1 /*
2 * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved.
3 */
4
5 /* Copyright (c) 2002 Graz University of Technology. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright notice,
11 * this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright notice,
14 * this list of conditions and the following disclaimer in the documentation
15 * and/or other materials provided with the distribution.
16 *
17 * 3. The end-user documentation included with the redistribution, if any, must
18 * include the following acknowledgment:
19 *
20 * "This product includes software developed by IAIK of Graz University of
21 * Technology."
22 *
23 * Alternately, this acknowledgment may appear in the software itself, if
24 * and wherever such third-party acknowledgments normally appear.
25 *
26 * 4. The names "Graz University of Technology" and "IAIK of Graz University of
27 * Technology" must not be used to endorse or promote products derived from
28 * this software without prior written permission.
29 *
30 * 5. Products derived from this software may not be called
31 * "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior
32 * written permission of Graz University of Technology.
33 *
34 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
35 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
36 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE
38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
45 * POSSIBILITY OF SUCH DAMAGE.
46 */
47
48 package sun.security.pkcs11.wrapper;
49
50 import java.io.File;
51 import java.io.IOException;
52 import java.util.*;
53
54 import java.security.AccessController;
55 import java.security.PrivilegedAction;
56
57 import sun.security.util.Debug;
58
59 import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
60
61 /**
62 * This is the default implementation of the PKCS11 interface. IT connects to
63 * the pkcs11wrapper.dll file, which is the native part of this library.
64 * The strange and awkward looking initialization was chosen to avoid calling
65 * loadLibrary from a static initialization block, because this would complicate
66 * the use in applets.
67 *
68 * @author Karl Scheibelhofer <Karl.Scheibelhofer@iaik.at>
69 * @author Martin Schlaeffer <schlaeff@sbox.tugraz.at>
70 * @invariants (pkcs11ModulePath_ <> null)
71 */
72 public class PKCS11 {
73
74 /**
75 * The name of the native part of the wrapper; i.e. the filename without
76 * the extension (e.g. ".DLL" or ".so").
77 */
78 private static final String PKCS11_WRAPPER = "j2pkcs11";
79
80 static {
81 // cannot use LoadLibraryAction because that would make the native
82 // library available to the bootclassloader, but we run in the
83 // extension classloader.
84 AccessController.doPrivileged(new PrivilegedAction<Object>() {
85 public Object run() {
86 System.loadLibrary(PKCS11_WRAPPER);
87 return null;
88 }
89 });
90 boolean enableDebug = Debug.getInstance("sunpkcs11") != null;
91 initializeLibrary(enableDebug);
92 }
93
94 public static void loadNative() {
95 // dummy method that can be called to make sure the native
96 // portion has been loaded. actual loading happens in the
97 // static initializer, hence this method is empty.
98 }
99
100 /**
101 * The PKCS#11 module to connect to. This is the PKCS#11 driver of the token;
102 * e.g. pk2priv.dll.
103 */
104 private final String pkcs11ModulePath;
105
106 private long pNativeData;
107
108 /**
109 * This method does the initialization of the native library. It is called
110 * exactly once for this class.
111 *
112 * @preconditions
113 * @postconditions
114 */
115 private static native void initializeLibrary(boolean debug);
116
117 // XXX
118 /**
119 * This method does the finalization of the native library. It is called
120 * exactly once for this class. The library uses this method for a clean-up
121 * of any resources.
122 *
123 * @preconditions
124 * @postconditions
125 */
126 private static native void finalizeLibrary();
127
128 private static final Map<String,PKCS11> moduleMap =
129 new HashMap<String,PKCS11>();
130
131 /**
132 * Connects to the PKCS#11 driver given. The filename must contain the
133 * path, if the driver is not in the system's search path.
134 *
135 * @param pkcs11ModulePath the PKCS#11 library path
136 * @preconditions (pkcs11ModulePath <> null)
137 * @postconditions
138 */
139 PKCS11(String pkcs11ModulePath, String functionListName)
140 throws IOException {
141 connect(pkcs11ModulePath, functionListName);
142 this.pkcs11ModulePath = pkcs11ModulePath;
143 }
144
145 public static synchronized PKCS11 getInstance(String pkcs11ModulePath,
146 String functionList, CK_C_INITIALIZE_ARGS pInitArgs,
147 boolean omitInitialize) throws IOException, PKCS11Exception {
148 // we may only call C_Initialize once per native .so/.dll
149 // so keep a cache using the (non-canonicalized!) path
150 PKCS11 pkcs11 = moduleMap.get(pkcs11ModulePath);
151 if (pkcs11 == null) {
152 if ((pInitArgs != null)
153 && ((pInitArgs.flags & CKF_OS_LOCKING_OK) != 0)) {
154 pkcs11 = new PKCS11(pkcs11ModulePath, functionList);
155 } else {
156 pkcs11 = new SynchronizedPKCS11(pkcs11ModulePath, functionList);
157 }
158 if (omitInitialize == false) {
159 try {
160 pkcs11.C_Initialize(pInitArgs);
161 } catch (PKCS11Exception e) {
162 // ignore already-initialized error code
163 // rethrow all other errors
164 if (e.getErrorCode() != CKR_CRYPTOKI_ALREADY_INITIALIZED) {
165 throw e;
166 }
167 }
168 }
169 moduleMap.put(pkcs11ModulePath, pkcs11);
170 }
171 return pkcs11;
172 }
173
174 /**
175 * Connects this object to the specified PKCS#11 library. This method is for
176 * internal use only.
177 * Declared private, because incorrect handling may result in errors in the
178 * native part.
179 *
180 * @param pkcs11ModulePath The PKCS#11 library path.
181 * @preconditions (pkcs11ModulePath <> null)
182 * @postconditions
183 */
184 private native void connect(String pkcs11ModulePath, String functionListName)
185 throws IOException;
186
187 /**
188 * Disconnects the PKCS#11 library from this object. After calling this
189 * method, this object is no longer connected to a native PKCS#11 module
190 * and any subsequent calls to C_ methods will fail. This method is for
191 * internal use only.
192 * Declared private, because incorrect handling may result in errors in the
193 * native part.
194 *
195 * @preconditions
196 * @postconditions
197 */
198 private native void disconnect();
199
200
201 // Implementation of PKCS11 methods delegated to native pkcs11wrapper library
202
203 /* *****************************************************************************
204 * General-purpose
205 ******************************************************************************/
206
207 /**
208 * C_Initialize initializes the Cryptoki library.
209 * (General-purpose)
210 *
211 * @param pInitArgs if pInitArgs is not NULL it gets casted to
212 * CK_C_INITIALIZE_ARGS_PTR and dereferenced
213 * (PKCS#11 param: CK_VOID_PTR pInitArgs)
214 * @exception PKCS11Exception If function returns other value than CKR_OK.
215 * @preconditions
216 * @postconditions
217 */
218 native void C_Initialize(Object pInitArgs) throws PKCS11Exception;
219
220 /**
221 * C_Finalize indicates that an application is done with the
222 * Cryptoki library
223 * (General-purpose)
224 *
225 * @param pReserved is reserved. Should be NULL_PTR
226 * (PKCS#11 param: CK_VOID_PTR pReserved)
227 * @exception PKCS11Exception If function returns other value than CKR_OK.
228 * @preconditions (pReserved == null)
229 * @postconditions
230 */
231 public native void C_Finalize(Object pReserved) throws PKCS11Exception;
232
233
234 /**
235 * C_GetInfo returns general information about Cryptoki.
236 * (General-purpose)
237 *
238 * @return the information.
239 * (PKCS#11 param: CK_INFO_PTR pInfo)
240 * @exception PKCS11Exception If function returns other value than CKR_OK.
241 * @preconditions
242 * @postconditions (result <> null)
243 */
244 public native CK_INFO C_GetInfo() throws PKCS11Exception;
245
246
247 /* *****************************************************************************
248 * Slot and token management
249 ******************************************************************************/
250
251 /**
252 * C_GetSlotList obtains a list of slots in the system.
253 * (Slot and token management)
254 *
255 * @param tokenPresent if true only Slot IDs with a token are returned
256 * (PKCS#11 param: CK_BBOOL tokenPresent)
257 * @return a long array of slot IDs and number of Slot IDs
258 * (PKCS#11 param: CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount)
259 * @exception PKCS11Exception If function returns other value than CKR_OK.
260 * @preconditions
261 * @postconditions (result <> null)
262 */
263 public native long[] C_GetSlotList(boolean tokenPresent)
264 throws PKCS11Exception;
265
266
267 /**
268 * C_GetSlotInfo obtains information about a particular slot in
269 * the system.
270 * (Slot and token management)
271 *
272 * @param slotID the ID of the slot
273 * (PKCS#11 param: CK_SLOT_ID slotID)
274 * @return the slot information
275 * (PKCS#11 param: CK_SLOT_INFO_PTR pInfo)
276 * @exception PKCS11Exception If function returns other value than CKR_OK.
277 * @preconditions
278 * @postconditions (result <> null)
279 */
280 public native CK_SLOT_INFO C_GetSlotInfo(long slotID) throws PKCS11Exception;
281
282
283 /**
284 * C_GetTokenInfo obtains information about a particular token
285 * in the system.
286 * (Slot and token management)
287 *
288 * @param slotID ID of the token's slot
289 * (PKCS#11 param: CK_SLOT_ID slotID)
290 * @return the token information
291 * (PKCS#11 param: CK_TOKEN_INFO_PTR pInfo)
292 * @exception PKCS11Exception If function returns other value than CKR_OK.
293 * @preconditions
294 * @postconditions (result <> null)
295 */
296 public native CK_TOKEN_INFO C_GetTokenInfo(long slotID)
297 throws PKCS11Exception;
298
299
300 /**
301 * C_GetMechanismList obtains a list of mechanism types
302 * supported by a token.
303 * (Slot and token management)
304 *
305 * @param slotID ID of the token's slot
306 * (PKCS#11 param: CK_SLOT_ID slotID)
307 * @return a long array of mechanism types and number of mechanism types
308 * (PKCS#11 param: CK_MECHANISM_TYPE_PTR pMechanismList,
309 * CK_ULONG_PTR pulCount)
310 * @exception PKCS11Exception If function returns other value than CKR_OK.
311 * @preconditions
312 * @postconditions (result <> null)
313 */
314 public native long[] C_GetMechanismList(long slotID) throws PKCS11Exception;
315
316
317 /**
318 * C_GetMechanismInfo obtains information about a particular
319 * mechanism possibly supported by a token.
320 * (Slot and token management)
321 *
322 * @param slotID ID of the token's slot
323 * (PKCS#11 param: CK_SLOT_ID slotID)
324 * @param type type of mechanism
325 * (PKCS#11 param: CK_MECHANISM_TYPE type)
326 * @return the mechanism info
327 * (PKCS#11 param: CK_MECHANISM_INFO_PTR pInfo)
328 * @exception PKCS11Exception If function returns other value than CKR_OK.
329 * @preconditions
330 * @postconditions (result <> null)
331 */
332 public native CK_MECHANISM_INFO C_GetMechanismInfo(long slotID, long type)
333 throws PKCS11Exception;
334
335
336 /**
337 * C_InitToken initializes a token.
338 * (Slot and token management)
339 *
340 * @param slotID ID of the token's slot
341 * (PKCS#11 param: CK_SLOT_ID slotID)
342 * @param pPin the SO's initial PIN and the length in bytes of the PIN
343 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
344 * @param pLabel 32-byte token label (blank padded)
345 * (PKCS#11 param: CK_UTF8CHAR_PTR pLabel)
346 * @exception PKCS11Exception If function returns other value than CKR_OK.
347 * @preconditions
348 * @postconditions
349 */
350 // public native void C_InitToken(long slotID, char[] pPin, char[] pLabel)
351 // throws PKCS11Exception;
352
353
354 /**
355 * C_InitPIN initializes the normal user's PIN.
356 * (Slot and token management)
357 *
358 * @param hSession the session's handle
359 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
360 * @param pPin the normal user's PIN and the length in bytes of the PIN
361 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
362 * @exception PKCS11Exception If function returns other value than CKR_OK.
363 * @preconditions
364 * @postconditions
365 */
366 // public native void C_InitPIN(long hSession, char[] pPin)
367 // throws PKCS11Exception;
368
369
370 /**
371 * C_SetPIN modifies the PIN of the user who is logged in.
372 * (Slot and token management)
373 *
374 * @param hSession the session's handle
375 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
376 * @param pOldPin the old PIN and the length of the old PIN
377 * (PKCS#11 param: CK_CHAR_PTR pOldPin, CK_ULONG ulOldLen)
378 * @param pNewPin the new PIN and the length of the new PIN
379 * (PKCS#11 param: CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen)
380 * @exception PKCS11Exception If function returns other value than CKR_OK.
381 * @preconditions
382 * @postconditions
383 */
384 // public native void C_SetPIN(long hSession, char[] pOldPin, char[] pNewPin)
385 // throws PKCS11Exception;
386
387
388
389 /* *****************************************************************************
390 * Session management
391 ******************************************************************************/
392
393 /**
394 * C_OpenSession opens a session between an application and a
395 * token.
396 * (Session management)
397 *
398 * @param slotID the slot's ID
399 * (PKCS#11 param: CK_SLOT_ID slotID)
400 * @param flags of CK_SESSION_INFO
401 * (PKCS#11 param: CK_FLAGS flags)
402 * @param pApplication passed to callback
403 * (PKCS#11 param: CK_VOID_PTR pApplication)
404 * @param Notify the callback function
405 * (PKCS#11 param: CK_NOTIFY Notify)
406 * @return the session handle
407 * (PKCS#11 param: CK_SESSION_HANDLE_PTR phSession)
408 * @exception PKCS11Exception If function returns other value than CKR_OK.
409 * @preconditions
410 * @postconditions
411 */
412 public native long C_OpenSession(long slotID, long flags,
413 Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception;
414
415
416 /**
417 * C_CloseSession closes a session between an application and a
418 * token.
419 * (Session management)
420 *
421 * @param hSession the session's handle
422 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
423 * @exception PKCS11Exception If function returns other value than CKR_OK.
424 * @preconditions
425 * @postconditions
426 */
427 public native void C_CloseSession(long hSession) throws PKCS11Exception;
428
429
430 /**
431 * C_CloseAllSessions closes all sessions with a token.
432 * (Session management)
433 *
434 * @param slotID the ID of the token's slot
435 * (PKCS#11 param: CK_SLOT_ID slotID)
436 * @exception PKCS11Exception If function returns other value than CKR_OK.
437 * @preconditions
438 * @postconditions
439 */
440 // public native void C_CloseAllSessions(long slotID) throws PKCS11Exception;
441
442
443 /**
444 * C_GetSessionInfo obtains information about the session.
445 * (Session management)
446 *
447 * @param hSession the session's handle
448 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
449 * @return the session info
450 * (PKCS#11 param: CK_SESSION_INFO_PTR pInfo)
451 * @exception PKCS11Exception If function returns other value than CKR_OK.
452 * @preconditions
453 * @postconditions (result <> null)
454 */
455 public native CK_SESSION_INFO C_GetSessionInfo(long hSession)
456 throws PKCS11Exception;
457
458
459 /**
460 * C_GetOperationState obtains the state of the cryptographic operation
461 * in a session.
462 * (Session management)
463 *
464 * @param hSession session's handle
465 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
466 * @return the state and the state length
467 * (PKCS#11 param: CK_BYTE_PTR pOperationState,
468 * CK_ULONG_PTR pulOperationStateLen)
469 * @exception PKCS11Exception If function returns other value than CKR_OK.
470 * @preconditions
471 * @postconditions (result <> null)
472 */
473 public native byte[] C_GetOperationState(long hSession)
474 throws PKCS11Exception;
475
476
477 /**
478 * C_SetOperationState restores the state of the cryptographic
479 * operation in a session.
480 * (Session management)
481 *
482 * @param hSession session's handle
483 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
484 * @param pOperationState the state and the state length
485 * (PKCS#11 param: CK_BYTE_PTR pOperationState,
486 * CK_ULONG ulOperationStateLen)
487 * @param hEncryptionKey en/decryption key
488 * (PKCS#11 param: CK_OBJECT_HANDLE hEncryptionKey)
489 * @param hAuthenticationKey sign/verify key
490 * (PKCS#11 param: CK_OBJECT_HANDLE hAuthenticationKey)
491 * @exception PKCS11Exception If function returns other value than CKR_OK.
492 * @preconditions
493 * @postconditions
494 */
495 public native void C_SetOperationState(long hSession, byte[] pOperationState,
496 long hEncryptionKey, long hAuthenticationKey) throws PKCS11Exception;
497
498
499 /**
500 * C_Login logs a user into a token.
501 * (Session management)
502 *
503 * @param hSession the session's handle
504 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
505 * @param userType the user type
506 * (PKCS#11 param: CK_USER_TYPE userType)
507 * @param pPin the user's PIN and the length of the PIN
508 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
509 * @exception PKCS11Exception If function returns other value than CKR_OK.
510 * @preconditions
511 * @postconditions
512 */
513 public native void C_Login(long hSession, long userType, char[] pPin)
514 throws PKCS11Exception;
515
516
517 /**
518 * C_Logout logs a user out from a token.
519 * (Session management)
520 *
521 * @param hSession the session's handle
522 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
523 * @exception PKCS11Exception If function returns other value than CKR_OK.
524 * @preconditions
525 * @postconditions
526 */
527 public native void C_Logout(long hSession) throws PKCS11Exception;
528
529
530
531 /* *****************************************************************************
532 * Object management
533 ******************************************************************************/
534
535 /**
536 * C_CreateObject creates a new object.
537 * (Object management)
538 *
539 * @param hSession the session's handle
540 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
541 * @param pTemplate the object's template and number of attributes in
542 * template
543 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
544 * @return the object's handle
545 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phObject)
546 * @exception PKCS11Exception If function returns other value than CKR_OK.
547 * @preconditions
548 * @postconditions
549 */
550 public native long C_CreateObject(long hSession, CK_ATTRIBUTE[] pTemplate)
551 throws PKCS11Exception;
552
553
554 /**
555 * C_CopyObject copies an object, creating a new object for the
556 * copy.
557 * (Object management)
558 *
559 * @param hSession the session's handle
560 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
561 * @param hObject the object's handle
562 * (PKCS#11 param: CK_OBJECT_HANDLE hObject)
563 * @param pTemplate the template for the new object and number of attributes
564 * in template
565 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
566 * @return the handle of the copy
567 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phNewObject)
568 * @exception PKCS11Exception If function returns other value than CKR_OK.
569 * @preconditions
570 * @postconditions
571 */
572 public native long C_CopyObject(long hSession, long hObject,
573 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
574
575
576 /**
577 * C_DestroyObject destroys an object.
578 * (Object management)
579 *
580 * @param hSession the session's handle
581 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
582 * @param hObject the object's handle
583 * (PKCS#11 param: CK_OBJECT_HANDLE hObject)
584 * @exception PKCS11Exception If function returns other value than CKR_OK.
585 * @preconditions
586 * @postconditions
587 */
588 public native void C_DestroyObject(long hSession, long hObject)
589 throws PKCS11Exception;
590
591
592 /**
593 * C_GetObjectSize gets the size of an object in bytes.
594 * (Object management)
595 *
596 * @param hSession the session's handle
597 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
598 * @param hObject the object's handle
599 * (PKCS#11 param: CK_OBJECT_HANDLE hObject)
600 * @return the size of the object
601 * (PKCS#11 param: CK_ULONG_PTR pulSize)
602 * @exception PKCS11Exception If function returns other value than CKR_OK.
603 * @preconditions
604 * @postconditions
605 */
606 // public native long C_GetObjectSize(long hSession, long hObject)
607 // throws PKCS11Exception;
608
609
610 /**
611 * C_GetAttributeValue obtains the value of one or more object
612 * attributes. The template attributes also receive the values.
613 * (Object management)
614 * note: in PKCS#11 pTemplate and the result template are the same
615 *
616 * @param hSession the session's handle
617 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
618 * @param hObject the object's handle
619 * (PKCS#11 param: CK_OBJECT_HANDLE hObject)
620 * @param pTemplate specifies the attributes and number of attributes to get
621 * The template attributes also receive the values.
622 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
623 * @exception PKCS11Exception If function returns other value than CKR_OK.
624 * @preconditions (pTemplate <> null)
625 * @postconditions (result <> null)
626 */
627 public native void C_GetAttributeValue(long hSession, long hObject,
628 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
629
630
631 /**
632 * C_SetAttributeValue modifies the value of one or more object
633 * attributes
634 * (Object management)
635 *
636 * @param hSession the session's handle
637 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
638 * @param hObject the object's handle
639 * (PKCS#11 param: CK_OBJECT_HANDLE hObject)
640 * @param pTemplate specifies the attributes and values to get; number of
641 * attributes in the template
642 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
643 * @exception PKCS11Exception If function returns other value than CKR_OK.
644 * @preconditions (pTemplate <> null)
645 * @postconditions
646 */
647 public native void C_SetAttributeValue(long hSession, long hObject,
648 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
649
650
651 /**
652 * C_FindObjectsInit initializes a search for token and session
653 * objects that match a template.
654 * (Object management)
655 *
656 * @param hSession the session's handle
657 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
658 * @param pTemplate the object's attribute values to match and the number of
659 * attributes in search template
660 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
661 * @exception PKCS11Exception If function returns other value than CKR_OK.
662 * @preconditions
663 * @postconditions
664 */
665 public native void C_FindObjectsInit(long hSession, CK_ATTRIBUTE[] pTemplate)
666 throws PKCS11Exception;
667
668
669 /**
670 * C_FindObjects continues a search for token and session
671 * objects that match a template, obtaining additional object
672 * handles.
673 * (Object management)
674 *
675 * @param hSession the session's handle
676 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
677 * @param ulMaxObjectCount the max. object handles to get
678 * (PKCS#11 param: CK_ULONG ulMaxObjectCount)
679 * @return the object's handles and the actual number of objects returned
680 * (PKCS#11 param: CK_ULONG_PTR pulObjectCount)
681 * @exception PKCS11Exception If function returns other value than CKR_OK.
682 * @preconditions
683 * @postconditions (result <> null)
684 */
685 public native long[] C_FindObjects(long hSession, long ulMaxObjectCount)
686 throws PKCS11Exception;
687
688
689 /**
690 * C_FindObjectsFinal finishes a search for token and session
691 * objects.
692 * (Object management)
693 *
694 * @param hSession the session's handle
695 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
696 * @exception PKCS11Exception If function returns other value than CKR_OK.
697 * @preconditions
698 * @postconditions
699 */
700 public native void C_FindObjectsFinal(long hSession) throws PKCS11Exception;
701
702
703
704 /* *****************************************************************************
705 * Encryption and decryption
706 ******************************************************************************/
707
708 /**
709 * C_EncryptInit initializes an encryption operation.
710 * (Encryption and decryption)
711 *
712 * @param hSession the session's handle
713 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
714 * @param pMechanism the encryption mechanism
715 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
716 * @param hKey the handle of the encryption key
717 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
718 * @exception PKCS11Exception If function returns other value than CKR_OK.
719 * @preconditions
720 * @postconditions
721 */
722 public native void C_EncryptInit(long hSession, CK_MECHANISM pMechanism,
723 long hKey) throws PKCS11Exception;
724
725
726 /**
727 * C_Encrypt encrypts single-part data.
728 * (Encryption and decryption)
729 *
730 * @param hSession the session's handle
731 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
732 * @param pData the data to get encrypted and the data's length
733 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
734 * @return the encrypted data and the encrypted data's length
735 * (PKCS#11 param: CK_BYTE_PTR pEncryptedData,
736 * CK_ULONG_PTR pulEncryptedDataLen)
737 * @exception PKCS11Exception If function returns other value than CKR_OK.
738 * @preconditions (pData <> null)
739 * @postconditions (result <> null)
740 */
741 public native int C_Encrypt(long hSession, byte[] in, int inOfs, int inLen,
742 byte[] out, int outOfs, int outLen) throws PKCS11Exception;
743
744
745 /**
746 * C_EncryptUpdate continues a multiple-part encryption
747 * operation.
748 * (Encryption and decryption)
749 *
750 * @param hSession the session's handle
751 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
752 * @param pPart the data part to get encrypted and the data part's length
753 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
754 * @return the encrypted data part and the encrypted data part's length
755 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
756 CK_ULONG_PTR pulEncryptedPartLen)
757 * @exception PKCS11Exception If function returns other value than CKR_OK.
758 * @preconditions (pPart <> null)
759 * @postconditions
760 */
761 public native int C_EncryptUpdate(long hSession, long directIn, byte[] in,
762 int inOfs, int inLen, long directOut, byte[] out, int outOfs,
763 int outLen) throws PKCS11Exception;
764
765
766 /**
767 * C_EncryptFinal finishes a multiple-part encryption
768 * operation.
769 * (Encryption and decryption)
770 *
771 * @param hSession the session's handle
772 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
773 * @return the last encrypted data part and the last data part's length
774 * (PKCS#11 param: CK_BYTE_PTR pLastEncryptedPart,
775 CK_ULONG_PTR pulLastEncryptedPartLen)
776 * @exception PKCS11Exception If function returns other value than CKR_OK.
777 * @preconditions
778 * @postconditions (result <> null)
779 */
780 public native int C_EncryptFinal(long hSession, long directOut, byte[] out,
781 int outOfs, int outLen) throws PKCS11Exception;
782
783
784 /**
785 * C_DecryptInit initializes a decryption operation.
786 * (Encryption and decryption)
787 *
788 * @param hSession the session's handle
789 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
790 * @param pMechanism the decryption mechanism
791 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
792 * @param hKey the handle of the decryption key
793 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
794 * @exception PKCS11Exception If function returns other value than CKR_OK.
795 * @preconditions
796 * @postconditions
797 */
798 public native void C_DecryptInit(long hSession, CK_MECHANISM pMechanism,
799 long hKey) throws PKCS11Exception;
800
801
802 /**
803 * C_Decrypt decrypts encrypted data in a single part.
804 * (Encryption and decryption)
805 *
806 * @param hSession the session's handle
807 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
808 * @param pEncryptedData the encrypted data to get decrypted and the
809 * encrypted data's length
810 * (PKCS#11 param: CK_BYTE_PTR pEncryptedData,
811 * CK_ULONG ulEncryptedDataLen)
812 * @return the decrypted data and the data's length
813 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
814 * @exception PKCS11Exception If function returns other value than CKR_OK.
815 * @preconditions (pEncryptedPart <> null)
816 * @postconditions (result <> null)
817 */
818 public native int C_Decrypt(long hSession, byte[] in, int inOfs, int inLen,
819 byte[] out, int outOfs, int outLen) throws PKCS11Exception;
820
821
822 /**
823 * C_DecryptUpdate continues a multiple-part decryption
824 * operation.
825 * (Encryption and decryption)
826 *
827 * @param hSession the session's handle
828 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
829 * @param pEncryptedPart the encrypted data part to get decrypted and the
830 * encrypted data part's length
831 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
832 * CK_ULONG ulEncryptedPartLen)
833 * @return the decrypted data part and the data part's length
834 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
835 * @exception PKCS11Exception If function returns other value than CKR_OK.
836 * @preconditions (pEncryptedPart <> null)
837 * @postconditions
838 */
839 public native int C_DecryptUpdate(long hSession, long directIn, byte[] in,
840 int inOfs, int inLen, long directOut, byte[] out, int outOfs,
841 int outLen) throws PKCS11Exception;
842
843
844 /**
845 * C_DecryptFinal finishes a multiple-part decryption
846 * operation.
847 * (Encryption and decryption)
848 *
849 * @param hSession the session's handle
850 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
851 * @return the last decrypted data part and the last data part's length
852 * (PKCS#11 param: CK_BYTE_PTR pLastPart,
853 * CK_ULONG_PTR pulLastPartLen)
854 * @exception PKCS11Exception If function returns other value than CKR_OK.
855 * @preconditions
856 * @postconditions (result <> null)
857 */
858 public native int C_DecryptFinal(long hSession, long directOut, byte[] out,
859 int outOfs, int outLen) throws PKCS11Exception;
860
861
862
863 /* *****************************************************************************
864 * Message digesting
865 ******************************************************************************/
866
867 /**
868 * C_DigestInit initializes a message-digesting operation.
869 * (Message digesting)
870 *
871 * @param hSession the session's handle
872 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
873 * @param pMechanism the digesting mechanism
874 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
875 * @exception PKCS11Exception If function returns other value than CKR_OK.
876 * @preconditions
877 * @postconditions
878 */
879 public native void C_DigestInit(long hSession, CK_MECHANISM pMechanism)
880 throws PKCS11Exception;
881
882
883 // note that C_DigestSingle does not exist in PKCS#11
884 // we combined the C_DigestInit and C_Digest into a single function
885 // to save on Java<->C transitions and save 5-10% on small digests
886 // this made the C_Digest method redundant, it has been removed
887 /**
888 * C_Digest digests data in a single part.
889 * (Message digesting)
890 *
891 * @param hSession the session's handle
892 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
893 * @param data the data to get digested and the data's length
894 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
895 * @return the message digest and the length of the message digest
896 * (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
897 * @exception PKCS11Exception If function returns other value than CKR_OK.
898 * @preconditions (data <> null)
899 * @postconditions (result <> null)
900 */
901 public native int C_DigestSingle(long hSession, CK_MECHANISM pMechanism,
902 byte[] in, int inOfs, int inLen, byte[] digest, int digestOfs,
903 int digestLen) throws PKCS11Exception;
904
905
906 /**
907 * C_DigestUpdate continues a multiple-part message-digesting
908 * operation.
909 * (Message digesting)
910 *
911 * @param hSession the session's handle
912 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
913 * @param pPart the data to get digested and the data's length
914 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
915 * @exception PKCS11Exception If function returns other value than CKR_OK.
916 * @preconditions (pPart <> null)
917 * @postconditions
918 */
919 public native void C_DigestUpdate(long hSession, long directIn, byte[] in,
920 int inOfs, int inLen) throws PKCS11Exception;
921
922
923 /**
924 * C_DigestKey continues a multi-part message-digesting
925 * operation, by digesting the value of a secret key as part of
926 * the data already digested.
927 * (Message digesting)
928 *
929 * @param hSession the session's handle
930 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
931 * @param hKey the handle of the secret key to be digested
932 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
933 * @exception PKCS11Exception If function returns other value than CKR_OK.
934 * @preconditions
935 * @postconditions
936 */
937 public native void C_DigestKey(long hSession, long hKey)
938 throws PKCS11Exception;
939
940
941 /**
942 * C_DigestFinal finishes a multiple-part message-digesting
943 * operation.
944 * (Message digesting)
945 *
946 * @param hSession the session's handle
947 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
948 * @return the message digest and the length of the message digest
949 * (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
950 * @exception PKCS11Exception If function returns other value than CKR_OK.
951 * @preconditions
952 * @postconditions (result <> null)
953 */
954 public native int C_DigestFinal(long hSession, byte[] pDigest, int digestOfs,
955 int digestLen) throws PKCS11Exception;
956
957
958
959 /* *****************************************************************************
960 * Signing and MACing
961 ******************************************************************************/
962
963 /**
964 * C_SignInit initializes a signature (private key encryption)
965 * operation, where the signature is (will be) an appendix to
966 * the data, and plaintext cannot be recovered from the
967 * signature.
968 * (Signing and MACing)
969 *
970 * @param hSession the session's handle
971 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
972 * @param pMechanism the signature mechanism
973 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
974 * @param hKey the handle of the signature key
975 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
976 * @exception PKCS11Exception If function returns other value than CKR_OK.
977 * @preconditions
978 * @postconditions
979 */
980 public native void C_SignInit(long hSession, CK_MECHANISM pMechanism,
981 long hKey) throws PKCS11Exception;
982
983
984 /**
985 * C_Sign signs (encrypts with private key) data in a single
986 * part, where the signature is (will be) an appendix to the
987 * data, and plaintext cannot be recovered from the signature.
988 * (Signing and MACing)
989 *
990 * @param hSession the session's handle
991 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
992 * @param pData the data to sign and the data's length
993 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
994 * @return the signature and the signature's length
995 * (PKCS#11 param: CK_BYTE_PTR pSignature,
996 * CK_ULONG_PTR pulSignatureLen)
997 * @exception PKCS11Exception If function returns other value than CKR_OK.
998 * @preconditions (pData <> null)
999 * @postconditions (result <> null)
1000 */
1001 public native byte[] C_Sign(long hSession, byte[] pData)
1002 throws PKCS11Exception;
1003
1004
1005 /**
1006 * C_SignUpdate continues a multiple-part signature operation,
1007 * where the signature is (will be) an appendix to the data,
1008 * and plaintext cannot be recovered from the signature.
1009 * (Signing and MACing)
1010 *
1011 * @param hSession the session's handle
1012 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1013 * @param pPart the data part to sign and the data part's length
1014 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1015 * @exception PKCS11Exception If function returns other value than CKR_OK.
1016 * @preconditions (pPart <> null)
1017 * @postconditions
1018 */
1019 public native void C_SignUpdate(long hSession, long directIn, byte[] in,
1020 int inOfs, int inLen) throws PKCS11Exception;
1021
1022
1023 /**
1024 * C_SignFinal finishes a multiple-part signature operation,
1025 * returning the signature.
1026 * (Signing and MACing)
1027 *
1028 * @param hSession the session's handle
1029 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1030 * @return the signature and the signature's length
1031 * (PKCS#11 param: CK_BYTE_PTR pSignature,
1032 * CK_ULONG_PTR pulSignatureLen)
1033 * @exception PKCS11Exception If function returns other value than CKR_OK.
1034 * @preconditions
1035 * @postconditions (result <> null)
1036 */
1037 public native byte[] C_SignFinal(long hSession, int expectedLen)
1038 throws PKCS11Exception;
1039
1040
1041 /**
1042 * C_SignRecoverInit initializes a signature operation, where
1043 * the data can be recovered from the signature.
1044 * (Signing and MACing)
1045 *
1046 * @param hSession the session's handle
1047 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1048 * @param pMechanism the signature mechanism
1049 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1050 * @param hKey the handle of the signature key
1051 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1052 * @exception PKCS11Exception If function returns other value than CKR_OK.
1053 * @preconditions
1054 * @postconditions
1055 */
1056 public native void C_SignRecoverInit(long hSession, CK_MECHANISM pMechanism,
1057 long hKey) throws PKCS11Exception;
1058
1059
1060 /**
1061 * C_SignRecover signs data in a single operation, where the
1062 * data can be recovered from the signature.
1063 * (Signing and MACing)
1064 *
1065 * @param hSession the session's handle
1066 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1067 * @param pData the data to sign and the data's length
1068 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
1069 * @return the signature and the signature's length
1070 * (PKCS#11 param: CK_BYTE_PTR pSignature,
1071 * CK_ULONG_PTR pulSignatureLen)
1072 * @exception PKCS11Exception If function returns other value than CKR_OK.
1073 * @preconditions (pData <> null)
1074 * @postconditions (result <> null)
1075 */
1076 public native int C_SignRecover(long hSession, byte[] in, int inOfs,
1077 int inLen, byte[] out, int outOufs, int outLen)
1078 throws PKCS11Exception;
1079
1080
1081
1082 /* *****************************************************************************
1083 * Verifying signatures and MACs
1084 ******************************************************************************/
1085
1086 /**
1087 * C_VerifyInit initializes a verification operation, where the
1088 * signature is an appendix to the data, and plaintext cannot
1089 * cannot be recovered from the signature (e.g. DSA).
1090 * (Signing and MACing)
1091 *
1092 * @param hSession the session's handle
1093 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1094 * @param pMechanism the verification mechanism
1095 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1096 * @param hKey the handle of the verification key
1097 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1098 * @exception PKCS11Exception If function returns other value than CKR_OK.
1099 * @preconditions
1100 * @postconditions
1101 */
1102 public native void C_VerifyInit(long hSession, CK_MECHANISM pMechanism,
1103 long hKey) throws PKCS11Exception;
1104
1105
1106 /**
1107 * C_Verify verifies a signature in a single-part operation,
1108 * where the signature is an appendix to the data, and plaintext
1109 * cannot be recovered from the signature.
1110 * (Signing and MACing)
1111 *
1112 * @param hSession the session's handle
1113 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1114 * @param pData the signed data and the signed data's length
1115 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
1116 * @param pSignature the signature to verify and the signature's length
1117 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
1118 * @exception PKCS11Exception If function returns other value than CKR_OK.
1119 * @preconditions (pData <> null) and (pSignature <> null)
1120 * @postconditions
1121 */
1122 public native void C_Verify(long hSession, byte[] pData, byte[] pSignature)
1123 throws PKCS11Exception;
1124
1125
1126 /**
1127 * C_VerifyUpdate continues a multiple-part verification
1128 * operation, where the signature is an appendix to the data,
1129 * and plaintext cannot be recovered from the signature.
1130 * (Signing and MACing)
1131 *
1132 * @param hSession the session's handle
1133 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1134 * @param pPart the signed data part and the signed data part's length
1135 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1136 * @exception PKCS11Exception If function returns other value than CKR_OK.
1137 * @preconditions (pPart <> null)
1138 * @postconditions
1139 */
1140 public native void C_VerifyUpdate(long hSession, long directIn, byte[] in,
1141 int inOfs, int inLen) throws PKCS11Exception;
1142
1143
1144 /**
1145 * C_VerifyFinal finishes a multiple-part verification
1146 * operation, checking the signature.
1147 * (Signing and MACing)
1148 *
1149 * @param hSession the session's handle
1150 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1151 * @param pSignature the signature to verify and the signature's length
1152 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
1153 * @exception PKCS11Exception If function returns other value than CKR_OK.
1154 * @preconditions (pSignature <> null)
1155 * @postconditions
1156 */
1157 public native void C_VerifyFinal(long hSession, byte[] pSignature)
1158 throws PKCS11Exception;
1159
1160
1161 /**
1162 * C_VerifyRecoverInit initializes a signature verification
1163 * operation, where the data is recovered from the signature.
1164 * (Signing and MACing)
1165 *
1166 * @param hSession the session's handle
1167 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1168 * @param pMechanism the verification mechanism
1169 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1170 * @param hKey the handle of the verification key
1171 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1172 * @exception PKCS11Exception If function returns other value than CKR_OK.
1173 * @preconditions
1174 * @postconditions
1175 */
1176 public native void C_VerifyRecoverInit(long hSession,
1177 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception;
1178
1179
1180 /**
1181 * C_VerifyRecover verifies a signature in a single-part
1182 * operation, where the data is recovered from the signature.
1183 * (Signing and MACing)
1184 *
1185 * @param hSession the session's handle
1186 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1187 * @param pSignature the signature to verify and the signature's length
1188 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
1189 * @return the recovered data and the recovered data's length
1190 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
1191 * @exception PKCS11Exception If function returns other value than CKR_OK.
1192 * @preconditions (pSignature <> null)
1193 * @postconditions (result <> null)
1194 */
1195 public native int C_VerifyRecover(long hSession, byte[] in, int inOfs,
1196 int inLen, byte[] out, int outOufs, int outLen)
1197 throws PKCS11Exception;
1198
1199
1200
1201 /* *****************************************************************************
1202 * Dual-function cryptographic operations
1203 ******************************************************************************/
1204
1205 /**
1206 * C_DigestEncryptUpdate continues a multiple-part digesting
1207 * and encryption operation.
1208 * (Dual-function cryptographic operations)
1209 *
1210 * @param hSession the session's handle
1211 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1212 * @param pPart the data part to digest and to encrypt and the data's length
1213 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1214 * @return the digested and encrypted data part and the data part's length
1215 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1216 * CK_ULONG_PTR pulEncryptedPartLen)
1217 * @exception PKCS11Exception If function returns other value than CKR_OK.
1218 * @preconditions (pPart <> null)
1219 * @postconditions
1220 */
1221 // public native byte[] C_DigestEncryptUpdate(long hSession, byte[] pPart)
1222 // throws PKCS11Exception;
1223
1224
1225 /**
1226 * C_DecryptDigestUpdate continues a multiple-part decryption and
1227 * digesting operation.
1228 * (Dual-function cryptographic operations)
1229 *
1230 * @param hSession the session's handle
1231 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1232 * @param pEncryptedPart the encrypted data part to decrypt and to digest
1233 * and encrypted data part's length
1234 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1235 * CK_ULONG ulEncryptedPartLen)
1236 * @return the decrypted and digested data part and the data part's length
1237 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
1238 * @exception PKCS11Exception If function returns other value than CKR_OK.
1239 * @preconditions (pEncryptedPart <> null)
1240 * @postconditions
1241 */
1242 // public native byte[] C_DecryptDigestUpdate(long hSession,
1243 // byte[] pEncryptedPart) throws PKCS11Exception;
1244
1245
1246 /**
1247 * C_SignEncryptUpdate continues a multiple-part signing and
1248 * encryption operation.
1249 * (Dual-function cryptographic operations)
1250 *
1251 * @param hSession the session's handle
1252 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1253 * @param pPart the data part to sign and to encrypt and the data part's
1254 * length
1255 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1256 * @return the signed and encrypted data part and the data part's length
1257 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1258 * CK_ULONG_PTR pulEncryptedPartLen)
1259 * @exception PKCS11Exception If function returns other value than CKR_OK.
1260 * @preconditions (pPart <> null)
1261 * @postconditions
1262 */
1263 // public native byte[] C_SignEncryptUpdate(long hSession, byte[] pPart)
1264 // throws PKCS11Exception;
1265
1266
1267 /**
1268 * C_DecryptVerifyUpdate continues a multiple-part decryption and
1269 * verify operation.
1270 * (Dual-function cryptographic operations)
1271 *
1272 * @param hSession the session's handle
1273 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1274 * @param pEncryptedPart the encrypted data part to decrypt and to verify
1275 * and the data part's length
1276 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1277 * CK_ULONG ulEncryptedPartLen)
1278 * @return the decrypted and verified data part and the data part's length
1279 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
1280 * @exception PKCS11Exception If function returns other value than CKR_OK.
1281 * @preconditions (pEncryptedPart <> null)
1282 * @postconditions
1283 */
1284 // public native byte[] C_DecryptVerifyUpdate(long hSession,
1285 // byte[] pEncryptedPart) throws PKCS11Exception;
1286
1287
1288
1289 /* *****************************************************************************
1290 * Key management
1291 ******************************************************************************/
1292
1293 /**
1294 * getNativeKeyInfo gets the key object attributes and values as an opaque
1295 * byte array to be used in createNativeKey method.
1296 * (Key management)
1297 *
1298 * @param hSession the session's handle
1299 * @param hKey key's handle
1300 * @param hWrappingKey wrapping key's handle to extract sensible keys. -1 if not used.
1301 * @return an opaque byte array containing the key object attributes and values
1302 * @exception PKCS11Exception If an internal PKCS#11 function returns other
1303 * value than CKR_OK.
1304 * @preconditions
1305 * @postconditions
1306 */
1307 public native byte[] getNativeKeyInfo(long hSession, long hKey, long hWrappingKey) throws PKCS11Exception;
1308
1309 /**
1310 * createNativeKey creates a key object with attributes and values specified
1311 * by parameter as an opaque byte array.
1312 * (Key management)
1313 *
1314 * @param hSession the session's handle
1315 * @param keyInfo opaque byte array containing key object attributes and values
1316 * @param hWrappingKey wrapping key's handle for extracted sensible keys. -1 if not used.
1317 * @return key object handle
1318 * @exception PKCS11Exception If an internal PKCS#11 function returns other
1319 * value than CKR_OK.
1320 * @preconditions
1321 * @postconditions
1322 */
1323 public native long createNativeKey(long hSession, byte[] keyInfo, long hWrappingKey) throws PKCS11Exception;
1324
1325 /**
1326 * C_GenerateKey generates a secret key, creating a new key
1327 * object.
1328 * (Key management)
1329 *
1330 * @param hSession the session's handle
1331 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1332 * @param pMechanism the key generation mechanism
1333 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1334 * @param pTemplate the template for the new key and the number of
1335 * attributes in the template
1336 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
1337 * @return the handle of the new key
1338 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
1339 * @exception PKCS11Exception If function returns other value than CKR_OK.
1340 * @preconditions
1341 * @postconditions
1342 */
1343 public native long C_GenerateKey(long hSession, CK_MECHANISM pMechanism,
1344 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
1345
1346
1347 /**
1348 * C_GenerateKeyPair generates a public-key/private-key pair,
1349 * creating new key objects.
1350 * (Key management)
1351 *
1352 * @param hSession the session's handle
1353 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1354 * @param pMechanism the key generation mechanism
1355 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1356 * @param pPublicKeyTemplate the template for the new public key and the
1357 * number of attributes in the template
1358 * (PKCS#11 param: CK_ATTRIBUTE_PTR pPublicKeyTemplate,
1359 * CK_ULONG ulPublicKeyAttributeCount)
1360 * @param pPrivateKeyTemplate the template for the new private key and the
1361 * number of attributes in the template
1362 * (PKCS#11 param: CK_ATTRIBUTE_PTR pPrivateKeyTemplate
1363 * CK_ULONG ulPrivateKeyAttributeCount)
1364 * @return a long array with exactly two elements and the public key handle
1365 * as the first element and the private key handle as the second
1366 * element
1367 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phPublicKey,
1368 * CK_OBJECT_HANDLE_PTR phPrivateKey)
1369 * @exception PKCS11Exception If function returns other value than CKR_OK.
1370 * @preconditions (pMechanism <> null)
1371 * @postconditions (result <> null) and (result.length == 2)
1372 */
1373 public native long[] C_GenerateKeyPair(long hSession,
1374 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate,
1375 CK_ATTRIBUTE[] pPrivateKeyTemplate) throws PKCS11Exception;
1376
1377
1378
1379 /**
1380 * C_WrapKey wraps (i.e., encrypts) a key.
1381 * (Key management)
1382 *
1383 * @param hSession the session's handle
1384 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1385 * @param pMechanism the wrapping mechanism
1386 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1387 * @param hWrappingKey the handle of the wrapping key
1388 * (PKCS#11 param: CK_OBJECT_HANDLE hWrappingKey)
1389 * @param hKey the handle of the key to be wrapped
1390 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1391 * @return the wrapped key and the length of the wrapped key
1392 * (PKCS#11 param: CK_BYTE_PTR pWrappedKey,
1393 * CK_ULONG_PTR pulWrappedKeyLen)
1394 * @exception PKCS11Exception If function returns other value than CKR_OK.
1395 * @preconditions
1396 * @postconditions (result <> null)
1397 */
1398 public native byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism,
1399 long hWrappingKey, long hKey) throws PKCS11Exception;
1400
1401
1402 /**
1403 * C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
1404 * key object.
1405 * (Key management)
1406 *
1407 * @param hSession the session's handle
1408 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1409 * @param pMechanism the unwrapping mechanism
1410 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1411 * @param hUnwrappingKey the handle of the unwrapping key
1412 * (PKCS#11 param: CK_OBJECT_HANDLE hUnwrappingKey)
1413 * @param pWrappedKey the wrapped key to unwrap and the wrapped key's length
1414 * (PKCS#11 param: CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen)
1415 * @param pTemplate the template for the new key and the number of
1416 * attributes in the template
1417 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
1418 * @return the handle of the unwrapped key
1419 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
1420 * @exception PKCS11Exception If function returns other value than CKR_OK.
1421 * @preconditions (pWrappedKey <> null)
1422 * @postconditions
1423 */
1424 public native long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism,
1425 long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate)
1426 throws PKCS11Exception;
1427
1428
1429 /**
1430 * C_DeriveKey derives a key from a base key, creating a new key
1431 * object.
1432 * (Key management)
1433 *
1434 * @param hSession the session's handle
1435 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1436 * @param pMechanism the key derivation mechanism
1437 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1438 * @param hBaseKey the handle of the base key
1439 * (PKCS#11 param: CK_OBJECT_HANDLE hBaseKey)
1440 * @param pTemplate the template for the new key and the number of
1441 * attributes in the template
1442 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
1443 * @return the handle of the derived key
1444 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
1445 * @exception PKCS11Exception If function returns other value than CKR_OK.
1446 * @preconditions
1447 * @postconditions
1448 */
1449 public native long C_DeriveKey(long hSession, CK_MECHANISM pMechanism,
1450 long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
1451
1452
1453
1454 /* *****************************************************************************
1455 * Random number generation
1456 ******************************************************************************/
1457
1458 /**
1459 * C_SeedRandom mixes additional seed material into the token's
1460 * random number generator.
1461 * (Random number generation)
1462 *
1463 * @param hSession the session's handle
1464 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1465 * @param pSeed the seed material and the seed material's length
1466 * (PKCS#11 param: CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen)
1467 * @exception PKCS11Exception If function returns other value than CKR_OK.
1468 * @preconditions (pSeed <> null)
1469 * @postconditions
1470 */
1471 public native void C_SeedRandom(long hSession, byte[] pSeed)
1472 throws PKCS11Exception;
1473
1474
1475 /**
1476 * C_GenerateRandom generates random data.
1477 * (Random number generation)
1478 *
1479 * @param hSession the session's handle
1480 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1481 * @param RandomData receives the random data and the length of RandomData
1482 * is the length of random data to be generated
1483 * (PKCS#11 param: CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen)
1484 * @exception PKCS11Exception If function returns other value than CKR_OK.
1485 * @preconditions (randomData <> null)
1486 * @postconditions
1487 */
1488 public native void C_GenerateRandom(long hSession, byte[] randomData)
1489 throws PKCS11Exception;
1490
1491
1492
1493 /* *****************************************************************************
1494 * Parallel function management
1495 ******************************************************************************/
1496
1497 /**
1498 * C_GetFunctionStatus is a legacy function; it obtains an
1499 * updated status of a function running in parallel with an
1500 * application.
1501 * (Parallel function management)
1502 *
1503 * @param hSession the session's handle
1504 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1505 * @exception PKCS11Exception If function returns other value than CKR_OK.
1506 * @preconditions
1507 * @postconditions
1508 */
1509 // public native void C_GetFunctionStatus(long hSession)
1510 // throws PKCS11Exception;
1511
1512
1513 /**
1514 * C_CancelFunction is a legacy function; it cancels a function
1515 * running in parallel.
1516 * (Parallel function management)
1517 *
1518 * @param hSession the session's handle
1519 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1520 * @exception PKCS11Exception If function returns other value than CKR_OK.
1521 * @preconditions
1522 * @postconditions
1523 */
1524 // public native void C_CancelFunction(long hSession) throws PKCS11Exception;
1525
1526
1527
1528 /* *****************************************************************************
1529 * Functions added in for Cryptoki Version 2.01 or later
1530 ******************************************************************************/
1531
1532 /**
1533 * C_WaitForSlotEvent waits for a slot event (token insertion,
1534 * removal, etc.) to occur.
1535 * (General-purpose)
1536 *
1537 * @param flags blocking/nonblocking flag
1538 * (PKCS#11 param: CK_FLAGS flags)
1539 * @param pReserved reserved. Should be null
1540 * (PKCS#11 param: CK_VOID_PTR pReserved)
1541 * @return the slot ID where the event occurred
1542 * (PKCS#11 param: CK_SLOT_ID_PTR pSlot)
1543 * @exception PKCS11Exception If function returns other value than CKR_OK.
1544 * @preconditions (pRserved == null)
1545 * @postconditions
1546 */
1547 // public native long C_WaitForSlotEvent(long flags, Object pRserved)
1548 // throws PKCS11Exception;
1549
1550 /**
1551 * Returns the string representation of this object.
1552 *
1553 * @return The string representation of object
1554 */
1555 public String toString() {
1556 return "Module name: " + pkcs11ModulePath;
1557 }
1558
1559 /**
1560 * Calls disconnect() to cleanup the native part of the wrapper. Once this
1561 * method is called, this object cannot be used any longer. Any subsequent
1562 * call to a C_* method will result in a runtime exception.
1563 *
1564 * @exception Throwable If finalization fails.
1565 */
1566 @SuppressWarnings("deprecation")
1567 protected void finalize() throws Throwable {
1568 disconnect();
1569 }
1570
1571 // PKCS11 subclass that has all methods synchronized and delegating to the
1572 // parent. Used for tokens that only support single threaded access
1573 static class SynchronizedPKCS11 extends PKCS11 {
1574
1575 SynchronizedPKCS11(String pkcs11ModulePath, String functionListName)
1576 throws IOException {
1577 super(pkcs11ModulePath, functionListName);
1578 }
1579
1580 synchronized void C_Initialize(Object pInitArgs) throws PKCS11Exception {
1581 super.C_Initialize(pInitArgs);
1582 }
1583
1584 public synchronized void C_Finalize(Object pReserved)
1585 throws PKCS11Exception {
1586 super.C_Finalize(pReserved);
1587 }
1588
1589 public synchronized CK_INFO C_GetInfo() throws PKCS11Exception {
1590 return super.C_GetInfo();
1591 }
1592
1593 public synchronized long[] C_GetSlotList(boolean tokenPresent)
1594 throws PKCS11Exception {
1595 return super.C_GetSlotList(tokenPresent);
1596 }
1597
1598 public synchronized CK_SLOT_INFO C_GetSlotInfo(long slotID)
1599 throws PKCS11Exception {
1600 return super.C_GetSlotInfo(slotID);
1601 }
1602
1603 public synchronized CK_TOKEN_INFO C_GetTokenInfo(long slotID)
1604 throws PKCS11Exception {
1605 return super.C_GetTokenInfo(slotID);
1606 }
1607
1608 public synchronized long[] C_GetMechanismList(long slotID)
1609 throws PKCS11Exception {
1610 return super.C_GetMechanismList(slotID);
1611 }
1612
1613 public synchronized CK_MECHANISM_INFO C_GetMechanismInfo(long slotID,
1614 long type) throws PKCS11Exception {
1615 return super.C_GetMechanismInfo(slotID, type);
1616 }
1617
1618 public synchronized long C_OpenSession(long slotID, long flags,
1619 Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception {
1620 return super.C_OpenSession(slotID, flags, pApplication, Notify);
1621 }
1622
1623 public synchronized void C_CloseSession(long hSession)
1624 throws PKCS11Exception {
1625 super.C_CloseSession(hSession);
1626 }
1627
1628 public synchronized CK_SESSION_INFO C_GetSessionInfo(long hSession)
1629 throws PKCS11Exception {
1630 return super.C_GetSessionInfo(hSession);
1631 }
1632
1633 public synchronized void C_Login(long hSession, long userType, char[] pPin)
1634 throws PKCS11Exception {
1635 super.C_Login(hSession, userType, pPin);
1636 }
1637
1638 public synchronized void C_Logout(long hSession) throws PKCS11Exception {
1639 super.C_Logout(hSession);
1640 }
1641
1642 public synchronized long C_CreateObject(long hSession,
1643 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1644 return super.C_CreateObject(hSession, pTemplate);
1645 }
1646
1647 public synchronized long C_CopyObject(long hSession, long hObject,
1648 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1649 return super.C_CopyObject(hSession, hObject, pTemplate);
1650 }
1651
1652 public synchronized void C_DestroyObject(long hSession, long hObject)
1653 throws PKCS11Exception {
1654 super.C_DestroyObject(hSession, hObject);
1655 }
1656
1657 public synchronized void C_GetAttributeValue(long hSession, long hObject,
1658 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1659 super.C_GetAttributeValue(hSession, hObject, pTemplate);
1660 }
1661
1662 public synchronized void C_SetAttributeValue(long hSession, long hObject,
1663 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1664 super.C_SetAttributeValue(hSession, hObject, pTemplate);
1665 }
1666
1667 public synchronized void C_FindObjectsInit(long hSession,
1668 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1669 super.C_FindObjectsInit(hSession, pTemplate);
1670 }
1671
1672 public synchronized long[] C_FindObjects(long hSession,
1673 long ulMaxObjectCount) throws PKCS11Exception {
1674 return super.C_FindObjects(hSession, ulMaxObjectCount);
1675 }
1676
1677 public synchronized void C_FindObjectsFinal(long hSession)
1678 throws PKCS11Exception {
1679 super.C_FindObjectsFinal(hSession);
1680 }
1681
1682 public synchronized void C_EncryptInit(long hSession,
1683 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1684 super.C_EncryptInit(hSession, pMechanism, hKey);
1685 }
1686
1687 public synchronized int C_Encrypt(long hSession, byte[] in, int inOfs,
1688 int inLen, byte[] out, int outOfs, int outLen)
1689 throws PKCS11Exception {
1690 return super.C_Encrypt(hSession, in, inOfs, inLen, out, outOfs, outLen);
1691 }
1692
1693 public synchronized int C_EncryptUpdate(long hSession, long directIn,
1694 byte[] in, int inOfs, int inLen, long directOut, byte[] out,
1695 int outOfs, int outLen) throws PKCS11Exception {
1696 return super.C_EncryptUpdate(hSession, directIn, in, inOfs, inLen,
1697 directOut, out, outOfs, outLen);
1698 }
1699
1700 public synchronized int C_EncryptFinal(long hSession, long directOut,
1701 byte[] out, int outOfs, int outLen) throws PKCS11Exception {
1702 return super.C_EncryptFinal(hSession, directOut, out, outOfs, outLen);
1703 }
1704
1705 public synchronized void C_DecryptInit(long hSession,
1706 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1707 super.C_DecryptInit(hSession, pMechanism, hKey);
1708 }
1709
1710 public synchronized int C_Decrypt(long hSession, byte[] in, int inOfs,
1711 int inLen, byte[] out, int outOfs, int outLen)
1712 throws PKCS11Exception {
1713 return super.C_Decrypt(hSession, in, inOfs, inLen, out, outOfs, outLen);
1714 }
1715
1716 public synchronized int C_DecryptUpdate(long hSession, long directIn,
1717 byte[] in, int inOfs, int inLen, long directOut, byte[] out,
1718 int outOfs, int outLen) throws PKCS11Exception {
1719 return super.C_DecryptUpdate(hSession, directIn, in, inOfs, inLen,
1720 directOut, out, outOfs, outLen);
1721 }
1722
1723 public synchronized int C_DecryptFinal(long hSession, long directOut,
1724 byte[] out, int outOfs, int outLen) throws PKCS11Exception {
1725 return super.C_DecryptFinal(hSession, directOut, out, outOfs, outLen);
1726 }
1727
1728 public synchronized void C_DigestInit(long hSession, CK_MECHANISM pMechanism)
1729 throws PKCS11Exception {
1730 super.C_DigestInit(hSession, pMechanism);
1731 }
1732
1733 public synchronized int C_DigestSingle(long hSession,
1734 CK_MECHANISM pMechanism, byte[] in, int inOfs, int inLen,
1735 byte[] digest, int digestOfs, int digestLen) throws PKCS11Exception {
1736 return super.C_DigestSingle(hSession, pMechanism, in, inOfs, inLen,
1737 digest, digestOfs, digestLen);
1738 }
1739
1740 public synchronized void C_DigestUpdate(long hSession, long directIn,
1741 byte[] in, int inOfs, int inLen) throws PKCS11Exception {
1742 super.C_DigestUpdate(hSession, directIn, in, inOfs, inLen);
1743 }
1744
1745 public synchronized void C_DigestKey(long hSession, long hKey)
1746 throws PKCS11Exception {
1747 super.C_DigestKey(hSession, hKey);
1748 }
1749
1750 public synchronized int C_DigestFinal(long hSession, byte[] pDigest,
1751 int digestOfs, int digestLen) throws PKCS11Exception {
1752 return super.C_DigestFinal(hSession, pDigest, digestOfs, digestLen);
1753 }
1754
1755 public synchronized void C_SignInit(long hSession, CK_MECHANISM pMechanism,
1756 long hKey) throws PKCS11Exception {
1757 super.C_SignInit(hSession, pMechanism, hKey);
1758 }
1759
1760 public synchronized byte[] C_Sign(long hSession, byte[] pData)
1761 throws PKCS11Exception {
1762 return super.C_Sign(hSession, pData);
1763 }
1764
1765 public synchronized void C_SignUpdate(long hSession, long directIn,
1766 byte[] in, int inOfs, int inLen) throws PKCS11Exception {
1767 super.C_SignUpdate(hSession, directIn, in, inOfs, inLen);
1768 }
1769
1770 public synchronized byte[] C_SignFinal(long hSession, int expectedLen)
1771 throws PKCS11Exception {
1772 return super.C_SignFinal(hSession, expectedLen);
1773 }
1774
1775 public synchronized void C_SignRecoverInit(long hSession,
1776 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1777 super.C_SignRecoverInit(hSession, pMechanism, hKey);
1778 }
1779
1780 public synchronized int C_SignRecover(long hSession, byte[] in, int inOfs,
1781 int inLen, byte[] out, int outOufs, int outLen)
1782 throws PKCS11Exception {
1783 return super.C_SignRecover(hSession, in, inOfs, inLen, out, outOufs,
1784 outLen);
1785 }
1786
1787 public synchronized void C_VerifyInit(long hSession, CK_MECHANISM pMechanism,
1788 long hKey) throws PKCS11Exception {
1789 super.C_VerifyInit(hSession, pMechanism, hKey);
1790 }
1791
1792 public synchronized void C_Verify(long hSession, byte[] pData,
1793 byte[] pSignature) throws PKCS11Exception {
1794 super.C_Verify(hSession, pData, pSignature);
1795 }
1796
1797 public synchronized void C_VerifyUpdate(long hSession, long directIn,
1798 byte[] in, int inOfs, int inLen) throws PKCS11Exception {
1799 super.C_VerifyUpdate(hSession, directIn, in, inOfs, inLen);
1800 }
1801
1802 public synchronized void C_VerifyFinal(long hSession, byte[] pSignature)
1803 throws PKCS11Exception {
1804 super.C_VerifyFinal(hSession, pSignature);
1805 }
1806
1807 public synchronized void C_VerifyRecoverInit(long hSession,
1808 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1809 super.C_VerifyRecoverInit(hSession, pMechanism, hKey);
1810 }
1811
1812 public synchronized int C_VerifyRecover(long hSession, byte[] in, int inOfs,
1813 int inLen, byte[] out, int outOufs, int outLen)
1814 throws PKCS11Exception {
1815 return super.C_VerifyRecover(hSession, in, inOfs, inLen, out, outOufs,
1816 outLen);
1817 }
1818
1819 public synchronized long C_GenerateKey(long hSession,
1820 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pTemplate)
1821 throws PKCS11Exception {
1822 return super.C_GenerateKey(hSession, pMechanism, pTemplate);
1823 }
1824
1825 public synchronized long[] C_GenerateKeyPair(long hSession,
1826 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate,
1827 CK_ATTRIBUTE[] pPrivateKeyTemplate)
1828 throws PKCS11Exception {
1829 return super.C_GenerateKeyPair(hSession, pMechanism, pPublicKeyTemplate,
1830 pPrivateKeyTemplate);
1831 }
1832
1833 public synchronized byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism,
1834 long hWrappingKey, long hKey) throws PKCS11Exception {
1835 return super.C_WrapKey(hSession, pMechanism, hWrappingKey, hKey);
1836 }
1837
1838 public synchronized long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism,
1839 long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate)
1840 throws PKCS11Exception {
1841 return super.C_UnwrapKey(hSession, pMechanism, hUnwrappingKey,
1842 pWrappedKey, pTemplate);
1843 }
1844
1845 public synchronized long C_DeriveKey(long hSession, CK_MECHANISM pMechanism,
1846 long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1847 return super.C_DeriveKey(hSession, pMechanism, hBaseKey, pTemplate);
1848 }
1849
1850 public synchronized void C_SeedRandom(long hSession, byte[] pSeed)
1851 throws PKCS11Exception {
1852 super.C_SeedRandom(hSession, pSeed);
1853 }
1854
1855 public synchronized void C_GenerateRandom(long hSession, byte[] randomData)
1856 throws PKCS11Exception {
1857 super.C_GenerateRandom(hSession, randomData);
1858 }
1859 }
1860 }