Key Attributes

The HSM enforces that a key can only be used for operations that are allowed by the key's attributes. For example, a key that has only the sign attribute set cannot be used for decryption. This makes key attributes useful to enforce the principle of key separation.

Some attributes are irreversible. For example, once a key is set to be modifiable or destroyable, these attributes cannot be removed again.

You can set the following two types of attributes on a key.

Capability

Attribute	Description
encrypt	Whether the key can be used to encrypt data.
decrypt	Whether the key can be used to decrypt data.
sign	Whether the key can be used to sign data and create MAC tags.
verify	Whether the key can be used to verify signatures and MAC tags.
wrap	Whether the key can be used to wrap (encrypt) other keys for secure transmission or storage. This attribute is only supported for symmetric keys.
unwrap	Whether the key can be used to unwrap (decrypt) encrypted keys.
derive	Whether the key can be used to derive other keys.
bip32	If true, key derivation is done using BIP32. This option can only be true if the key's algorithm is EC or ED and the derive attribute is true.
slip10	If true, key derivation is done using SLIP10. This option can only be true if the key's algorithm is EC or ED and the derive attribute is true.

Access

Attribute	Description
extractable	Whether the key can be extracted from the device. This option can only be true for keys without smart key attributes.
modifiable	Whether the key can be modified once it is generated. Attributes can only get stronger, not weaker (for example, if sensitive was false, it can be set to true, but not vice-versa). This attribute applies only to the key attributes and not to policy.
sensitive	Whether the key is sensitive. To export a key, this must be false.
destroyable	Whether the key can be intentionally destroyed (deleted).
copyable	Whether the key can be copied or duplicated.