1 /* 2 * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. 3 */ 4 5 /* Copyright (c) 2002 Graz University of Technology. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright notice, 11 * this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright notice, 14 * this list of conditions and the following disclaimer in the documentation 15 * and/or other materials provided with the distribution. 16 * 17 * 3. The end-user documentation included with the redistribution, if any, must 18 * include the following acknowledgment: 19 * 20 * "This product includes software developed by IAIK of Graz University of 21 * Technology." 22 * 23 * Alternately, this acknowledgment may appear in the software itself, if 24 * and wherever such third-party acknowledgments normally appear. 25 * 26 * 4. The names "Graz University of Technology" and "IAIK of Graz University of 27 * Technology" must not be used to endorse or promote products derived from 28 * this software without prior written permission. 29 * 30 * 5. Products derived from this software may not be called 31 * "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior 32 * written permission of Graz University of Technology. 33 * 34 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED 35 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 36 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE 38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, 41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 45 * POSSIBILITY OF SUCH DAMAGE. 46 */ 47 48 package sun.security.pkcs11.wrapper; 49 50 import java.io.File; 51 import java.io.IOException; 52 import java.util.*; 53 54 import java.security.AccessController; 55 import java.security.PrivilegedAction; 56 57 import static sun.security.pkcs11.wrapper.PKCS11Constants.*; 58 59 /** 60 * This is the default implementation of the PKCS11 interface. IT connects to 61 * the pkcs11wrapper.dll file, which is the native part of this library. 62 * The strange and awkward looking initialization was chosen to avoid calling 63 * loadLibrary from a static initialization block, because this would complicate 64 * the use in applets. 65 * 66 * @author Karl Scheibelhofer <Karl.Scheibelhofer@iaik.at> 67 * @author Martin Schlaeffer <schlaeff@sbox.tugraz.at> 68 * @invariants (pkcs11ModulePath_ <> null) 69 */ 70 public class PKCS11 { 71 72 /** 73 * The name of the native part of the wrapper; i.e. the filename without 74 * the extension (e.g. ".DLL" or ".so"). 75 */ 76 private static final String PKCS11_WRAPPER = "j2pkcs11"; 77 78 static { 79 // cannot use LoadLibraryAction because that would make the native 80 // library available to the bootclassloader, but we run in the 81 // extension classloader. 82 AccessController.doPrivileged(new PrivilegedAction<Object>() { 83 public Object run() { 84 System.loadLibrary(PKCS11_WRAPPER); 85 return null; 86 } 87 }); 88 initializeLibrary(); 89 } 90 91 public static void loadNative() { 92 // dummy method that can be called to make sure the native 93 // portion has been loaded. actual loading happens in the 94 // static initializer, hence this method is empty. 95 } 96 97 /** 98 * The PKCS#11 module to connect to. This is the PKCS#11 driver of the token; 99 * e.g. pk2priv.dll. 100 */ 101 private final String pkcs11ModulePath; 102 103 private long pNativeData; 104 105 /** 106 * This method does the initialization of the native library. It is called 107 * exactly once for this class. 108 * 109 * @preconditions 110 * @postconditions 111 */ 112 private static native void initializeLibrary(); 113 114 // XXX 115 /** 116 * This method does the finalization of the native library. It is called 117 * exactly once for this class. The library uses this method for a clean-up 118 * of any resources. 119 * 120 * @preconditions 121 * @postconditions 122 */ 123 private static native void finalizeLibrary(); 124 125 private static final Map<String,PKCS11> moduleMap = 126 new HashMap<String,PKCS11>(); 127 128 /** 129 * Connects to the PKCS#11 driver given. The filename must contain the 130 * path, if the driver is not in the system's search path. 131 * 132 * @param pkcs11ModulePath the PKCS#11 library path 133 * @preconditions (pkcs11ModulePath <> null) 134 * @postconditions 135 */ 136 PKCS11(String pkcs11ModulePath, String functionListName) 137 throws IOException { 138 connect(pkcs11ModulePath, functionListName); 139 this.pkcs11ModulePath = pkcs11ModulePath; 140 } 141 142 public static synchronized PKCS11 getInstance(String pkcs11ModulePath, 143 String functionList, CK_C_INITIALIZE_ARGS pInitArgs, 144 boolean omitInitialize) throws IOException, PKCS11Exception { 145 // we may only call C_Initialize once per native .so/.dll 146 // so keep a cache using the (non-canonicalized!) path 147 PKCS11 pkcs11 = moduleMap.get(pkcs11ModulePath); 148 if (pkcs11 == null) { 149 if ((pInitArgs != null) 150 && ((pInitArgs.flags & CKF_OS_LOCKING_OK) != 0)) { 151 pkcs11 = new PKCS11(pkcs11ModulePath, functionList); 152 } else { 153 pkcs11 = new SynchronizedPKCS11(pkcs11ModulePath, functionList); 154 } 155 if (omitInitialize == false) { 156 try { 157 pkcs11.C_Initialize(pInitArgs); 158 } catch (PKCS11Exception e) { 159 // ignore already-initialized error code 160 // rethrow all other errors 161 if (e.getErrorCode() != CKR_CRYPTOKI_ALREADY_INITIALIZED) { 162 throw e; 163 } 164 } 165 } 166 moduleMap.put(pkcs11ModulePath, pkcs11); 167 } 168 return pkcs11; 169 } 170 171 /** 172 * Connects this object to the specified PKCS#11 library. This method is for 173 * internal use only. 174 * Declared private, because incorrect handling may result in errors in the 175 * native part. 176 * 177 * @param pkcs11ModulePath The PKCS#11 library path. 178 * @preconditions (pkcs11ModulePath <> null) 179 * @postconditions 180 */ 181 private native void connect(String pkcs11ModulePath, String functionListName) 182 throws IOException; 183 184 /** 185 * Disconnects the PKCS#11 library from this object. After calling this 186 * method, this object is no longer connected to a native PKCS#11 module 187 * and any subsequent calls to C_ methods will fail. This method is for 188 * internal use only. 189 * Declared private, because incorrect handling may result in errors in the 190 * native part. 191 * 192 * @preconditions 193 * @postconditions 194 */ 195 private native void disconnect(); 196 197 198 // Implementation of PKCS11 methods delegated to native pkcs11wrapper library 199 200 /* ***************************************************************************** 201 * General-purpose 202 ******************************************************************************/ 203 204 /** 205 * C_Initialize initializes the Cryptoki library. 206 * (General-purpose) 207 * 208 * @param pInitArgs if pInitArgs is not NULL it gets casted to 209 * CK_C_INITIALIZE_ARGS_PTR and dereferenced 210 * (PKCS#11 param: CK_VOID_PTR pInitArgs) 211 * @exception PKCS11Exception If function returns other value than CKR_OK. 212 * @preconditions 213 * @postconditions 214 */ 215 native void C_Initialize(Object pInitArgs) throws PKCS11Exception; 216 217 /** 218 * C_Finalize indicates that an application is done with the 219 * Cryptoki library 220 * (General-purpose) 221 * 222 * @param pReserved is reserved. Should be NULL_PTR 223 * (PKCS#11 param: CK_VOID_PTR pReserved) 224 * @exception PKCS11Exception If function returns other value than CKR_OK. 225 * @preconditions (pReserved == null) 226 * @postconditions 227 */ 228 public native void C_Finalize(Object pReserved) throws PKCS11Exception; 229 230 231 /** 232 * C_GetInfo returns general information about Cryptoki. 233 * (General-purpose) 234 * 235 * @return the information. 236 * (PKCS#11 param: CK_INFO_PTR pInfo) 237 * @exception PKCS11Exception If function returns other value than CKR_OK. 238 * @preconditions 239 * @postconditions (result <> null) 240 */ 241 public native CK_INFO C_GetInfo() throws PKCS11Exception; 242 243 244 /* ***************************************************************************** 245 * Slot and token management 246 ******************************************************************************/ 247 248 /** 249 * C_GetSlotList obtains a list of slots in the system. 250 * (Slot and token management) 251 * 252 * @param tokenPresent if true only Slot IDs with a token are returned 253 * (PKCS#11 param: CK_BBOOL tokenPresent) 254 * @return a long array of slot IDs and number of Slot IDs 255 * (PKCS#11 param: CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) 256 * @exception PKCS11Exception If function returns other value than CKR_OK. 257 * @preconditions 258 * @postconditions (result <> null) 259 */ 260 public native long[] C_GetSlotList(boolean tokenPresent) 261 throws PKCS11Exception; 262 263 264 /** 265 * C_GetSlotInfo obtains information about a particular slot in 266 * the system. 267 * (Slot and token management) 268 * 269 * @param slotID the ID of the slot 270 * (PKCS#11 param: CK_SLOT_ID slotID) 271 * @return the slot information 272 * (PKCS#11 param: CK_SLOT_INFO_PTR pInfo) 273 * @exception PKCS11Exception If function returns other value than CKR_OK. 274 * @preconditions 275 * @postconditions (result <> null) 276 */ 277 public native CK_SLOT_INFO C_GetSlotInfo(long slotID) throws PKCS11Exception; 278 279 280 /** 281 * C_GetTokenInfo obtains information about a particular token 282 * in the system. 283 * (Slot and token management) 284 * 285 * @param slotID ID of the token's slot 286 * (PKCS#11 param: CK_SLOT_ID slotID) 287 * @return the token information 288 * (PKCS#11 param: CK_TOKEN_INFO_PTR pInfo) 289 * @exception PKCS11Exception If function returns other value than CKR_OK. 290 * @preconditions 291 * @postconditions (result <> null) 292 */ 293 public native CK_TOKEN_INFO C_GetTokenInfo(long slotID) 294 throws PKCS11Exception; 295 296 297 /** 298 * C_GetMechanismList obtains a list of mechanism types 299 * supported by a token. 300 * (Slot and token management) 301 * 302 * @param slotID ID of the token's slot 303 * (PKCS#11 param: CK_SLOT_ID slotID) 304 * @return a long array of mechanism types and number of mechanism types 305 * (PKCS#11 param: CK_MECHANISM_TYPE_PTR pMechanismList, 306 * CK_ULONG_PTR pulCount) 307 * @exception PKCS11Exception If function returns other value than CKR_OK. 308 * @preconditions 309 * @postconditions (result <> null) 310 */ 311 public native long[] C_GetMechanismList(long slotID) throws PKCS11Exception; 312 313 314 /** 315 * C_GetMechanismInfo obtains information about a particular 316 * mechanism possibly supported by a token. 317 * (Slot and token management) 318 * 319 * @param slotID ID of the token's slot 320 * (PKCS#11 param: CK_SLOT_ID slotID) 321 * @param type type of mechanism 322 * (PKCS#11 param: CK_MECHANISM_TYPE type) 323 * @return the mechanism info 324 * (PKCS#11 param: CK_MECHANISM_INFO_PTR pInfo) 325 * @exception PKCS11Exception If function returns other value than CKR_OK. 326 * @preconditions 327 * @postconditions (result <> null) 328 */ 329 public native CK_MECHANISM_INFO C_GetMechanismInfo(long slotID, long type) 330 throws PKCS11Exception; 331 332 333 /** 334 * C_InitToken initializes a token. 335 * (Slot and token management) 336 * 337 * @param slotID ID of the token's slot 338 * (PKCS#11 param: CK_SLOT_ID slotID) 339 * @param pPin the SO's initial PIN and the length in bytes of the PIN 340 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen) 341 * @param pLabel 32-byte token label (blank padded) 342 * (PKCS#11 param: CK_UTF8CHAR_PTR pLabel) 343 * @exception PKCS11Exception If function returns other value than CKR_OK. 344 * @preconditions 345 * @postconditions 346 */ 347 // public native void C_InitToken(long slotID, char[] pPin, char[] pLabel) 348 // throws PKCS11Exception; 349 350 351 /** 352 * C_InitPIN initializes the normal user's PIN. 353 * (Slot and token management) 354 * 355 * @param hSession the session's handle 356 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 357 * @param pPin the normal user's PIN and the length in bytes of the PIN 358 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen) 359 * @exception PKCS11Exception If function returns other value than CKR_OK. 360 * @preconditions 361 * @postconditions 362 */ 363 // public native void C_InitPIN(long hSession, char[] pPin) 364 // throws PKCS11Exception; 365 366 367 /** 368 * C_SetPIN modifies the PIN of the user who is logged in. 369 * (Slot and token management) 370 * 371 * @param hSession the session's handle 372 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 373 * @param pOldPin the old PIN and the length of the old PIN 374 * (PKCS#11 param: CK_CHAR_PTR pOldPin, CK_ULONG ulOldLen) 375 * @param pNewPin the new PIN and the length of the new PIN 376 * (PKCS#11 param: CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen) 377 * @exception PKCS11Exception If function returns other value than CKR_OK. 378 * @preconditions 379 * @postconditions 380 */ 381 // public native void C_SetPIN(long hSession, char[] pOldPin, char[] pNewPin) 382 // throws PKCS11Exception; 383 384 385 386 /* ***************************************************************************** 387 * Session management 388 ******************************************************************************/ 389 390 /** 391 * C_OpenSession opens a session between an application and a 392 * token. 393 * (Session management) 394 * 395 * @param slotID the slot's ID 396 * (PKCS#11 param: CK_SLOT_ID slotID) 397 * @param flags of CK_SESSION_INFO 398 * (PKCS#11 param: CK_FLAGS flags) 399 * @param pApplication passed to callback 400 * (PKCS#11 param: CK_VOID_PTR pApplication) 401 * @param Notify the callback function 402 * (PKCS#11 param: CK_NOTIFY Notify) 403 * @return the session handle 404 * (PKCS#11 param: CK_SESSION_HANDLE_PTR phSession) 405 * @exception PKCS11Exception If function returns other value than CKR_OK. 406 * @preconditions 407 * @postconditions 408 */ 409 public native long C_OpenSession(long slotID, long flags, 410 Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception; 411 412 413 /** 414 * C_CloseSession closes a session between an application and a 415 * token. 416 * (Session management) 417 * 418 * @param hSession the session's handle 419 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 420 * @exception PKCS11Exception If function returns other value than CKR_OK. 421 * @preconditions 422 * @postconditions 423 */ 424 public native void C_CloseSession(long hSession) throws PKCS11Exception; 425 426 427 /** 428 * C_CloseAllSessions closes all sessions with a token. 429 * (Session management) 430 * 431 * @param slotID the ID of the token's slot 432 * (PKCS#11 param: CK_SLOT_ID slotID) 433 * @exception PKCS11Exception If function returns other value than CKR_OK. 434 * @preconditions 435 * @postconditions 436 */ 437 // public native void C_CloseAllSessions(long slotID) throws PKCS11Exception; 438 439 440 /** 441 * C_GetSessionInfo obtains information about the session. 442 * (Session management) 443 * 444 * @param hSession the session's handle 445 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 446 * @return the session info 447 * (PKCS#11 param: CK_SESSION_INFO_PTR pInfo) 448 * @exception PKCS11Exception If function returns other value than CKR_OK. 449 * @preconditions 450 * @postconditions (result <> null) 451 */ 452 public native CK_SESSION_INFO C_GetSessionInfo(long hSession) 453 throws PKCS11Exception; 454 455 456 /** 457 * C_GetOperationState obtains the state of the cryptographic operation 458 * in a session. 459 * (Session management) 460 * 461 * @param hSession session's handle 462 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 463 * @return the state and the state length 464 * (PKCS#11 param: CK_BYTE_PTR pOperationState, 465 * CK_ULONG_PTR pulOperationStateLen) 466 * @exception PKCS11Exception If function returns other value than CKR_OK. 467 * @preconditions 468 * @postconditions (result <> null) 469 */ 470 public native byte[] C_GetOperationState(long hSession) 471 throws PKCS11Exception; 472 473 474 /** 475 * C_SetOperationState restores the state of the cryptographic 476 * operation in a session. 477 * (Session management) 478 * 479 * @param hSession session's handle 480 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 481 * @param pOperationState the state and the state length 482 * (PKCS#11 param: CK_BYTE_PTR pOperationState, 483 * CK_ULONG ulOperationStateLen) 484 * @param hEncryptionKey en/decryption key 485 * (PKCS#11 param: CK_OBJECT_HANDLE hEncryptionKey) 486 * @param hAuthenticationKey sign/verify key 487 * (PKCS#11 param: CK_OBJECT_HANDLE hAuthenticationKey) 488 * @exception PKCS11Exception If function returns other value than CKR_OK. 489 * @preconditions 490 * @postconditions 491 */ 492 public native void C_SetOperationState(long hSession, byte[] pOperationState, 493 long hEncryptionKey, long hAuthenticationKey) throws PKCS11Exception; 494 495 496 /** 497 * C_Login logs a user into a token. 498 * (Session management) 499 * 500 * @param hSession the session's handle 501 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 502 * @param userType the user type 503 * (PKCS#11 param: CK_USER_TYPE userType) 504 * @param pPin the user's PIN and the length of the PIN 505 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen) 506 * @exception PKCS11Exception If function returns other value than CKR_OK. 507 * @preconditions 508 * @postconditions 509 */ 510 public native void C_Login(long hSession, long userType, char[] pPin) 511 throws PKCS11Exception; 512 513 514 /** 515 * C_Logout logs a user out from a token. 516 * (Session management) 517 * 518 * @param hSession the session's handle 519 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 520 * @exception PKCS11Exception If function returns other value than CKR_OK. 521 * @preconditions 522 * @postconditions 523 */ 524 public native void C_Logout(long hSession) throws PKCS11Exception; 525 526 527 528 /* ***************************************************************************** 529 * Object management 530 ******************************************************************************/ 531 532 /** 533 * C_CreateObject creates a new object. 534 * (Object management) 535 * 536 * @param hSession the session's handle 537 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 538 * @param pTemplate the object's template and number of attributes in 539 * template 540 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 541 * @return the object's handle 542 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phObject) 543 * @exception PKCS11Exception If function returns other value than CKR_OK. 544 * @preconditions 545 * @postconditions 546 */ 547 public native long C_CreateObject(long hSession, CK_ATTRIBUTE[] pTemplate) 548 throws PKCS11Exception; 549 550 551 /** 552 * C_CopyObject copies an object, creating a new object for the 553 * copy. 554 * (Object management) 555 * 556 * @param hSession the session's handle 557 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 558 * @param hObject the object's handle 559 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 560 * @param pTemplate the template for the new object and number of attributes 561 * in template 562 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 563 * @return the handle of the copy 564 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phNewObject) 565 * @exception PKCS11Exception If function returns other value than CKR_OK. 566 * @preconditions 567 * @postconditions 568 */ 569 public native long C_CopyObject(long hSession, long hObject, 570 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 571 572 573 /** 574 * C_DestroyObject destroys an object. 575 * (Object management) 576 * 577 * @param hSession the session's handle 578 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 579 * @param hObject the object's handle 580 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 581 * @exception PKCS11Exception If function returns other value than CKR_OK. 582 * @preconditions 583 * @postconditions 584 */ 585 public native void C_DestroyObject(long hSession, long hObject) 586 throws PKCS11Exception; 587 588 589 /** 590 * C_GetObjectSize gets the size of an object in bytes. 591 * (Object management) 592 * 593 * @param hSession the session's handle 594 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 595 * @param hObject the object's handle 596 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 597 * @return the size of the object 598 * (PKCS#11 param: CK_ULONG_PTR pulSize) 599 * @exception PKCS11Exception If function returns other value than CKR_OK. 600 * @preconditions 601 * @postconditions 602 */ 603 // public native long C_GetObjectSize(long hSession, long hObject) 604 // throws PKCS11Exception; 605 606 607 /** 608 * C_GetAttributeValue obtains the value of one or more object 609 * attributes. The template attributes also receive the values. 610 * (Object management) 611 * note: in PKCS#11 pTemplate and the result template are the same 612 * 613 * @param hSession the session's handle 614 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 615 * @param hObject the object's handle 616 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 617 * @param pTemplate specifies the attributes and number of attributes to get 618 * The template attributes also receive the values. 619 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 620 * @exception PKCS11Exception If function returns other value than CKR_OK. 621 * @preconditions (pTemplate <> null) 622 * @postconditions (result <> null) 623 */ 624 public native void C_GetAttributeValue(long hSession, long hObject, 625 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 626 627 628 /** 629 * C_SetAttributeValue modifies the value of one or more object 630 * attributes 631 * (Object management) 632 * 633 * @param hSession the session's handle 634 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 635 * @param hObject the object's handle 636 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 637 * @param pTemplate specifies the attributes and values to get; number of 638 * attributes in the template 639 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 640 * @exception PKCS11Exception If function returns other value than CKR_OK. 641 * @preconditions (pTemplate <> null) 642 * @postconditions 643 */ 644 public native void C_SetAttributeValue(long hSession, long hObject, 645 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 646 647 648 /** 649 * C_FindObjectsInit initializes a search for token and session 650 * objects that match a template. 651 * (Object management) 652 * 653 * @param hSession the session's handle 654 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 655 * @param pTemplate the object's attribute values to match and the number of 656 * attributes in search template 657 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 658 * @exception PKCS11Exception If function returns other value than CKR_OK. 659 * @preconditions 660 * @postconditions 661 */ 662 public native void C_FindObjectsInit(long hSession, CK_ATTRIBUTE[] pTemplate) 663 throws PKCS11Exception; 664 665 666 /** 667 * C_FindObjects continues a search for token and session 668 * objects that match a template, obtaining additional object 669 * handles. 670 * (Object management) 671 * 672 * @param hSession the session's handle 673 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 674 * @param ulMaxObjectCount the max. object handles to get 675 * (PKCS#11 param: CK_ULONG ulMaxObjectCount) 676 * @return the object's handles and the actual number of objects returned 677 * (PKCS#11 param: CK_ULONG_PTR pulObjectCount) 678 * @exception PKCS11Exception If function returns other value than CKR_OK. 679 * @preconditions 680 * @postconditions (result <> null) 681 */ 682 public native long[] C_FindObjects(long hSession, long ulMaxObjectCount) 683 throws PKCS11Exception; 684 685 686 /** 687 * C_FindObjectsFinal finishes a search for token and session 688 * objects. 689 * (Object management) 690 * 691 * @param hSession the session's handle 692 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 693 * @exception PKCS11Exception If function returns other value than CKR_OK. 694 * @preconditions 695 * @postconditions 696 */ 697 public native void C_FindObjectsFinal(long hSession) throws PKCS11Exception; 698 699 700 701 /* ***************************************************************************** 702 * Encryption and decryption 703 ******************************************************************************/ 704 705 /** 706 * C_EncryptInit initializes an encryption operation. 707 * (Encryption and decryption) 708 * 709 * @param hSession the session's handle 710 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 711 * @param pMechanism the encryption mechanism 712 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 713 * @param hKey the handle of the encryption key 714 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 715 * @exception PKCS11Exception If function returns other value than CKR_OK. 716 * @preconditions 717 * @postconditions 718 */ 719 public native void C_EncryptInit(long hSession, CK_MECHANISM pMechanism, 720 long hKey) throws PKCS11Exception; 721 722 723 /** 724 * C_Encrypt encrypts single-part data. 725 * (Encryption and decryption) 726 * 727 * @param hSession the session's handle 728 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 729 * @param pData the data to get encrypted and the data's length 730 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 731 * @return the encrypted data and the encrypted data's length 732 * (PKCS#11 param: CK_BYTE_PTR pEncryptedData, 733 * CK_ULONG_PTR pulEncryptedDataLen) 734 * @exception PKCS11Exception If function returns other value than CKR_OK. 735 * @preconditions (pData <> null) 736 * @postconditions (result <> null) 737 */ 738 public native int C_Encrypt(long hSession, byte[] in, int inOfs, int inLen, 739 byte[] out, int outOfs, int outLen) throws PKCS11Exception; 740 741 742 /** 743 * C_EncryptUpdate continues a multiple-part encryption 744 * operation. 745 * (Encryption and decryption) 746 * 747 * @param hSession the session's handle 748 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 749 * @param pPart the data part to get encrypted and the data part's length 750 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 751 * @return the encrypted data part and the encrypted data part's length 752 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 753 CK_ULONG_PTR pulEncryptedPartLen) 754 * @exception PKCS11Exception If function returns other value than CKR_OK. 755 * @preconditions (pPart <> null) 756 * @postconditions 757 */ 758 public native int C_EncryptUpdate(long hSession, long directIn, byte[] in, 759 int inOfs, int inLen, long directOut, byte[] out, int outOfs, 760 int outLen) throws PKCS11Exception; 761 762 763 /** 764 * C_EncryptFinal finishes a multiple-part encryption 765 * operation. 766 * (Encryption and decryption) 767 * 768 * @param hSession the session's handle 769 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 770 * @return the last encrypted data part and the last data part's length 771 * (PKCS#11 param: CK_BYTE_PTR pLastEncryptedPart, 772 CK_ULONG_PTR pulLastEncryptedPartLen) 773 * @exception PKCS11Exception If function returns other value than CKR_OK. 774 * @preconditions 775 * @postconditions (result <> null) 776 */ 777 public native int C_EncryptFinal(long hSession, long directOut, byte[] out, 778 int outOfs, int outLen) throws PKCS11Exception; 779 780 781 /** 782 * C_DecryptInit initializes a decryption operation. 783 * (Encryption and decryption) 784 * 785 * @param hSession the session's handle 786 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 787 * @param pMechanism the decryption mechanism 788 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 789 * @param hKey the handle of the decryption key 790 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 791 * @exception PKCS11Exception If function returns other value than CKR_OK. 792 * @preconditions 793 * @postconditions 794 */ 795 public native void C_DecryptInit(long hSession, CK_MECHANISM pMechanism, 796 long hKey) throws PKCS11Exception; 797 798 799 /** 800 * C_Decrypt decrypts encrypted data in a single part. 801 * (Encryption and decryption) 802 * 803 * @param hSession the session's handle 804 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 805 * @param pEncryptedData the encrypted data to get decrypted and the 806 * encrypted data's length 807 * (PKCS#11 param: CK_BYTE_PTR pEncryptedData, 808 * CK_ULONG ulEncryptedDataLen) 809 * @return the decrypted data and the data's length 810 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) 811 * @exception PKCS11Exception If function returns other value than CKR_OK. 812 * @preconditions (pEncryptedPart <> null) 813 * @postconditions (result <> null) 814 */ 815 public native int C_Decrypt(long hSession, byte[] in, int inOfs, int inLen, 816 byte[] out, int outOfs, int outLen) throws PKCS11Exception; 817 818 819 /** 820 * C_DecryptUpdate continues a multiple-part decryption 821 * operation. 822 * (Encryption and decryption) 823 * 824 * @param hSession the session's handle 825 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 826 * @param pEncryptedPart the encrypted data part to get decrypted and the 827 * encrypted data part's length 828 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 829 * CK_ULONG ulEncryptedPartLen) 830 * @return the decrypted data part and the data part's length 831 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) 832 * @exception PKCS11Exception If function returns other value than CKR_OK. 833 * @preconditions (pEncryptedPart <> null) 834 * @postconditions 835 */ 836 public native int C_DecryptUpdate(long hSession, long directIn, byte[] in, 837 int inOfs, int inLen, long directOut, byte[] out, int outOfs, 838 int outLen) throws PKCS11Exception; 839 840 841 /** 842 * C_DecryptFinal finishes a multiple-part decryption 843 * operation. 844 * (Encryption and decryption) 845 * 846 * @param hSession the session's handle 847 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 848 * @return the last decrypted data part and the last data part's length 849 * (PKCS#11 param: CK_BYTE_PTR pLastPart, 850 * CK_ULONG_PTR pulLastPartLen) 851 * @exception PKCS11Exception If function returns other value than CKR_OK. 852 * @preconditions 853 * @postconditions (result <> null) 854 */ 855 public native int C_DecryptFinal(long hSession, long directOut, byte[] out, 856 int outOfs, int outLen) throws PKCS11Exception; 857 858 859 860 /* ***************************************************************************** 861 * Message digesting 862 ******************************************************************************/ 863 864 /** 865 * C_DigestInit initializes a message-digesting operation. 866 * (Message digesting) 867 * 868 * @param hSession the session's handle 869 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 870 * @param pMechanism the digesting mechanism 871 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 872 * @exception PKCS11Exception If function returns other value than CKR_OK. 873 * @preconditions 874 * @postconditions 875 */ 876 public native void C_DigestInit(long hSession, CK_MECHANISM pMechanism) 877 throws PKCS11Exception; 878 879 880 // note that C_DigestSingle does not exist in PKCS#11 881 // we combined the C_DigestInit and C_Digest into a single function 882 // to save on Java<->C transitions and save 5-10% on small digests 883 // this made the C_Digest method redundant, it has been removed 884 /** 885 * C_Digest digests data in a single part. 886 * (Message digesting) 887 * 888 * @param hSession the session's handle 889 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 890 * @param data the data to get digested and the data's length 891 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 892 * @return the message digest and the length of the message digest 893 * (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) 894 * @exception PKCS11Exception If function returns other value than CKR_OK. 895 * @preconditions (data <> null) 896 * @postconditions (result <> null) 897 */ 898 public native int C_DigestSingle(long hSession, CK_MECHANISM pMechanism, 899 byte[] in, int inOfs, int inLen, byte[] digest, int digestOfs, 900 int digestLen) throws PKCS11Exception; 901 902 903 /** 904 * C_DigestUpdate continues a multiple-part message-digesting 905 * operation. 906 * (Message digesting) 907 * 908 * @param hSession the session's handle 909 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 910 * @param pPart the data to get digested and the data's length 911 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 912 * @exception PKCS11Exception If function returns other value than CKR_OK. 913 * @preconditions (pPart <> null) 914 * @postconditions 915 */ 916 public native void C_DigestUpdate(long hSession, long directIn, byte[] in, 917 int inOfs, int inLen) throws PKCS11Exception; 918 919 920 /** 921 * C_DigestKey continues a multi-part message-digesting 922 * operation, by digesting the value of a secret key as part of 923 * the data already digested. 924 * (Message digesting) 925 * 926 * @param hSession the session's handle 927 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 928 * @param hKey the handle of the secret key to be digested 929 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 930 * @exception PKCS11Exception If function returns other value than CKR_OK. 931 * @preconditions 932 * @postconditions 933 */ 934 public native void C_DigestKey(long hSession, long hKey) 935 throws PKCS11Exception; 936 937 938 /** 939 * C_DigestFinal finishes a multiple-part message-digesting 940 * operation. 941 * (Message digesting) 942 * 943 * @param hSession the session's handle 944 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 945 * @return the message digest and the length of the message digest 946 * (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) 947 * @exception PKCS11Exception If function returns other value than CKR_OK. 948 * @preconditions 949 * @postconditions (result <> null) 950 */ 951 public native int C_DigestFinal(long hSession, byte[] pDigest, int digestOfs, 952 int digestLen) throws PKCS11Exception; 953 954 955 956 /* ***************************************************************************** 957 * Signing and MACing 958 ******************************************************************************/ 959 960 /** 961 * C_SignInit initializes a signature (private key encryption) 962 * operation, where the signature is (will be) an appendix to 963 * the data, and plaintext cannot be recovered from the 964 * signature. 965 * (Signing and MACing) 966 * 967 * @param hSession the session's handle 968 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 969 * @param pMechanism the signature mechanism 970 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 971 * @param hKey the handle of the signature key 972 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 973 * @exception PKCS11Exception If function returns other value than CKR_OK. 974 * @preconditions 975 * @postconditions 976 */ 977 public native void C_SignInit(long hSession, CK_MECHANISM pMechanism, 978 long hKey) throws PKCS11Exception; 979 980 981 /** 982 * C_Sign signs (encrypts with private key) data in a single 983 * part, where the signature is (will be) an appendix to the 984 * data, and plaintext cannot be recovered from the signature. 985 * (Signing and MACing) 986 * 987 * @param hSession the session's handle 988 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 989 * @param pData the data to sign and the data's length 990 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 991 * @return the signature and the signature's length 992 * (PKCS#11 param: CK_BYTE_PTR pSignature, 993 * CK_ULONG_PTR pulSignatureLen) 994 * @exception PKCS11Exception If function returns other value than CKR_OK. 995 * @preconditions (pData <> null) 996 * @postconditions (result <> null) 997 */ 998 public native byte[] C_Sign(long hSession, byte[] pData) 999 throws PKCS11Exception; 1000 1001 1002 /** 1003 * C_SignUpdate continues a multiple-part signature operation, 1004 * where the signature is (will be) an appendix to the data, 1005 * and plaintext cannot be recovered from the signature. 1006 * (Signing and MACing) 1007 * 1008 * @param hSession the session's handle 1009 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1010 * @param pPart the data part to sign and the data part's length 1011 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1012 * @exception PKCS11Exception If function returns other value than CKR_OK. 1013 * @preconditions (pPart <> null) 1014 * @postconditions 1015 */ 1016 public native void C_SignUpdate(long hSession, long directIn, byte[] in, 1017 int inOfs, int inLen) throws PKCS11Exception; 1018 1019 1020 /** 1021 * C_SignFinal finishes a multiple-part signature operation, 1022 * returning the signature. 1023 * (Signing and MACing) 1024 * 1025 * @param hSession the session's handle 1026 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1027 * @return the signature and the signature's length 1028 * (PKCS#11 param: CK_BYTE_PTR pSignature, 1029 * CK_ULONG_PTR pulSignatureLen) 1030 * @exception PKCS11Exception If function returns other value than CKR_OK. 1031 * @preconditions 1032 * @postconditions (result <> null) 1033 */ 1034 public native byte[] C_SignFinal(long hSession, int expectedLen) 1035 throws PKCS11Exception; 1036 1037 1038 /** 1039 * C_SignRecoverInit initializes a signature operation, where 1040 * the data can be recovered from the signature. 1041 * (Signing and MACing) 1042 * 1043 * @param hSession the session's handle 1044 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1045 * @param pMechanism the signature mechanism 1046 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1047 * @param hKey the handle of the signature key 1048 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1049 * @exception PKCS11Exception If function returns other value than CKR_OK. 1050 * @preconditions 1051 * @postconditions 1052 */ 1053 public native void C_SignRecoverInit(long hSession, CK_MECHANISM pMechanism, 1054 long hKey) throws PKCS11Exception; 1055 1056 1057 /** 1058 * C_SignRecover signs data in a single operation, where the 1059 * data can be recovered from the signature. 1060 * (Signing and MACing) 1061 * 1062 * @param hSession the session's handle 1063 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1064 * @param pData the data to sign and the data's length 1065 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 1066 * @return the signature and the signature's length 1067 * (PKCS#11 param: CK_BYTE_PTR pSignature, 1068 * CK_ULONG_PTR pulSignatureLen) 1069 * @exception PKCS11Exception If function returns other value than CKR_OK. 1070 * @preconditions (pData <> null) 1071 * @postconditions (result <> null) 1072 */ 1073 public native int C_SignRecover(long hSession, byte[] in, int inOfs, 1074 int inLen, byte[] out, int outOufs, int outLen) 1075 throws PKCS11Exception; 1076 1077 1078 1079 /* ***************************************************************************** 1080 * Verifying signatures and MACs 1081 ******************************************************************************/ 1082 1083 /** 1084 * C_VerifyInit initializes a verification operation, where the 1085 * signature is an appendix to the data, and plaintext cannot 1086 * cannot be recovered from the signature (e.g. DSA). 1087 * (Signing and MACing) 1088 * 1089 * @param hSession the session's handle 1090 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1091 * @param pMechanism the verification mechanism 1092 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1093 * @param hKey the handle of the verification key 1094 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1095 * @exception PKCS11Exception If function returns other value than CKR_OK. 1096 * @preconditions 1097 * @postconditions 1098 */ 1099 public native void C_VerifyInit(long hSession, CK_MECHANISM pMechanism, 1100 long hKey) throws PKCS11Exception; 1101 1102 1103 /** 1104 * C_Verify verifies a signature in a single-part operation, 1105 * where the signature is an appendix to the data, and plaintext 1106 * cannot be recovered from the signature. 1107 * (Signing and MACing) 1108 * 1109 * @param hSession the session's handle 1110 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1111 * @param pData the signed data and the signed data's length 1112 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 1113 * @param pSignature the signature to verify and the signature's length 1114 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) 1115 * @exception PKCS11Exception If function returns other value than CKR_OK. 1116 * @preconditions (pData <> null) and (pSignature <> null) 1117 * @postconditions 1118 */ 1119 public native void C_Verify(long hSession, byte[] pData, byte[] pSignature) 1120 throws PKCS11Exception; 1121 1122 1123 /** 1124 * C_VerifyUpdate continues a multiple-part verification 1125 * operation, where the signature is an appendix to the data, 1126 * and plaintext cannot be recovered from the signature. 1127 * (Signing and MACing) 1128 * 1129 * @param hSession the session's handle 1130 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1131 * @param pPart the signed data part and the signed data part's length 1132 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1133 * @exception PKCS11Exception If function returns other value than CKR_OK. 1134 * @preconditions (pPart <> null) 1135 * @postconditions 1136 */ 1137 public native void C_VerifyUpdate(long hSession, long directIn, byte[] in, 1138 int inOfs, int inLen) throws PKCS11Exception; 1139 1140 1141 /** 1142 * C_VerifyFinal finishes a multiple-part verification 1143 * operation, checking the signature. 1144 * (Signing and MACing) 1145 * 1146 * @param hSession the session's handle 1147 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1148 * @param pSignature the signature to verify and the signature's length 1149 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) 1150 * @exception PKCS11Exception If function returns other value than CKR_OK. 1151 * @preconditions (pSignature <> null) 1152 * @postconditions 1153 */ 1154 public native void C_VerifyFinal(long hSession, byte[] pSignature) 1155 throws PKCS11Exception; 1156 1157 1158 /** 1159 * C_VerifyRecoverInit initializes a signature verification 1160 * operation, where the data is recovered from the signature. 1161 * (Signing and MACing) 1162 * 1163 * @param hSession the session's handle 1164 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1165 * @param pMechanism the verification mechanism 1166 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1167 * @param hKey the handle of the verification key 1168 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1169 * @exception PKCS11Exception If function returns other value than CKR_OK. 1170 * @preconditions 1171 * @postconditions 1172 */ 1173 public native void C_VerifyRecoverInit(long hSession, 1174 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception; 1175 1176 1177 /** 1178 * C_VerifyRecover verifies a signature in a single-part 1179 * operation, where the data is recovered from the signature. 1180 * (Signing and MACing) 1181 * 1182 * @param hSession the session's handle 1183 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1184 * @param pSignature the signature to verify and the signature's length 1185 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) 1186 * @return the recovered data and the recovered data's length 1187 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) 1188 * @exception PKCS11Exception If function returns other value than CKR_OK. 1189 * @preconditions (pSignature <> null) 1190 * @postconditions (result <> null) 1191 */ 1192 public native int C_VerifyRecover(long hSession, byte[] in, int inOfs, 1193 int inLen, byte[] out, int outOufs, int outLen) 1194 throws PKCS11Exception; 1195 1196 1197 1198 /* ***************************************************************************** 1199 * Dual-function cryptographic operations 1200 ******************************************************************************/ 1201 1202 /** 1203 * C_DigestEncryptUpdate continues a multiple-part digesting 1204 * and encryption operation. 1205 * (Dual-function cryptographic operations) 1206 * 1207 * @param hSession the session's handle 1208 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1209 * @param pPart the data part to digest and to encrypt and the data's length 1210 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1211 * @return the digested and encrypted data part and the data part's length 1212 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1213 * CK_ULONG_PTR pulEncryptedPartLen) 1214 * @exception PKCS11Exception If function returns other value than CKR_OK. 1215 * @preconditions (pPart <> null) 1216 * @postconditions 1217 */ 1218 // public native byte[] C_DigestEncryptUpdate(long hSession, byte[] pPart) 1219 // throws PKCS11Exception; 1220 1221 1222 /** 1223 * C_DecryptDigestUpdate continues a multiple-part decryption and 1224 * digesting operation. 1225 * (Dual-function cryptographic operations) 1226 * 1227 * @param hSession the session's handle 1228 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1229 * @param pEncryptedPart the encrypted data part to decrypt and to digest 1230 * and encrypted data part's length 1231 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1232 * CK_ULONG ulEncryptedPartLen) 1233 * @return the decrypted and digested data part and the data part's length 1234 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) 1235 * @exception PKCS11Exception If function returns other value than CKR_OK. 1236 * @preconditions (pEncryptedPart <> null) 1237 * @postconditions 1238 */ 1239 // public native byte[] C_DecryptDigestUpdate(long hSession, 1240 // byte[] pEncryptedPart) throws PKCS11Exception; 1241 1242 1243 /** 1244 * C_SignEncryptUpdate continues a multiple-part signing and 1245 * encryption operation. 1246 * (Dual-function cryptographic operations) 1247 * 1248 * @param hSession the session's handle 1249 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1250 * @param pPart the data part to sign and to encrypt and the data part's 1251 * length 1252 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1253 * @return the signed and encrypted data part and the data part's length 1254 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1255 * CK_ULONG_PTR pulEncryptedPartLen) 1256 * @exception PKCS11Exception If function returns other value than CKR_OK. 1257 * @preconditions (pPart <> null) 1258 * @postconditions 1259 */ 1260 // public native byte[] C_SignEncryptUpdate(long hSession, byte[] pPart) 1261 // throws PKCS11Exception; 1262 1263 1264 /** 1265 * C_DecryptVerifyUpdate continues a multiple-part decryption and 1266 * verify operation. 1267 * (Dual-function cryptographic operations) 1268 * 1269 * @param hSession the session's handle 1270 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1271 * @param pEncryptedPart the encrypted data part to decrypt and to verify 1272 * and the data part's length 1273 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1274 * CK_ULONG ulEncryptedPartLen) 1275 * @return the decrypted and verified data part and the data part's length 1276 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) 1277 * @exception PKCS11Exception If function returns other value than CKR_OK. 1278 * @preconditions (pEncryptedPart <> null) 1279 * @postconditions 1280 */ 1281 // public native byte[] C_DecryptVerifyUpdate(long hSession, 1282 // byte[] pEncryptedPart) throws PKCS11Exception; 1283 1284 1285 1286 /* ***************************************************************************** 1287 * Key management 1288 ******************************************************************************/ 1289 1290 /** 1291 * C_GenerateKey generates a secret key, creating a new key 1292 * object. 1293 * (Key management) 1294 * 1295 * @param hSession the session's handle 1296 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1297 * @param pMechanism the key generation mechanism 1298 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1299 * @param pTemplate the template for the new key and the number of 1300 * attributes in the template 1301 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 1302 * @return the handle of the new key 1303 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey) 1304 * @exception PKCS11Exception If function returns other value than CKR_OK. 1305 * @preconditions 1306 * @postconditions 1307 */ 1308 public native long C_GenerateKey(long hSession, CK_MECHANISM pMechanism, 1309 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 1310 1311 1312 /** 1313 * C_GenerateKeyPair generates a public-key/private-key pair, 1314 * creating new key objects. 1315 * (Key management) 1316 * 1317 * @param hSession the session's handle 1318 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1319 * @param pMechanism the key generation mechanism 1320 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1321 * @param pPublicKeyTemplate the template for the new public key and the 1322 * number of attributes in the template 1323 * (PKCS#11 param: CK_ATTRIBUTE_PTR pPublicKeyTemplate, 1324 * CK_ULONG ulPublicKeyAttributeCount) 1325 * @param pPrivateKeyTemplate the template for the new private key and the 1326 * number of attributes in the template 1327 * (PKCS#11 param: CK_ATTRIBUTE_PTR pPrivateKeyTemplate 1328 * CK_ULONG ulPrivateKeyAttributeCount) 1329 * @return a long array with exactly two elements and the public key handle 1330 * as the first element and the private key handle as the second 1331 * element 1332 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phPublicKey, 1333 * CK_OBJECT_HANDLE_PTR phPrivateKey) 1334 * @exception PKCS11Exception If function returns other value than CKR_OK. 1335 * @preconditions (pMechanism <> null) 1336 * @postconditions (result <> null) and (result.length == 2) 1337 */ 1338 public native long[] C_GenerateKeyPair(long hSession, 1339 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate, 1340 CK_ATTRIBUTE[] pPrivateKeyTemplate) throws PKCS11Exception; 1341 1342 1343 1344 /** 1345 * C_WrapKey wraps (i.e., encrypts) a key. 1346 * (Key management) 1347 * 1348 * @param hSession the session's handle 1349 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1350 * @param pMechanism the wrapping mechanism 1351 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1352 * @param hWrappingKey the handle of the wrapping key 1353 * (PKCS#11 param: CK_OBJECT_HANDLE hWrappingKey) 1354 * @param hKey the handle of the key to be wrapped 1355 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1356 * @return the wrapped key and the length of the wrapped key 1357 * (PKCS#11 param: CK_BYTE_PTR pWrappedKey, 1358 * CK_ULONG_PTR pulWrappedKeyLen) 1359 * @exception PKCS11Exception If function returns other value than CKR_OK. 1360 * @preconditions 1361 * @postconditions (result <> null) 1362 */ 1363 public native byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism, 1364 long hWrappingKey, long hKey) throws PKCS11Exception; 1365 1366 1367 /** 1368 * C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new 1369 * key object. 1370 * (Key management) 1371 * 1372 * @param hSession the session's handle 1373 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1374 * @param pMechanism the unwrapping mechanism 1375 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1376 * @param hUnwrappingKey the handle of the unwrapping key 1377 * (PKCS#11 param: CK_OBJECT_HANDLE hUnwrappingKey) 1378 * @param pWrappedKey the wrapped key to unwrap and the wrapped key's length 1379 * (PKCS#11 param: CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen) 1380 * @param pTemplate the template for the new key and the number of 1381 * attributes in the template 1382 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 1383 * @return the handle of the unwrapped key 1384 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey) 1385 * @exception PKCS11Exception If function returns other value than CKR_OK. 1386 * @preconditions (pWrappedKey <> null) 1387 * @postconditions 1388 */ 1389 public native long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism, 1390 long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate) 1391 throws PKCS11Exception; 1392 1393 1394 /** 1395 * C_DeriveKey derives a key from a base key, creating a new key 1396 * object. 1397 * (Key management) 1398 * 1399 * @param hSession the session's handle 1400 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1401 * @param pMechanism the key derivation mechanism 1402 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1403 * @param hBaseKey the handle of the base key 1404 * (PKCS#11 param: CK_OBJECT_HANDLE hBaseKey) 1405 * @param pTemplate the template for the new key and the number of 1406 * attributes in the template 1407 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 1408 * @return the handle of the derived key 1409 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey) 1410 * @exception PKCS11Exception If function returns other value than CKR_OK. 1411 * @preconditions 1412 * @postconditions 1413 */ 1414 public native long C_DeriveKey(long hSession, CK_MECHANISM pMechanism, 1415 long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 1416 1417 1418 1419 /* ***************************************************************************** 1420 * Random number generation 1421 ******************************************************************************/ 1422 1423 /** 1424 * C_SeedRandom mixes additional seed material into the token's 1425 * random number generator. 1426 * (Random number generation) 1427 * 1428 * @param hSession the session's handle 1429 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1430 * @param pSeed the seed material and the seed material's length 1431 * (PKCS#11 param: CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen) 1432 * @exception PKCS11Exception If function returns other value than CKR_OK. 1433 * @preconditions (pSeed <> null) 1434 * @postconditions 1435 */ 1436 public native void C_SeedRandom(long hSession, byte[] pSeed) 1437 throws PKCS11Exception; 1438 1439 1440 /** 1441 * C_GenerateRandom generates random data. 1442 * (Random number generation) 1443 * 1444 * @param hSession the session's handle 1445 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1446 * @param RandomData receives the random data and the length of RandomData 1447 * is the length of random data to be generated 1448 * (PKCS#11 param: CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen) 1449 * @exception PKCS11Exception If function returns other value than CKR_OK. 1450 * @preconditions (randomData <> null) 1451 * @postconditions 1452 */ 1453 public native void C_GenerateRandom(long hSession, byte[] randomData) 1454 throws PKCS11Exception; 1455 1456 1457 1458 /* ***************************************************************************** 1459 * Parallel function management 1460 ******************************************************************************/ 1461 1462 /** 1463 * C_GetFunctionStatus is a legacy function; it obtains an 1464 * updated status of a function running in parallel with an 1465 * application. 1466 * (Parallel function management) 1467 * 1468 * @param hSession the session's handle 1469 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1470 * @exception PKCS11Exception If function returns other value than CKR_OK. 1471 * @preconditions 1472 * @postconditions 1473 */ 1474 // public native void C_GetFunctionStatus(long hSession) 1475 // throws PKCS11Exception; 1476 1477 1478 /** 1479 * C_CancelFunction is a legacy function; it cancels a function 1480 * running in parallel. 1481 * (Parallel function management) 1482 * 1483 * @param hSession the session's handle 1484 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1485 * @exception PKCS11Exception If function returns other value than CKR_OK. 1486 * @preconditions 1487 * @postconditions 1488 */ 1489 // public native void C_CancelFunction(long hSession) throws PKCS11Exception; 1490 1491 1492 1493 /* ***************************************************************************** 1494 * Functions added in for Cryptoki Version 2.01 or later 1495 ******************************************************************************/ 1496 1497 /** 1498 * C_WaitForSlotEvent waits for a slot event (token insertion, 1499 * removal, etc.) to occur. 1500 * (General-purpose) 1501 * 1502 * @param flags blocking/nonblocking flag 1503 * (PKCS#11 param: CK_FLAGS flags) 1504 * @param pReserved reserved. Should be null 1505 * (PKCS#11 param: CK_VOID_PTR pReserved) 1506 * @return the slot ID where the event occured 1507 * (PKCS#11 param: CK_SLOT_ID_PTR pSlot) 1508 * @exception PKCS11Exception If function returns other value than CKR_OK. 1509 * @preconditions (pRserved == null) 1510 * @postconditions 1511 */ 1512 // public native long C_WaitForSlotEvent(long flags, Object pRserved) 1513 // throws PKCS11Exception; 1514 1515 /** 1516 * Returns the string representation of this object. 1517 * 1518 * @return The string representation of object 1519 */ 1520 public String toString() { 1521 return "Module name: " + pkcs11ModulePath; 1522 } 1523 1524 /** 1525 * Calls disconnect() to cleanup the native part of the wrapper. Once this 1526 * method is called, this object cannot be used any longer. Any subsequent 1527 * call to a C_* method will result in a runtime exception. 1528 * 1529 * @exception Throwable If finalization fails. 1530 */ 1531 public void finalize() throws Throwable { 1532 disconnect(); 1533 } 1534 1535 // PKCS11 subclass that has all methods synchronized and delegating to the 1536 // parent. Used for tokens that only support single threaded access 1537 static class SynchronizedPKCS11 extends PKCS11 { 1538 1539 SynchronizedPKCS11(String pkcs11ModulePath, String functionListName) 1540 throws IOException { 1541 super(pkcs11ModulePath, functionListName); 1542 } 1543 1544 synchronized void C_Initialize(Object pInitArgs) throws PKCS11Exception { 1545 super.C_Initialize(pInitArgs); 1546 } 1547 1548 public synchronized void C_Finalize(Object pReserved) 1549 throws PKCS11Exception { 1550 super.C_Finalize(pReserved); 1551 } 1552 1553 public synchronized CK_INFO C_GetInfo() throws PKCS11Exception { 1554 return super.C_GetInfo(); 1555 } 1556 1557 public synchronized long[] C_GetSlotList(boolean tokenPresent) 1558 throws PKCS11Exception { 1559 return super.C_GetSlotList(tokenPresent); 1560 } 1561 1562 public synchronized CK_SLOT_INFO C_GetSlotInfo(long slotID) 1563 throws PKCS11Exception { 1564 return super.C_GetSlotInfo(slotID); 1565 } 1566 1567 public synchronized CK_TOKEN_INFO C_GetTokenInfo(long slotID) 1568 throws PKCS11Exception { 1569 return super.C_GetTokenInfo(slotID); 1570 } 1571 1572 public synchronized long[] C_GetMechanismList(long slotID) 1573 throws PKCS11Exception { 1574 return super.C_GetMechanismList(slotID); 1575 } 1576 1577 public synchronized CK_MECHANISM_INFO C_GetMechanismInfo(long slotID, 1578 long type) throws PKCS11Exception { 1579 return super.C_GetMechanismInfo(slotID, type); 1580 } 1581 1582 public synchronized long C_OpenSession(long slotID, long flags, 1583 Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception { 1584 return super.C_OpenSession(slotID, flags, pApplication, Notify); 1585 } 1586 1587 public synchronized void C_CloseSession(long hSession) 1588 throws PKCS11Exception { 1589 super.C_CloseSession(hSession); 1590 } 1591 1592 public synchronized CK_SESSION_INFO C_GetSessionInfo(long hSession) 1593 throws PKCS11Exception { 1594 return super.C_GetSessionInfo(hSession); 1595 } 1596 1597 public synchronized void C_Login(long hSession, long userType, char[] pPin) 1598 throws PKCS11Exception { 1599 super.C_Login(hSession, userType, pPin); 1600 } 1601 1602 public synchronized void C_Logout(long hSession) throws PKCS11Exception { 1603 super.C_Logout(hSession); 1604 } 1605 1606 public synchronized long C_CreateObject(long hSession, 1607 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1608 return super.C_CreateObject(hSession, pTemplate); 1609 } 1610 1611 public synchronized long C_CopyObject(long hSession, long hObject, 1612 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1613 return super.C_CopyObject(hSession, hObject, pTemplate); 1614 } 1615 1616 public synchronized void C_DestroyObject(long hSession, long hObject) 1617 throws PKCS11Exception { 1618 super.C_DestroyObject(hSession, hObject); 1619 } 1620 1621 public synchronized void C_GetAttributeValue(long hSession, long hObject, 1622 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1623 super.C_GetAttributeValue(hSession, hObject, pTemplate); 1624 } 1625 1626 public synchronized void C_SetAttributeValue(long hSession, long hObject, 1627 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1628 super.C_SetAttributeValue(hSession, hObject, pTemplate); 1629 } 1630 1631 public synchronized void C_FindObjectsInit(long hSession, 1632 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1633 super.C_FindObjectsInit(hSession, pTemplate); 1634 } 1635 1636 public synchronized long[] C_FindObjects(long hSession, 1637 long ulMaxObjectCount) throws PKCS11Exception { 1638 return super.C_FindObjects(hSession, ulMaxObjectCount); 1639 } 1640 1641 public synchronized void C_FindObjectsFinal(long hSession) 1642 throws PKCS11Exception { 1643 super.C_FindObjectsFinal(hSession); 1644 } 1645 1646 public synchronized void C_EncryptInit(long hSession, 1647 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1648 super.C_EncryptInit(hSession, pMechanism, hKey); 1649 } 1650 1651 public synchronized int C_Encrypt(long hSession, byte[] in, int inOfs, 1652 int inLen, byte[] out, int outOfs, int outLen) 1653 throws PKCS11Exception { 1654 return super.C_Encrypt(hSession, in, inOfs, inLen, out, outOfs, outLen); 1655 } 1656 1657 public synchronized int C_EncryptUpdate(long hSession, long directIn, 1658 byte[] in, int inOfs, int inLen, long directOut, byte[] out, 1659 int outOfs, int outLen) throws PKCS11Exception { 1660 return super.C_EncryptUpdate(hSession, directIn, in, inOfs, inLen, 1661 directOut, out, outOfs, outLen); 1662 } 1663 1664 public synchronized int C_EncryptFinal(long hSession, long directOut, 1665 byte[] out, int outOfs, int outLen) throws PKCS11Exception { 1666 return super.C_EncryptFinal(hSession, directOut, out, outOfs, outLen); 1667 } 1668 1669 public synchronized void C_DecryptInit(long hSession, 1670 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1671 super.C_DecryptInit(hSession, pMechanism, hKey); 1672 } 1673 1674 public synchronized int C_Decrypt(long hSession, byte[] in, int inOfs, 1675 int inLen, byte[] out, int outOfs, int outLen) 1676 throws PKCS11Exception { 1677 return super.C_Decrypt(hSession, in, inOfs, inLen, out, outOfs, outLen); 1678 } 1679 1680 public synchronized int C_DecryptUpdate(long hSession, long directIn, 1681 byte[] in, int inOfs, int inLen, long directOut, byte[] out, 1682 int outOfs, int outLen) throws PKCS11Exception { 1683 return super.C_DecryptUpdate(hSession, directIn, in, inOfs, inLen, 1684 directOut, out, outOfs, outLen); 1685 } 1686 1687 public synchronized int C_DecryptFinal(long hSession, long directOut, 1688 byte[] out, int outOfs, int outLen) throws PKCS11Exception { 1689 return super.C_DecryptFinal(hSession, directOut, out, outOfs, outLen); 1690 } 1691 1692 public synchronized void C_DigestInit(long hSession, CK_MECHANISM pMechanism) 1693 throws PKCS11Exception { 1694 super.C_DigestInit(hSession, pMechanism); 1695 } 1696 1697 public synchronized int C_DigestSingle(long hSession, 1698 CK_MECHANISM pMechanism, byte[] in, int inOfs, int inLen, 1699 byte[] digest, int digestOfs, int digestLen) throws PKCS11Exception { 1700 return super.C_DigestSingle(hSession, pMechanism, in, inOfs, inLen, 1701 digest, digestOfs, digestLen); 1702 } 1703 1704 public synchronized void C_DigestUpdate(long hSession, long directIn, 1705 byte[] in, int inOfs, int inLen) throws PKCS11Exception { 1706 super.C_DigestUpdate(hSession, directIn, in, inOfs, inLen); 1707 } 1708 1709 public synchronized void C_DigestKey(long hSession, long hKey) 1710 throws PKCS11Exception { 1711 super.C_DigestKey(hSession, hKey); 1712 } 1713 1714 public synchronized int C_DigestFinal(long hSession, byte[] pDigest, 1715 int digestOfs, int digestLen) throws PKCS11Exception { 1716 return super.C_DigestFinal(hSession, pDigest, digestOfs, digestLen); 1717 } 1718 1719 public synchronized void C_SignInit(long hSession, CK_MECHANISM pMechanism, 1720 long hKey) throws PKCS11Exception { 1721 super.C_SignInit(hSession, pMechanism, hKey); 1722 } 1723 1724 public synchronized byte[] C_Sign(long hSession, byte[] pData) 1725 throws PKCS11Exception { 1726 return super.C_Sign(hSession, pData); 1727 } 1728 1729 public synchronized void C_SignUpdate(long hSession, long directIn, 1730 byte[] in, int inOfs, int inLen) throws PKCS11Exception { 1731 super.C_SignUpdate(hSession, directIn, in, inOfs, inLen); 1732 } 1733 1734 public synchronized byte[] C_SignFinal(long hSession, int expectedLen) 1735 throws PKCS11Exception { 1736 return super.C_SignFinal(hSession, expectedLen); 1737 } 1738 1739 public synchronized void C_SignRecoverInit(long hSession, 1740 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1741 super.C_SignRecoverInit(hSession, pMechanism, hKey); 1742 } 1743 1744 public synchronized int C_SignRecover(long hSession, byte[] in, int inOfs, 1745 int inLen, byte[] out, int outOufs, int outLen) 1746 throws PKCS11Exception { 1747 return super.C_SignRecover(hSession, in, inOfs, inLen, out, outOufs, 1748 outLen); 1749 } 1750 1751 public synchronized void C_VerifyInit(long hSession, CK_MECHANISM pMechanism, 1752 long hKey) throws PKCS11Exception { 1753 super.C_VerifyInit(hSession, pMechanism, hKey); 1754 } 1755 1756 public synchronized void C_Verify(long hSession, byte[] pData, 1757 byte[] pSignature) throws PKCS11Exception { 1758 super.C_Verify(hSession, pData, pSignature); 1759 } 1760 1761 public synchronized void C_VerifyUpdate(long hSession, long directIn, 1762 byte[] in, int inOfs, int inLen) throws PKCS11Exception { 1763 super.C_VerifyUpdate(hSession, directIn, in, inOfs, inLen); 1764 } 1765 1766 public synchronized void C_VerifyFinal(long hSession, byte[] pSignature) 1767 throws PKCS11Exception { 1768 super.C_VerifyFinal(hSession, pSignature); 1769 } 1770 1771 public synchronized void C_VerifyRecoverInit(long hSession, 1772 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1773 super.C_VerifyRecoverInit(hSession, pMechanism, hKey); 1774 } 1775 1776 public synchronized int C_VerifyRecover(long hSession, byte[] in, int inOfs, 1777 int inLen, byte[] out, int outOufs, int outLen) 1778 throws PKCS11Exception { 1779 return super.C_VerifyRecover(hSession, in, inOfs, inLen, out, outOufs, 1780 outLen); 1781 } 1782 1783 public synchronized long C_GenerateKey(long hSession, 1784 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pTemplate) 1785 throws PKCS11Exception { 1786 return super.C_GenerateKey(hSession, pMechanism, pTemplate); 1787 } 1788 1789 public synchronized long[] C_GenerateKeyPair(long hSession, 1790 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate, 1791 CK_ATTRIBUTE[] pPrivateKeyTemplate) 1792 throws PKCS11Exception { 1793 return super.C_GenerateKeyPair(hSession, pMechanism, pPublicKeyTemplate, 1794 pPrivateKeyTemplate); 1795 } 1796 1797 public synchronized byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism, 1798 long hWrappingKey, long hKey) throws PKCS11Exception { 1799 return super.C_WrapKey(hSession, pMechanism, hWrappingKey, hKey); 1800 } 1801 1802 public synchronized long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism, 1803 long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate) 1804 throws PKCS11Exception { 1805 return super.C_UnwrapKey(hSession, pMechanism, hUnwrappingKey, 1806 pWrappedKey, pTemplate); 1807 } 1808 1809 public synchronized long C_DeriveKey(long hSession, CK_MECHANISM pMechanism, 1810 long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1811 return super.C_DeriveKey(hSession, pMechanism, hBaseKey, pTemplate); 1812 } 1813 1814 public synchronized void C_SeedRandom(long hSession, byte[] pSeed) 1815 throws PKCS11Exception { 1816 super.C_SeedRandom(hSession, pSeed); 1817 } 1818 1819 public synchronized void C_GenerateRandom(long hSession, byte[] randomData) 1820 throws PKCS11Exception { 1821 super.C_GenerateRandom(hSession, randomData); 1822 } 1823 } 1824 }