Skip to content


In chapter 4, the KMIP 2.1 specifications specifies a list of 63 Attributes, mostly made of enumerations and data structures, often nested in each other. Despite this impressive list, and as expected in such a large specification, KMIP allows for extensions to support new cryptographic schemes such as the ones enabled by Cosmian.

Extensions in KMIP consist mostly in augmenting enumerations with new values and attributing a specific prefix values, usually 0x8880 to the new variants.

The Cosmian extensions are listed below. They can also be viewed in the open sourced Cloudproof Java library which implements the KMIP specifications required to interact with the Cosmian KMS server. For instance, the CryptographicAlgorithm enumeration extensions can be viewed in this java source code


The Key Format Type attribute is a required attribute of a Cryptographic Object.

It is set by the server, but a particular Key Format Type MAY be requested by the client if the cryptographic material is produced by the server (i.e., Create, Create Key Pair, Create Split Key, Re-key, Re-key Key Pair, Derive Key) on the client’s behalf. The server SHALL comply with the client’s requested format or SHALL fail the request. When the server calculates a Digest for the object, it SHALL compute the digest on the data in the assigned Key Format Type, as well as a digest in the default KMIP Key Format Type for that type of key and the algorithm requested (if a non-default value is specified).


EnclaveECKeyPair = 0x8880_0005,
EnclaveECSharedKey = 0x8880_0006,
CoverCryptSecretKey = 0x8880_000C,
CoverCryptPublicKey = 0x8880_000D,


The Cryptographic Parameters attribute is a structure that contains a set of OPTIONAL fields that describe certain cryptographic parameters to be used when performing cryptographic operations using the object. Specific fields MAY pertain only to certain types of Managed Objects. The Cryptographic Parameters attribute of a Certificate object identifies the cryptographic parameters of the public key contained within the Certificate.

The Cryptographic Algorithm is also used to specify the parameters for cryptographic operations. For operations involving digital signatures, either the Digital Signature Algorithm can be specified or the Cryptographic Algorithm and Hashing Algorithm combination can be specified.

Random IV can be used to request that the KMIP server generate an appropriate IV for a cryptographic operation that uses an IV. The generated Random IV is returned in the response to the cryptographic operation.

IV Length is the length of the Initialization Vector in bits. This parameter SHALL be provided when the specified Block Cipher Mode supports variable IV lengths such as CTR or GCM.

Tag Length is the length of the authenticator tag in bytes. This parameter SHALL be provided when the Block Cipher Mode is GCM.

The IV used with counter modes of operation (e.g., CTR and GCM) cannot repeat for a given cryptographic key. To prevent an IV/key reuse, the IV is often constructed of three parts: a fixed field, an invocation field, and a counter as described in [SP800-38A] and [SP800-38D]. The Fixed Field Length is the length of the fixed field portion of the IV in bits. The Invocation Field Length is the length of the invocation field portion of the IV in bits. The Counter Length is the length of the counter portion of the IV in bits.

Initial Counter Value is the starting counter value for CTR mode (for [RFC3686] it is 1).


CoverCrypt = 0x8880_0004,

Vendor Attributes

All keys managed by the Cosmian KMS server are primarily a KeyMaterial made of bytes. Some keys, typically those of ABE, also carry information regarding the underlying access policies. This information is carried together with the keys using VendorAttributes

Typically a vendor attribute is made of 3 values: a Vendor Identification - always hardcoded to cosmian - and a tuple Attribute Name, Attribute Value. The different attribute names can be seen in the file of the Cloudproof JavaLib.

The attributes names and corresponding values used for a given KeyFormatType are as follows:

  • AbeMasterSecretKey and AbeMasterPublicKey:
    • VENDOR_ATTR_ABE_POLICY = "abe_policy" : the JSONified Policy
  • AbeUserDecryptionKey:
    • VENDOR_ATTR_ABE_ACCESS_POLICY = "abe_access_policy": The JSONified boolean Access Policy of the key

In addition the VENDOR_ATTR_ABE_ATTR = "abe_attributes" name is used in Locate requests to identify User Decryption Keys holding certain Policy Attributes.

© Copyright 2018-2022 Cosmian. All rights reserved