1 /* 2 * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved. 3 */ 4 5 /* Copyright (c) 2002 Graz University of Technology. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright notice, 11 * this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright notice, 14 * this list of conditions and the following disclaimer in the documentation 15 * and/or other materials provided with the distribution. 16 * 17 * 3. The end-user documentation included with the redistribution, if any, must 18 * include the following acknowledgment: 19 * 20 * "This product includes software developed by IAIK of Graz University of 21 * Technology." 22 * 23 * Alternately, this acknowledgment may appear in the software itself, if 24 * and wherever such third-party acknowledgments normally appear. 25 * 26 * 4. The names "Graz University of Technology" and "IAIK of Graz University of 27 * Technology" must not be used to endorse or promote products derived from 28 * this software without prior written permission. 29 * 30 * 5. Products derived from this software may not be called 31 * "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior 32 * written permission of Graz University of Technology. 33 * 34 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED 35 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 36 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE 38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, 41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 45 * POSSIBILITY OF SUCH DAMAGE. 46 */ 47 48 package sun.security.pkcs11.wrapper; 49 50 import java.io.File; 51 import java.io.IOException; 52 import java.util.*; 53 54 import java.security.AccessController; 55 import java.security.PrivilegedAction; 56 57 import sun.security.util.Debug; 58 59 import static sun.security.pkcs11.wrapper.PKCS11Constants.*; 60 61 /** 62 * This is the default implementation of the PKCS11 interface. IT connects to 63 * the pkcs11wrapper.dll file, which is the native part of this library. 64 * The strange and awkward looking initialization was chosen to avoid calling 65 * loadLibrary from a static initialization block, because this would complicate 66 * the use in applets. 67 * 68 * @author Karl Scheibelhofer <Karl.Scheibelhofer@iaik.at> 69 * @author Martin Schlaeffer <schlaeff@sbox.tugraz.at> 70 * @invariants (pkcs11ModulePath_ <> null) 71 */ 72 public class PKCS11 { 73 74 /** 75 * The name of the native part of the wrapper; i.e. the filename without 76 * the extension (e.g. ".DLL" or ".so"). 77 */ 78 private static final String PKCS11_WRAPPER = "j2pkcs11"; 79 80 static { 81 // cannot use LoadLibraryAction because that would make the native 82 // library available to the bootclassloader, but we run in the 83 // extension classloader. 84 AccessController.doPrivileged(new PrivilegedAction<Object>() { 85 public Object run() { 86 System.loadLibrary(PKCS11_WRAPPER); 87 return null; 88 } 89 }); 90 boolean enableDebug = Debug.getInstance("sunpkcs11") != null; 91 initializeLibrary(enableDebug); 92 } 93 94 public static void loadNative() { 95 // dummy method that can be called to make sure the native 96 // portion has been loaded. actual loading happens in the 97 // static initializer, hence this method is empty. 98 } 99 100 /** 101 * The PKCS#11 module to connect to. This is the PKCS#11 driver of the token; 102 * e.g. pk2priv.dll. 103 */ 104 private final String pkcs11ModulePath; 105 106 private long pNativeData; 107 108 /** 109 * This method does the initialization of the native library. It is called 110 * exactly once for this class. 111 * 112 * @preconditions 113 * @postconditions 114 */ 115 private static native void initializeLibrary(boolean debug); 116 117 // XXX 118 /** 119 * This method does the finalization of the native library. It is called 120 * exactly once for this class. The library uses this method for a clean-up 121 * of any resources. 122 * 123 * @preconditions 124 * @postconditions 125 */ 126 private static native void finalizeLibrary(); 127 128 private static final Map<String,PKCS11> moduleMap = 129 new HashMap<String,PKCS11>(); 130 131 /** 132 * Connects to the PKCS#11 driver given. The filename must contain the 133 * path, if the driver is not in the system's search path. 134 * 135 * @param pkcs11ModulePath the PKCS#11 library path 136 * @preconditions (pkcs11ModulePath <> null) 137 * @postconditions 138 */ 139 PKCS11(String pkcs11ModulePath, String functionListName) 140 throws IOException { 141 connect(pkcs11ModulePath, functionListName); 142 this.pkcs11ModulePath = pkcs11ModulePath; 143 } 144 145 public static synchronized PKCS11 getInstance(String pkcs11ModulePath, 146 String functionList, CK_C_INITIALIZE_ARGS pInitArgs, 147 boolean omitInitialize) throws IOException, PKCS11Exception { 148 // we may only call C_Initialize once per native .so/.dll 149 // so keep a cache using the (non-canonicalized!) path 150 PKCS11 pkcs11 = moduleMap.get(pkcs11ModulePath); 151 if (pkcs11 == null) { 152 if ((pInitArgs != null) 153 && ((pInitArgs.flags & CKF_OS_LOCKING_OK) != 0)) { 154 pkcs11 = new PKCS11(pkcs11ModulePath, functionList); 155 } else { 156 pkcs11 = new SynchronizedPKCS11(pkcs11ModulePath, functionList); 157 } 158 if (omitInitialize == false) { 159 try { 160 pkcs11.C_Initialize(pInitArgs); 161 } catch (PKCS11Exception e) { 162 // ignore already-initialized error code 163 // rethrow all other errors 164 if (e.getErrorCode() != CKR_CRYPTOKI_ALREADY_INITIALIZED) { 165 throw e; 166 } 167 } 168 } 169 moduleMap.put(pkcs11ModulePath, pkcs11); 170 } 171 return pkcs11; 172 } 173 174 /** 175 * Connects this object to the specified PKCS#11 library. This method is for 176 * internal use only. 177 * Declared private, because incorrect handling may result in errors in the 178 * native part. 179 * 180 * @param pkcs11ModulePath The PKCS#11 library path. 181 * @preconditions (pkcs11ModulePath <> null) 182 * @postconditions 183 */ 184 private native void connect(String pkcs11ModulePath, String functionListName) 185 throws IOException; 186 187 /** 188 * Disconnects the PKCS#11 library from this object. After calling this 189 * method, this object is no longer connected to a native PKCS#11 module 190 * and any subsequent calls to C_ methods will fail. This method is for 191 * internal use only. 192 * Declared private, because incorrect handling may result in errors in the 193 * native part. 194 * 195 * @preconditions 196 * @postconditions 197 */ 198 private native void disconnect(); 199 200 201 // Implementation of PKCS11 methods delegated to native pkcs11wrapper library 202 203 /* ***************************************************************************** 204 * General-purpose 205 ******************************************************************************/ 206 207 /** 208 * C_Initialize initializes the Cryptoki library. 209 * (General-purpose) 210 * 211 * @param pInitArgs if pInitArgs is not NULL it gets casted to 212 * CK_C_INITIALIZE_ARGS_PTR and dereferenced 213 * (PKCS#11 param: CK_VOID_PTR pInitArgs) 214 * @exception PKCS11Exception If function returns other value than CKR_OK. 215 * @preconditions 216 * @postconditions 217 */ 218 native void C_Initialize(Object pInitArgs) throws PKCS11Exception; 219 220 /** 221 * C_Finalize indicates that an application is done with the 222 * Cryptoki library 223 * (General-purpose) 224 * 225 * @param pReserved is reserved. Should be NULL_PTR 226 * (PKCS#11 param: CK_VOID_PTR pReserved) 227 * @exception PKCS11Exception If function returns other value than CKR_OK. 228 * @preconditions (pReserved == null) 229 * @postconditions 230 */ 231 public native void C_Finalize(Object pReserved) throws PKCS11Exception; 232 233 234 /** 235 * C_GetInfo returns general information about Cryptoki. 236 * (General-purpose) 237 * 238 * @return the information. 239 * (PKCS#11 param: CK_INFO_PTR pInfo) 240 * @exception PKCS11Exception If function returns other value than CKR_OK. 241 * @preconditions 242 * @postconditions (result <> null) 243 */ 244 public native CK_INFO C_GetInfo() throws PKCS11Exception; 245 246 247 /* ***************************************************************************** 248 * Slot and token management 249 ******************************************************************************/ 250 251 /** 252 * C_GetSlotList obtains a list of slots in the system. 253 * (Slot and token management) 254 * 255 * @param tokenPresent if true only Slot IDs with a token are returned 256 * (PKCS#11 param: CK_BBOOL tokenPresent) 257 * @return a long array of slot IDs and number of Slot IDs 258 * (PKCS#11 param: CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) 259 * @exception PKCS11Exception If function returns other value than CKR_OK. 260 * @preconditions 261 * @postconditions (result <> null) 262 */ 263 public native long[] C_GetSlotList(boolean tokenPresent) 264 throws PKCS11Exception; 265 266 267 /** 268 * C_GetSlotInfo obtains information about a particular slot in 269 * the system. 270 * (Slot and token management) 271 * 272 * @param slotID the ID of the slot 273 * (PKCS#11 param: CK_SLOT_ID slotID) 274 * @return the slot information 275 * (PKCS#11 param: CK_SLOT_INFO_PTR pInfo) 276 * @exception PKCS11Exception If function returns other value than CKR_OK. 277 * @preconditions 278 * @postconditions (result <> null) 279 */ 280 public native CK_SLOT_INFO C_GetSlotInfo(long slotID) throws PKCS11Exception; 281 282 283 /** 284 * C_GetTokenInfo obtains information about a particular token 285 * in the system. 286 * (Slot and token management) 287 * 288 * @param slotID ID of the token's slot 289 * (PKCS#11 param: CK_SLOT_ID slotID) 290 * @return the token information 291 * (PKCS#11 param: CK_TOKEN_INFO_PTR pInfo) 292 * @exception PKCS11Exception If function returns other value than CKR_OK. 293 * @preconditions 294 * @postconditions (result <> null) 295 */ 296 public native CK_TOKEN_INFO C_GetTokenInfo(long slotID) 297 throws PKCS11Exception; 298 299 300 /** 301 * C_GetMechanismList obtains a list of mechanism types 302 * supported by a token. 303 * (Slot and token management) 304 * 305 * @param slotID ID of the token's slot 306 * (PKCS#11 param: CK_SLOT_ID slotID) 307 * @return a long array of mechanism types and number of mechanism types 308 * (PKCS#11 param: CK_MECHANISM_TYPE_PTR pMechanismList, 309 * CK_ULONG_PTR pulCount) 310 * @exception PKCS11Exception If function returns other value than CKR_OK. 311 * @preconditions 312 * @postconditions (result <> null) 313 */ 314 public native long[] C_GetMechanismList(long slotID) throws PKCS11Exception; 315 316 317 /** 318 * C_GetMechanismInfo obtains information about a particular 319 * mechanism possibly supported by a token. 320 * (Slot and token management) 321 * 322 * @param slotID ID of the token's slot 323 * (PKCS#11 param: CK_SLOT_ID slotID) 324 * @param type type of mechanism 325 * (PKCS#11 param: CK_MECHANISM_TYPE type) 326 * @return the mechanism info 327 * (PKCS#11 param: CK_MECHANISM_INFO_PTR pInfo) 328 * @exception PKCS11Exception If function returns other value than CKR_OK. 329 * @preconditions 330 * @postconditions (result <> null) 331 */ 332 public native CK_MECHANISM_INFO C_GetMechanismInfo(long slotID, long type) 333 throws PKCS11Exception; 334 335 336 /** 337 * C_InitToken initializes a token. 338 * (Slot and token management) 339 * 340 * @param slotID ID of the token's slot 341 * (PKCS#11 param: CK_SLOT_ID slotID) 342 * @param pPin the SO's initial PIN and the length in bytes of the PIN 343 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen) 344 * @param pLabel 32-byte token label (blank padded) 345 * (PKCS#11 param: CK_UTF8CHAR_PTR pLabel) 346 * @exception PKCS11Exception If function returns other value than CKR_OK. 347 * @preconditions 348 * @postconditions 349 */ 350 // public native void C_InitToken(long slotID, char[] pPin, char[] pLabel) 351 // throws PKCS11Exception; 352 353 354 /** 355 * C_InitPIN initializes the normal user's PIN. 356 * (Slot and token management) 357 * 358 * @param hSession the session's handle 359 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 360 * @param pPin the normal user's PIN and the length in bytes of the PIN 361 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen) 362 * @exception PKCS11Exception If function returns other value than CKR_OK. 363 * @preconditions 364 * @postconditions 365 */ 366 // public native void C_InitPIN(long hSession, char[] pPin) 367 // throws PKCS11Exception; 368 369 370 /** 371 * C_SetPIN modifies the PIN of the user who is logged in. 372 * (Slot and token management) 373 * 374 * @param hSession the session's handle 375 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 376 * @param pOldPin the old PIN and the length of the old PIN 377 * (PKCS#11 param: CK_CHAR_PTR pOldPin, CK_ULONG ulOldLen) 378 * @param pNewPin the new PIN and the length of the new PIN 379 * (PKCS#11 param: CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen) 380 * @exception PKCS11Exception If function returns other value than CKR_OK. 381 * @preconditions 382 * @postconditions 383 */ 384 // public native void C_SetPIN(long hSession, char[] pOldPin, char[] pNewPin) 385 // throws PKCS11Exception; 386 387 388 389 /* ***************************************************************************** 390 * Session management 391 ******************************************************************************/ 392 393 /** 394 * C_OpenSession opens a session between an application and a 395 * token. 396 * (Session management) 397 * 398 * @param slotID the slot's ID 399 * (PKCS#11 param: CK_SLOT_ID slotID) 400 * @param flags of CK_SESSION_INFO 401 * (PKCS#11 param: CK_FLAGS flags) 402 * @param pApplication passed to callback 403 * (PKCS#11 param: CK_VOID_PTR pApplication) 404 * @param Notify the callback function 405 * (PKCS#11 param: CK_NOTIFY Notify) 406 * @return the session handle 407 * (PKCS#11 param: CK_SESSION_HANDLE_PTR phSession) 408 * @exception PKCS11Exception If function returns other value than CKR_OK. 409 * @preconditions 410 * @postconditions 411 */ 412 public native long C_OpenSession(long slotID, long flags, 413 Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception; 414 415 416 /** 417 * C_CloseSession closes a session between an application and a 418 * token. 419 * (Session management) 420 * 421 * @param hSession the session's handle 422 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 423 * @exception PKCS11Exception If function returns other value than CKR_OK. 424 * @preconditions 425 * @postconditions 426 */ 427 public native void C_CloseSession(long hSession) throws PKCS11Exception; 428 429 430 /** 431 * C_CloseAllSessions closes all sessions with a token. 432 * (Session management) 433 * 434 * @param slotID the ID of the token's slot 435 * (PKCS#11 param: CK_SLOT_ID slotID) 436 * @exception PKCS11Exception If function returns other value than CKR_OK. 437 * @preconditions 438 * @postconditions 439 */ 440 // public native void C_CloseAllSessions(long slotID) throws PKCS11Exception; 441 442 443 /** 444 * C_GetSessionInfo obtains information about the session. 445 * (Session management) 446 * 447 * @param hSession the session's handle 448 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 449 * @return the session info 450 * (PKCS#11 param: CK_SESSION_INFO_PTR pInfo) 451 * @exception PKCS11Exception If function returns other value than CKR_OK. 452 * @preconditions 453 * @postconditions (result <> null) 454 */ 455 public native CK_SESSION_INFO C_GetSessionInfo(long hSession) 456 throws PKCS11Exception; 457 458 459 /** 460 * C_GetOperationState obtains the state of the cryptographic operation 461 * in a session. 462 * (Session management) 463 * 464 * @param hSession session's handle 465 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 466 * @return the state and the state length 467 * (PKCS#11 param: CK_BYTE_PTR pOperationState, 468 * CK_ULONG_PTR pulOperationStateLen) 469 * @exception PKCS11Exception If function returns other value than CKR_OK. 470 * @preconditions 471 * @postconditions (result <> null) 472 */ 473 public native byte[] C_GetOperationState(long hSession) 474 throws PKCS11Exception; 475 476 477 /** 478 * C_SetOperationState restores the state of the cryptographic 479 * operation in a session. 480 * (Session management) 481 * 482 * @param hSession session's handle 483 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 484 * @param pOperationState the state and the state length 485 * (PKCS#11 param: CK_BYTE_PTR pOperationState, 486 * CK_ULONG ulOperationStateLen) 487 * @param hEncryptionKey en/decryption key 488 * (PKCS#11 param: CK_OBJECT_HANDLE hEncryptionKey) 489 * @param hAuthenticationKey sign/verify key 490 * (PKCS#11 param: CK_OBJECT_HANDLE hAuthenticationKey) 491 * @exception PKCS11Exception If function returns other value than CKR_OK. 492 * @preconditions 493 * @postconditions 494 */ 495 public native void C_SetOperationState(long hSession, byte[] pOperationState, 496 long hEncryptionKey, long hAuthenticationKey) throws PKCS11Exception; 497 498 499 /** 500 * C_Login logs a user into a token. 501 * (Session management) 502 * 503 * @param hSession the session's handle 504 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 505 * @param userType the user type 506 * (PKCS#11 param: CK_USER_TYPE userType) 507 * @param pPin the user's PIN and the length of the PIN 508 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen) 509 * @exception PKCS11Exception If function returns other value than CKR_OK. 510 * @preconditions 511 * @postconditions 512 */ 513 public native void C_Login(long hSession, long userType, char[] pPin) 514 throws PKCS11Exception; 515 516 517 /** 518 * C_Logout logs a user out from a token. 519 * (Session management) 520 * 521 * @param hSession the session's handle 522 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 523 * @exception PKCS11Exception If function returns other value than CKR_OK. 524 * @preconditions 525 * @postconditions 526 */ 527 public native void C_Logout(long hSession) throws PKCS11Exception; 528 529 530 531 /* ***************************************************************************** 532 * Object management 533 ******************************************************************************/ 534 535 /** 536 * C_CreateObject creates a new object. 537 * (Object management) 538 * 539 * @param hSession the session's handle 540 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 541 * @param pTemplate the object's template and number of attributes in 542 * template 543 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 544 * @return the object's handle 545 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phObject) 546 * @exception PKCS11Exception If function returns other value than CKR_OK. 547 * @preconditions 548 * @postconditions 549 */ 550 public native long C_CreateObject(long hSession, CK_ATTRIBUTE[] pTemplate) 551 throws PKCS11Exception; 552 553 554 /** 555 * C_CopyObject copies an object, creating a new object for the 556 * copy. 557 * (Object management) 558 * 559 * @param hSession the session's handle 560 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 561 * @param hObject the object's handle 562 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 563 * @param pTemplate the template for the new object and number of attributes 564 * in template 565 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 566 * @return the handle of the copy 567 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phNewObject) 568 * @exception PKCS11Exception If function returns other value than CKR_OK. 569 * @preconditions 570 * @postconditions 571 */ 572 public native long C_CopyObject(long hSession, long hObject, 573 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 574 575 576 /** 577 * C_DestroyObject destroys an object. 578 * (Object management) 579 * 580 * @param hSession the session's handle 581 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 582 * @param hObject the object's handle 583 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 584 * @exception PKCS11Exception If function returns other value than CKR_OK. 585 * @preconditions 586 * @postconditions 587 */ 588 public native void C_DestroyObject(long hSession, long hObject) 589 throws PKCS11Exception; 590 591 592 /** 593 * C_GetObjectSize gets the size of an object in bytes. 594 * (Object management) 595 * 596 * @param hSession the session's handle 597 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 598 * @param hObject the object's handle 599 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 600 * @return the size of the object 601 * (PKCS#11 param: CK_ULONG_PTR pulSize) 602 * @exception PKCS11Exception If function returns other value than CKR_OK. 603 * @preconditions 604 * @postconditions 605 */ 606 // public native long C_GetObjectSize(long hSession, long hObject) 607 // throws PKCS11Exception; 608 609 610 /** 611 * C_GetAttributeValue obtains the value of one or more object 612 * attributes. The template attributes also receive the values. 613 * (Object management) 614 * note: in PKCS#11 pTemplate and the result template are the same 615 * 616 * @param hSession the session's handle 617 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 618 * @param hObject the object's handle 619 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 620 * @param pTemplate specifies the attributes and number of attributes to get 621 * The template attributes also receive the values. 622 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 623 * @exception PKCS11Exception If function returns other value than CKR_OK. 624 * @preconditions (pTemplate <> null) 625 * @postconditions (result <> null) 626 */ 627 public native void C_GetAttributeValue(long hSession, long hObject, 628 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 629 630 631 /** 632 * C_SetAttributeValue modifies the value of one or more object 633 * attributes 634 * (Object management) 635 * 636 * @param hSession the session's handle 637 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 638 * @param hObject the object's handle 639 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 640 * @param pTemplate specifies the attributes and values to get; number of 641 * attributes in the template 642 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 643 * @exception PKCS11Exception If function returns other value than CKR_OK. 644 * @preconditions (pTemplate <> null) 645 * @postconditions 646 */ 647 public native void C_SetAttributeValue(long hSession, long hObject, 648 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 649 650 651 /** 652 * C_FindObjectsInit initializes a search for token and session 653 * objects that match a template. 654 * (Object management) 655 * 656 * @param hSession the session's handle 657 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 658 * @param pTemplate the object's attribute values to match and the number of 659 * attributes in search template 660 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 661 * @exception PKCS11Exception If function returns other value than CKR_OK. 662 * @preconditions 663 * @postconditions 664 */ 665 public native void C_FindObjectsInit(long hSession, CK_ATTRIBUTE[] pTemplate) 666 throws PKCS11Exception; 667 668 669 /** 670 * C_FindObjects continues a search for token and session 671 * objects that match a template, obtaining additional object 672 * handles. 673 * (Object management) 674 * 675 * @param hSession the session's handle 676 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 677 * @param ulMaxObjectCount the max. object handles to get 678 * (PKCS#11 param: CK_ULONG ulMaxObjectCount) 679 * @return the object's handles and the actual number of objects returned 680 * (PKCS#11 param: CK_ULONG_PTR pulObjectCount) 681 * @exception PKCS11Exception If function returns other value than CKR_OK. 682 * @preconditions 683 * @postconditions (result <> null) 684 */ 685 public native long[] C_FindObjects(long hSession, long ulMaxObjectCount) 686 throws PKCS11Exception; 687 688 689 /** 690 * C_FindObjectsFinal finishes a search for token and session 691 * objects. 692 * (Object management) 693 * 694 * @param hSession the session's handle 695 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 696 * @exception PKCS11Exception If function returns other value than CKR_OK. 697 * @preconditions 698 * @postconditions 699 */ 700 public native void C_FindObjectsFinal(long hSession) throws PKCS11Exception; 701 702 703 704 /* ***************************************************************************** 705 * Encryption and decryption 706 ******************************************************************************/ 707 708 /** 709 * C_EncryptInit initializes an encryption operation. 710 * (Encryption and decryption) 711 * 712 * @param hSession the session's handle 713 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 714 * @param pMechanism the encryption mechanism 715 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 716 * @param hKey the handle of the encryption key 717 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 718 * @exception PKCS11Exception If function returns other value than CKR_OK. 719 * @preconditions 720 * @postconditions 721 */ 722 public native void C_EncryptInit(long hSession, CK_MECHANISM pMechanism, 723 long hKey) throws PKCS11Exception; 724 725 726 /** 727 * C_Encrypt encrypts single-part data. 728 * (Encryption and decryption) 729 * 730 * @param hSession the session's handle 731 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 732 * @param pData the data to get encrypted and the data's length 733 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 734 * @return the encrypted data and the encrypted data's length 735 * (PKCS#11 param: CK_BYTE_PTR pEncryptedData, 736 * CK_ULONG_PTR pulEncryptedDataLen) 737 * @exception PKCS11Exception If function returns other value than CKR_OK. 738 * @preconditions (pData <> null) 739 * @postconditions (result <> null) 740 */ 741 public native int C_Encrypt(long hSession, byte[] in, int inOfs, int inLen, 742 byte[] out, int outOfs, int outLen) throws PKCS11Exception; 743 744 745 /** 746 * C_EncryptUpdate continues a multiple-part encryption 747 * operation. 748 * (Encryption and decryption) 749 * 750 * @param hSession the session's handle 751 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 752 * @param pPart the data part to get encrypted and the data part's length 753 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 754 * @return the encrypted data part and the encrypted data part's length 755 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 756 CK_ULONG_PTR pulEncryptedPartLen) 757 * @exception PKCS11Exception If function returns other value than CKR_OK. 758 * @preconditions (pPart <> null) 759 * @postconditions 760 */ 761 public native int C_EncryptUpdate(long hSession, long directIn, byte[] in, 762 int inOfs, int inLen, long directOut, byte[] out, int outOfs, 763 int outLen) throws PKCS11Exception; 764 765 766 /** 767 * C_EncryptFinal finishes a multiple-part encryption 768 * operation. 769 * (Encryption and decryption) 770 * 771 * @param hSession the session's handle 772 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 773 * @return the last encrypted data part and the last data part's length 774 * (PKCS#11 param: CK_BYTE_PTR pLastEncryptedPart, 775 CK_ULONG_PTR pulLastEncryptedPartLen) 776 * @exception PKCS11Exception If function returns other value than CKR_OK. 777 * @preconditions 778 * @postconditions (result <> null) 779 */ 780 public native int C_EncryptFinal(long hSession, long directOut, byte[] out, 781 int outOfs, int outLen) throws PKCS11Exception; 782 783 784 /** 785 * C_DecryptInit initializes a decryption operation. 786 * (Encryption and decryption) 787 * 788 * @param hSession the session's handle 789 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 790 * @param pMechanism the decryption mechanism 791 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 792 * @param hKey the handle of the decryption key 793 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 794 * @exception PKCS11Exception If function returns other value than CKR_OK. 795 * @preconditions 796 * @postconditions 797 */ 798 public native void C_DecryptInit(long hSession, CK_MECHANISM pMechanism, 799 long hKey) throws PKCS11Exception; 800 801 802 /** 803 * C_Decrypt decrypts encrypted data in a single part. 804 * (Encryption and decryption) 805 * 806 * @param hSession the session's handle 807 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 808 * @param pEncryptedData the encrypted data to get decrypted and the 809 * encrypted data's length 810 * (PKCS#11 param: CK_BYTE_PTR pEncryptedData, 811 * CK_ULONG ulEncryptedDataLen) 812 * @return the decrypted data and the data's length 813 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) 814 * @exception PKCS11Exception If function returns other value than CKR_OK. 815 * @preconditions (pEncryptedPart <> null) 816 * @postconditions (result <> null) 817 */ 818 public native int C_Decrypt(long hSession, byte[] in, int inOfs, int inLen, 819 byte[] out, int outOfs, int outLen) throws PKCS11Exception; 820 821 822 /** 823 * C_DecryptUpdate continues a multiple-part decryption 824 * operation. 825 * (Encryption and decryption) 826 * 827 * @param hSession the session's handle 828 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 829 * @param pEncryptedPart the encrypted data part to get decrypted and the 830 * encrypted data part's length 831 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 832 * CK_ULONG ulEncryptedPartLen) 833 * @return the decrypted data part and the data part's length 834 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) 835 * @exception PKCS11Exception If function returns other value than CKR_OK. 836 * @preconditions (pEncryptedPart <> null) 837 * @postconditions 838 */ 839 public native int C_DecryptUpdate(long hSession, long directIn, byte[] in, 840 int inOfs, int inLen, long directOut, byte[] out, int outOfs, 841 int outLen) throws PKCS11Exception; 842 843 844 /** 845 * C_DecryptFinal finishes a multiple-part decryption 846 * operation. 847 * (Encryption and decryption) 848 * 849 * @param hSession the session's handle 850 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 851 * @return the last decrypted data part and the last data part's length 852 * (PKCS#11 param: CK_BYTE_PTR pLastPart, 853 * CK_ULONG_PTR pulLastPartLen) 854 * @exception PKCS11Exception If function returns other value than CKR_OK. 855 * @preconditions 856 * @postconditions (result <> null) 857 */ 858 public native int C_DecryptFinal(long hSession, long directOut, byte[] out, 859 int outOfs, int outLen) throws PKCS11Exception; 860 861 862 863 /* ***************************************************************************** 864 * Message digesting 865 ******************************************************************************/ 866 867 /** 868 * C_DigestInit initializes a message-digesting operation. 869 * (Message digesting) 870 * 871 * @param hSession the session's handle 872 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 873 * @param pMechanism the digesting mechanism 874 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 875 * @exception PKCS11Exception If function returns other value than CKR_OK. 876 * @preconditions 877 * @postconditions 878 */ 879 public native void C_DigestInit(long hSession, CK_MECHANISM pMechanism) 880 throws PKCS11Exception; 881 882 883 // note that C_DigestSingle does not exist in PKCS#11 884 // we combined the C_DigestInit and C_Digest into a single function 885 // to save on Java<->C transitions and save 5-10% on small digests 886 // this made the C_Digest method redundant, it has been removed 887 /** 888 * C_Digest digests data in a single part. 889 * (Message digesting) 890 * 891 * @param hSession the session's handle 892 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 893 * @param data the data to get digested and the data's length 894 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 895 * @return the message digest and the length of the message digest 896 * (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) 897 * @exception PKCS11Exception If function returns other value than CKR_OK. 898 * @preconditions (data <> null) 899 * @postconditions (result <> null) 900 */ 901 public native int C_DigestSingle(long hSession, CK_MECHANISM pMechanism, 902 byte[] in, int inOfs, int inLen, byte[] digest, int digestOfs, 903 int digestLen) throws PKCS11Exception; 904 905 906 /** 907 * C_DigestUpdate continues a multiple-part message-digesting 908 * operation. 909 * (Message digesting) 910 * 911 * @param hSession the session's handle 912 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 913 * @param pPart the data to get digested and the data's length 914 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 915 * @exception PKCS11Exception If function returns other value than CKR_OK. 916 * @preconditions (pPart <> null) 917 * @postconditions 918 */ 919 public native void C_DigestUpdate(long hSession, long directIn, byte[] in, 920 int inOfs, int inLen) throws PKCS11Exception; 921 922 923 /** 924 * C_DigestKey continues a multi-part message-digesting 925 * operation, by digesting the value of a secret key as part of 926 * the data already digested. 927 * (Message digesting) 928 * 929 * @param hSession the session's handle 930 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 931 * @param hKey the handle of the secret key to be digested 932 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 933 * @exception PKCS11Exception If function returns other value than CKR_OK. 934 * @preconditions 935 * @postconditions 936 */ 937 public native void C_DigestKey(long hSession, long hKey) 938 throws PKCS11Exception; 939 940 941 /** 942 * C_DigestFinal finishes a multiple-part message-digesting 943 * operation. 944 * (Message digesting) 945 * 946 * @param hSession the session's handle 947 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 948 * @return the message digest and the length of the message digest 949 * (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) 950 * @exception PKCS11Exception If function returns other value than CKR_OK. 951 * @preconditions 952 * @postconditions (result <> null) 953 */ 954 public native int C_DigestFinal(long hSession, byte[] pDigest, int digestOfs, 955 int digestLen) throws PKCS11Exception; 956 957 958 959 /* ***************************************************************************** 960 * Signing and MACing 961 ******************************************************************************/ 962 963 /** 964 * C_SignInit initializes a signature (private key encryption) 965 * operation, where the signature is (will be) an appendix to 966 * the data, and plaintext cannot be recovered from the 967 * signature. 968 * (Signing and MACing) 969 * 970 * @param hSession the session's handle 971 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 972 * @param pMechanism the signature mechanism 973 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 974 * @param hKey the handle of the signature key 975 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 976 * @exception PKCS11Exception If function returns other value than CKR_OK. 977 * @preconditions 978 * @postconditions 979 */ 980 public native void C_SignInit(long hSession, CK_MECHANISM pMechanism, 981 long hKey) throws PKCS11Exception; 982 983 984 /** 985 * C_Sign signs (encrypts with private key) data in a single 986 * part, where the signature is (will be) an appendix to the 987 * data, and plaintext cannot be recovered from the signature. 988 * (Signing and MACing) 989 * 990 * @param hSession the session's handle 991 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 992 * @param pData the data to sign and the data's length 993 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 994 * @return the signature and the signature's length 995 * (PKCS#11 param: CK_BYTE_PTR pSignature, 996 * CK_ULONG_PTR pulSignatureLen) 997 * @exception PKCS11Exception If function returns other value than CKR_OK. 998 * @preconditions (pData <> null) 999 * @postconditions (result <> null) 1000 */ 1001 public native byte[] C_Sign(long hSession, byte[] pData) 1002 throws PKCS11Exception; 1003 1004 1005 /** 1006 * C_SignUpdate continues a multiple-part signature operation, 1007 * where the signature is (will be) an appendix to the data, 1008 * and plaintext cannot be recovered from the signature. 1009 * (Signing and MACing) 1010 * 1011 * @param hSession the session's handle 1012 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1013 * @param pPart the data part to sign and the data part's length 1014 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1015 * @exception PKCS11Exception If function returns other value than CKR_OK. 1016 * @preconditions (pPart <> null) 1017 * @postconditions 1018 */ 1019 public native void C_SignUpdate(long hSession, long directIn, byte[] in, 1020 int inOfs, int inLen) throws PKCS11Exception; 1021 1022 1023 /** 1024 * C_SignFinal finishes a multiple-part signature operation, 1025 * returning the signature. 1026 * (Signing and MACing) 1027 * 1028 * @param hSession the session's handle 1029 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1030 * @return the signature and the signature's length 1031 * (PKCS#11 param: CK_BYTE_PTR pSignature, 1032 * CK_ULONG_PTR pulSignatureLen) 1033 * @exception PKCS11Exception If function returns other value than CKR_OK. 1034 * @preconditions 1035 * @postconditions (result <> null) 1036 */ 1037 public native byte[] C_SignFinal(long hSession, int expectedLen) 1038 throws PKCS11Exception; 1039 1040 1041 /** 1042 * C_SignRecoverInit initializes a signature operation, where 1043 * the data can be recovered from the signature. 1044 * (Signing and MACing) 1045 * 1046 * @param hSession the session's handle 1047 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1048 * @param pMechanism the signature mechanism 1049 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1050 * @param hKey the handle of the signature key 1051 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1052 * @exception PKCS11Exception If function returns other value than CKR_OK. 1053 * @preconditions 1054 * @postconditions 1055 */ 1056 public native void C_SignRecoverInit(long hSession, CK_MECHANISM pMechanism, 1057 long hKey) throws PKCS11Exception; 1058 1059 1060 /** 1061 * C_SignRecover signs data in a single operation, where the 1062 * data can be recovered from the signature. 1063 * (Signing and MACing) 1064 * 1065 * @param hSession the session's handle 1066 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1067 * @param pData the data to sign and the data's length 1068 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 1069 * @return the signature and the signature's length 1070 * (PKCS#11 param: CK_BYTE_PTR pSignature, 1071 * CK_ULONG_PTR pulSignatureLen) 1072 * @exception PKCS11Exception If function returns other value than CKR_OK. 1073 * @preconditions (pData <> null) 1074 * @postconditions (result <> null) 1075 */ 1076 public native int C_SignRecover(long hSession, byte[] in, int inOfs, 1077 int inLen, byte[] out, int outOufs, int outLen) 1078 throws PKCS11Exception; 1079 1080 1081 1082 /* ***************************************************************************** 1083 * Verifying signatures and MACs 1084 ******************************************************************************/ 1085 1086 /** 1087 * C_VerifyInit initializes a verification operation, where the 1088 * signature is an appendix to the data, and plaintext cannot 1089 * cannot be recovered from the signature (e.g. DSA). 1090 * (Signing and MACing) 1091 * 1092 * @param hSession the session's handle 1093 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1094 * @param pMechanism the verification mechanism 1095 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1096 * @param hKey the handle of the verification key 1097 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1098 * @exception PKCS11Exception If function returns other value than CKR_OK. 1099 * @preconditions 1100 * @postconditions 1101 */ 1102 public native void C_VerifyInit(long hSession, CK_MECHANISM pMechanism, 1103 long hKey) throws PKCS11Exception; 1104 1105 1106 /** 1107 * C_Verify verifies a signature in a single-part operation, 1108 * where the signature is an appendix to the data, and plaintext 1109 * cannot be recovered from the signature. 1110 * (Signing and MACing) 1111 * 1112 * @param hSession the session's handle 1113 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1114 * @param pData the signed data and the signed data's length 1115 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 1116 * @param pSignature the signature to verify and the signature's length 1117 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) 1118 * @exception PKCS11Exception If function returns other value than CKR_OK. 1119 * @preconditions (pData <> null) and (pSignature <> null) 1120 * @postconditions 1121 */ 1122 public native void C_Verify(long hSession, byte[] pData, byte[] pSignature) 1123 throws PKCS11Exception; 1124 1125 1126 /** 1127 * C_VerifyUpdate continues a multiple-part verification 1128 * operation, where the signature is an appendix to the data, 1129 * and plaintext cannot be recovered from the signature. 1130 * (Signing and MACing) 1131 * 1132 * @param hSession the session's handle 1133 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1134 * @param pPart the signed data part and the signed data part's length 1135 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1136 * @exception PKCS11Exception If function returns other value than CKR_OK. 1137 * @preconditions (pPart <> null) 1138 * @postconditions 1139 */ 1140 public native void C_VerifyUpdate(long hSession, long directIn, byte[] in, 1141 int inOfs, int inLen) throws PKCS11Exception; 1142 1143 1144 /** 1145 * C_VerifyFinal finishes a multiple-part verification 1146 * operation, checking the signature. 1147 * (Signing and MACing) 1148 * 1149 * @param hSession the session's handle 1150 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1151 * @param pSignature the signature to verify and the signature's length 1152 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) 1153 * @exception PKCS11Exception If function returns other value than CKR_OK. 1154 * @preconditions (pSignature <> null) 1155 * @postconditions 1156 */ 1157 public native void C_VerifyFinal(long hSession, byte[] pSignature) 1158 throws PKCS11Exception; 1159 1160 1161 /** 1162 * C_VerifyRecoverInit initializes a signature verification 1163 * operation, where the data is recovered from the signature. 1164 * (Signing and MACing) 1165 * 1166 * @param hSession the session's handle 1167 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1168 * @param pMechanism the verification mechanism 1169 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1170 * @param hKey the handle of the verification key 1171 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1172 * @exception PKCS11Exception If function returns other value than CKR_OK. 1173 * @preconditions 1174 * @postconditions 1175 */ 1176 public native void C_VerifyRecoverInit(long hSession, 1177 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception; 1178 1179 1180 /** 1181 * C_VerifyRecover verifies a signature in a single-part 1182 * operation, where the data is recovered from the signature. 1183 * (Signing and MACing) 1184 * 1185 * @param hSession the session's handle 1186 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1187 * @param pSignature the signature to verify and the signature's length 1188 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) 1189 * @return the recovered data and the recovered data's length 1190 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) 1191 * @exception PKCS11Exception If function returns other value than CKR_OK. 1192 * @preconditions (pSignature <> null) 1193 * @postconditions (result <> null) 1194 */ 1195 public native int C_VerifyRecover(long hSession, byte[] in, int inOfs, 1196 int inLen, byte[] out, int outOufs, int outLen) 1197 throws PKCS11Exception; 1198 1199 1200 1201 /* ***************************************************************************** 1202 * Dual-function cryptographic operations 1203 ******************************************************************************/ 1204 1205 /** 1206 * C_DigestEncryptUpdate continues a multiple-part digesting 1207 * and encryption operation. 1208 * (Dual-function cryptographic operations) 1209 * 1210 * @param hSession the session's handle 1211 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1212 * @param pPart the data part to digest and to encrypt and the data's length 1213 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1214 * @return the digested and encrypted data part and the data part's length 1215 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1216 * CK_ULONG_PTR pulEncryptedPartLen) 1217 * @exception PKCS11Exception If function returns other value than CKR_OK. 1218 * @preconditions (pPart <> null) 1219 * @postconditions 1220 */ 1221 // public native byte[] C_DigestEncryptUpdate(long hSession, byte[] pPart) 1222 // throws PKCS11Exception; 1223 1224 1225 /** 1226 * C_DecryptDigestUpdate continues a multiple-part decryption and 1227 * digesting operation. 1228 * (Dual-function cryptographic operations) 1229 * 1230 * @param hSession the session's handle 1231 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1232 * @param pEncryptedPart the encrypted data part to decrypt and to digest 1233 * and encrypted data part's length 1234 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1235 * CK_ULONG ulEncryptedPartLen) 1236 * @return the decrypted and digested data part and the data part's length 1237 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) 1238 * @exception PKCS11Exception If function returns other value than CKR_OK. 1239 * @preconditions (pEncryptedPart <> null) 1240 * @postconditions 1241 */ 1242 // public native byte[] C_DecryptDigestUpdate(long hSession, 1243 // byte[] pEncryptedPart) throws PKCS11Exception; 1244 1245 1246 /** 1247 * C_SignEncryptUpdate continues a multiple-part signing and 1248 * encryption operation. 1249 * (Dual-function cryptographic operations) 1250 * 1251 * @param hSession the session's handle 1252 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1253 * @param pPart the data part to sign and to encrypt and the data part's 1254 * length 1255 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1256 * @return the signed and encrypted data part and the data part's length 1257 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1258 * CK_ULONG_PTR pulEncryptedPartLen) 1259 * @exception PKCS11Exception If function returns other value than CKR_OK. 1260 * @preconditions (pPart <> null) 1261 * @postconditions 1262 */ 1263 // public native byte[] C_SignEncryptUpdate(long hSession, byte[] pPart) 1264 // throws PKCS11Exception; 1265 1266 1267 /** 1268 * C_DecryptVerifyUpdate continues a multiple-part decryption and 1269 * verify operation. 1270 * (Dual-function cryptographic operations) 1271 * 1272 * @param hSession the session's handle 1273 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1274 * @param pEncryptedPart the encrypted data part to decrypt and to verify 1275 * and the data part's length 1276 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1277 * CK_ULONG ulEncryptedPartLen) 1278 * @return the decrypted and verified data part and the data part's length 1279 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) 1280 * @exception PKCS11Exception If function returns other value than CKR_OK. 1281 * @preconditions (pEncryptedPart <> null) 1282 * @postconditions 1283 */ 1284 // public native byte[] C_DecryptVerifyUpdate(long hSession, 1285 // byte[] pEncryptedPart) throws PKCS11Exception; 1286 1287 1288 1289 /* ***************************************************************************** 1290 * Key management 1291 ******************************************************************************/ 1292 1293 /** 1294 * getNativeKeyInfo gets the key object attributes and values as an opaque 1295 * byte array to be used in createNativeKey method. 1296 * (Key management) 1297 * 1298 * @param hSession the session's handle 1299 * @param hKey key's handle 1300 * @param hWrappingKey wrapping key's handle to extract sensible keys. -1 if not used. 1301 * @return an opaque byte array containing the key object attributes and values 1302 * @exception PKCS11Exception If an internal PKCS#11 function returns other 1303 * value than CKR_OK. 1304 * @preconditions 1305 * @postconditions 1306 */ 1307 public native byte[] getNativeKeyInfo(long hSession, long hKey, long hWrappingKey) throws PKCS11Exception; 1308 1309 /** 1310 * createNativeKey creates a key object with attributes and values specified 1311 * by parameter as an opaque byte array. 1312 * (Key management) 1313 * 1314 * @param hSession the session's handle 1315 * @param keyInfo opaque byte array containing key object attributes and values 1316 * @param hWrappingKey wrapping key's handle for extracted sensible keys. -1 if not used. 1317 * @return key object handle 1318 * @exception PKCS11Exception If an internal PKCS#11 function returns other 1319 * value than CKR_OK. 1320 * @preconditions 1321 * @postconditions 1322 */ 1323 public native long createNativeKey(long hSession, byte[] keyInfo, long hWrappingKey) throws PKCS11Exception; 1324 1325 /** 1326 * C_GenerateKey generates a secret key, creating a new key 1327 * object. 1328 * (Key management) 1329 * 1330 * @param hSession the session's handle 1331 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1332 * @param pMechanism the key generation mechanism 1333 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1334 * @param pTemplate the template for the new key and the number of 1335 * attributes in the template 1336 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 1337 * @return the handle of the new key 1338 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey) 1339 * @exception PKCS11Exception If function returns other value than CKR_OK. 1340 * @preconditions 1341 * @postconditions 1342 */ 1343 public native long C_GenerateKey(long hSession, CK_MECHANISM pMechanism, 1344 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 1345 1346 1347 /** 1348 * C_GenerateKeyPair generates a public-key/private-key pair, 1349 * creating new key objects. 1350 * (Key management) 1351 * 1352 * @param hSession the session's handle 1353 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1354 * @param pMechanism the key generation mechanism 1355 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1356 * @param pPublicKeyTemplate the template for the new public key and the 1357 * number of attributes in the template 1358 * (PKCS#11 param: CK_ATTRIBUTE_PTR pPublicKeyTemplate, 1359 * CK_ULONG ulPublicKeyAttributeCount) 1360 * @param pPrivateKeyTemplate the template for the new private key and the 1361 * number of attributes in the template 1362 * (PKCS#11 param: CK_ATTRIBUTE_PTR pPrivateKeyTemplate 1363 * CK_ULONG ulPrivateKeyAttributeCount) 1364 * @return a long array with exactly two elements and the public key handle 1365 * as the first element and the private key handle as the second 1366 * element 1367 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phPublicKey, 1368 * CK_OBJECT_HANDLE_PTR phPrivateKey) 1369 * @exception PKCS11Exception If function returns other value than CKR_OK. 1370 * @preconditions (pMechanism <> null) 1371 * @postconditions (result <> null) and (result.length == 2) 1372 */ 1373 public native long[] C_GenerateKeyPair(long hSession, 1374 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate, 1375 CK_ATTRIBUTE[] pPrivateKeyTemplate) throws PKCS11Exception; 1376 1377 1378 1379 /** 1380 * C_WrapKey wraps (i.e., encrypts) a key. 1381 * (Key management) 1382 * 1383 * @param hSession the session's handle 1384 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1385 * @param pMechanism the wrapping mechanism 1386 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1387 * @param hWrappingKey the handle of the wrapping key 1388 * (PKCS#11 param: CK_OBJECT_HANDLE hWrappingKey) 1389 * @param hKey the handle of the key to be wrapped 1390 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1391 * @return the wrapped key and the length of the wrapped key 1392 * (PKCS#11 param: CK_BYTE_PTR pWrappedKey, 1393 * CK_ULONG_PTR pulWrappedKeyLen) 1394 * @exception PKCS11Exception If function returns other value than CKR_OK. 1395 * @preconditions 1396 * @postconditions (result <> null) 1397 */ 1398 public native byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism, 1399 long hWrappingKey, long hKey) throws PKCS11Exception; 1400 1401 1402 /** 1403 * C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new 1404 * key object. 1405 * (Key management) 1406 * 1407 * @param hSession the session's handle 1408 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1409 * @param pMechanism the unwrapping mechanism 1410 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1411 * @param hUnwrappingKey the handle of the unwrapping key 1412 * (PKCS#11 param: CK_OBJECT_HANDLE hUnwrappingKey) 1413 * @param pWrappedKey the wrapped key to unwrap and the wrapped key's length 1414 * (PKCS#11 param: CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen) 1415 * @param pTemplate the template for the new key and the number of 1416 * attributes in the template 1417 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 1418 * @return the handle of the unwrapped key 1419 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey) 1420 * @exception PKCS11Exception If function returns other value than CKR_OK. 1421 * @preconditions (pWrappedKey <> null) 1422 * @postconditions 1423 */ 1424 public native long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism, 1425 long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate) 1426 throws PKCS11Exception; 1427 1428 1429 /** 1430 * C_DeriveKey derives a key from a base key, creating a new key 1431 * object. 1432 * (Key management) 1433 * 1434 * @param hSession the session's handle 1435 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1436 * @param pMechanism the key derivation mechanism 1437 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1438 * @param hBaseKey the handle of the base key 1439 * (PKCS#11 param: CK_OBJECT_HANDLE hBaseKey) 1440 * @param pTemplate the template for the new key and the number of 1441 * attributes in the template 1442 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 1443 * @return the handle of the derived key 1444 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey) 1445 * @exception PKCS11Exception If function returns other value than CKR_OK. 1446 * @preconditions 1447 * @postconditions 1448 */ 1449 public native long C_DeriveKey(long hSession, CK_MECHANISM pMechanism, 1450 long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 1451 1452 1453 1454 /* ***************************************************************************** 1455 * Random number generation 1456 ******************************************************************************/ 1457 1458 /** 1459 * C_SeedRandom mixes additional seed material into the token's 1460 * random number generator. 1461 * (Random number generation) 1462 * 1463 * @param hSession the session's handle 1464 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1465 * @param pSeed the seed material and the seed material's length 1466 * (PKCS#11 param: CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen) 1467 * @exception PKCS11Exception If function returns other value than CKR_OK. 1468 * @preconditions (pSeed <> null) 1469 * @postconditions 1470 */ 1471 public native void C_SeedRandom(long hSession, byte[] pSeed) 1472 throws PKCS11Exception; 1473 1474 1475 /** 1476 * C_GenerateRandom generates random data. 1477 * (Random number generation) 1478 * 1479 * @param hSession the session's handle 1480 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1481 * @param RandomData receives the random data and the length of RandomData 1482 * is the length of random data to be generated 1483 * (PKCS#11 param: CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen) 1484 * @exception PKCS11Exception If function returns other value than CKR_OK. 1485 * @preconditions (randomData <> null) 1486 * @postconditions 1487 */ 1488 public native void C_GenerateRandom(long hSession, byte[] randomData) 1489 throws PKCS11Exception; 1490 1491 1492 1493 /* ***************************************************************************** 1494 * Parallel function management 1495 ******************************************************************************/ 1496 1497 /** 1498 * C_GetFunctionStatus is a legacy function; it obtains an 1499 * updated status of a function running in parallel with an 1500 * application. 1501 * (Parallel function management) 1502 * 1503 * @param hSession the session's handle 1504 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1505 * @exception PKCS11Exception If function returns other value than CKR_OK. 1506 * @preconditions 1507 * @postconditions 1508 */ 1509 // public native void C_GetFunctionStatus(long hSession) 1510 // throws PKCS11Exception; 1511 1512 1513 /** 1514 * C_CancelFunction is a legacy function; it cancels a function 1515 * running in parallel. 1516 * (Parallel function management) 1517 * 1518 * @param hSession the session's handle 1519 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1520 * @exception PKCS11Exception If function returns other value than CKR_OK. 1521 * @preconditions 1522 * @postconditions 1523 */ 1524 // public native void C_CancelFunction(long hSession) throws PKCS11Exception; 1525 1526 1527 1528 /* ***************************************************************************** 1529 * Functions added in for Cryptoki Version 2.01 or later 1530 ******************************************************************************/ 1531 1532 /** 1533 * C_WaitForSlotEvent waits for a slot event (token insertion, 1534 * removal, etc.) to occur. 1535 * (General-purpose) 1536 * 1537 * @param flags blocking/nonblocking flag 1538 * (PKCS#11 param: CK_FLAGS flags) 1539 * @param pReserved reserved. Should be null 1540 * (PKCS#11 param: CK_VOID_PTR pReserved) 1541 * @return the slot ID where the event occurred 1542 * (PKCS#11 param: CK_SLOT_ID_PTR pSlot) 1543 * @exception PKCS11Exception If function returns other value than CKR_OK. 1544 * @preconditions (pRserved == null) 1545 * @postconditions 1546 */ 1547 // public native long C_WaitForSlotEvent(long flags, Object pRserved) 1548 // throws PKCS11Exception; 1549 1550 /** 1551 * Returns the string representation of this object. 1552 * 1553 * @return The string representation of object 1554 */ 1555 public String toString() { 1556 return "Module name: " + pkcs11ModulePath; 1557 } 1558 1559 /** 1560 * Calls disconnect() to cleanup the native part of the wrapper. Once this 1561 * method is called, this object cannot be used any longer. Any subsequent 1562 * call to a C_* method will result in a runtime exception. 1563 * 1564 * @exception Throwable If finalization fails. 1565 */ 1566 @SuppressWarnings("deprecation") 1567 protected void finalize() throws Throwable { 1568 disconnect(); 1569 } 1570 1571 // PKCS11 subclass that has all methods synchronized and delegating to the 1572 // parent. Used for tokens that only support single threaded access 1573 static class SynchronizedPKCS11 extends PKCS11 { 1574 1575 SynchronizedPKCS11(String pkcs11ModulePath, String functionListName) 1576 throws IOException { 1577 super(pkcs11ModulePath, functionListName); 1578 } 1579 1580 synchronized void C_Initialize(Object pInitArgs) throws PKCS11Exception { 1581 super.C_Initialize(pInitArgs); 1582 } 1583 1584 public synchronized void C_Finalize(Object pReserved) 1585 throws PKCS11Exception { 1586 super.C_Finalize(pReserved); 1587 } 1588 1589 public synchronized CK_INFO C_GetInfo() throws PKCS11Exception { 1590 return super.C_GetInfo(); 1591 } 1592 1593 public synchronized long[] C_GetSlotList(boolean tokenPresent) 1594 throws PKCS11Exception { 1595 return super.C_GetSlotList(tokenPresent); 1596 } 1597 1598 public synchronized CK_SLOT_INFO C_GetSlotInfo(long slotID) 1599 throws PKCS11Exception { 1600 return super.C_GetSlotInfo(slotID); 1601 } 1602 1603 public synchronized CK_TOKEN_INFO C_GetTokenInfo(long slotID) 1604 throws PKCS11Exception { 1605 return super.C_GetTokenInfo(slotID); 1606 } 1607 1608 public synchronized long[] C_GetMechanismList(long slotID) 1609 throws PKCS11Exception { 1610 return super.C_GetMechanismList(slotID); 1611 } 1612 1613 public synchronized CK_MECHANISM_INFO C_GetMechanismInfo(long slotID, 1614 long type) throws PKCS11Exception { 1615 return super.C_GetMechanismInfo(slotID, type); 1616 } 1617 1618 public synchronized long C_OpenSession(long slotID, long flags, 1619 Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception { 1620 return super.C_OpenSession(slotID, flags, pApplication, Notify); 1621 } 1622 1623 public synchronized void C_CloseSession(long hSession) 1624 throws PKCS11Exception { 1625 super.C_CloseSession(hSession); 1626 } 1627 1628 public synchronized CK_SESSION_INFO C_GetSessionInfo(long hSession) 1629 throws PKCS11Exception { 1630 return super.C_GetSessionInfo(hSession); 1631 } 1632 1633 public synchronized void C_Login(long hSession, long userType, char[] pPin) 1634 throws PKCS11Exception { 1635 super.C_Login(hSession, userType, pPin); 1636 } 1637 1638 public synchronized void C_Logout(long hSession) throws PKCS11Exception { 1639 super.C_Logout(hSession); 1640 } 1641 1642 public synchronized long C_CreateObject(long hSession, 1643 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1644 return super.C_CreateObject(hSession, pTemplate); 1645 } 1646 1647 public synchronized long C_CopyObject(long hSession, long hObject, 1648 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1649 return super.C_CopyObject(hSession, hObject, pTemplate); 1650 } 1651 1652 public synchronized void C_DestroyObject(long hSession, long hObject) 1653 throws PKCS11Exception { 1654 super.C_DestroyObject(hSession, hObject); 1655 } 1656 1657 public synchronized void C_GetAttributeValue(long hSession, long hObject, 1658 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1659 super.C_GetAttributeValue(hSession, hObject, pTemplate); 1660 } 1661 1662 public synchronized void C_SetAttributeValue(long hSession, long hObject, 1663 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1664 super.C_SetAttributeValue(hSession, hObject, pTemplate); 1665 } 1666 1667 public synchronized void C_FindObjectsInit(long hSession, 1668 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1669 super.C_FindObjectsInit(hSession, pTemplate); 1670 } 1671 1672 public synchronized long[] C_FindObjects(long hSession, 1673 long ulMaxObjectCount) throws PKCS11Exception { 1674 return super.C_FindObjects(hSession, ulMaxObjectCount); 1675 } 1676 1677 public synchronized void C_FindObjectsFinal(long hSession) 1678 throws PKCS11Exception { 1679 super.C_FindObjectsFinal(hSession); 1680 } 1681 1682 public synchronized void C_EncryptInit(long hSession, 1683 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1684 super.C_EncryptInit(hSession, pMechanism, hKey); 1685 } 1686 1687 public synchronized int C_Encrypt(long hSession, byte[] in, int inOfs, 1688 int inLen, byte[] out, int outOfs, int outLen) 1689 throws PKCS11Exception { 1690 return super.C_Encrypt(hSession, in, inOfs, inLen, out, outOfs, outLen); 1691 } 1692 1693 public synchronized int C_EncryptUpdate(long hSession, long directIn, 1694 byte[] in, int inOfs, int inLen, long directOut, byte[] out, 1695 int outOfs, int outLen) throws PKCS11Exception { 1696 return super.C_EncryptUpdate(hSession, directIn, in, inOfs, inLen, 1697 directOut, out, outOfs, outLen); 1698 } 1699 1700 public synchronized int C_EncryptFinal(long hSession, long directOut, 1701 byte[] out, int outOfs, int outLen) throws PKCS11Exception { 1702 return super.C_EncryptFinal(hSession, directOut, out, outOfs, outLen); 1703 } 1704 1705 public synchronized void C_DecryptInit(long hSession, 1706 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1707 super.C_DecryptInit(hSession, pMechanism, hKey); 1708 } 1709 1710 public synchronized int C_Decrypt(long hSession, byte[] in, int inOfs, 1711 int inLen, byte[] out, int outOfs, int outLen) 1712 throws PKCS11Exception { 1713 return super.C_Decrypt(hSession, in, inOfs, inLen, out, outOfs, outLen); 1714 } 1715 1716 public synchronized int C_DecryptUpdate(long hSession, long directIn, 1717 byte[] in, int inOfs, int inLen, long directOut, byte[] out, 1718 int outOfs, int outLen) throws PKCS11Exception { 1719 return super.C_DecryptUpdate(hSession, directIn, in, inOfs, inLen, 1720 directOut, out, outOfs, outLen); 1721 } 1722 1723 public synchronized int C_DecryptFinal(long hSession, long directOut, 1724 byte[] out, int outOfs, int outLen) throws PKCS11Exception { 1725 return super.C_DecryptFinal(hSession, directOut, out, outOfs, outLen); 1726 } 1727 1728 public synchronized void C_DigestInit(long hSession, CK_MECHANISM pMechanism) 1729 throws PKCS11Exception { 1730 super.C_DigestInit(hSession, pMechanism); 1731 } 1732 1733 public synchronized int C_DigestSingle(long hSession, 1734 CK_MECHANISM pMechanism, byte[] in, int inOfs, int inLen, 1735 byte[] digest, int digestOfs, int digestLen) throws PKCS11Exception { 1736 return super.C_DigestSingle(hSession, pMechanism, in, inOfs, inLen, 1737 digest, digestOfs, digestLen); 1738 } 1739 1740 public synchronized void C_DigestUpdate(long hSession, long directIn, 1741 byte[] in, int inOfs, int inLen) throws PKCS11Exception { 1742 super.C_DigestUpdate(hSession, directIn, in, inOfs, inLen); 1743 } 1744 1745 public synchronized void C_DigestKey(long hSession, long hKey) 1746 throws PKCS11Exception { 1747 super.C_DigestKey(hSession, hKey); 1748 } 1749 1750 public synchronized int C_DigestFinal(long hSession, byte[] pDigest, 1751 int digestOfs, int digestLen) throws PKCS11Exception { 1752 return super.C_DigestFinal(hSession, pDigest, digestOfs, digestLen); 1753 } 1754 1755 public synchronized void C_SignInit(long hSession, CK_MECHANISM pMechanism, 1756 long hKey) throws PKCS11Exception { 1757 super.C_SignInit(hSession, pMechanism, hKey); 1758 } 1759 1760 public synchronized byte[] C_Sign(long hSession, byte[] pData) 1761 throws PKCS11Exception { 1762 return super.C_Sign(hSession, pData); 1763 } 1764 1765 public synchronized void C_SignUpdate(long hSession, long directIn, 1766 byte[] in, int inOfs, int inLen) throws PKCS11Exception { 1767 super.C_SignUpdate(hSession, directIn, in, inOfs, inLen); 1768 } 1769 1770 public synchronized byte[] C_SignFinal(long hSession, int expectedLen) 1771 throws PKCS11Exception { 1772 return super.C_SignFinal(hSession, expectedLen); 1773 } 1774 1775 public synchronized void C_SignRecoverInit(long hSession, 1776 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1777 super.C_SignRecoverInit(hSession, pMechanism, hKey); 1778 } 1779 1780 public synchronized int C_SignRecover(long hSession, byte[] in, int inOfs, 1781 int inLen, byte[] out, int outOufs, int outLen) 1782 throws PKCS11Exception { 1783 return super.C_SignRecover(hSession, in, inOfs, inLen, out, outOufs, 1784 outLen); 1785 } 1786 1787 public synchronized void C_VerifyInit(long hSession, CK_MECHANISM pMechanism, 1788 long hKey) throws PKCS11Exception { 1789 super.C_VerifyInit(hSession, pMechanism, hKey); 1790 } 1791 1792 public synchronized void C_Verify(long hSession, byte[] pData, 1793 byte[] pSignature) throws PKCS11Exception { 1794 super.C_Verify(hSession, pData, pSignature); 1795 } 1796 1797 public synchronized void C_VerifyUpdate(long hSession, long directIn, 1798 byte[] in, int inOfs, int inLen) throws PKCS11Exception { 1799 super.C_VerifyUpdate(hSession, directIn, in, inOfs, inLen); 1800 } 1801 1802 public synchronized void C_VerifyFinal(long hSession, byte[] pSignature) 1803 throws PKCS11Exception { 1804 super.C_VerifyFinal(hSession, pSignature); 1805 } 1806 1807 public synchronized void C_VerifyRecoverInit(long hSession, 1808 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1809 super.C_VerifyRecoverInit(hSession, pMechanism, hKey); 1810 } 1811 1812 public synchronized int C_VerifyRecover(long hSession, byte[] in, int inOfs, 1813 int inLen, byte[] out, int outOufs, int outLen) 1814 throws PKCS11Exception { 1815 return super.C_VerifyRecover(hSession, in, inOfs, inLen, out, outOufs, 1816 outLen); 1817 } 1818 1819 public synchronized long C_GenerateKey(long hSession, 1820 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pTemplate) 1821 throws PKCS11Exception { 1822 return super.C_GenerateKey(hSession, pMechanism, pTemplate); 1823 } 1824 1825 public synchronized long[] C_GenerateKeyPair(long hSession, 1826 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate, 1827 CK_ATTRIBUTE[] pPrivateKeyTemplate) 1828 throws PKCS11Exception { 1829 return super.C_GenerateKeyPair(hSession, pMechanism, pPublicKeyTemplate, 1830 pPrivateKeyTemplate); 1831 } 1832 1833 public synchronized byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism, 1834 long hWrappingKey, long hKey) throws PKCS11Exception { 1835 return super.C_WrapKey(hSession, pMechanism, hWrappingKey, hKey); 1836 } 1837 1838 public synchronized long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism, 1839 long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate) 1840 throws PKCS11Exception { 1841 return super.C_UnwrapKey(hSession, pMechanism, hUnwrappingKey, 1842 pWrappedKey, pTemplate); 1843 } 1844 1845 public synchronized long C_DeriveKey(long hSession, CK_MECHANISM pMechanism, 1846 long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1847 return super.C_DeriveKey(hSession, pMechanism, hBaseKey, pTemplate); 1848 } 1849 1850 public synchronized void C_SeedRandom(long hSession, byte[] pSeed) 1851 throws PKCS11Exception { 1852 super.C_SeedRandom(hSession, pSeed); 1853 } 1854 1855 public synchronized void C_GenerateRandom(long hSession, byte[] randomData) 1856 throws PKCS11Exception { 1857 super.C_GenerateRandom(hSession, randomData); 1858 } 1859 } 1860 }