: addition of cryptographic keys
