1 /*
2 * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
3 */
4
5 /* Copyright (c) 2002 Graz University of Technology. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright notice,
11 * this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright notice,
14 * this list of conditions and the following disclaimer in the documentation
15 * and/or other materials provided with the distribution.
16 *
17 * 3. The end-user documentation included with the redistribution, if any, must
18 * include the following acknowledgment:
19 *
20 * "This product includes software developed by IAIK of Graz University of
21 * Technology."
22 *
23 * Alternately, this acknowledgment may appear in the software itself, if
24 * and wherever such third-party acknowledgments normally appear.
25 *
26 * 4. The names "Graz University of Technology" and "IAIK of Graz University of
27 * Technology" must not be used to endorse or promote products derived from
28 * this software without prior written permission.
29 *
30 * 5. Products derived from this software may not be called
31 * "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior
32 * written permission of Graz University of Technology.
33 *
34 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
35 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
36 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE
38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
45 * POSSIBILITY OF SUCH DAMAGE.
46 */
47
48 package sun.security.pkcs11.wrapper;
49
50 import java.io.File;
51 import java.io.IOException;
52 import java.util.*;
53
54 import java.security.AccessController;
55 import java.security.PrivilegedAction;
56
57 import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
58
59 /**
60 * This is the default implementation of the PKCS11 interface. IT connects to
61 * the pkcs11wrapper.dll file, which is the native part of this library.
62 * The strange and awkward looking initialization was chosen to avoid calling
63 * loadLibrary from a static initialization block, because this would complicate
64 * the use in applets.
65 *
66 * @author Karl Scheibelhofer <Karl.Scheibelhofer@iaik.at>
67 * @author Martin Schlaeffer <schlaeff@sbox.tugraz.at>
68 * @invariants (pkcs11ModulePath_ <> null)
69 */
70 public class PKCS11 {
71
72 /**
73 * The name of the native part of the wrapper; i.e. the filename without
74 * the extension (e.g. ".DLL" or ".so").
75 */
76 private static final String PKCS11_WRAPPER = "j2pkcs11";
77
78 static {
79 // cannot use LoadLibraryAction because that would make the native
80 // library available to the bootclassloader, but we run in the
81 // extension classloader.
82 AccessController.doPrivileged(new PrivilegedAction<Object>() {
83 public Object run() {
84 System.loadLibrary(PKCS11_WRAPPER);
85 return null;
86 }
87 });
88 initializeLibrary();
89 }
90
91 public static void loadNative() {
92 // dummy method that can be called to make sure the native
93 // portion has been loaded. actual loading happens in the
94 // static initializer, hence this method is empty.
95 }
96
97 /**
98 * The PKCS#11 module to connect to. This is the PKCS#11 driver of the token;
99 * e.g. pk2priv.dll.
100 */
101 private final String pkcs11ModulePath;
102
103 private long pNativeData;
104
105 /**
106 * This method does the initialization of the native library. It is called
107 * exactly once for this class.
108 *
109 * @preconditions
110 * @postconditions
111 */
112 private static native void initializeLibrary();
113
114 // XXX
115 /**
116 * This method does the finalization of the native library. It is called
117 * exactly once for this class. The library uses this method for a clean-up
118 * of any resources.
119 *
120 * @preconditions
121 * @postconditions
122 */
123 private static native void finalizeLibrary();
124
125 private static final Map<String,PKCS11> moduleMap =
126 new HashMap<String,PKCS11>();
127
128 /**
129 * Connects to the PKCS#11 driver given. The filename must contain the
130 * path, if the driver is not in the system's search path.
131 *
132 * @param pkcs11ModulePath the PKCS#11 library path
133 * @preconditions (pkcs11ModulePath <> null)
134 * @postconditions
135 */
136 PKCS11(String pkcs11ModulePath, String functionListName)
137 throws IOException {
138 connect(pkcs11ModulePath, functionListName);
139 this.pkcs11ModulePath = pkcs11ModulePath;
140 }
141
142 public static synchronized PKCS11 getInstance(String pkcs11ModulePath,
143 String functionList, CK_C_INITIALIZE_ARGS pInitArgs,
144 boolean omitInitialize) throws IOException, PKCS11Exception {
145 // we may only call C_Initialize once per native .so/.dll
146 // so keep a cache using the (non-canonicalized!) path
147 PKCS11 pkcs11 = moduleMap.get(pkcs11ModulePath);
148 if (pkcs11 == null) {
149 if ((pInitArgs != null)
150 && ((pInitArgs.flags & CKF_OS_LOCKING_OK) != 0)) {
151 pkcs11 = new PKCS11(pkcs11ModulePath, functionList);
152 } else {
153 pkcs11 = new SynchronizedPKCS11(pkcs11ModulePath, functionList);
154 }
155 if (omitInitialize == false) {
156 try {
157 pkcs11.C_Initialize(pInitArgs);
158 } catch (PKCS11Exception e) {
159 // ignore already-initialized error code
160 // rethrow all other errors
161 if (e.getErrorCode() != CKR_CRYPTOKI_ALREADY_INITIALIZED) {
162 throw e;
163 }
164 }
165 }
166 moduleMap.put(pkcs11ModulePath, pkcs11);
167 }
168 return pkcs11;
169 }
170
171 /**
172 * Connects this object to the specified PKCS#11 library. This method is for
173 * internal use only.
174 * Declared private, because incorrect handling may result in errors in the
175 * native part.
176 *
177 * @param pkcs11ModulePath The PKCS#11 library path.
178 * @preconditions (pkcs11ModulePath <> null)
179 * @postconditions
180 */
181 private native void connect(String pkcs11ModulePath, String functionListName)
182 throws IOException;
183
184 /**
185 * Disconnects the PKCS#11 library from this object. After calling this
186 * method, this object is no longer connected to a native PKCS#11 module
187 * and any subsequent calls to C_ methods will fail. This method is for
188 * internal use only.
189 * Declared private, because incorrect handling may result in errors in the
190 * native part.
191 *
192 * @preconditions
193 * @postconditions
194 */
195 private native void disconnect();
196
197
198 // Implementation of PKCS11 methods delegated to native pkcs11wrapper library
199
200 /* *****************************************************************************
201 * General-purpose
202 ******************************************************************************/
203
204 /**
205 * C_Initialize initializes the Cryptoki library.
206 * (General-purpose)
207 *
208 * @param pInitArgs if pInitArgs is not NULL it gets casted to
209 * CK_C_INITIALIZE_ARGS_PTR and dereferenced
210 * (PKCS#11 param: CK_VOID_PTR pInitArgs)
211 * @exception PKCS11Exception If function returns other value than CKR_OK.
212 * @preconditions
213 * @postconditions
214 */
215 native void C_Initialize(Object pInitArgs) throws PKCS11Exception;
216
217 /**
218 * C_Finalize indicates that an application is done with the
219 * Cryptoki library
220 * (General-purpose)
221 *
222 * @param pReserved is reserved. Should be NULL_PTR
223 * (PKCS#11 param: CK_VOID_PTR pReserved)
224 * @exception PKCS11Exception If function returns other value than CKR_OK.
225 * @preconditions (pReserved == null)
226 * @postconditions
227 */
228 public native void C_Finalize(Object pReserved) throws PKCS11Exception;
229
230
231 /**
232 * C_GetInfo returns general information about Cryptoki.
233 * (General-purpose)
234 *
235 * @return the information.
236 * (PKCS#11 param: CK_INFO_PTR pInfo)
237 * @exception PKCS11Exception If function returns other value than CKR_OK.
238 * @preconditions
239 * @postconditions (result <> null)
240 */
241 public native CK_INFO C_GetInfo() throws PKCS11Exception;
242
243
244 /* *****************************************************************************
245 * Slot and token management
246 ******************************************************************************/
247
248 /**
249 * C_GetSlotList obtains a list of slots in the system.
250 * (Slot and token management)
251 *
252 * @param tokenPresent if true only Slot IDs with a token are returned
253 * (PKCS#11 param: CK_BBOOL tokenPresent)
254 * @return a long array of slot IDs and number of Slot IDs
255 * (PKCS#11 param: CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount)
256 * @exception PKCS11Exception If function returns other value than CKR_OK.
257 * @preconditions
258 * @postconditions (result <> null)
259 */
260 public native long[] C_GetSlotList(boolean tokenPresent)
261 throws PKCS11Exception;
262
263
264 /**
265 * C_GetSlotInfo obtains information about a particular slot in
266 * the system.
267 * (Slot and token management)
268 *
269 * @param slotID the ID of the slot
270 * (PKCS#11 param: CK_SLOT_ID slotID)
271 * @return the slot information
272 * (PKCS#11 param: CK_SLOT_INFO_PTR pInfo)
273 * @exception PKCS11Exception If function returns other value than CKR_OK.
274 * @preconditions
275 * @postconditions (result <> null)
276 */
277 public native CK_SLOT_INFO C_GetSlotInfo(long slotID) throws PKCS11Exception;
278
279
280 /**
281 * C_GetTokenInfo obtains information about a particular token
282 * in the system.
283 * (Slot and token management)
284 *
285 * @param slotID ID of the token's slot
286 * (PKCS#11 param: CK_SLOT_ID slotID)
287 * @return the token information
288 * (PKCS#11 param: CK_TOKEN_INFO_PTR pInfo)
289 * @exception PKCS11Exception If function returns other value than CKR_OK.
290 * @preconditions
291 * @postconditions (result <> null)
292 */
293 public native CK_TOKEN_INFO C_GetTokenInfo(long slotID)
294 throws PKCS11Exception;
295
296
297 /**
298 * C_GetMechanismList obtains a list of mechanism types
299 * supported by a token.
300 * (Slot and token management)
301 *
302 * @param slotID ID of the token's slot
303 * (PKCS#11 param: CK_SLOT_ID slotID)
304 * @return a long array of mechanism types and number of mechanism types
305 * (PKCS#11 param: CK_MECHANISM_TYPE_PTR pMechanismList,
306 * CK_ULONG_PTR pulCount)
307 * @exception PKCS11Exception If function returns other value than CKR_OK.
308 * @preconditions
309 * @postconditions (result <> null)
310 */
311 public native long[] C_GetMechanismList(long slotID) throws PKCS11Exception;
312
313
314 /**
315 * C_GetMechanismInfo obtains information about a particular
316 * mechanism possibly supported by a token.
317 * (Slot and token management)
318 *
319 * @param slotID ID of the token's slot
320 * (PKCS#11 param: CK_SLOT_ID slotID)
321 * @param type type of mechanism
322 * (PKCS#11 param: CK_MECHANISM_TYPE type)
323 * @return the mechanism info
324 * (PKCS#11 param: CK_MECHANISM_INFO_PTR pInfo)
325 * @exception PKCS11Exception If function returns other value than CKR_OK.
326 * @preconditions
327 * @postconditions (result <> null)
328 */
329 public native CK_MECHANISM_INFO C_GetMechanismInfo(long slotID, long type)
330 throws PKCS11Exception;
331
332
333 /**
334 * C_InitToken initializes a token.
335 * (Slot and token management)
336 *
337 * @param slotID ID of the token's slot
338 * (PKCS#11 param: CK_SLOT_ID slotID)
339 * @param pPin the SO's initial PIN and the length in bytes of the PIN
340 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
341 * @param pLabel 32-byte token label (blank padded)
342 * (PKCS#11 param: CK_UTF8CHAR_PTR pLabel)
343 * @exception PKCS11Exception If function returns other value than CKR_OK.
344 * @preconditions
345 * @postconditions
346 */
347 // public native void C_InitToken(long slotID, char[] pPin, char[] pLabel)
348 // throws PKCS11Exception;
349
350
351 /**
352 * C_InitPIN initializes the normal user's PIN.
353 * (Slot and token management)
354 *
355 * @param hSession the session's handle
356 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
357 * @param pPin the normal user's PIN and the length in bytes of the PIN
358 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
359 * @exception PKCS11Exception If function returns other value than CKR_OK.
360 * @preconditions
361 * @postconditions
362 */
363 // public native void C_InitPIN(long hSession, char[] pPin)
364 // throws PKCS11Exception;
365
366
367 /**
368 * C_SetPIN modifies the PIN of the user who is logged in.
369 * (Slot and token management)
370 *
371 * @param hSession the session's handle
372 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
373 * @param pOldPin the old PIN and the length of the old PIN
374 * (PKCS#11 param: CK_CHAR_PTR pOldPin, CK_ULONG ulOldLen)
375 * @param pNewPin the new PIN and the length of the new PIN
376 * (PKCS#11 param: CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen)
377 * @exception PKCS11Exception If function returns other value than CKR_OK.
378 * @preconditions
379 * @postconditions
380 */
381 // public native void C_SetPIN(long hSession, char[] pOldPin, char[] pNewPin)
382 // throws PKCS11Exception;
383
384
385
386 /* *****************************************************************************
387 * Session management
388 ******************************************************************************/
389
390 /**
391 * C_OpenSession opens a session between an application and a
392 * token.
393 * (Session management)
394 *
395 * @param slotID the slot's ID
396 * (PKCS#11 param: CK_SLOT_ID slotID)
397 * @param flags of CK_SESSION_INFO
398 * (PKCS#11 param: CK_FLAGS flags)
399 * @param pApplication passed to callback
400 * (PKCS#11 param: CK_VOID_PTR pApplication)
401 * @param Notify the callback function
402 * (PKCS#11 param: CK_NOTIFY Notify)
403 * @return the session handle
404 * (PKCS#11 param: CK_SESSION_HANDLE_PTR phSession)
405 * @exception PKCS11Exception If function returns other value than CKR_OK.
406 * @preconditions
407 * @postconditions
408 */
409 public native long C_OpenSession(long slotID, long flags,
410 Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception;
411
412
413 /**
414 * C_CloseSession closes a session between an application and a
415 * token.
416 * (Session management)
417 *
418 * @param hSession the session's handle
419 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
420 * @exception PKCS11Exception If function returns other value than CKR_OK.
421 * @preconditions
422 * @postconditions
423 */
424 public native void C_CloseSession(long hSession) throws PKCS11Exception;
425
426
427 /**
428 * C_CloseAllSessions closes all sessions with a token.
429 * (Session management)
430 *
431 * @param slotID the ID of the token's slot
432 * (PKCS#11 param: CK_SLOT_ID slotID)
433 * @exception PKCS11Exception If function returns other value than CKR_OK.
434 * @preconditions
435 * @postconditions
436 */
437 // public native void C_CloseAllSessions(long slotID) throws PKCS11Exception;
438
439
440 /**
441 * C_GetSessionInfo obtains information about the session.
442 * (Session management)
443 *
444 * @param hSession the session's handle
445 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
446 * @return the session info
447 * (PKCS#11 param: CK_SESSION_INFO_PTR pInfo)
448 * @exception PKCS11Exception If function returns other value than CKR_OK.
449 * @preconditions
450 * @postconditions (result <> null)
451 */
452 public native CK_SESSION_INFO C_GetSessionInfo(long hSession)
453 throws PKCS11Exception;
454
455
456 /**
457 * C_GetOperationState obtains the state of the cryptographic operation
458 * in a session.
459 * (Session management)
460 *
461 * @param hSession session's handle
462 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
463 * @return the state and the state length
464 * (PKCS#11 param: CK_BYTE_PTR pOperationState,
465 * CK_ULONG_PTR pulOperationStateLen)
466 * @exception PKCS11Exception If function returns other value than CKR_OK.
467 * @preconditions
468 * @postconditions (result <> null)
469 */
470 public native byte[] C_GetOperationState(long hSession)
471 throws PKCS11Exception;
472
473
474 /**
475 * C_SetOperationState restores the state of the cryptographic
476 * operation in a session.
477 * (Session management)
478 *
479 * @param hSession session's handle
480 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
481 * @param pOperationState the state and the state length
482 * (PKCS#11 param: CK_BYTE_PTR pOperationState,
483 * CK_ULONG ulOperationStateLen)
484 * @param hEncryptionKey en/decryption key
485 * (PKCS#11 param: CK_OBJECT_HANDLE hEncryptionKey)
486 * @param hAuthenticationKey sign/verify key
487 * (PKCS#11 param: CK_OBJECT_HANDLE hAuthenticationKey)
488 * @exception PKCS11Exception If function returns other value than CKR_OK.
489 * @preconditions
490 * @postconditions
491 */
492 public native void C_SetOperationState(long hSession, byte[] pOperationState,
493 long hEncryptionKey, long hAuthenticationKey) throws PKCS11Exception;
494
495
496 /**
497 * C_Login logs a user into a token.
498 * (Session management)
499 *
500 * @param hSession the session's handle
501 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
502 * @param userType the user type
503 * (PKCS#11 param: CK_USER_TYPE userType)
504 * @param pPin the user's PIN and the length of the PIN
505 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
506 * @exception PKCS11Exception If function returns other value than CKR_OK.
507 * @preconditions
508 * @postconditions
509 */
510 public native void C_Login(long hSession, long userType, char[] pPin)
511 throws PKCS11Exception;
512
513
514 /**
515 * C_Logout logs a user out from a token.
516 * (Session management)
517 *
518 * @param hSession the session's handle
519 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
520 * @exception PKCS11Exception If function returns other value than CKR_OK.
521 * @preconditions
522 * @postconditions
523 */
524 public native void C_Logout(long hSession) throws PKCS11Exception;
525
526
527
528 /* *****************************************************************************
529 * Object management
530 ******************************************************************************/
531
532 /**
533 * C_CreateObject creates a new object.
534 * (Object management)
535 *
536 * @param hSession the session's handle
537 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
538 * @param pTemplate the object's template and number of attributes in
539 * template
540 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
541 * @return the object's handle
542 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phObject)
543 * @exception PKCS11Exception If function returns other value than CKR_OK.
544 * @preconditions
545 * @postconditions
546 */
547 public native long C_CreateObject(long hSession, CK_ATTRIBUTE[] pTemplate)
548 throws PKCS11Exception;
549
550
551 /**
552 * C_CopyObject copies an object, creating a new object for the
553 * copy.
554 * (Object management)
555 *
556 * @param hSession the session's handle
557 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
558 * @param hObject the object's handle
559 * (PKCS#11 param: CK_OBJECT_HANDLE hObject)
560 * @param pTemplate the template for the new object and number of attributes
561 * in template
562 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
563 * @return the handle of the copy
564 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phNewObject)
565 * @exception PKCS11Exception If function returns other value than CKR_OK.
566 * @preconditions
567 * @postconditions
568 */
569 public native long C_CopyObject(long hSession, long hObject,
570 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
571
572
573 /**
574 * C_DestroyObject destroys an object.
575 * (Object management)
576 *
577 * @param hSession the session's handle
578 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
579 * @param hObject the object's handle
580 * (PKCS#11 param: CK_OBJECT_HANDLE hObject)
581 * @exception PKCS11Exception If function returns other value than CKR_OK.
582 * @preconditions
583 * @postconditions
584 */
585 public native void C_DestroyObject(long hSession, long hObject)
586 throws PKCS11Exception;
587
588
589 /**
590 * C_GetObjectSize gets the size of an object in bytes.
591 * (Object management)
592 *
593 * @param hSession the session's handle
594 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
595 * @param hObject the object's handle
596 * (PKCS#11 param: CK_OBJECT_HANDLE hObject)
597 * @return the size of the object
598 * (PKCS#11 param: CK_ULONG_PTR pulSize)
599 * @exception PKCS11Exception If function returns other value than CKR_OK.
600 * @preconditions
601 * @postconditions
602 */
603 // public native long C_GetObjectSize(long hSession, long hObject)
604 // throws PKCS11Exception;
605
606
607 /**
608 * C_GetAttributeValue obtains the value of one or more object
609 * attributes. The template attributes also receive the values.
610 * (Object management)
611 * note: in PKCS#11 pTemplate and the result template are the same
612 *
613 * @param hSession the session's handle
614 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
615 * @param hObject the object's handle
616 * (PKCS#11 param: CK_OBJECT_HANDLE hObject)
617 * @param pTemplate specifies the attributes and number of attributes to get
618 * The template attributes also receive the values.
619 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
620 * @exception PKCS11Exception If function returns other value than CKR_OK.
621 * @preconditions (pTemplate <> null)
622 * @postconditions (result <> null)
623 */
624 public native void C_GetAttributeValue(long hSession, long hObject,
625 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
626
627
628 /**
629 * C_SetAttributeValue modifies the value of one or more object
630 * attributes
631 * (Object management)
632 *
633 * @param hSession the session's handle
634 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
635 * @param hObject the object's handle
636 * (PKCS#11 param: CK_OBJECT_HANDLE hObject)
637 * @param pTemplate specifies the attributes and values to get; number of
638 * attributes in the template
639 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
640 * @exception PKCS11Exception If function returns other value than CKR_OK.
641 * @preconditions (pTemplate <> null)
642 * @postconditions
643 */
644 public native void C_SetAttributeValue(long hSession, long hObject,
645 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
646
647
648 /**
649 * C_FindObjectsInit initializes a search for token and session
650 * objects that match a template.
651 * (Object management)
652 *
653 * @param hSession the session's handle
654 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
655 * @param pTemplate the object's attribute values to match and the number of
656 * attributes in search template
657 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
658 * @exception PKCS11Exception If function returns other value than CKR_OK.
659 * @preconditions
660 * @postconditions
661 */
662 public native void C_FindObjectsInit(long hSession, CK_ATTRIBUTE[] pTemplate)
663 throws PKCS11Exception;
664
665
666 /**
667 * C_FindObjects continues a search for token and session
668 * objects that match a template, obtaining additional object
669 * handles.
670 * (Object management)
671 *
672 * @param hSession the session's handle
673 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
674 * @param ulMaxObjectCount the max. object handles to get
675 * (PKCS#11 param: CK_ULONG ulMaxObjectCount)
676 * @return the object's handles and the actual number of objects returned
677 * (PKCS#11 param: CK_ULONG_PTR pulObjectCount)
678 * @exception PKCS11Exception If function returns other value than CKR_OK.
679 * @preconditions
680 * @postconditions (result <> null)
681 */
682 public native long[] C_FindObjects(long hSession, long ulMaxObjectCount)
683 throws PKCS11Exception;
684
685
686 /**
687 * C_FindObjectsFinal finishes a search for token and session
688 * objects.
689 * (Object management)
690 *
691 * @param hSession the session's handle
692 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
693 * @exception PKCS11Exception If function returns other value than CKR_OK.
694 * @preconditions
695 * @postconditions
696 */
697 public native void C_FindObjectsFinal(long hSession) throws PKCS11Exception;
698
699
700
701 /* *****************************************************************************
702 * Encryption and decryption
703 ******************************************************************************/
704
705 /**
706 * C_EncryptInit initializes an encryption operation.
707 * (Encryption and decryption)
708 *
709 * @param hSession the session's handle
710 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
711 * @param pMechanism the encryption mechanism
712 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
713 * @param hKey the handle of the encryption key
714 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
715 * @exception PKCS11Exception If function returns other value than CKR_OK.
716 * @preconditions
717 * @postconditions
718 */
719 public native void C_EncryptInit(long hSession, CK_MECHANISM pMechanism,
720 long hKey) throws PKCS11Exception;
721
722
723 /**
724 * C_Encrypt encrypts single-part data.
725 * (Encryption and decryption)
726 *
727 * @param hSession the session's handle
728 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
729 * @param pData the data to get encrypted and the data's length
730 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
731 * @return the encrypted data and the encrypted data's length
732 * (PKCS#11 param: CK_BYTE_PTR pEncryptedData,
733 * CK_ULONG_PTR pulEncryptedDataLen)
734 * @exception PKCS11Exception If function returns other value than CKR_OK.
735 * @preconditions (pData <> null)
736 * @postconditions (result <> null)
737 */
738 public native int C_Encrypt(long hSession, byte[] in, int inOfs, int inLen,
739 byte[] out, int outOfs, int outLen) throws PKCS11Exception;
740
741
742 /**
743 * C_EncryptUpdate continues a multiple-part encryption
744 * operation.
745 * (Encryption and decryption)
746 *
747 * @param hSession the session's handle
748 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
749 * @param pPart the data part to get encrypted and the data part's length
750 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
751 * @return the encrypted data part and the encrypted data part's length
752 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
753 CK_ULONG_PTR pulEncryptedPartLen)
754 * @exception PKCS11Exception If function returns other value than CKR_OK.
755 * @preconditions (pPart <> null)
756 * @postconditions
757 */
758 public native int C_EncryptUpdate(long hSession, long directIn, byte[] in,
759 int inOfs, int inLen, long directOut, byte[] out, int outOfs,
760 int outLen) throws PKCS11Exception;
761
762
763 /**
764 * C_EncryptFinal finishes a multiple-part encryption
765 * operation.
766 * (Encryption and decryption)
767 *
768 * @param hSession the session's handle
769 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
770 * @return the last encrypted data part and the last data part's length
771 * (PKCS#11 param: CK_BYTE_PTR pLastEncryptedPart,
772 CK_ULONG_PTR pulLastEncryptedPartLen)
773 * @exception PKCS11Exception If function returns other value than CKR_OK.
774 * @preconditions
775 * @postconditions (result <> null)
776 */
777 public native int C_EncryptFinal(long hSession, long directOut, byte[] out,
778 int outOfs, int outLen) throws PKCS11Exception;
779
780
781 /**
782 * C_DecryptInit initializes a decryption operation.
783 * (Encryption and decryption)
784 *
785 * @param hSession the session's handle
786 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
787 * @param pMechanism the decryption mechanism
788 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
789 * @param hKey the handle of the decryption key
790 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
791 * @exception PKCS11Exception If function returns other value than CKR_OK.
792 * @preconditions
793 * @postconditions
794 */
795 public native void C_DecryptInit(long hSession, CK_MECHANISM pMechanism,
796 long hKey) throws PKCS11Exception;
797
798
799 /**
800 * C_Decrypt decrypts encrypted data in a single part.
801 * (Encryption and decryption)
802 *
803 * @param hSession the session's handle
804 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
805 * @param pEncryptedData the encrypted data to get decrypted and the
806 * encrypted data's length
807 * (PKCS#11 param: CK_BYTE_PTR pEncryptedData,
808 * CK_ULONG ulEncryptedDataLen)
809 * @return the decrypted data and the data's length
810 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
811 * @exception PKCS11Exception If function returns other value than CKR_OK.
812 * @preconditions (pEncryptedPart <> null)
813 * @postconditions (result <> null)
814 */
815 public native int C_Decrypt(long hSession, byte[] in, int inOfs, int inLen,
816 byte[] out, int outOfs, int outLen) throws PKCS11Exception;
817
818
819 /**
820 * C_DecryptUpdate continues a multiple-part decryption
821 * operation.
822 * (Encryption and decryption)
823 *
824 * @param hSession the session's handle
825 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
826 * @param pEncryptedPart the encrypted data part to get decrypted and the
827 * encrypted data part's length
828 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
829 * CK_ULONG ulEncryptedPartLen)
830 * @return the decrypted data part and the data part's length
831 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
832 * @exception PKCS11Exception If function returns other value than CKR_OK.
833 * @preconditions (pEncryptedPart <> null)
834 * @postconditions
835 */
836 public native int C_DecryptUpdate(long hSession, long directIn, byte[] in,
837 int inOfs, int inLen, long directOut, byte[] out, int outOfs,
838 int outLen) throws PKCS11Exception;
839
840
841 /**
842 * C_DecryptFinal finishes a multiple-part decryption
843 * operation.
844 * (Encryption and decryption)
845 *
846 * @param hSession the session's handle
847 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
848 * @return the last decrypted data part and the last data part's length
849 * (PKCS#11 param: CK_BYTE_PTR pLastPart,
850 * CK_ULONG_PTR pulLastPartLen)
851 * @exception PKCS11Exception If function returns other value than CKR_OK.
852 * @preconditions
853 * @postconditions (result <> null)
854 */
855 public native int C_DecryptFinal(long hSession, long directOut, byte[] out,
856 int outOfs, int outLen) throws PKCS11Exception;
857
858
859
860 /* *****************************************************************************
861 * Message digesting
862 ******************************************************************************/
863
864 /**
865 * C_DigestInit initializes a message-digesting operation.
866 * (Message digesting)
867 *
868 * @param hSession the session's handle
869 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
870 * @param pMechanism the digesting mechanism
871 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
872 * @exception PKCS11Exception If function returns other value than CKR_OK.
873 * @preconditions
874 * @postconditions
875 */
876 public native void C_DigestInit(long hSession, CK_MECHANISM pMechanism)
877 throws PKCS11Exception;
878
879
880 // note that C_DigestSingle does not exist in PKCS#11
881 // we combined the C_DigestInit and C_Digest into a single function
882 // to save on Java<->C transitions and save 5-10% on small digests
883 // this made the C_Digest method redundant, it has been removed
884 /**
885 * C_Digest digests data in a single part.
886 * (Message digesting)
887 *
888 * @param hSession the session's handle
889 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
890 * @param data the data to get digested and the data's length
891 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
892 * @return the message digest and the length of the message digest
893 * (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
894 * @exception PKCS11Exception If function returns other value than CKR_OK.
895 * @preconditions (data <> null)
896 * @postconditions (result <> null)
897 */
898 public native int C_DigestSingle(long hSession, CK_MECHANISM pMechanism,
899 byte[] in, int inOfs, int inLen, byte[] digest, int digestOfs,
900 int digestLen) throws PKCS11Exception;
901
902
903 /**
904 * C_DigestUpdate continues a multiple-part message-digesting
905 * operation.
906 * (Message digesting)
907 *
908 * @param hSession the session's handle
909 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
910 * @param pPart the data to get digested and the data's length
911 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
912 * @exception PKCS11Exception If function returns other value than CKR_OK.
913 * @preconditions (pPart <> null)
914 * @postconditions
915 */
916 public native void C_DigestUpdate(long hSession, long directIn, byte[] in,
917 int inOfs, int inLen) throws PKCS11Exception;
918
919
920 /**
921 * C_DigestKey continues a multi-part message-digesting
922 * operation, by digesting the value of a secret key as part of
923 * the data already digested.
924 * (Message digesting)
925 *
926 * @param hSession the session's handle
927 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
928 * @param hKey the handle of the secret key to be digested
929 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
930 * @exception PKCS11Exception If function returns other value than CKR_OK.
931 * @preconditions
932 * @postconditions
933 */
934 public native void C_DigestKey(long hSession, long hKey)
935 throws PKCS11Exception;
936
937
938 /**
939 * C_DigestFinal finishes a multiple-part message-digesting
940 * operation.
941 * (Message digesting)
942 *
943 * @param hSession the session's handle
944 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
945 * @return the message digest and the length of the message digest
946 * (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
947 * @exception PKCS11Exception If function returns other value than CKR_OK.
948 * @preconditions
949 * @postconditions (result <> null)
950 */
951 public native int C_DigestFinal(long hSession, byte[] pDigest, int digestOfs,
952 int digestLen) throws PKCS11Exception;
953
954
955
956 /* *****************************************************************************
957 * Signing and MACing
958 ******************************************************************************/
959
960 /**
961 * C_SignInit initializes a signature (private key encryption)
962 * operation, where the signature is (will be) an appendix to
963 * the data, and plaintext cannot be recovered from the
964 * signature.
965 * (Signing and MACing)
966 *
967 * @param hSession the session's handle
968 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
969 * @param pMechanism the signature mechanism
970 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
971 * @param hKey the handle of the signature key
972 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
973 * @exception PKCS11Exception If function returns other value than CKR_OK.
974 * @preconditions
975 * @postconditions
976 */
977 public native void C_SignInit(long hSession, CK_MECHANISM pMechanism,
978 long hKey) throws PKCS11Exception;
979
980
981 /**
982 * C_Sign signs (encrypts with private key) data in a single
983 * part, where the signature is (will be) an appendix to the
984 * data, and plaintext cannot be recovered from the signature.
985 * (Signing and MACing)
986 *
987 * @param hSession the session's handle
988 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
989 * @param pData the data to sign and the data's length
990 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
991 * @return the signature and the signature's length
992 * (PKCS#11 param: CK_BYTE_PTR pSignature,
993 * CK_ULONG_PTR pulSignatureLen)
994 * @exception PKCS11Exception If function returns other value than CKR_OK.
995 * @preconditions (pData <> null)
996 * @postconditions (result <> null)
997 */
998 public native byte[] C_Sign(long hSession, byte[] pData)
999 throws PKCS11Exception;
1000
1001
1002 /**
1003 * C_SignUpdate continues a multiple-part signature operation,
1004 * where the signature is (will be) an appendix to the data,
1005 * and plaintext cannot be recovered from the signature.
1006 * (Signing and MACing)
1007 *
1008 * @param hSession the session's handle
1009 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1010 * @param pPart the data part to sign and the data part's length
1011 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1012 * @exception PKCS11Exception If function returns other value than CKR_OK.
1013 * @preconditions (pPart <> null)
1014 * @postconditions
1015 */
1016 public native void C_SignUpdate(long hSession, long directIn, byte[] in,
1017 int inOfs, int inLen) throws PKCS11Exception;
1018
1019
1020 /**
1021 * C_SignFinal finishes a multiple-part signature operation,
1022 * returning the signature.
1023 * (Signing and MACing)
1024 *
1025 * @param hSession the session's handle
1026 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1027 * @return the signature and the signature's length
1028 * (PKCS#11 param: CK_BYTE_PTR pSignature,
1029 * CK_ULONG_PTR pulSignatureLen)
1030 * @exception PKCS11Exception If function returns other value than CKR_OK.
1031 * @preconditions
1032 * @postconditions (result <> null)
1033 */
1034 public native byte[] C_SignFinal(long hSession, int expectedLen)
1035 throws PKCS11Exception;
1036
1037
1038 /**
1039 * C_SignRecoverInit initializes a signature operation, where
1040 * the data can be recovered from the signature.
1041 * (Signing and MACing)
1042 *
1043 * @param hSession the session's handle
1044 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1045 * @param pMechanism the signature mechanism
1046 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1047 * @param hKey the handle of the signature key
1048 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1049 * @exception PKCS11Exception If function returns other value than CKR_OK.
1050 * @preconditions
1051 * @postconditions
1052 */
1053 public native void C_SignRecoverInit(long hSession, CK_MECHANISM pMechanism,
1054 long hKey) throws PKCS11Exception;
1055
1056
1057 /**
1058 * C_SignRecover signs data in a single operation, where the
1059 * data can be recovered from the signature.
1060 * (Signing and MACing)
1061 *
1062 * @param hSession the session's handle
1063 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1064 * @param pData the data to sign and the data's length
1065 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
1066 * @return the signature and the signature's length
1067 * (PKCS#11 param: CK_BYTE_PTR pSignature,
1068 * CK_ULONG_PTR pulSignatureLen)
1069 * @exception PKCS11Exception If function returns other value than CKR_OK.
1070 * @preconditions (pData <> null)
1071 * @postconditions (result <> null)
1072 */
1073 public native int C_SignRecover(long hSession, byte[] in, int inOfs,
1074 int inLen, byte[] out, int outOufs, int outLen)
1075 throws PKCS11Exception;
1076
1077
1078
1079 /* *****************************************************************************
1080 * Verifying signatures and MACs
1081 ******************************************************************************/
1082
1083 /**
1084 * C_VerifyInit initializes a verification operation, where the
1085 * signature is an appendix to the data, and plaintext cannot
1086 * cannot be recovered from the signature (e.g. DSA).
1087 * (Signing and MACing)
1088 *
1089 * @param hSession the session's handle
1090 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1091 * @param pMechanism the verification mechanism
1092 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1093 * @param hKey the handle of the verification key
1094 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1095 * @exception PKCS11Exception If function returns other value than CKR_OK.
1096 * @preconditions
1097 * @postconditions
1098 */
1099 public native void C_VerifyInit(long hSession, CK_MECHANISM pMechanism,
1100 long hKey) throws PKCS11Exception;
1101
1102
1103 /**
1104 * C_Verify verifies a signature in a single-part operation,
1105 * where the signature is an appendix to the data, and plaintext
1106 * cannot be recovered from the signature.
1107 * (Signing and MACing)
1108 *
1109 * @param hSession the session's handle
1110 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1111 * @param pData the signed data and the signed data's length
1112 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
1113 * @param pSignature the signature to verify and the signature's length
1114 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
1115 * @exception PKCS11Exception If function returns other value than CKR_OK.
1116 * @preconditions (pData <> null) and (pSignature <> null)
1117 * @postconditions
1118 */
1119 public native void C_Verify(long hSession, byte[] pData, byte[] pSignature)
1120 throws PKCS11Exception;
1121
1122
1123 /**
1124 * C_VerifyUpdate continues a multiple-part verification
1125 * operation, where the signature is an appendix to the data,
1126 * and plaintext cannot be recovered from the signature.
1127 * (Signing and MACing)
1128 *
1129 * @param hSession the session's handle
1130 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1131 * @param pPart the signed data part and the signed data part's length
1132 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1133 * @exception PKCS11Exception If function returns other value than CKR_OK.
1134 * @preconditions (pPart <> null)
1135 * @postconditions
1136 */
1137 public native void C_VerifyUpdate(long hSession, long directIn, byte[] in,
1138 int inOfs, int inLen) throws PKCS11Exception;
1139
1140
1141 /**
1142 * C_VerifyFinal finishes a multiple-part verification
1143 * operation, checking the signature.
1144 * (Signing and MACing)
1145 *
1146 * @param hSession the session's handle
1147 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1148 * @param pSignature the signature to verify and the signature's length
1149 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
1150 * @exception PKCS11Exception If function returns other value than CKR_OK.
1151 * @preconditions (pSignature <> null)
1152 * @postconditions
1153 */
1154 public native void C_VerifyFinal(long hSession, byte[] pSignature)
1155 throws PKCS11Exception;
1156
1157
1158 /**
1159 * C_VerifyRecoverInit initializes a signature verification
1160 * operation, where the data is recovered from the signature.
1161 * (Signing and MACing)
1162 *
1163 * @param hSession the session's handle
1164 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1165 * @param pMechanism the verification mechanism
1166 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1167 * @param hKey the handle of the verification key
1168 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1169 * @exception PKCS11Exception If function returns other value than CKR_OK.
1170 * @preconditions
1171 * @postconditions
1172 */
1173 public native void C_VerifyRecoverInit(long hSession,
1174 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception;
1175
1176
1177 /**
1178 * C_VerifyRecover verifies a signature in a single-part
1179 * operation, where the data is recovered from the signature.
1180 * (Signing and MACing)
1181 *
1182 * @param hSession the session's handle
1183 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1184 * @param pSignature the signature to verify and the signature's length
1185 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
1186 * @return the recovered data and the recovered data's length
1187 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
1188 * @exception PKCS11Exception If function returns other value than CKR_OK.
1189 * @preconditions (pSignature <> null)
1190 * @postconditions (result <> null)
1191 */
1192 public native int C_VerifyRecover(long hSession, byte[] in, int inOfs,
1193 int inLen, byte[] out, int outOufs, int outLen)
1194 throws PKCS11Exception;
1195
1196
1197
1198 /* *****************************************************************************
1199 * Dual-function cryptographic operations
1200 ******************************************************************************/
1201
1202 /**
1203 * C_DigestEncryptUpdate continues a multiple-part digesting
1204 * and encryption operation.
1205 * (Dual-function cryptographic operations)
1206 *
1207 * @param hSession the session's handle
1208 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1209 * @param pPart the data part to digest and to encrypt and the data's length
1210 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1211 * @return the digested and encrypted data part and the data part's length
1212 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1213 * CK_ULONG_PTR pulEncryptedPartLen)
1214 * @exception PKCS11Exception If function returns other value than CKR_OK.
1215 * @preconditions (pPart <> null)
1216 * @postconditions
1217 */
1218 // public native byte[] C_DigestEncryptUpdate(long hSession, byte[] pPart)
1219 // throws PKCS11Exception;
1220
1221
1222 /**
1223 * C_DecryptDigestUpdate continues a multiple-part decryption and
1224 * digesting operation.
1225 * (Dual-function cryptographic operations)
1226 *
1227 * @param hSession the session's handle
1228 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1229 * @param pEncryptedPart the encrypted data part to decrypt and to digest
1230 * and encrypted data part's length
1231 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1232 * CK_ULONG ulEncryptedPartLen)
1233 * @return the decrypted and digested data part and the data part's length
1234 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
1235 * @exception PKCS11Exception If function returns other value than CKR_OK.
1236 * @preconditions (pEncryptedPart <> null)
1237 * @postconditions
1238 */
1239 // public native byte[] C_DecryptDigestUpdate(long hSession,
1240 // byte[] pEncryptedPart) throws PKCS11Exception;
1241
1242
1243 /**
1244 * C_SignEncryptUpdate continues a multiple-part signing and
1245 * encryption operation.
1246 * (Dual-function cryptographic operations)
1247 *
1248 * @param hSession the session's handle
1249 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1250 * @param pPart the data part to sign and to encrypt and the data part's
1251 * length
1252 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1253 * @return the signed and encrypted data part and the data part's length
1254 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1255 * CK_ULONG_PTR pulEncryptedPartLen)
1256 * @exception PKCS11Exception If function returns other value than CKR_OK.
1257 * @preconditions (pPart <> null)
1258 * @postconditions
1259 */
1260 // public native byte[] C_SignEncryptUpdate(long hSession, byte[] pPart)
1261 // throws PKCS11Exception;
1262
1263
1264 /**
1265 * C_DecryptVerifyUpdate continues a multiple-part decryption and
1266 * verify operation.
1267 * (Dual-function cryptographic operations)
1268 *
1269 * @param hSession the session's handle
1270 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1271 * @param pEncryptedPart the encrypted data part to decrypt and to verify
1272 * and the data part's length
1273 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1274 * CK_ULONG ulEncryptedPartLen)
1275 * @return the decrypted and verified data part and the data part's length
1276 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
1277 * @exception PKCS11Exception If function returns other value than CKR_OK.
1278 * @preconditions (pEncryptedPart <> null)
1279 * @postconditions
1280 */
1281 // public native byte[] C_DecryptVerifyUpdate(long hSession,
1282 // byte[] pEncryptedPart) throws PKCS11Exception;
1283
1284
1285
1286 /* *****************************************************************************
1287 * Key management
1288 ******************************************************************************/
1289
1290 /**
1291 * C_GenerateKey generates a secret key, creating a new key
1292 * object.
1293 * (Key management)
1294 *
1295 * @param hSession the session's handle
1296 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1297 * @param pMechanism the key generation mechanism
1298 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1299 * @param pTemplate the template for the new key and the number of
1300 * attributes in the template
1301 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
1302 * @return the handle of the new key
1303 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
1304 * @exception PKCS11Exception If function returns other value than CKR_OK.
1305 * @preconditions
1306 * @postconditions
1307 */
1308 public native long C_GenerateKey(long hSession, CK_MECHANISM pMechanism,
1309 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
1310
1311
1312 /**
1313 * C_GenerateKeyPair generates a public-key/private-key pair,
1314 * creating new key objects.
1315 * (Key management)
1316 *
1317 * @param hSession the session's handle
1318 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1319 * @param pMechanism the key generation mechanism
1320 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1321 * @param pPublicKeyTemplate the template for the new public key and the
1322 * number of attributes in the template
1323 * (PKCS#11 param: CK_ATTRIBUTE_PTR pPublicKeyTemplate,
1324 * CK_ULONG ulPublicKeyAttributeCount)
1325 * @param pPrivateKeyTemplate the template for the new private key and the
1326 * number of attributes in the template
1327 * (PKCS#11 param: CK_ATTRIBUTE_PTR pPrivateKeyTemplate
1328 * CK_ULONG ulPrivateKeyAttributeCount)
1329 * @return a long array with exactly two elements and the public key handle
1330 * as the first element and the private key handle as the second
1331 * element
1332 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phPublicKey,
1333 * CK_OBJECT_HANDLE_PTR phPrivateKey)
1334 * @exception PKCS11Exception If function returns other value than CKR_OK.
1335 * @preconditions (pMechanism <> null)
1336 * @postconditions (result <> null) and (result.length == 2)
1337 */
1338 public native long[] C_GenerateKeyPair(long hSession,
1339 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate,
1340 CK_ATTRIBUTE[] pPrivateKeyTemplate) throws PKCS11Exception;
1341
1342
1343
1344 /**
1345 * C_WrapKey wraps (i.e., encrypts) a key.
1346 * (Key management)
1347 *
1348 * @param hSession the session's handle
1349 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1350 * @param pMechanism the wrapping mechanism
1351 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1352 * @param hWrappingKey the handle of the wrapping key
1353 * (PKCS#11 param: CK_OBJECT_HANDLE hWrappingKey)
1354 * @param hKey the handle of the key to be wrapped
1355 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1356 * @return the wrapped key and the length of the wrapped key
1357 * (PKCS#11 param: CK_BYTE_PTR pWrappedKey,
1358 * CK_ULONG_PTR pulWrappedKeyLen)
1359 * @exception PKCS11Exception If function returns other value than CKR_OK.
1360 * @preconditions
1361 * @postconditions (result <> null)
1362 */
1363 public native byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism,
1364 long hWrappingKey, long hKey) throws PKCS11Exception;
1365
1366
1367 /**
1368 * C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
1369 * key object.
1370 * (Key management)
1371 *
1372 * @param hSession the session's handle
1373 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1374 * @param pMechanism the unwrapping mechanism
1375 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1376 * @param hUnwrappingKey the handle of the unwrapping key
1377 * (PKCS#11 param: CK_OBJECT_HANDLE hUnwrappingKey)
1378 * @param pWrappedKey the wrapped key to unwrap and the wrapped key's length
1379 * (PKCS#11 param: CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen)
1380 * @param pTemplate the template for the new key and the number of
1381 * attributes in the template
1382 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
1383 * @return the handle of the unwrapped key
1384 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
1385 * @exception PKCS11Exception If function returns other value than CKR_OK.
1386 * @preconditions (pWrappedKey <> null)
1387 * @postconditions
1388 */
1389 public native long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism,
1390 long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate)
1391 throws PKCS11Exception;
1392
1393
1394 /**
1395 * C_DeriveKey derives a key from a base key, creating a new key
1396 * object.
1397 * (Key management)
1398 *
1399 * @param hSession the session's handle
1400 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1401 * @param pMechanism the key derivation mechanism
1402 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1403 * @param hBaseKey the handle of the base key
1404 * (PKCS#11 param: CK_OBJECT_HANDLE hBaseKey)
1405 * @param pTemplate the template for the new key and the number of
1406 * attributes in the template
1407 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
1408 * @return the handle of the derived key
1409 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
1410 * @exception PKCS11Exception If function returns other value than CKR_OK.
1411 * @preconditions
1412 * @postconditions
1413 */
1414 public native long C_DeriveKey(long hSession, CK_MECHANISM pMechanism,
1415 long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
1416
1417
1418
1419 /* *****************************************************************************
1420 * Random number generation
1421 ******************************************************************************/
1422
1423 /**
1424 * C_SeedRandom mixes additional seed material into the token's
1425 * random number generator.
1426 * (Random number generation)
1427 *
1428 * @param hSession the session's handle
1429 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1430 * @param pSeed the seed material and the seed material's length
1431 * (PKCS#11 param: CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen)
1432 * @exception PKCS11Exception If function returns other value than CKR_OK.
1433 * @preconditions (pSeed <> null)
1434 * @postconditions
1435 */
1436 public native void C_SeedRandom(long hSession, byte[] pSeed)
1437 throws PKCS11Exception;
1438
1439
1440 /**
1441 * C_GenerateRandom generates random data.
1442 * (Random number generation)
1443 *
1444 * @param hSession the session's handle
1445 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1446 * @param RandomData receives the random data and the length of RandomData
1447 * is the length of random data to be generated
1448 * (PKCS#11 param: CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen)
1449 * @exception PKCS11Exception If function returns other value than CKR_OK.
1450 * @preconditions (randomData <> null)
1451 * @postconditions
1452 */
1453 public native void C_GenerateRandom(long hSession, byte[] randomData)
1454 throws PKCS11Exception;
1455
1456
1457
1458 /* *****************************************************************************
1459 * Parallel function management
1460 ******************************************************************************/
1461
1462 /**
1463 * C_GetFunctionStatus is a legacy function; it obtains an
1464 * updated status of a function running in parallel with an
1465 * application.
1466 * (Parallel function management)
1467 *
1468 * @param hSession the session's handle
1469 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1470 * @exception PKCS11Exception If function returns other value than CKR_OK.
1471 * @preconditions
1472 * @postconditions
1473 */
1474 // public native void C_GetFunctionStatus(long hSession)
1475 // throws PKCS11Exception;
1476
1477
1478 /**
1479 * C_CancelFunction is a legacy function; it cancels a function
1480 * running in parallel.
1481 * (Parallel function management)
1482 *
1483 * @param hSession the session's handle
1484 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1485 * @exception PKCS11Exception If function returns other value than CKR_OK.
1486 * @preconditions
1487 * @postconditions
1488 */
1489 // public native void C_CancelFunction(long hSession) throws PKCS11Exception;
1490
1491
1492
1493 /* *****************************************************************************
1494 * Functions added in for Cryptoki Version 2.01 or later
1495 ******************************************************************************/
1496
1497 /**
1498 * C_WaitForSlotEvent waits for a slot event (token insertion,
1499 * removal, etc.) to occur.
1500 * (General-purpose)
1501 *
1502 * @param flags blocking/nonblocking flag
1503 * (PKCS#11 param: CK_FLAGS flags)
1504 * @param pReserved reserved. Should be null
1505 * (PKCS#11 param: CK_VOID_PTR pReserved)
1506 * @return the slot ID where the event occured
1507 * (PKCS#11 param: CK_SLOT_ID_PTR pSlot)
1508 * @exception PKCS11Exception If function returns other value than CKR_OK.
1509 * @preconditions (pRserved == null)
1510 * @postconditions
1511 */
1512 // public native long C_WaitForSlotEvent(long flags, Object pRserved)
1513 // throws PKCS11Exception;
1514
1515 /**
1516 * Returns the string representation of this object.
1517 *
1518 * @return The string representation of object
1519 */
1520 public String toString() {
1521 return "Module name: " + pkcs11ModulePath;
1522 }
1523
1524 /**
1525 * Calls disconnect() to cleanup the native part of the wrapper. Once this
1526 * method is called, this object cannot be used any longer. Any subsequent
1527 * call to a C_* method will result in a runtime exception.
1528 *
1529 * @exception Throwable If finalization fails.
1530 */
1531 public void finalize() throws Throwable {
1532 disconnect();
1533 }
1534
1535 // PKCS11 subclass that has all methods synchronized and delegating to the
1536 // parent. Used for tokens that only support single threaded access
1537 static class SynchronizedPKCS11 extends PKCS11 {
1538
1539 SynchronizedPKCS11(String pkcs11ModulePath, String functionListName)
1540 throws IOException {
1541 super(pkcs11ModulePath, functionListName);
1542 }
1543
1544 synchronized void C_Initialize(Object pInitArgs) throws PKCS11Exception {
1545 super.C_Initialize(pInitArgs);
1546 }
1547
1548 public synchronized void C_Finalize(Object pReserved)
1549 throws PKCS11Exception {
1550 super.C_Finalize(pReserved);
1551 }
1552
1553 public synchronized CK_INFO C_GetInfo() throws PKCS11Exception {
1554 return super.C_GetInfo();
1555 }
1556
1557 public synchronized long[] C_GetSlotList(boolean tokenPresent)
1558 throws PKCS11Exception {
1559 return super.C_GetSlotList(tokenPresent);
1560 }
1561
1562 public synchronized CK_SLOT_INFO C_GetSlotInfo(long slotID)
1563 throws PKCS11Exception {
1564 return super.C_GetSlotInfo(slotID);
1565 }
1566
1567 public synchronized CK_TOKEN_INFO C_GetTokenInfo(long slotID)
1568 throws PKCS11Exception {
1569 return super.C_GetTokenInfo(slotID);
1570 }
1571
1572 public synchronized long[] C_GetMechanismList(long slotID)
1573 throws PKCS11Exception {
1574 return super.C_GetMechanismList(slotID);
1575 }
1576
1577 public synchronized CK_MECHANISM_INFO C_GetMechanismInfo(long slotID,
1578 long type) throws PKCS11Exception {
1579 return super.C_GetMechanismInfo(slotID, type);
1580 }
1581
1582 public synchronized long C_OpenSession(long slotID, long flags,
1583 Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception {
1584 return super.C_OpenSession(slotID, flags, pApplication, Notify);
1585 }
1586
1587 public synchronized void C_CloseSession(long hSession)
1588 throws PKCS11Exception {
1589 super.C_CloseSession(hSession);
1590 }
1591
1592 public synchronized CK_SESSION_INFO C_GetSessionInfo(long hSession)
1593 throws PKCS11Exception {
1594 return super.C_GetSessionInfo(hSession);
1595 }
1596
1597 public synchronized void C_Login(long hSession, long userType, char[] pPin)
1598 throws PKCS11Exception {
1599 super.C_Login(hSession, userType, pPin);
1600 }
1601
1602 public synchronized void C_Logout(long hSession) throws PKCS11Exception {
1603 super.C_Logout(hSession);
1604 }
1605
1606 public synchronized long C_CreateObject(long hSession,
1607 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1608 return super.C_CreateObject(hSession, pTemplate);
1609 }
1610
1611 public synchronized long C_CopyObject(long hSession, long hObject,
1612 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1613 return super.C_CopyObject(hSession, hObject, pTemplate);
1614 }
1615
1616 public synchronized void C_DestroyObject(long hSession, long hObject)
1617 throws PKCS11Exception {
1618 super.C_DestroyObject(hSession, hObject);
1619 }
1620
1621 public synchronized void C_GetAttributeValue(long hSession, long hObject,
1622 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1623 super.C_GetAttributeValue(hSession, hObject, pTemplate);
1624 }
1625
1626 public synchronized void C_SetAttributeValue(long hSession, long hObject,
1627 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1628 super.C_SetAttributeValue(hSession, hObject, pTemplate);
1629 }
1630
1631 public synchronized void C_FindObjectsInit(long hSession,
1632 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1633 super.C_FindObjectsInit(hSession, pTemplate);
1634 }
1635
1636 public synchronized long[] C_FindObjects(long hSession,
1637 long ulMaxObjectCount) throws PKCS11Exception {
1638 return super.C_FindObjects(hSession, ulMaxObjectCount);
1639 }
1640
1641 public synchronized void C_FindObjectsFinal(long hSession)
1642 throws PKCS11Exception {
1643 super.C_FindObjectsFinal(hSession);
1644 }
1645
1646 public synchronized void C_EncryptInit(long hSession,
1647 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1648 super.C_EncryptInit(hSession, pMechanism, hKey);
1649 }
1650
1651 public synchronized int C_Encrypt(long hSession, byte[] in, int inOfs,
1652 int inLen, byte[] out, int outOfs, int outLen)
1653 throws PKCS11Exception {
1654 return super.C_Encrypt(hSession, in, inOfs, inLen, out, outOfs, outLen);
1655 }
1656
1657 public synchronized int C_EncryptUpdate(long hSession, long directIn,
1658 byte[] in, int inOfs, int inLen, long directOut, byte[] out,
1659 int outOfs, int outLen) throws PKCS11Exception {
1660 return super.C_EncryptUpdate(hSession, directIn, in, inOfs, inLen,
1661 directOut, out, outOfs, outLen);
1662 }
1663
1664 public synchronized int C_EncryptFinal(long hSession, long directOut,
1665 byte[] out, int outOfs, int outLen) throws PKCS11Exception {
1666 return super.C_EncryptFinal(hSession, directOut, out, outOfs, outLen);
1667 }
1668
1669 public synchronized void C_DecryptInit(long hSession,
1670 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1671 super.C_DecryptInit(hSession, pMechanism, hKey);
1672 }
1673
1674 public synchronized int C_Decrypt(long hSession, byte[] in, int inOfs,
1675 int inLen, byte[] out, int outOfs, int outLen)
1676 throws PKCS11Exception {
1677 return super.C_Decrypt(hSession, in, inOfs, inLen, out, outOfs, outLen);
1678 }
1679
1680 public synchronized int C_DecryptUpdate(long hSession, long directIn,
1681 byte[] in, int inOfs, int inLen, long directOut, byte[] out,
1682 int outOfs, int outLen) throws PKCS11Exception {
1683 return super.C_DecryptUpdate(hSession, directIn, in, inOfs, inLen,
1684 directOut, out, outOfs, outLen);
1685 }
1686
1687 public synchronized int C_DecryptFinal(long hSession, long directOut,
1688 byte[] out, int outOfs, int outLen) throws PKCS11Exception {
1689 return super.C_DecryptFinal(hSession, directOut, out, outOfs, outLen);
1690 }
1691
1692 public synchronized void C_DigestInit(long hSession, CK_MECHANISM pMechanism)
1693 throws PKCS11Exception {
1694 super.C_DigestInit(hSession, pMechanism);
1695 }
1696
1697 public synchronized int C_DigestSingle(long hSession,
1698 CK_MECHANISM pMechanism, byte[] in, int inOfs, int inLen,
1699 byte[] digest, int digestOfs, int digestLen) throws PKCS11Exception {
1700 return super.C_DigestSingle(hSession, pMechanism, in, inOfs, inLen,
1701 digest, digestOfs, digestLen);
1702 }
1703
1704 public synchronized void C_DigestUpdate(long hSession, long directIn,
1705 byte[] in, int inOfs, int inLen) throws PKCS11Exception {
1706 super.C_DigestUpdate(hSession, directIn, in, inOfs, inLen);
1707 }
1708
1709 public synchronized void C_DigestKey(long hSession, long hKey)
1710 throws PKCS11Exception {
1711 super.C_DigestKey(hSession, hKey);
1712 }
1713
1714 public synchronized int C_DigestFinal(long hSession, byte[] pDigest,
1715 int digestOfs, int digestLen) throws PKCS11Exception {
1716 return super.C_DigestFinal(hSession, pDigest, digestOfs, digestLen);
1717 }
1718
1719 public synchronized void C_SignInit(long hSession, CK_MECHANISM pMechanism,
1720 long hKey) throws PKCS11Exception {
1721 super.C_SignInit(hSession, pMechanism, hKey);
1722 }
1723
1724 public synchronized byte[] C_Sign(long hSession, byte[] pData)
1725 throws PKCS11Exception {
1726 return super.C_Sign(hSession, pData);
1727 }
1728
1729 public synchronized void C_SignUpdate(long hSession, long directIn,
1730 byte[] in, int inOfs, int inLen) throws PKCS11Exception {
1731 super.C_SignUpdate(hSession, directIn, in, inOfs, inLen);
1732 }
1733
1734 public synchronized byte[] C_SignFinal(long hSession, int expectedLen)
1735 throws PKCS11Exception {
1736 return super.C_SignFinal(hSession, expectedLen);
1737 }
1738
1739 public synchronized void C_SignRecoverInit(long hSession,
1740 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1741 super.C_SignRecoverInit(hSession, pMechanism, hKey);
1742 }
1743
1744 public synchronized int C_SignRecover(long hSession, byte[] in, int inOfs,
1745 int inLen, byte[] out, int outOufs, int outLen)
1746 throws PKCS11Exception {
1747 return super.C_SignRecover(hSession, in, inOfs, inLen, out, outOufs,
1748 outLen);
1749 }
1750
1751 public synchronized void C_VerifyInit(long hSession, CK_MECHANISM pMechanism,
1752 long hKey) throws PKCS11Exception {
1753 super.C_VerifyInit(hSession, pMechanism, hKey);
1754 }
1755
1756 public synchronized void C_Verify(long hSession, byte[] pData,
1757 byte[] pSignature) throws PKCS11Exception {
1758 super.C_Verify(hSession, pData, pSignature);
1759 }
1760
1761 public synchronized void C_VerifyUpdate(long hSession, long directIn,
1762 byte[] in, int inOfs, int inLen) throws PKCS11Exception {
1763 super.C_VerifyUpdate(hSession, directIn, in, inOfs, inLen);
1764 }
1765
1766 public synchronized void C_VerifyFinal(long hSession, byte[] pSignature)
1767 throws PKCS11Exception {
1768 super.C_VerifyFinal(hSession, pSignature);
1769 }
1770
1771 public synchronized void C_VerifyRecoverInit(long hSession,
1772 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1773 super.C_VerifyRecoverInit(hSession, pMechanism, hKey);
1774 }
1775
1776 public synchronized int C_VerifyRecover(long hSession, byte[] in, int inOfs,
1777 int inLen, byte[] out, int outOufs, int outLen)
1778 throws PKCS11Exception {
1779 return super.C_VerifyRecover(hSession, in, inOfs, inLen, out, outOufs,
1780 outLen);
1781 }
1782
1783 public synchronized long C_GenerateKey(long hSession,
1784 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pTemplate)
1785 throws PKCS11Exception {
1786 return super.C_GenerateKey(hSession, pMechanism, pTemplate);
1787 }
1788
1789 public synchronized long[] C_GenerateKeyPair(long hSession,
1790 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate,
1791 CK_ATTRIBUTE[] pPrivateKeyTemplate)
1792 throws PKCS11Exception {
1793 return super.C_GenerateKeyPair(hSession, pMechanism, pPublicKeyTemplate,
1794 pPrivateKeyTemplate);
1795 }
1796
1797 public synchronized byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism,
1798 long hWrappingKey, long hKey) throws PKCS11Exception {
1799 return super.C_WrapKey(hSession, pMechanism, hWrappingKey, hKey);
1800 }
1801
1802 public synchronized long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism,
1803 long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate)
1804 throws PKCS11Exception {
1805 return super.C_UnwrapKey(hSession, pMechanism, hUnwrappingKey,
1806 pWrappedKey, pTemplate);
1807 }
1808
1809 public synchronized long C_DeriveKey(long hSession, CK_MECHANISM pMechanism,
1810 long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1811 return super.C_DeriveKey(hSession, pMechanism, hBaseKey, pTemplate);
1812 }
1813
1814 public synchronized void C_SeedRandom(long hSession, byte[] pSeed)
1815 throws PKCS11Exception {
1816 super.C_SeedRandom(hSession, pSeed);
1817 }
1818
1819 public synchronized void C_GenerateRandom(long hSession, byte[] randomData)
1820 throws PKCS11Exception {
1821 super.C_GenerateRandom(hSession, randomData);
1822 }
1823 }
1824 }