1 /* 2 * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved. 3 */ 4 5 /* Copyright (c) 2002 Graz University of Technology. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright notice, 11 * this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright notice, 14 * this list of conditions and the following disclaimer in the documentation 15 * and/or other materials provided with the distribution. 16 * 17 * 3. The end-user documentation included with the redistribution, if any, must 18 * include the following acknowledgment: 19 * 20 * "This product includes software developed by IAIK of Graz University of 21 * Technology." 22 * 23 * Alternately, this acknowledgment may appear in the software itself, if 24 * and wherever such third-party acknowledgments normally appear. 25 * 26 * 4. The names "Graz University of Technology" and "IAIK of Graz University of 27 * Technology" must not be used to endorse or promote products derived from 28 * this software without prior written permission. 29 * 30 * 5. Products derived from this software may not be called 31 * "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior 32 * written permission of Graz University of Technology. 33 * 34 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED 35 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 36 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE 38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, 41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 45 * POSSIBILITY OF SUCH DAMAGE. 46 */ 47 48 package sun.security.pkcs11.wrapper; 49 50 import java.io.File; 51 import java.io.IOException; 52 import java.util.*; 53 54 import java.security.AccessController; 55 import java.security.PrivilegedAction; 56 57 import sun.security.util.Debug; 58 59 import static sun.security.pkcs11.wrapper.PKCS11Constants.*; 60 61 /** 62 * This is the default implementation of the PKCS11 interface. IT connects to 63 * the pkcs11wrapper.dll file, which is the native part of this library. 64 * The strange and awkward looking initialization was chosen to avoid calling 65 * loadLibrary from a static initialization block, because this would complicate 66 * the use in applets. 67 * 68 * @author Karl Scheibelhofer <Karl.Scheibelhofer@iaik.at> 69 * @author Martin Schlaeffer <schlaeff@sbox.tugraz.at> 70 * @invariants (pkcs11ModulePath_ <> null) 71 */ 72 public class PKCS11 { 73 74 /** 75 * The name of the native part of the wrapper; i.e. the filename without 76 * the extension (e.g. ".DLL" or ".so"). 77 */ 78 private static final String PKCS11_WRAPPER = "j2pkcs11"; 79 80 static { 81 // cannot use LoadLibraryAction because that would make the native 82 // library available to the bootclassloader, but we run in the 83 // extension classloader. 84 AccessController.doPrivileged(new PrivilegedAction<Object>() { 85 public Object run() { 86 System.loadLibrary(PKCS11_WRAPPER); 87 return null; 88 } 89 }); 90 boolean enableDebug = Debug.getInstance("sunpkcs11") != null; 91 initializeLibrary(enableDebug); 92 } 93 94 public static void loadNative() { 95 // dummy method that can be called to make sure the native 96 // portion has been loaded. actual loading happens in the 97 // static initializer, hence this method is empty. 98 } 99 100 /** 101 * The PKCS#11 module to connect to. This is the PKCS#11 driver of the token; 102 * e.g. pk2priv.dll. 103 */ 104 private final String pkcs11ModulePath; 105 106 private long pNativeData; 107 108 /** 109 * This method does the initialization of the native library. It is called 110 * exactly once for this class. 111 * 112 * @preconditions 113 * @postconditions 114 */ 115 private static native void initializeLibrary(boolean debug); 116 117 // XXX 118 /** 119 * This method does the finalization of the native library. It is called 120 * exactly once for this class. The library uses this method for a clean-up 121 * of any resources. 122 * 123 * @preconditions 124 * @postconditions 125 */ 126 private static native void finalizeLibrary(); 127 128 private static final Map<String,PKCS11> moduleMap = 129 new HashMap<String,PKCS11>(); 130 131 /** 132 * Connects to the PKCS#11 driver given. The filename must contain the 133 * path, if the driver is not in the system's search path. 134 * 135 * @param pkcs11ModulePath the PKCS#11 library path 136 * @preconditions (pkcs11ModulePath <> null) 137 * @postconditions 138 */ 139 PKCS11(String pkcs11ModulePath, String functionListName) 140 throws IOException { 141 connect(pkcs11ModulePath, functionListName); 142 this.pkcs11ModulePath = pkcs11ModulePath; 143 } 144 145 public static synchronized PKCS11 getInstance(String pkcs11ModulePath, 146 String functionList, CK_C_INITIALIZE_ARGS pInitArgs, 147 boolean omitInitialize) throws IOException, PKCS11Exception { 148 // we may only call C_Initialize once per native .so/.dll 149 // so keep a cache using the (non-canonicalized!) path 150 PKCS11 pkcs11 = moduleMap.get(pkcs11ModulePath); 151 if (pkcs11 == null) { 152 if ((pInitArgs != null) 153 && ((pInitArgs.flags & CKF_OS_LOCKING_OK) != 0)) { 154 pkcs11 = new PKCS11(pkcs11ModulePath, functionList); 155 } else { 156 pkcs11 = new SynchronizedPKCS11(pkcs11ModulePath, functionList); 157 } 158 if (omitInitialize == false) { 159 try { 160 pkcs11.C_Initialize(pInitArgs); 161 } catch (PKCS11Exception e) { 162 // ignore already-initialized error code 163 // rethrow all other errors 164 if (e.getErrorCode() != CKR_CRYPTOKI_ALREADY_INITIALIZED) { 165 throw e; 166 } 167 } 168 } 169 moduleMap.put(pkcs11ModulePath, pkcs11); 170 } 171 return pkcs11; 172 } 173 174 /** 175 * Connects this object to the specified PKCS#11 library. This method is for 176 * internal use only. 177 * Declared private, because incorrect handling may result in errors in the 178 * native part. 179 * 180 * @param pkcs11ModulePath The PKCS#11 library path. 181 * @preconditions (pkcs11ModulePath <> null) 182 * @postconditions 183 */ 184 private native void connect(String pkcs11ModulePath, String functionListName) 185 throws IOException; 186 187 /** 188 * Disconnects the PKCS#11 library from this object. After calling this 189 * method, this object is no longer connected to a native PKCS#11 module 190 * and any subsequent calls to C_ methods will fail. This method is for 191 * internal use only. 192 * Declared private, because incorrect handling may result in errors in the 193 * native part. 194 * 195 * @preconditions 196 * @postconditions 197 */ 198 private native void disconnect(); 199 200 201 // Implementation of PKCS11 methods delegated to native pkcs11wrapper library 202 203 /* ***************************************************************************** 204 * General-purpose 205 ******************************************************************************/ 206 207 /** 208 * C_Initialize initializes the Cryptoki library. 209 * (General-purpose) 210 * 211 * @param pInitArgs if pInitArgs is not NULL it gets casted to 212 * CK_C_INITIALIZE_ARGS_PTR and dereferenced 213 * (PKCS#11 param: CK_VOID_PTR pInitArgs) 214 * @exception PKCS11Exception If function returns other value than CKR_OK. 215 * @preconditions 216 * @postconditions 217 */ 218 native void C_Initialize(Object pInitArgs) throws PKCS11Exception; 219 220 /** 221 * C_Finalize indicates that an application is done with the 222 * Cryptoki library 223 * (General-purpose) 224 * 225 * @param pReserved is reserved. Should be NULL_PTR 226 * (PKCS#11 param: CK_VOID_PTR pReserved) 227 * @exception PKCS11Exception If function returns other value than CKR_OK. 228 * @preconditions (pReserved == null) 229 * @postconditions 230 */ 231 public native void C_Finalize(Object pReserved) throws PKCS11Exception; 232 233 234 /** 235 * C_GetInfo returns general information about Cryptoki. 236 * (General-purpose) 237 * 238 * @return the information. 239 * (PKCS#11 param: CK_INFO_PTR pInfo) 240 * @exception PKCS11Exception If function returns other value than CKR_OK. 241 * @preconditions 242 * @postconditions (result <> null) 243 */ 244 public native CK_INFO C_GetInfo() throws PKCS11Exception; 245 246 247 /* ***************************************************************************** 248 * Slot and token management 249 ******************************************************************************/ 250 251 /** 252 * C_GetSlotList obtains a list of slots in the system. 253 * (Slot and token management) 254 * 255 * @param tokenPresent if true only Slot IDs with a token are returned 256 * (PKCS#11 param: CK_BBOOL tokenPresent) 257 * @return a long array of slot IDs and number of Slot IDs 258 * (PKCS#11 param: CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) 259 * @exception PKCS11Exception If function returns other value than CKR_OK. 260 * @preconditions 261 * @postconditions (result <> null) 262 */ 263 public native long[] C_GetSlotList(boolean tokenPresent) 264 throws PKCS11Exception; 265 266 267 /** 268 * C_GetSlotInfo obtains information about a particular slot in 269 * the system. 270 * (Slot and token management) 271 * 272 * @param slotID the ID of the slot 273 * (PKCS#11 param: CK_SLOT_ID slotID) 274 * @return the slot information 275 * (PKCS#11 param: CK_SLOT_INFO_PTR pInfo) 276 * @exception PKCS11Exception If function returns other value than CKR_OK. 277 * @preconditions 278 * @postconditions (result <> null) 279 */ 280 public native CK_SLOT_INFO C_GetSlotInfo(long slotID) throws PKCS11Exception; 281 282 283 /** 284 * C_GetTokenInfo obtains information about a particular token 285 * in the system. 286 * (Slot and token management) 287 * 288 * @param slotID ID of the token's slot 289 * (PKCS#11 param: CK_SLOT_ID slotID) 290 * @return the token information 291 * (PKCS#11 param: CK_TOKEN_INFO_PTR pInfo) 292 * @exception PKCS11Exception If function returns other value than CKR_OK. 293 * @preconditions 294 * @postconditions (result <> null) 295 */ 296 public native CK_TOKEN_INFO C_GetTokenInfo(long slotID) 297 throws PKCS11Exception; 298 299 300 /** 301 * C_GetMechanismList obtains a list of mechanism types 302 * supported by a token. 303 * (Slot and token management) 304 * 305 * @param slotID ID of the token's slot 306 * (PKCS#11 param: CK_SLOT_ID slotID) 307 * @return a long array of mechanism types and number of mechanism types 308 * (PKCS#11 param: CK_MECHANISM_TYPE_PTR pMechanismList, 309 * CK_ULONG_PTR pulCount) 310 * @exception PKCS11Exception If function returns other value than CKR_OK. 311 * @preconditions 312 * @postconditions (result <> null) 313 */ 314 public native long[] C_GetMechanismList(long slotID) throws PKCS11Exception; 315 316 317 /** 318 * C_GetMechanismInfo obtains information about a particular 319 * mechanism possibly supported by a token. 320 * (Slot and token management) 321 * 322 * @param slotID ID of the token's slot 323 * (PKCS#11 param: CK_SLOT_ID slotID) 324 * @param type type of mechanism 325 * (PKCS#11 param: CK_MECHANISM_TYPE type) 326 * @return the mechanism info 327 * (PKCS#11 param: CK_MECHANISM_INFO_PTR pInfo) 328 * @exception PKCS11Exception If function returns other value than CKR_OK. 329 * @preconditions 330 * @postconditions (result <> null) 331 */ 332 public native CK_MECHANISM_INFO C_GetMechanismInfo(long slotID, long type) 333 throws PKCS11Exception; 334 335 336 /** 337 * C_InitToken initializes a token. 338 * (Slot and token management) 339 * 340 * @param slotID ID of the token's slot 341 * (PKCS#11 param: CK_SLOT_ID slotID) 342 * @param pPin the SO's initial PIN and the length in bytes of the PIN 343 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen) 344 * @param pLabel 32-byte token label (blank padded) 345 * (PKCS#11 param: CK_UTF8CHAR_PTR pLabel) 346 * @exception PKCS11Exception If function returns other value than CKR_OK. 347 * @preconditions 348 * @postconditions 349 */ 350 // public native void C_InitToken(long slotID, char[] pPin, char[] pLabel) 351 // throws PKCS11Exception; 352 353 354 /** 355 * C_InitPIN initializes the normal user's PIN. 356 * (Slot and token management) 357 * 358 * @param hSession the session's handle 359 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 360 * @param pPin the normal user's PIN and the length in bytes of the PIN 361 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen) 362 * @exception PKCS11Exception If function returns other value than CKR_OK. 363 * @preconditions 364 * @postconditions 365 */ 366 // public native void C_InitPIN(long hSession, char[] pPin) 367 // throws PKCS11Exception; 368 369 370 /** 371 * C_SetPIN modifies the PIN of the user who is logged in. 372 * (Slot and token management) 373 * 374 * @param hSession the session's handle 375 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 376 * @param pOldPin the old PIN and the length of the old PIN 377 * (PKCS#11 param: CK_CHAR_PTR pOldPin, CK_ULONG ulOldLen) 378 * @param pNewPin the new PIN and the length of the new PIN 379 * (PKCS#11 param: CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen) 380 * @exception PKCS11Exception If function returns other value than CKR_OK. 381 * @preconditions 382 * @postconditions 383 */ 384 // public native void C_SetPIN(long hSession, char[] pOldPin, char[] pNewPin) 385 // throws PKCS11Exception; 386 387 388 389 /* ***************************************************************************** 390 * Session management 391 ******************************************************************************/ 392 393 /** 394 * C_OpenSession opens a session between an application and a 395 * token. 396 * (Session management) 397 * 398 * @param slotID the slot's ID 399 * (PKCS#11 param: CK_SLOT_ID slotID) 400 * @param flags of CK_SESSION_INFO 401 * (PKCS#11 param: CK_FLAGS flags) 402 * @param pApplication passed to callback 403 * (PKCS#11 param: CK_VOID_PTR pApplication) 404 * @param Notify the callback function 405 * (PKCS#11 param: CK_NOTIFY Notify) 406 * @return the session handle 407 * (PKCS#11 param: CK_SESSION_HANDLE_PTR phSession) 408 * @exception PKCS11Exception If function returns other value than CKR_OK. 409 * @preconditions 410 * @postconditions 411 */ 412 public native long C_OpenSession(long slotID, long flags, 413 Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception; 414 415 416 /** 417 * C_CloseSession closes a session between an application and a 418 * token. 419 * (Session management) 420 * 421 * @param hSession the session's handle 422 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 423 * @exception PKCS11Exception If function returns other value than CKR_OK. 424 * @preconditions 425 * @postconditions 426 */ 427 public native void C_CloseSession(long hSession) throws PKCS11Exception; 428 429 430 /** 431 * C_CloseAllSessions closes all sessions with a token. 432 * (Session management) 433 * 434 * @param slotID the ID of the token's slot 435 * (PKCS#11 param: CK_SLOT_ID slotID) 436 * @exception PKCS11Exception If function returns other value than CKR_OK. 437 * @preconditions 438 * @postconditions 439 */ 440 // public native void C_CloseAllSessions(long slotID) throws PKCS11Exception; 441 442 443 /** 444 * C_GetSessionInfo obtains information about the session. 445 * (Session management) 446 * 447 * @param hSession the session's handle 448 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 449 * @return the session info 450 * (PKCS#11 param: CK_SESSION_INFO_PTR pInfo) 451 * @exception PKCS11Exception If function returns other value than CKR_OK. 452 * @preconditions 453 * @postconditions (result <> null) 454 */ 455 public native CK_SESSION_INFO C_GetSessionInfo(long hSession) 456 throws PKCS11Exception; 457 458 459 /** 460 * C_GetOperationState obtains the state of the cryptographic operation 461 * in a session. 462 * (Session management) 463 * 464 * @param hSession session's handle 465 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 466 * @return the state and the state length 467 * (PKCS#11 param: CK_BYTE_PTR pOperationState, 468 * CK_ULONG_PTR pulOperationStateLen) 469 * @exception PKCS11Exception If function returns other value than CKR_OK. 470 * @preconditions 471 * @postconditions (result <> null) 472 */ 473 public native byte[] C_GetOperationState(long hSession) 474 throws PKCS11Exception; 475 476 477 /** 478 * C_SetOperationState restores the state of the cryptographic 479 * operation in a session. 480 * (Session management) 481 * 482 * @param hSession session's handle 483 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 484 * @param pOperationState the state and the state length 485 * (PKCS#11 param: CK_BYTE_PTR pOperationState, 486 * CK_ULONG ulOperationStateLen) 487 * @param hEncryptionKey en/decryption key 488 * (PKCS#11 param: CK_OBJECT_HANDLE hEncryptionKey) 489 * @param hAuthenticationKey sign/verify key 490 * (PKCS#11 param: CK_OBJECT_HANDLE hAuthenticationKey) 491 * @exception PKCS11Exception If function returns other value than CKR_OK. 492 * @preconditions 493 * @postconditions 494 */ 495 public native void C_SetOperationState(long hSession, byte[] pOperationState, 496 long hEncryptionKey, long hAuthenticationKey) throws PKCS11Exception; 497 498 499 /** 500 * C_Login logs a user into a token. 501 * (Session management) 502 * 503 * @param hSession the session's handle 504 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 505 * @param userType the user type 506 * (PKCS#11 param: CK_USER_TYPE userType) 507 * @param pPin the user's PIN and the length of the PIN 508 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen) 509 * @exception PKCS11Exception If function returns other value than CKR_OK. 510 * @preconditions 511 * @postconditions 512 */ 513 public native void C_Login(long hSession, long userType, char[] pPin) 514 throws PKCS11Exception; 515 516 517 /** 518 * C_Logout logs a user out from a token. 519 * (Session management) 520 * 521 * @param hSession the session's handle 522 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 523 * @exception PKCS11Exception If function returns other value than CKR_OK. 524 * @preconditions 525 * @postconditions 526 */ 527 public native void C_Logout(long hSession) throws PKCS11Exception; 528 529 530 531 /* ***************************************************************************** 532 * Object management 533 ******************************************************************************/ 534 535 /** 536 * C_CreateObject creates a new object. 537 * (Object management) 538 * 539 * @param hSession the session's handle 540 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 541 * @param pTemplate the object's template and number of attributes in 542 * template 543 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 544 * @return the object's handle 545 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phObject) 546 * @exception PKCS11Exception If function returns other value than CKR_OK. 547 * @preconditions 548 * @postconditions 549 */ 550 public native long C_CreateObject(long hSession, CK_ATTRIBUTE[] pTemplate) 551 throws PKCS11Exception; 552 553 554 /** 555 * C_CopyObject copies an object, creating a new object for the 556 * copy. 557 * (Object management) 558 * 559 * @param hSession the session's handle 560 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 561 * @param hObject the object's handle 562 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 563 * @param pTemplate the template for the new object and number of attributes 564 * in template 565 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 566 * @return the handle of the copy 567 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phNewObject) 568 * @exception PKCS11Exception If function returns other value than CKR_OK. 569 * @preconditions 570 * @postconditions 571 */ 572 public native long C_CopyObject(long hSession, long hObject, 573 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 574 575 576 /** 577 * C_DestroyObject destroys an object. 578 * (Object management) 579 * 580 * @param hSession the session's handle 581 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 582 * @param hObject the object's handle 583 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 584 * @exception PKCS11Exception If function returns other value than CKR_OK. 585 * @preconditions 586 * @postconditions 587 */ 588 public native void C_DestroyObject(long hSession, long hObject) 589 throws PKCS11Exception; 590 591 592 /** 593 * C_GetObjectSize gets the size of an object in bytes. 594 * (Object management) 595 * 596 * @param hSession the session's handle 597 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 598 * @param hObject the object's handle 599 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 600 * @return the size of the object 601 * (PKCS#11 param: CK_ULONG_PTR pulSize) 602 * @exception PKCS11Exception If function returns other value than CKR_OK. 603 * @preconditions 604 * @postconditions 605 */ 606 // public native long C_GetObjectSize(long hSession, long hObject) 607 // throws PKCS11Exception; 608 609 610 /** 611 * C_GetAttributeValue obtains the value of one or more object 612 * attributes. The template attributes also receive the values. 613 * (Object management) 614 * note: in PKCS#11 pTemplate and the result template are the same 615 * 616 * @param hSession the session's handle 617 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 618 * @param hObject the object's handle 619 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 620 * @param pTemplate specifies the attributes and number of attributes to get 621 * The template attributes also receive the values. 622 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 623 * @exception PKCS11Exception If function returns other value than CKR_OK. 624 * @preconditions (pTemplate <> null) 625 * @postconditions (result <> null) 626 */ 627 public native void C_GetAttributeValue(long hSession, long hObject, 628 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 629 630 631 /** 632 * C_SetAttributeValue modifies the value of one or more object 633 * attributes 634 * (Object management) 635 * 636 * @param hSession the session's handle 637 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 638 * @param hObject the object's handle 639 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 640 * @param pTemplate specifies the attributes and values to get; number of 641 * attributes in the template 642 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 643 * @exception PKCS11Exception If function returns other value than CKR_OK. 644 * @preconditions (pTemplate <> null) 645 * @postconditions 646 */ 647 public native void C_SetAttributeValue(long hSession, long hObject, 648 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 649 650 651 /** 652 * C_FindObjectsInit initializes a search for token and session 653 * objects that match a template. 654 * (Object management) 655 * 656 * @param hSession the session's handle 657 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 658 * @param pTemplate the object's attribute values to match and the number of 659 * attributes in search template 660 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 661 * @exception PKCS11Exception If function returns other value than CKR_OK. 662 * @preconditions 663 * @postconditions 664 */ 665 public native void C_FindObjectsInit(long hSession, CK_ATTRIBUTE[] pTemplate) 666 throws PKCS11Exception; 667 668 669 /** 670 * C_FindObjects continues a search for token and session 671 * objects that match a template, obtaining additional object 672 * handles. 673 * (Object management) 674 * 675 * @param hSession the session's handle 676 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 677 * @param ulMaxObjectCount the max. object handles to get 678 * (PKCS#11 param: CK_ULONG ulMaxObjectCount) 679 * @return the object's handles and the actual number of objects returned 680 * (PKCS#11 param: CK_ULONG_PTR pulObjectCount) 681 * @exception PKCS11Exception If function returns other value than CKR_OK. 682 * @preconditions 683 * @postconditions (result <> null) 684 */ 685 public native long[] C_FindObjects(long hSession, long ulMaxObjectCount) 686 throws PKCS11Exception; 687 688 689 /** 690 * C_FindObjectsFinal finishes a search for token and session 691 * objects. 692 * (Object management) 693 * 694 * @param hSession the session's handle 695 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 696 * @exception PKCS11Exception If function returns other value than CKR_OK. 697 * @preconditions 698 * @postconditions 699 */ 700 public native void C_FindObjectsFinal(long hSession) throws PKCS11Exception; 701 702 703 704 /* ***************************************************************************** 705 * Encryption and decryption 706 ******************************************************************************/ 707 708 /** 709 * C_EncryptInit initializes an encryption operation. 710 * (Encryption and decryption) 711 * 712 * @param hSession the session's handle 713 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 714 * @param pMechanism the encryption mechanism 715 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 716 * @param hKey the handle of the encryption key 717 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 718 * @exception PKCS11Exception If function returns other value than CKR_OK. 719 * @preconditions 720 * @postconditions 721 */ 722 public native void C_EncryptInit(long hSession, CK_MECHANISM pMechanism, 723 long hKey) throws PKCS11Exception; 724 725 726 /** 727 * C_Encrypt encrypts single-part data. 728 * (Encryption and decryption) 729 * 730 * @param hSession the session's handle 731 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 732 * @param pData the data to get encrypted and the data's length 733 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 734 * @return the encrypted data and the encrypted data's length 735 * (PKCS#11 param: CK_BYTE_PTR pEncryptedData, 736 * CK_ULONG_PTR pulEncryptedDataLen) 737 * @exception PKCS11Exception If function returns other value than CKR_OK. 738 * @preconditions (pData <> null) 739 * @postconditions (result <> null) 740 */ 741 public native int C_Encrypt(long hSession, byte[] in, int inOfs, int inLen, 742 byte[] out, int outOfs, int outLen) throws PKCS11Exception; 743 744 745 /** 746 * C_EncryptUpdate continues a multiple-part encryption 747 * operation. 748 * (Encryption and decryption) 749 * 750 * @param hSession the session's handle 751 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 752 * @param pPart the data part to get encrypted and the data part's length 753 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 754 * @return the encrypted data part and the encrypted data part's length 755 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 756 CK_ULONG_PTR pulEncryptedPartLen) 757 * @exception PKCS11Exception If function returns other value than CKR_OK. 758 * @preconditions (pPart <> null) 759 * @postconditions 760 */ 761 public native int C_EncryptUpdate(long hSession, long directIn, byte[] in, 762 int inOfs, int inLen, long directOut, byte[] out, int outOfs, 763 int outLen) throws PKCS11Exception; 764 765 766 /** 767 * C_EncryptFinal finishes a multiple-part encryption 768 * operation. 769 * (Encryption and decryption) 770 * 771 * @param hSession the session's handle 772 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 773 * @return the last encrypted data part and the last data part's length 774 * (PKCS#11 param: CK_BYTE_PTR pLastEncryptedPart, 775 CK_ULONG_PTR pulLastEncryptedPartLen) 776 * @exception PKCS11Exception If function returns other value than CKR_OK. 777 * @preconditions 778 * @postconditions (result <> null) 779 */ 780 public native int C_EncryptFinal(long hSession, long directOut, byte[] out, 781 int outOfs, int outLen) throws PKCS11Exception; 782 783 784 /** 785 * C_DecryptInit initializes a decryption operation. 786 * (Encryption and decryption) 787 * 788 * @param hSession the session's handle 789 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 790 * @param pMechanism the decryption mechanism 791 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 792 * @param hKey the handle of the decryption key 793 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 794 * @exception PKCS11Exception If function returns other value than CKR_OK. 795 * @preconditions 796 * @postconditions 797 */ 798 public native void C_DecryptInit(long hSession, CK_MECHANISM pMechanism, 799 long hKey) throws PKCS11Exception; 800 801 802 /** 803 * C_Decrypt decrypts encrypted data in a single part. 804 * (Encryption and decryption) 805 * 806 * @param hSession the session's handle 807 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 808 * @param pEncryptedData the encrypted data to get decrypted and the 809 * encrypted data's length 810 * (PKCS#11 param: CK_BYTE_PTR pEncryptedData, 811 * CK_ULONG ulEncryptedDataLen) 812 * @return the decrypted data and the data's length 813 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) 814 * @exception PKCS11Exception If function returns other value than CKR_OK. 815 * @preconditions (pEncryptedPart <> null) 816 * @postconditions (result <> null) 817 */ 818 public native int C_Decrypt(long hSession, byte[] in, int inOfs, int inLen, 819 byte[] out, int outOfs, int outLen) throws PKCS11Exception; 820 821 822 /** 823 * C_DecryptUpdate continues a multiple-part decryption 824 * operation. 825 * (Encryption and decryption) 826 * 827 * @param hSession the session's handle 828 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 829 * @param pEncryptedPart the encrypted data part to get decrypted and the 830 * encrypted data part's length 831 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 832 * CK_ULONG ulEncryptedPartLen) 833 * @return the decrypted data part and the data part's length 834 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) 835 * @exception PKCS11Exception If function returns other value than CKR_OK. 836 * @preconditions (pEncryptedPart <> null) 837 * @postconditions 838 */ 839 public native int C_DecryptUpdate(long hSession, long directIn, byte[] in, 840 int inOfs, int inLen, long directOut, byte[] out, int outOfs, 841 int outLen) throws PKCS11Exception; 842 843 844 /** 845 * C_DecryptFinal finishes a multiple-part decryption 846 * operation. 847 * (Encryption and decryption) 848 * 849 * @param hSession the session's handle 850 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 851 * @return the last decrypted data part and the last data part's length 852 * (PKCS#11 param: CK_BYTE_PTR pLastPart, 853 * CK_ULONG_PTR pulLastPartLen) 854 * @exception PKCS11Exception If function returns other value than CKR_OK. 855 * @preconditions 856 * @postconditions (result <> null) 857 */ 858 public native int C_DecryptFinal(long hSession, long directOut, byte[] out, 859 int outOfs, int outLen) throws PKCS11Exception; 860 861 862 863 /* ***************************************************************************** 864 * Message digesting 865 ******************************************************************************/ 866 867 /** 868 * C_DigestInit initializes a message-digesting operation. 869 * (Message digesting) 870 * 871 * @param hSession the session's handle 872 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 873 * @param pMechanism the digesting mechanism 874 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 875 * @exception PKCS11Exception If function returns other value than CKR_OK. 876 * @preconditions 877 * @postconditions 878 */ 879 public native void C_DigestInit(long hSession, CK_MECHANISM pMechanism) 880 throws PKCS11Exception; 881 882 883 // note that C_DigestSingle does not exist in PKCS#11 884 // we combined the C_DigestInit and C_Digest into a single function 885 // to save on Java<->C transitions and save 5-10% on small digests 886 // this made the C_Digest method redundant, it has been removed 887 /** 888 * C_Digest digests data in a single part. 889 * (Message digesting) 890 * 891 * @param hSession the session's handle 892 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 893 * @param data the data to get digested and the data's length 894 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 895 * @return the message digest and the length of the message digest 896 * (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) 897 * @exception PKCS11Exception If function returns other value than CKR_OK. 898 * @preconditions (data <> null) 899 * @postconditions (result <> null) 900 */ 901 public native int C_DigestSingle(long hSession, CK_MECHANISM pMechanism, 902 byte[] in, int inOfs, int inLen, byte[] digest, int digestOfs, 903 int digestLen) throws PKCS11Exception; 904 905 906 /** 907 * C_DigestUpdate continues a multiple-part message-digesting 908 * operation. 909 * (Message digesting) 910 * 911 * @param hSession the session's handle 912 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 913 * @param pPart the data to get digested and the data's length 914 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 915 * @exception PKCS11Exception If function returns other value than CKR_OK. 916 * @preconditions (pPart <> null) 917 * @postconditions 918 */ 919 public native void C_DigestUpdate(long hSession, long directIn, byte[] in, 920 int inOfs, int inLen) throws PKCS11Exception; 921 922 923 /** 924 * C_DigestKey continues a multi-part message-digesting 925 * operation, by digesting the value of a secret key as part of 926 * the data already digested. 927 * (Message digesting) 928 * 929 * @param hSession the session's handle 930 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 931 * @param hKey the handle of the secret key to be digested 932 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 933 * @exception PKCS11Exception If function returns other value than CKR_OK. 934 * @preconditions 935 * @postconditions 936 */ 937 public native void C_DigestKey(long hSession, long hKey) 938 throws PKCS11Exception; 939 940 941 /** 942 * C_DigestFinal finishes a multiple-part message-digesting 943 * operation. 944 * (Message digesting) 945 * 946 * @param hSession the session's handle 947 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 948 * @return the message digest and the length of the message digest 949 * (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) 950 * @exception PKCS11Exception If function returns other value than CKR_OK. 951 * @preconditions 952 * @postconditions (result <> null) 953 */ 954 public native int C_DigestFinal(long hSession, byte[] pDigest, int digestOfs, 955 int digestLen) throws PKCS11Exception; 956 957 958 959 /* ***************************************************************************** 960 * Signing and MACing 961 ******************************************************************************/ 962 963 /** 964 * C_SignInit initializes a signature (private key encryption) 965 * operation, where the signature is (will be) an appendix to 966 * the data, and plaintext cannot be recovered from the 967 * signature. 968 * (Signing and MACing) 969 * 970 * @param hSession the session's handle 971 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 972 * @param pMechanism the signature mechanism 973 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 974 * @param hKey the handle of the signature key 975 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 976 * @exception PKCS11Exception If function returns other value than CKR_OK. 977 * @preconditions 978 * @postconditions 979 */ 980 public native void C_SignInit(long hSession, CK_MECHANISM pMechanism, 981 long hKey) throws PKCS11Exception; 982 983 984 /** 985 * C_Sign signs (encrypts with private key) data in a single 986 * part, where the signature is (will be) an appendix to the 987 * data, and plaintext cannot be recovered from the signature. 988 * (Signing and MACing) 989 * 990 * @param hSession the session's handle 991 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 992 * @param pData the data to sign and the data's length 993 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 994 * @return the signature and the signature's length 995 * (PKCS#11 param: CK_BYTE_PTR pSignature, 996 * CK_ULONG_PTR pulSignatureLen) 997 * @exception PKCS11Exception If function returns other value than CKR_OK. 998 * @preconditions (pData <> null) 999 * @postconditions (result <> null) 1000 */ 1001 public native byte[] C_Sign(long hSession, byte[] pData) 1002 throws PKCS11Exception; 1003 1004 1005 /** 1006 * C_SignUpdate continues a multiple-part signature operation, 1007 * where the signature is (will be) an appendix to the data, 1008 * and plaintext cannot be recovered from the signature. 1009 * (Signing and MACing) 1010 * 1011 * @param hSession the session's handle 1012 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1013 * @param pPart the data part to sign and the data part's length 1014 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1015 * @exception PKCS11Exception If function returns other value than CKR_OK. 1016 * @preconditions (pPart <> null) 1017 * @postconditions 1018 */ 1019 public native void C_SignUpdate(long hSession, long directIn, byte[] in, 1020 int inOfs, int inLen) throws PKCS11Exception; 1021 1022 1023 /** 1024 * C_SignFinal finishes a multiple-part signature operation, 1025 * returning the signature. 1026 * (Signing and MACing) 1027 * 1028 * @param hSession the session's handle 1029 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1030 * @return the signature and the signature's length 1031 * (PKCS#11 param: CK_BYTE_PTR pSignature, 1032 * CK_ULONG_PTR pulSignatureLen) 1033 * @exception PKCS11Exception If function returns other value than CKR_OK. 1034 * @preconditions 1035 * @postconditions (result <> null) 1036 */ 1037 public native byte[] C_SignFinal(long hSession, int expectedLen) 1038 throws PKCS11Exception; 1039 1040 1041 /** 1042 * C_SignRecoverInit initializes a signature operation, where 1043 * the data can be recovered from the signature. 1044 * (Signing and MACing) 1045 * 1046 * @param hSession the session's handle 1047 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1048 * @param pMechanism the signature mechanism 1049 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1050 * @param hKey the handle of the signature key 1051 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1052 * @exception PKCS11Exception If function returns other value than CKR_OK. 1053 * @preconditions 1054 * @postconditions 1055 */ 1056 public native void C_SignRecoverInit(long hSession, CK_MECHANISM pMechanism, 1057 long hKey) throws PKCS11Exception; 1058 1059 1060 /** 1061 * C_SignRecover signs data in a single operation, where the 1062 * data can be recovered from the signature. 1063 * (Signing and MACing) 1064 * 1065 * @param hSession the session's handle 1066 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1067 * @param pData the data to sign and the data's length 1068 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 1069 * @return the signature and the signature's length 1070 * (PKCS#11 param: CK_BYTE_PTR pSignature, 1071 * CK_ULONG_PTR pulSignatureLen) 1072 * @exception PKCS11Exception If function returns other value than CKR_OK. 1073 * @preconditions (pData <> null) 1074 * @postconditions (result <> null) 1075 */ 1076 public native int C_SignRecover(long hSession, byte[] in, int inOfs, 1077 int inLen, byte[] out, int outOufs, int outLen) 1078 throws PKCS11Exception; 1079 1080 1081 1082 /* ***************************************************************************** 1083 * Verifying signatures and MACs 1084 ******************************************************************************/ 1085 1086 /** 1087 * C_VerifyInit initializes a verification operation, where the 1088 * signature is an appendix to the data, and plaintext cannot 1089 * cannot be recovered from the signature (e.g. DSA). 1090 * (Signing and MACing) 1091 * 1092 * @param hSession the session's handle 1093 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1094 * @param pMechanism the verification mechanism 1095 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1096 * @param hKey the handle of the verification key 1097 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1098 * @exception PKCS11Exception If function returns other value than CKR_OK. 1099 * @preconditions 1100 * @postconditions 1101 */ 1102 public native void C_VerifyInit(long hSession, CK_MECHANISM pMechanism, 1103 long hKey) throws PKCS11Exception; 1104 1105 1106 /** 1107 * C_Verify verifies a signature in a single-part operation, 1108 * where the signature is an appendix to the data, and plaintext 1109 * cannot be recovered from the signature. 1110 * (Signing and MACing) 1111 * 1112 * @param hSession the session's handle 1113 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1114 * @param pData the signed data and the signed data's length 1115 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 1116 * @param pSignature the signature to verify and the signature's length 1117 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) 1118 * @exception PKCS11Exception If function returns other value than CKR_OK. 1119 * @preconditions (pData <> null) and (pSignature <> null) 1120 * @postconditions 1121 */ 1122 public native void C_Verify(long hSession, byte[] pData, byte[] pSignature) 1123 throws PKCS11Exception; 1124 1125 1126 /** 1127 * C_VerifyUpdate continues a multiple-part verification 1128 * operation, where the signature is an appendix to the data, 1129 * and plaintext cannot be recovered from the signature. 1130 * (Signing and MACing) 1131 * 1132 * @param hSession the session's handle 1133 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1134 * @param pPart the signed data part and the signed data part's length 1135 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1136 * @exception PKCS11Exception If function returns other value than CKR_OK. 1137 * @preconditions (pPart <> null) 1138 * @postconditions 1139 */ 1140 public native void C_VerifyUpdate(long hSession, long directIn, byte[] in, 1141 int inOfs, int inLen) throws PKCS11Exception; 1142 1143 1144 /** 1145 * C_VerifyFinal finishes a multiple-part verification 1146 * operation, checking the signature. 1147 * (Signing and MACing) 1148 * 1149 * @param hSession the session's handle 1150 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1151 * @param pSignature the signature to verify and the signature's length 1152 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) 1153 * @exception PKCS11Exception If function returns other value than CKR_OK. 1154 * @preconditions (pSignature <> null) 1155 * @postconditions 1156 */ 1157 public native void C_VerifyFinal(long hSession, byte[] pSignature) 1158 throws PKCS11Exception; 1159 1160 1161 /** 1162 * C_VerifyRecoverInit initializes a signature verification 1163 * operation, where the data is recovered from the signature. 1164 * (Signing and MACing) 1165 * 1166 * @param hSession the session's handle 1167 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1168 * @param pMechanism the verification mechanism 1169 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1170 * @param hKey the handle of the verification key 1171 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1172 * @exception PKCS11Exception If function returns other value than CKR_OK. 1173 * @preconditions 1174 * @postconditions 1175 */ 1176 public native void C_VerifyRecoverInit(long hSession, 1177 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception; 1178 1179 1180 /** 1181 * C_VerifyRecover verifies a signature in a single-part 1182 * operation, where the data is recovered from the signature. 1183 * (Signing and MACing) 1184 * 1185 * @param hSession the session's handle 1186 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1187 * @param pSignature the signature to verify and the signature's length 1188 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) 1189 * @return the recovered data and the recovered data's length 1190 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) 1191 * @exception PKCS11Exception If function returns other value than CKR_OK. 1192 * @preconditions (pSignature <> null) 1193 * @postconditions (result <> null) 1194 */ 1195 public native int C_VerifyRecover(long hSession, byte[] in, int inOfs, 1196 int inLen, byte[] out, int outOufs, int outLen) 1197 throws PKCS11Exception; 1198 1199 1200 1201 /* ***************************************************************************** 1202 * Dual-function cryptographic operations 1203 ******************************************************************************/ 1204 1205 /** 1206 * C_DigestEncryptUpdate continues a multiple-part digesting 1207 * and encryption operation. 1208 * (Dual-function cryptographic operations) 1209 * 1210 * @param hSession the session's handle 1211 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1212 * @param pPart the data part to digest and to encrypt and the data's length 1213 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1214 * @return the digested and encrypted data part and the data part's length 1215 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1216 * CK_ULONG_PTR pulEncryptedPartLen) 1217 * @exception PKCS11Exception If function returns other value than CKR_OK. 1218 * @preconditions (pPart <> null) 1219 * @postconditions 1220 */ 1221 // public native byte[] C_DigestEncryptUpdate(long hSession, byte[] pPart) 1222 // throws PKCS11Exception; 1223 1224 1225 /** 1226 * C_DecryptDigestUpdate continues a multiple-part decryption and 1227 * digesting operation. 1228 * (Dual-function cryptographic operations) 1229 * 1230 * @param hSession the session's handle 1231 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1232 * @param pEncryptedPart the encrypted data part to decrypt and to digest 1233 * and encrypted data part's length 1234 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1235 * CK_ULONG ulEncryptedPartLen) 1236 * @return the decrypted and digested data part and the data part's length 1237 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) 1238 * @exception PKCS11Exception If function returns other value than CKR_OK. 1239 * @preconditions (pEncryptedPart <> null) 1240 * @postconditions 1241 */ 1242 // public native byte[] C_DecryptDigestUpdate(long hSession, 1243 // byte[] pEncryptedPart) throws PKCS11Exception; 1244 1245 1246 /** 1247 * C_SignEncryptUpdate continues a multiple-part signing and 1248 * encryption operation. 1249 * (Dual-function cryptographic operations) 1250 * 1251 * @param hSession the session's handle 1252 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1253 * @param pPart the data part to sign and to encrypt and the data part's 1254 * length 1255 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1256 * @return the signed and encrypted data part and the data part's length 1257 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1258 * CK_ULONG_PTR pulEncryptedPartLen) 1259 * @exception PKCS11Exception If function returns other value than CKR_OK. 1260 * @preconditions (pPart <> null) 1261 * @postconditions 1262 */ 1263 // public native byte[] C_SignEncryptUpdate(long hSession, byte[] pPart) 1264 // throws PKCS11Exception; 1265 1266 1267 /** 1268 * C_DecryptVerifyUpdate continues a multiple-part decryption and 1269 * verify operation. 1270 * (Dual-function cryptographic operations) 1271 * 1272 * @param hSession the session's handle 1273 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1274 * @param pEncryptedPart the encrypted data part to decrypt and to verify 1275 * and the data part's length 1276 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1277 * CK_ULONG ulEncryptedPartLen) 1278 * @return the decrypted and verified data part and the data part's length 1279 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) 1280 * @exception PKCS11Exception If function returns other value than CKR_OK. 1281 * @preconditions (pEncryptedPart <> null) 1282 * @postconditions 1283 */ 1284 // public native byte[] C_DecryptVerifyUpdate(long hSession, 1285 // byte[] pEncryptedPart) throws PKCS11Exception; 1286 1287 1288 1289 /* ***************************************************************************** 1290 * Key management 1291 ******************************************************************************/ 1292 1293 /** 1294 * getNativeKeyInfo gets the key object attributes and values as an opaque 1295 * byte array to be used in createNativeKey method. 1296 * (Key management) 1297 * 1298 * @param hSession the session's handle 1299 * @param hKey key's handle 1300 * @param hWrappingKey wrapping key's handle to extract sensible keys. 1301 * -1 if not used. 1302 * @return an opaque byte array containing the key object attributes 1303 * and values 1304 * @exception PKCS11Exception If an internal PKCS#11 function returns other 1305 * value than CKR_OK. 1306 * @preconditions 1307 * @postconditions 1308 */ 1309 public native byte[] getNativeKeyInfo(long hSession, long hKey, 1310 long hWrappingKey) throws PKCS11Exception; 1311 1312 /** 1313 * createNativeKey creates a key object with attributes and values 1314 * specified by parameter as an opaque byte array. 1315 * (Key management) 1316 * 1317 * @param hSession the session's handle 1318 * @param keyInfo opaque byte array containing key object attributes 1319 * and values 1320 * @param hWrappingKey wrapping key's handle for extracted sensible keys. 1321 * -1 if not used. 1322 * @return key object handle 1323 * @exception PKCS11Exception If an internal PKCS#11 function returns other 1324 * value than CKR_OK. 1325 * @preconditions 1326 * @postconditions 1327 */ 1328 public native long createNativeKey(long hSession, byte[] keyInfo, 1329 long hWrappingKey) throws PKCS11Exception; 1330 1331 /** 1332 * C_GenerateKey generates a secret key, creating a new key 1333 * object. 1334 * (Key management) 1335 * 1336 * @param hSession the session's handle 1337 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1338 * @param pMechanism the key generation mechanism 1339 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1340 * @param pTemplate the template for the new key and the number of 1341 * attributes in the template 1342 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 1343 * @return the handle of the new key 1344 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey) 1345 * @exception PKCS11Exception If function returns other value than CKR_OK. 1346 * @preconditions 1347 * @postconditions 1348 */ 1349 public native long C_GenerateKey(long hSession, CK_MECHANISM pMechanism, 1350 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 1351 1352 1353 /** 1354 * C_GenerateKeyPair generates a public-key/private-key pair, 1355 * creating new key objects. 1356 * (Key management) 1357 * 1358 * @param hSession the session's handle 1359 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1360 * @param pMechanism the key generation mechanism 1361 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1362 * @param pPublicKeyTemplate the template for the new public key and the 1363 * number of attributes in the template 1364 * (PKCS#11 param: CK_ATTRIBUTE_PTR pPublicKeyTemplate, 1365 * CK_ULONG ulPublicKeyAttributeCount) 1366 * @param pPrivateKeyTemplate the template for the new private key and the 1367 * number of attributes in the template 1368 * (PKCS#11 param: CK_ATTRIBUTE_PTR pPrivateKeyTemplate 1369 * CK_ULONG ulPrivateKeyAttributeCount) 1370 * @return a long array with exactly two elements and the public key handle 1371 * as the first element and the private key handle as the second 1372 * element 1373 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phPublicKey, 1374 * CK_OBJECT_HANDLE_PTR phPrivateKey) 1375 * @exception PKCS11Exception If function returns other value than CKR_OK. 1376 * @preconditions (pMechanism <> null) 1377 * @postconditions (result <> null) and (result.length == 2) 1378 */ 1379 public native long[] C_GenerateKeyPair(long hSession, 1380 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate, 1381 CK_ATTRIBUTE[] pPrivateKeyTemplate) throws PKCS11Exception; 1382 1383 1384 1385 /** 1386 * C_WrapKey wraps (i.e., encrypts) a key. 1387 * (Key management) 1388 * 1389 * @param hSession the session's handle 1390 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1391 * @param pMechanism the wrapping mechanism 1392 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1393 * @param hWrappingKey the handle of the wrapping key 1394 * (PKCS#11 param: CK_OBJECT_HANDLE hWrappingKey) 1395 * @param hKey the handle of the key to be wrapped 1396 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1397 * @return the wrapped key and the length of the wrapped key 1398 * (PKCS#11 param: CK_BYTE_PTR pWrappedKey, 1399 * CK_ULONG_PTR pulWrappedKeyLen) 1400 * @exception PKCS11Exception If function returns other value than CKR_OK. 1401 * @preconditions 1402 * @postconditions (result <> null) 1403 */ 1404 public native byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism, 1405 long hWrappingKey, long hKey) throws PKCS11Exception; 1406 1407 1408 /** 1409 * C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new 1410 * key object. 1411 * (Key management) 1412 * 1413 * @param hSession the session's handle 1414 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1415 * @param pMechanism the unwrapping mechanism 1416 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1417 * @param hUnwrappingKey the handle of the unwrapping key 1418 * (PKCS#11 param: CK_OBJECT_HANDLE hUnwrappingKey) 1419 * @param pWrappedKey the wrapped key to unwrap and the wrapped key's length 1420 * (PKCS#11 param: CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen) 1421 * @param pTemplate the template for the new key and the number of 1422 * attributes in the template 1423 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 1424 * @return the handle of the unwrapped key 1425 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey) 1426 * @exception PKCS11Exception If function returns other value than CKR_OK. 1427 * @preconditions (pWrappedKey <> null) 1428 * @postconditions 1429 */ 1430 public native long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism, 1431 long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate) 1432 throws PKCS11Exception; 1433 1434 1435 /** 1436 * C_DeriveKey derives a key from a base key, creating a new key 1437 * object. 1438 * (Key management) 1439 * 1440 * @param hSession the session's handle 1441 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1442 * @param pMechanism the key derivation mechanism 1443 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1444 * @param hBaseKey the handle of the base key 1445 * (PKCS#11 param: CK_OBJECT_HANDLE hBaseKey) 1446 * @param pTemplate the template for the new key and the number of 1447 * attributes in the template 1448 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 1449 * @return the handle of the derived key 1450 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey) 1451 * @exception PKCS11Exception If function returns other value than CKR_OK. 1452 * @preconditions 1453 * @postconditions 1454 */ 1455 public native long C_DeriveKey(long hSession, CK_MECHANISM pMechanism, 1456 long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 1457 1458 1459 1460 /* ***************************************************************************** 1461 * Random number generation 1462 ******************************************************************************/ 1463 1464 /** 1465 * C_SeedRandom mixes additional seed material into the token's 1466 * random number generator. 1467 * (Random number generation) 1468 * 1469 * @param hSession the session's handle 1470 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1471 * @param pSeed the seed material and the seed material's length 1472 * (PKCS#11 param: CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen) 1473 * @exception PKCS11Exception If function returns other value than CKR_OK. 1474 * @preconditions (pSeed <> null) 1475 * @postconditions 1476 */ 1477 public native void C_SeedRandom(long hSession, byte[] pSeed) 1478 throws PKCS11Exception; 1479 1480 1481 /** 1482 * C_GenerateRandom generates random data. 1483 * (Random number generation) 1484 * 1485 * @param hSession the session's handle 1486 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1487 * @param RandomData receives the random data and the length of RandomData 1488 * is the length of random data to be generated 1489 * (PKCS#11 param: CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen) 1490 * @exception PKCS11Exception If function returns other value than CKR_OK. 1491 * @preconditions (randomData <> null) 1492 * @postconditions 1493 */ 1494 public native void C_GenerateRandom(long hSession, byte[] randomData) 1495 throws PKCS11Exception; 1496 1497 1498 1499 /* ***************************************************************************** 1500 * Parallel function management 1501 ******************************************************************************/ 1502 1503 /** 1504 * C_GetFunctionStatus is a legacy function; it obtains an 1505 * updated status of a function running in parallel with an 1506 * application. 1507 * (Parallel function management) 1508 * 1509 * @param hSession the session's handle 1510 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1511 * @exception PKCS11Exception If function returns other value than CKR_OK. 1512 * @preconditions 1513 * @postconditions 1514 */ 1515 // public native void C_GetFunctionStatus(long hSession) 1516 // throws PKCS11Exception; 1517 1518 1519 /** 1520 * C_CancelFunction is a legacy function; it cancels a function 1521 * running in parallel. 1522 * (Parallel function management) 1523 * 1524 * @param hSession the session's handle 1525 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1526 * @exception PKCS11Exception If function returns other value than CKR_OK. 1527 * @preconditions 1528 * @postconditions 1529 */ 1530 // public native void C_CancelFunction(long hSession) throws PKCS11Exception; 1531 1532 1533 1534 /* ***************************************************************************** 1535 * Functions added in for Cryptoki Version 2.01 or later 1536 ******************************************************************************/ 1537 1538 /** 1539 * C_WaitForSlotEvent waits for a slot event (token insertion, 1540 * removal, etc.) to occur. 1541 * (General-purpose) 1542 * 1543 * @param flags blocking/nonblocking flag 1544 * (PKCS#11 param: CK_FLAGS flags) 1545 * @param pReserved reserved. Should be null 1546 * (PKCS#11 param: CK_VOID_PTR pReserved) 1547 * @return the slot ID where the event occurred 1548 * (PKCS#11 param: CK_SLOT_ID_PTR pSlot) 1549 * @exception PKCS11Exception If function returns other value than CKR_OK. 1550 * @preconditions (pRserved == null) 1551 * @postconditions 1552 */ 1553 // public native long C_WaitForSlotEvent(long flags, Object pRserved) 1554 // throws PKCS11Exception; 1555 1556 /** 1557 * Returns the string representation of this object. 1558 * 1559 * @return The string representation of object 1560 */ 1561 public String toString() { 1562 return "Module name: " + pkcs11ModulePath; 1563 } 1564 1565 /** 1566 * Calls disconnect() to cleanup the native part of the wrapper. Once this 1567 * method is called, this object cannot be used any longer. Any subsequent 1568 * call to a C_* method will result in a runtime exception. 1569 * 1570 * @exception Throwable If finalization fails. 1571 */ 1572 @SuppressWarnings("deprecation") 1573 protected void finalize() throws Throwable { 1574 disconnect(); 1575 } 1576 1577 // PKCS11 subclass that has all methods synchronized and delegating to the 1578 // parent. Used for tokens that only support single threaded access 1579 static class SynchronizedPKCS11 extends PKCS11 { 1580 1581 SynchronizedPKCS11(String pkcs11ModulePath, String functionListName) 1582 throws IOException { 1583 super(pkcs11ModulePath, functionListName); 1584 } 1585 1586 synchronized void C_Initialize(Object pInitArgs) throws PKCS11Exception { 1587 super.C_Initialize(pInitArgs); 1588 } 1589 1590 public synchronized void C_Finalize(Object pReserved) 1591 throws PKCS11Exception { 1592 super.C_Finalize(pReserved); 1593 } 1594 1595 public synchronized CK_INFO C_GetInfo() throws PKCS11Exception { 1596 return super.C_GetInfo(); 1597 } 1598 1599 public synchronized long[] C_GetSlotList(boolean tokenPresent) 1600 throws PKCS11Exception { 1601 return super.C_GetSlotList(tokenPresent); 1602 } 1603 1604 public synchronized CK_SLOT_INFO C_GetSlotInfo(long slotID) 1605 throws PKCS11Exception { 1606 return super.C_GetSlotInfo(slotID); 1607 } 1608 1609 public synchronized CK_TOKEN_INFO C_GetTokenInfo(long slotID) 1610 throws PKCS11Exception { 1611 return super.C_GetTokenInfo(slotID); 1612 } 1613 1614 public synchronized long[] C_GetMechanismList(long slotID) 1615 throws PKCS11Exception { 1616 return super.C_GetMechanismList(slotID); 1617 } 1618 1619 public synchronized CK_MECHANISM_INFO C_GetMechanismInfo(long slotID, 1620 long type) throws PKCS11Exception { 1621 return super.C_GetMechanismInfo(slotID, type); 1622 } 1623 1624 public synchronized long C_OpenSession(long slotID, long flags, 1625 Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception { 1626 return super.C_OpenSession(slotID, flags, pApplication, Notify); 1627 } 1628 1629 public synchronized void C_CloseSession(long hSession) 1630 throws PKCS11Exception { 1631 super.C_CloseSession(hSession); 1632 } 1633 1634 public synchronized CK_SESSION_INFO C_GetSessionInfo(long hSession) 1635 throws PKCS11Exception { 1636 return super.C_GetSessionInfo(hSession); 1637 } 1638 1639 public synchronized void C_Login(long hSession, long userType, char[] pPin) 1640 throws PKCS11Exception { 1641 super.C_Login(hSession, userType, pPin); 1642 } 1643 1644 public synchronized void C_Logout(long hSession) throws PKCS11Exception { 1645 super.C_Logout(hSession); 1646 } 1647 1648 public synchronized long C_CreateObject(long hSession, 1649 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1650 return super.C_CreateObject(hSession, pTemplate); 1651 } 1652 1653 public synchronized long C_CopyObject(long hSession, long hObject, 1654 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1655 return super.C_CopyObject(hSession, hObject, pTemplate); 1656 } 1657 1658 public synchronized void C_DestroyObject(long hSession, long hObject) 1659 throws PKCS11Exception { 1660 super.C_DestroyObject(hSession, hObject); 1661 } 1662 1663 public synchronized void C_GetAttributeValue(long hSession, long hObject, 1664 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1665 super.C_GetAttributeValue(hSession, hObject, pTemplate); 1666 } 1667 1668 public synchronized void C_SetAttributeValue(long hSession, long hObject, 1669 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1670 super.C_SetAttributeValue(hSession, hObject, pTemplate); 1671 } 1672 1673 public synchronized void C_FindObjectsInit(long hSession, 1674 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1675 super.C_FindObjectsInit(hSession, pTemplate); 1676 } 1677 1678 public synchronized long[] C_FindObjects(long hSession, 1679 long ulMaxObjectCount) throws PKCS11Exception { 1680 return super.C_FindObjects(hSession, ulMaxObjectCount); 1681 } 1682 1683 public synchronized void C_FindObjectsFinal(long hSession) 1684 throws PKCS11Exception { 1685 super.C_FindObjectsFinal(hSession); 1686 } 1687 1688 public synchronized void C_EncryptInit(long hSession, 1689 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1690 super.C_EncryptInit(hSession, pMechanism, hKey); 1691 } 1692 1693 public synchronized int C_Encrypt(long hSession, byte[] in, int inOfs, 1694 int inLen, byte[] out, int outOfs, int outLen) 1695 throws PKCS11Exception { 1696 return super.C_Encrypt(hSession, in, inOfs, inLen, out, outOfs, outLen); 1697 } 1698 1699 public synchronized int C_EncryptUpdate(long hSession, long directIn, 1700 byte[] in, int inOfs, int inLen, long directOut, byte[] out, 1701 int outOfs, int outLen) throws PKCS11Exception { 1702 return super.C_EncryptUpdate(hSession, directIn, in, inOfs, inLen, 1703 directOut, out, outOfs, outLen); 1704 } 1705 1706 public synchronized int C_EncryptFinal(long hSession, long directOut, 1707 byte[] out, int outOfs, int outLen) throws PKCS11Exception { 1708 return super.C_EncryptFinal(hSession, directOut, out, outOfs, outLen); 1709 } 1710 1711 public synchronized void C_DecryptInit(long hSession, 1712 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1713 super.C_DecryptInit(hSession, pMechanism, hKey); 1714 } 1715 1716 public synchronized int C_Decrypt(long hSession, byte[] in, int inOfs, 1717 int inLen, byte[] out, int outOfs, int outLen) 1718 throws PKCS11Exception { 1719 return super.C_Decrypt(hSession, in, inOfs, inLen, out, outOfs, outLen); 1720 } 1721 1722 public synchronized int C_DecryptUpdate(long hSession, long directIn, 1723 byte[] in, int inOfs, int inLen, long directOut, byte[] out, 1724 int outOfs, int outLen) throws PKCS11Exception { 1725 return super.C_DecryptUpdate(hSession, directIn, in, inOfs, inLen, 1726 directOut, out, outOfs, outLen); 1727 } 1728 1729 public synchronized int C_DecryptFinal(long hSession, long directOut, 1730 byte[] out, int outOfs, int outLen) throws PKCS11Exception { 1731 return super.C_DecryptFinal(hSession, directOut, out, outOfs, outLen); 1732 } 1733 1734 public synchronized void C_DigestInit(long hSession, CK_MECHANISM pMechanism) 1735 throws PKCS11Exception { 1736 super.C_DigestInit(hSession, pMechanism); 1737 } 1738 1739 public synchronized int C_DigestSingle(long hSession, 1740 CK_MECHANISM pMechanism, byte[] in, int inOfs, int inLen, 1741 byte[] digest, int digestOfs, int digestLen) throws PKCS11Exception { 1742 return super.C_DigestSingle(hSession, pMechanism, in, inOfs, inLen, 1743 digest, digestOfs, digestLen); 1744 } 1745 1746 public synchronized void C_DigestUpdate(long hSession, long directIn, 1747 byte[] in, int inOfs, int inLen) throws PKCS11Exception { 1748 super.C_DigestUpdate(hSession, directIn, in, inOfs, inLen); 1749 } 1750 1751 public synchronized void C_DigestKey(long hSession, long hKey) 1752 throws PKCS11Exception { 1753 super.C_DigestKey(hSession, hKey); 1754 } 1755 1756 public synchronized int C_DigestFinal(long hSession, byte[] pDigest, 1757 int digestOfs, int digestLen) throws PKCS11Exception { 1758 return super.C_DigestFinal(hSession, pDigest, digestOfs, digestLen); 1759 } 1760 1761 public synchronized void C_SignInit(long hSession, CK_MECHANISM pMechanism, 1762 long hKey) throws PKCS11Exception { 1763 super.C_SignInit(hSession, pMechanism, hKey); 1764 } 1765 1766 public synchronized byte[] C_Sign(long hSession, byte[] pData) 1767 throws PKCS11Exception { 1768 return super.C_Sign(hSession, pData); 1769 } 1770 1771 public synchronized void C_SignUpdate(long hSession, long directIn, 1772 byte[] in, int inOfs, int inLen) throws PKCS11Exception { 1773 super.C_SignUpdate(hSession, directIn, in, inOfs, inLen); 1774 } 1775 1776 public synchronized byte[] C_SignFinal(long hSession, int expectedLen) 1777 throws PKCS11Exception { 1778 return super.C_SignFinal(hSession, expectedLen); 1779 } 1780 1781 public synchronized void C_SignRecoverInit(long hSession, 1782 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1783 super.C_SignRecoverInit(hSession, pMechanism, hKey); 1784 } 1785 1786 public synchronized int C_SignRecover(long hSession, byte[] in, int inOfs, 1787 int inLen, byte[] out, int outOufs, int outLen) 1788 throws PKCS11Exception { 1789 return super.C_SignRecover(hSession, in, inOfs, inLen, out, outOufs, 1790 outLen); 1791 } 1792 1793 public synchronized void C_VerifyInit(long hSession, CK_MECHANISM pMechanism, 1794 long hKey) throws PKCS11Exception { 1795 super.C_VerifyInit(hSession, pMechanism, hKey); 1796 } 1797 1798 public synchronized void C_Verify(long hSession, byte[] pData, 1799 byte[] pSignature) throws PKCS11Exception { 1800 super.C_Verify(hSession, pData, pSignature); 1801 } 1802 1803 public synchronized void C_VerifyUpdate(long hSession, long directIn, 1804 byte[] in, int inOfs, int inLen) throws PKCS11Exception { 1805 super.C_VerifyUpdate(hSession, directIn, in, inOfs, inLen); 1806 } 1807 1808 public synchronized void C_VerifyFinal(long hSession, byte[] pSignature) 1809 throws PKCS11Exception { 1810 super.C_VerifyFinal(hSession, pSignature); 1811 } 1812 1813 public synchronized void C_VerifyRecoverInit(long hSession, 1814 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1815 super.C_VerifyRecoverInit(hSession, pMechanism, hKey); 1816 } 1817 1818 public synchronized int C_VerifyRecover(long hSession, byte[] in, int inOfs, 1819 int inLen, byte[] out, int outOufs, int outLen) 1820 throws PKCS11Exception { 1821 return super.C_VerifyRecover(hSession, in, inOfs, inLen, out, outOufs, 1822 outLen); 1823 } 1824 1825 public synchronized long C_GenerateKey(long hSession, 1826 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pTemplate) 1827 throws PKCS11Exception { 1828 return super.C_GenerateKey(hSession, pMechanism, pTemplate); 1829 } 1830 1831 public synchronized long[] C_GenerateKeyPair(long hSession, 1832 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate, 1833 CK_ATTRIBUTE[] pPrivateKeyTemplate) 1834 throws PKCS11Exception { 1835 return super.C_GenerateKeyPair(hSession, pMechanism, pPublicKeyTemplate, 1836 pPrivateKeyTemplate); 1837 } 1838 1839 public synchronized byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism, 1840 long hWrappingKey, long hKey) throws PKCS11Exception { 1841 return super.C_WrapKey(hSession, pMechanism, hWrappingKey, hKey); 1842 } 1843 1844 public synchronized long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism, 1845 long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate) 1846 throws PKCS11Exception { 1847 return super.C_UnwrapKey(hSession, pMechanism, hUnwrappingKey, 1848 pWrappedKey, pTemplate); 1849 } 1850 1851 public synchronized long C_DeriveKey(long hSession, CK_MECHANISM pMechanism, 1852 long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1853 return super.C_DeriveKey(hSession, pMechanism, hBaseKey, pTemplate); 1854 } 1855 1856 public synchronized void C_SeedRandom(long hSession, byte[] pSeed) 1857 throws PKCS11Exception { 1858 super.C_SeedRandom(hSession, pSeed); 1859 } 1860 1861 public synchronized void C_GenerateRandom(long hSession, byte[] randomData) 1862 throws PKCS11Exception { 1863 super.C_GenerateRandom(hSession, randomData); 1864 } 1865 } 1866 }