1 /* 2 * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved. 3 */ 4 5 /* Copyright (c) 2002 Graz University of Technology. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright notice, 11 * this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright notice, 14 * this list of conditions and the following disclaimer in the documentation 15 * and/or other materials provided with the distribution. 16 * 17 * 3. The end-user documentation included with the redistribution, if any, must 18 * include the following acknowledgment: 19 * 20 * "This product includes software developed by IAIK of Graz University of 21 * Technology." 22 * 23 * Alternately, this acknowledgment may appear in the software itself, if 24 * and wherever such third-party acknowledgments normally appear. 25 * 26 * 4. The names "Graz University of Technology" and "IAIK of Graz University of 27 * Technology" must not be used to endorse or promote products derived from 28 * this software without prior written permission. 29 * 30 * 5. Products derived from this software may not be called 31 * "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior 32 * written permission of Graz University of Technology. 33 * 34 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED 35 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 36 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE 38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, 41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 45 * POSSIBILITY OF SUCH DAMAGE. 46 */ 47 48 package sun.security.pkcs11.wrapper; 49 50 import java.io.File; 51 import java.io.IOException; 52 import java.util.*; 53 54 import java.security.AccessController; 55 import java.security.PrivilegedAction; 56 57 import sun.security.util.Debug; 58 59 import static sun.security.pkcs11.wrapper.PKCS11Constants.*; 60 61 /** 62 * This is the default implementation of the PKCS11 interface. IT connects to 63 * the pkcs11wrapper.dll file, which is the native part of this library. 64 * The strange and awkward looking initialization was chosen to avoid calling 65 * loadLibrary from a static initialization block, because this would complicate 66 * the use in applets. 67 * 68 * @author Karl Scheibelhofer <Karl.Scheibelhofer@iaik.at> 69 * @author Martin Schlaeffer <schlaeff@sbox.tugraz.at> 70 * @invariants (pkcs11ModulePath_ <> null) 71 */ 72 public class PKCS11 { 73 74 /** 75 * The name of the native part of the wrapper; i.e. the filename without 76 * the extension (e.g. ".DLL" or ".so"). 77 */ 78 private static final String PKCS11_WRAPPER = "j2pkcs11"; 79 80 static { 81 // cannot use LoadLibraryAction because that would make the native 82 // library available to the bootclassloader, but we run in the 83 // extension classloader. 84 AccessController.doPrivileged(new PrivilegedAction<Object>() { 85 public Object run() { 86 System.loadLibrary(PKCS11_WRAPPER); 87 return null; 88 } 89 }); 90 boolean enableDebug = Debug.getInstance("sunpkcs11") != null; 91 initializeLibrary(enableDebug); 92 } 93 94 public static void loadNative() { 95 // dummy method that can be called to make sure the native 96 // portion has been loaded. actual loading happens in the 97 // static initializer, hence this method is empty. 98 } 99 100 /** 101 * The PKCS#11 module to connect to. This is the PKCS#11 driver of the token; 102 * e.g. pk2priv.dll. 103 */ 104 private final String pkcs11ModulePath; 105 106 private long pNativeData; 107 108 /** 109 * This method does the initialization of the native library. It is called 110 * exactly once for this class. 111 * 112 * @preconditions 113 * @postconditions 114 */ 115 private static native void initializeLibrary(boolean debug); 116 117 // XXX 118 /** 119 * This method does the finalization of the native library. It is called 120 * exactly once for this class. The library uses this method for a clean-up 121 * of any resources. 122 * 123 * @preconditions 124 * @postconditions 125 */ 126 private static native void finalizeLibrary(); 127 128 private static final Map<String,PKCS11> moduleMap = 129 new HashMap<String,PKCS11>(); 130 131 /** 132 * Connects to the PKCS#11 driver given. The filename must contain the 133 * path, if the driver is not in the system's search path. 134 * 135 * @param pkcs11ModulePath the PKCS#11 library path 136 * @preconditions (pkcs11ModulePath <> null) 137 * @postconditions 138 */ 139 PKCS11(String pkcs11ModulePath, String functionListName) 140 throws IOException { 141 connect(pkcs11ModulePath, functionListName); 142 this.pkcs11ModulePath = pkcs11ModulePath; 143 } 144 145 public static synchronized PKCS11 getInstance(String pkcs11ModulePath, 146 String functionList, CK_C_INITIALIZE_ARGS pInitArgs, 147 boolean omitInitialize) throws IOException, PKCS11Exception { 148 // we may only call C_Initialize once per native .so/.dll 149 // so keep a cache using the (non-canonicalized!) path 150 PKCS11 pkcs11 = moduleMap.get(pkcs11ModulePath); 151 if (pkcs11 == null) { 152 if ((pInitArgs != null) 153 && ((pInitArgs.flags & CKF_OS_LOCKING_OK) != 0)) { 154 pkcs11 = new PKCS11(pkcs11ModulePath, functionList); 155 } else { 156 pkcs11 = new SynchronizedPKCS11(pkcs11ModulePath, functionList); 157 } 158 if (omitInitialize == false) { 159 try { 160 pkcs11.C_Initialize(pInitArgs); 161 } catch (PKCS11Exception e) { 162 // ignore already-initialized error code 163 // rethrow all other errors 164 if (e.getErrorCode() != CKR_CRYPTOKI_ALREADY_INITIALIZED) { 165 throw e; 166 } 167 } 168 } 169 moduleMap.put(pkcs11ModulePath, pkcs11); 170 } 171 return pkcs11; 172 } 173 174 /** 175 * Connects this object to the specified PKCS#11 library. This method is for 176 * internal use only. 177 * Declared private, because incorrect handling may result in errors in the 178 * native part. 179 * 180 * @param pkcs11ModulePath The PKCS#11 library path. 181 * @preconditions (pkcs11ModulePath <> null) 182 * @postconditions 183 */ 184 private native void connect(String pkcs11ModulePath, String functionListName) 185 throws IOException; 186 187 /** 188 * Disconnects the PKCS#11 library from this object. After calling this 189 * method, this object is no longer connected to a native PKCS#11 module 190 * and any subsequent calls to C_ methods will fail. This method is for 191 * internal use only. 192 * Declared private, because incorrect handling may result in errors in the 193 * native part. 194 * 195 * @preconditions 196 * @postconditions 197 */ 198 private native void disconnect(); 199 200 201 // Implementation of PKCS11 methods delegated to native pkcs11wrapper library 202 203 /* ***************************************************************************** 204 * General-purpose 205 ******************************************************************************/ 206 207 /** 208 * C_Initialize initializes the Cryptoki library. 209 * (General-purpose) 210 * 211 * @param pInitArgs if pInitArgs is not NULL it gets casted to 212 * CK_C_INITIALIZE_ARGS_PTR and dereferenced 213 * (PKCS#11 param: CK_VOID_PTR pInitArgs) 214 * @exception PKCS11Exception If function returns other value than CKR_OK. 215 * @preconditions 216 * @postconditions 217 */ 218 native void C_Initialize(Object pInitArgs) throws PKCS11Exception; 219 220 /** 221 * C_Finalize indicates that an application is done with the 222 * Cryptoki library 223 * (General-purpose) 224 * 225 * @param pReserved is reserved. Should be NULL_PTR 226 * (PKCS#11 param: CK_VOID_PTR pReserved) 227 * @exception PKCS11Exception If function returns other value than CKR_OK. 228 * @preconditions (pReserved == null) 229 * @postconditions 230 */ 231 public native void C_Finalize(Object pReserved) throws PKCS11Exception; 232 233 234 /** 235 * C_GetInfo returns general information about Cryptoki. 236 * (General-purpose) 237 * 238 * @return the information. 239 * (PKCS#11 param: CK_INFO_PTR pInfo) 240 * @exception PKCS11Exception If function returns other value than CKR_OK. 241 * @preconditions 242 * @postconditions (result <> null) 243 */ 244 public native CK_INFO C_GetInfo() throws PKCS11Exception; 245 246 247 /* ***************************************************************************** 248 * Slot and token management 249 ******************************************************************************/ 250 251 /** 252 * C_GetSlotList obtains a list of slots in the system. 253 * (Slot and token management) 254 * 255 * @param tokenPresent if true only Slot IDs with a token are returned 256 * (PKCS#11 param: CK_BBOOL tokenPresent) 257 * @return a long array of slot IDs and number of Slot IDs 258 * (PKCS#11 param: CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) 259 * @exception PKCS11Exception If function returns other value than CKR_OK. 260 * @preconditions 261 * @postconditions (result <> null) 262 */ 263 public native long[] C_GetSlotList(boolean tokenPresent) 264 throws PKCS11Exception; 265 266 267 /** 268 * C_GetSlotInfo obtains information about a particular slot in 269 * the system. 270 * (Slot and token management) 271 * 272 * @param slotID the ID of the slot 273 * (PKCS#11 param: CK_SLOT_ID slotID) 274 * @return the slot information 275 * (PKCS#11 param: CK_SLOT_INFO_PTR pInfo) 276 * @exception PKCS11Exception If function returns other value than CKR_OK. 277 * @preconditions 278 * @postconditions (result <> null) 279 */ 280 public native CK_SLOT_INFO C_GetSlotInfo(long slotID) throws PKCS11Exception; 281 282 283 /** 284 * C_GetTokenInfo obtains information about a particular token 285 * in the system. 286 * (Slot and token management) 287 * 288 * @param slotID ID of the token's slot 289 * (PKCS#11 param: CK_SLOT_ID slotID) 290 * @return the token information 291 * (PKCS#11 param: CK_TOKEN_INFO_PTR pInfo) 292 * @exception PKCS11Exception If function returns other value than CKR_OK. 293 * @preconditions 294 * @postconditions (result <> null) 295 */ 296 public native CK_TOKEN_INFO C_GetTokenInfo(long slotID) 297 throws PKCS11Exception; 298 299 300 /** 301 * C_GetMechanismList obtains a list of mechanism types 302 * supported by a token. 303 * (Slot and token management) 304 * 305 * @param slotID ID of the token's slot 306 * (PKCS#11 param: CK_SLOT_ID slotID) 307 * @return a long array of mechanism types and number of mechanism types 308 * (PKCS#11 param: CK_MECHANISM_TYPE_PTR pMechanismList, 309 * CK_ULONG_PTR pulCount) 310 * @exception PKCS11Exception If function returns other value than CKR_OK. 311 * @preconditions 312 * @postconditions (result <> null) 313 */ 314 public native long[] C_GetMechanismList(long slotID) throws PKCS11Exception; 315 316 317 /** 318 * C_GetMechanismInfo obtains information about a particular 319 * mechanism possibly supported by a token. 320 * (Slot and token management) 321 * 322 * @param slotID ID of the token's slot 323 * (PKCS#11 param: CK_SLOT_ID slotID) 324 * @param type type of mechanism 325 * (PKCS#11 param: CK_MECHANISM_TYPE type) 326 * @return the mechanism info 327 * (PKCS#11 param: CK_MECHANISM_INFO_PTR pInfo) 328 * @exception PKCS11Exception If function returns other value than CKR_OK. 329 * @preconditions 330 * @postconditions (result <> null) 331 */ 332 public native CK_MECHANISM_INFO C_GetMechanismInfo(long slotID, long type) 333 throws PKCS11Exception; 334 335 336 /** 337 * C_InitToken initializes a token. 338 * (Slot and token management) 339 * 340 * @param slotID ID of the token's slot 341 * (PKCS#11 param: CK_SLOT_ID slotID) 342 * @param pPin the SO's initial PIN and the length in bytes of the PIN 343 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen) 344 * @param pLabel 32-byte token label (blank padded) 345 * (PKCS#11 param: CK_UTF8CHAR_PTR pLabel) 346 * @exception PKCS11Exception If function returns other value than CKR_OK. 347 * @preconditions 348 * @postconditions 349 */ 350 // public native void C_InitToken(long slotID, char[] pPin, char[] pLabel) 351 // throws PKCS11Exception; 352 353 354 /** 355 * C_InitPIN initializes the normal user's PIN. 356 * (Slot and token management) 357 * 358 * @param hSession the session's handle 359 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 360 * @param pPin the normal user's PIN and the length in bytes of the PIN 361 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen) 362 * @exception PKCS11Exception If function returns other value than CKR_OK. 363 * @preconditions 364 * @postconditions 365 */ 366 // public native void C_InitPIN(long hSession, char[] pPin) 367 // throws PKCS11Exception; 368 369 370 /** 371 * C_SetPIN modifies the PIN of the user who is logged in. 372 * (Slot and token management) 373 * 374 * @param hSession the session's handle 375 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 376 * @param pOldPin the old PIN and the length of the old PIN 377 * (PKCS#11 param: CK_CHAR_PTR pOldPin, CK_ULONG ulOldLen) 378 * @param pNewPin the new PIN and the length of the new PIN 379 * (PKCS#11 param: CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen) 380 * @exception PKCS11Exception If function returns other value than CKR_OK. 381 * @preconditions 382 * @postconditions 383 */ 384 // public native void C_SetPIN(long hSession, char[] pOldPin, char[] pNewPin) 385 // throws PKCS11Exception; 386 387 388 389 /* ***************************************************************************** 390 * Session management 391 ******************************************************************************/ 392 393 /** 394 * C_OpenSession opens a session between an application and a 395 * token. 396 * (Session management) 397 * 398 * @param slotID the slot's ID 399 * (PKCS#11 param: CK_SLOT_ID slotID) 400 * @param flags of CK_SESSION_INFO 401 * (PKCS#11 param: CK_FLAGS flags) 402 * @param pApplication passed to callback 403 * (PKCS#11 param: CK_VOID_PTR pApplication) 404 * @param Notify the callback function 405 * (PKCS#11 param: CK_NOTIFY Notify) 406 * @return the session handle 407 * (PKCS#11 param: CK_SESSION_HANDLE_PTR phSession) 408 * @exception PKCS11Exception If function returns other value than CKR_OK. 409 * @preconditions 410 * @postconditions 411 */ 412 public native long C_OpenSession(long slotID, long flags, 413 Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception; 414 415 416 /** 417 * C_CloseSession closes a session between an application and a 418 * token. 419 * (Session management) 420 * 421 * @param hSession the session's handle 422 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 423 * @exception PKCS11Exception If function returns other value than CKR_OK. 424 * @preconditions 425 * @postconditions 426 */ 427 public native void C_CloseSession(long hSession) throws PKCS11Exception; 428 429 430 /** 431 * C_CloseAllSessions closes all sessions with a token. 432 * (Session management) 433 * 434 * @param slotID the ID of the token's slot 435 * (PKCS#11 param: CK_SLOT_ID slotID) 436 * @exception PKCS11Exception If function returns other value than CKR_OK. 437 * @preconditions 438 * @postconditions 439 */ 440 // public native void C_CloseAllSessions(long slotID) throws PKCS11Exception; 441 442 443 /** 444 * C_GetSessionInfo obtains information about the session. 445 * (Session management) 446 * 447 * @param hSession the session's handle 448 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 449 * @return the session info 450 * (PKCS#11 param: CK_SESSION_INFO_PTR pInfo) 451 * @exception PKCS11Exception If function returns other value than CKR_OK. 452 * @preconditions 453 * @postconditions (result <> null) 454 */ 455 public native CK_SESSION_INFO C_GetSessionInfo(long hSession) 456 throws PKCS11Exception; 457 458 459 /** 460 * C_GetOperationState obtains the state of the cryptographic operation 461 * in a session. 462 * (Session management) 463 * 464 * @param hSession session's handle 465 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 466 * @return the state and the state length 467 * (PKCS#11 param: CK_BYTE_PTR pOperationState, 468 * CK_ULONG_PTR pulOperationStateLen) 469 * @exception PKCS11Exception If function returns other value than CKR_OK. 470 * @preconditions 471 * @postconditions (result <> null) 472 */ 473 public native byte[] C_GetOperationState(long hSession) 474 throws PKCS11Exception; 475 476 477 /** 478 * C_SetOperationState restores the state of the cryptographic 479 * operation in a session. 480 * (Session management) 481 * 482 * @param hSession session's handle 483 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 484 * @param pOperationState the state and the state length 485 * (PKCS#11 param: CK_BYTE_PTR pOperationState, 486 * CK_ULONG ulOperationStateLen) 487 * @param hEncryptionKey en/decryption key 488 * (PKCS#11 param: CK_OBJECT_HANDLE hEncryptionKey) 489 * @param hAuthenticationKey sign/verify key 490 * (PKCS#11 param: CK_OBJECT_HANDLE hAuthenticationKey) 491 * @exception PKCS11Exception If function returns other value than CKR_OK. 492 * @preconditions 493 * @postconditions 494 */ 495 public native void C_SetOperationState(long hSession, byte[] pOperationState, 496 long hEncryptionKey, long hAuthenticationKey) throws PKCS11Exception; 497 498 499 /** 500 * C_Login logs a user into a token. 501 * (Session management) 502 * 503 * @param hSession the session's handle 504 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 505 * @param userType the user type 506 * (PKCS#11 param: CK_USER_TYPE userType) 507 * @param pPin the user's PIN and the length of the PIN 508 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen) 509 * @exception PKCS11Exception If function returns other value than CKR_OK. 510 * @preconditions 511 * @postconditions 512 */ 513 public native void C_Login(long hSession, long userType, char[] pPin) 514 throws PKCS11Exception; 515 516 517 /** 518 * C_Logout logs a user out from a token. 519 * (Session management) 520 * 521 * @param hSession the session's handle 522 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 523 * @exception PKCS11Exception If function returns other value than CKR_OK. 524 * @preconditions 525 * @postconditions 526 */ 527 public native void C_Logout(long hSession) throws PKCS11Exception; 528 529 530 531 /* ***************************************************************************** 532 * Object management 533 ******************************************************************************/ 534 535 /** 536 * C_CreateObject creates a new object. 537 * (Object management) 538 * 539 * @param hSession the session's handle 540 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 541 * @param pTemplate the object's template and number of attributes in 542 * template 543 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 544 * @return the object's handle 545 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phObject) 546 * @exception PKCS11Exception If function returns other value than CKR_OK. 547 * @preconditions 548 * @postconditions 549 */ 550 public native long C_CreateObject(long hSession, CK_ATTRIBUTE[] pTemplate) 551 throws PKCS11Exception; 552 553 554 /** 555 * C_CopyObject copies an object, creating a new object for the 556 * copy. 557 * (Object management) 558 * 559 * @param hSession the session's handle 560 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 561 * @param hObject the object's handle 562 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 563 * @param pTemplate the template for the new object and number of attributes 564 * in template 565 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 566 * @return the handle of the copy 567 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phNewObject) 568 * @exception PKCS11Exception If function returns other value than CKR_OK. 569 * @preconditions 570 * @postconditions 571 */ 572 public native long C_CopyObject(long hSession, long hObject, 573 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 574 575 576 /** 577 * C_DestroyObject destroys an object. 578 * (Object management) 579 * 580 * @param hSession the session's handle 581 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 582 * @param hObject the object's handle 583 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 584 * @exception PKCS11Exception If function returns other value than CKR_OK. 585 * @preconditions 586 * @postconditions 587 */ 588 public native void C_DestroyObject(long hSession, long hObject) 589 throws PKCS11Exception; 590 591 592 /** 593 * C_GetObjectSize gets the size of an object in bytes. 594 * (Object management) 595 * 596 * @param hSession the session's handle 597 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 598 * @param hObject the object's handle 599 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 600 * @return the size of the object 601 * (PKCS#11 param: CK_ULONG_PTR pulSize) 602 * @exception PKCS11Exception If function returns other value than CKR_OK. 603 * @preconditions 604 * @postconditions 605 */ 606 // public native long C_GetObjectSize(long hSession, long hObject) 607 // throws PKCS11Exception; 608 609 610 /** 611 * C_GetAttributeValue obtains the value of one or more object 612 * attributes. The template attributes also receive the values. 613 * (Object management) 614 * note: in PKCS#11 pTemplate and the result template are the same 615 * 616 * @param hSession the session's handle 617 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 618 * @param hObject the object's handle 619 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 620 * @param pTemplate specifies the attributes and number of attributes to get 621 * The template attributes also receive the values. 622 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 623 * @exception PKCS11Exception If function returns other value than CKR_OK. 624 * @preconditions (pTemplate <> null) 625 * @postconditions (result <> null) 626 */ 627 public native void C_GetAttributeValue(long hSession, long hObject, 628 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 629 630 631 /** 632 * C_SetAttributeValue modifies the value of one or more object 633 * attributes 634 * (Object management) 635 * 636 * @param hSession the session's handle 637 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 638 * @param hObject the object's handle 639 * (PKCS#11 param: CK_OBJECT_HANDLE hObject) 640 * @param pTemplate specifies the attributes and values to get; number of 641 * attributes in the template 642 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 643 * @exception PKCS11Exception If function returns other value than CKR_OK. 644 * @preconditions (pTemplate <> null) 645 * @postconditions 646 */ 647 public native void C_SetAttributeValue(long hSession, long hObject, 648 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 649 650 651 /** 652 * C_FindObjectsInit initializes a search for token and session 653 * objects that match a template. 654 * (Object management) 655 * 656 * @param hSession the session's handle 657 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 658 * @param pTemplate the object's attribute values to match and the number of 659 * attributes in search template 660 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 661 * @exception PKCS11Exception If function returns other value than CKR_OK. 662 * @preconditions 663 * @postconditions 664 */ 665 public native void C_FindObjectsInit(long hSession, CK_ATTRIBUTE[] pTemplate) 666 throws PKCS11Exception; 667 668 669 /** 670 * C_FindObjects continues a search for token and session 671 * objects that match a template, obtaining additional object 672 * handles. 673 * (Object management) 674 * 675 * @param hSession the session's handle 676 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 677 * @param ulMaxObjectCount the max. object handles to get 678 * (PKCS#11 param: CK_ULONG ulMaxObjectCount) 679 * @return the object's handles and the actual number of objects returned 680 * (PKCS#11 param: CK_ULONG_PTR pulObjectCount) 681 * @exception PKCS11Exception If function returns other value than CKR_OK. 682 * @preconditions 683 * @postconditions (result <> null) 684 */ 685 public native long[] C_FindObjects(long hSession, long ulMaxObjectCount) 686 throws PKCS11Exception; 687 688 689 /** 690 * C_FindObjectsFinal finishes a search for token and session 691 * objects. 692 * (Object management) 693 * 694 * @param hSession the session's handle 695 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 696 * @exception PKCS11Exception If function returns other value than CKR_OK. 697 * @preconditions 698 * @postconditions 699 */ 700 public native void C_FindObjectsFinal(long hSession) throws PKCS11Exception; 701 702 703 704 /* ***************************************************************************** 705 * Encryption and decryption 706 ******************************************************************************/ 707 708 /** 709 * C_EncryptInit initializes an encryption operation. 710 * (Encryption and decryption) 711 * 712 * @param hSession the session's handle 713 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 714 * @param pMechanism the encryption mechanism 715 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 716 * @param hKey the handle of the encryption key 717 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 718 * @exception PKCS11Exception If function returns other value than CKR_OK. 719 * @preconditions 720 * @postconditions 721 */ 722 public native void C_EncryptInit(long hSession, CK_MECHANISM pMechanism, 723 long hKey) throws PKCS11Exception; 724 725 726 /** 727 * C_Encrypt encrypts single-part data. 728 * (Encryption and decryption) 729 * 730 * @param hSession the session's handle 731 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 732 * @param pData the data to get encrypted and the data's length 733 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 734 * @return the encrypted data and the encrypted data's length 735 * (PKCS#11 param: CK_BYTE_PTR pEncryptedData, 736 * CK_ULONG_PTR pulEncryptedDataLen) 737 * @exception PKCS11Exception If function returns other value than CKR_OK. 738 * @preconditions (pData <> null) 739 * @postconditions (result <> null) 740 */ 741 public native int C_Encrypt(long hSession, byte[] in, int inOfs, int inLen, 742 byte[] out, int outOfs, int outLen) throws PKCS11Exception; 743 744 745 /** 746 * C_EncryptUpdate continues a multiple-part encryption 747 * operation. 748 * (Encryption and decryption) 749 * 750 * @param hSession the session's handle 751 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 752 * @param pPart the data part to get encrypted and the data part's length 753 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 754 * @return the encrypted data part and the encrypted data part's length 755 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 756 CK_ULONG_PTR pulEncryptedPartLen) 757 * @exception PKCS11Exception If function returns other value than CKR_OK. 758 * @preconditions (pPart <> null) 759 * @postconditions 760 */ 761 public native int C_EncryptUpdate(long hSession, long directIn, byte[] in, 762 int inOfs, int inLen, long directOut, byte[] out, int outOfs, 763 int outLen) throws PKCS11Exception; 764 765 766 /** 767 * C_EncryptFinal finishes a multiple-part encryption 768 * operation. 769 * (Encryption and decryption) 770 * 771 * @param hSession the session's handle 772 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 773 * @return the last encrypted data part and the last data part's length 774 * (PKCS#11 param: CK_BYTE_PTR pLastEncryptedPart, 775 CK_ULONG_PTR pulLastEncryptedPartLen) 776 * @exception PKCS11Exception If function returns other value than CKR_OK. 777 * @preconditions 778 * @postconditions (result <> null) 779 */ 780 public native int C_EncryptFinal(long hSession, long directOut, byte[] out, 781 int outOfs, int outLen) throws PKCS11Exception; 782 783 784 /** 785 * C_DecryptInit initializes a decryption operation. 786 * (Encryption and decryption) 787 * 788 * @param hSession the session's handle 789 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 790 * @param pMechanism the decryption mechanism 791 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 792 * @param hKey the handle of the decryption key 793 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 794 * @exception PKCS11Exception If function returns other value than CKR_OK. 795 * @preconditions 796 * @postconditions 797 */ 798 public native void C_DecryptInit(long hSession, CK_MECHANISM pMechanism, 799 long hKey) throws PKCS11Exception; 800 801 802 /** 803 * C_Decrypt decrypts encrypted data in a single part. 804 * (Encryption and decryption) 805 * 806 * @param hSession the session's handle 807 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 808 * @param pEncryptedData the encrypted data to get decrypted and the 809 * encrypted data's length 810 * (PKCS#11 param: CK_BYTE_PTR pEncryptedData, 811 * CK_ULONG ulEncryptedDataLen) 812 * @return the decrypted data and the data's length 813 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) 814 * @exception PKCS11Exception If function returns other value than CKR_OK. 815 * @preconditions (pEncryptedPart <> null) 816 * @postconditions (result <> null) 817 */ 818 public native int C_Decrypt(long hSession, byte[] in, int inOfs, int inLen, 819 byte[] out, int outOfs, int outLen) throws PKCS11Exception; 820 821 822 /** 823 * C_DecryptUpdate continues a multiple-part decryption 824 * operation. 825 * (Encryption and decryption) 826 * 827 * @param hSession the session's handle 828 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 829 * @param pEncryptedPart the encrypted data part to get decrypted and the 830 * encrypted data part's length 831 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 832 * CK_ULONG ulEncryptedPartLen) 833 * @return the decrypted data part and the data part's length 834 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) 835 * @exception PKCS11Exception If function returns other value than CKR_OK. 836 * @preconditions (pEncryptedPart <> null) 837 * @postconditions 838 */ 839 public native int C_DecryptUpdate(long hSession, long directIn, byte[] in, 840 int inOfs, int inLen, long directOut, byte[] out, int outOfs, 841 int outLen) throws PKCS11Exception; 842 843 844 /** 845 * C_DecryptFinal finishes a multiple-part decryption 846 * operation. 847 * (Encryption and decryption) 848 * 849 * @param hSession the session's handle 850 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 851 * @return the last decrypted data part and the last data part's length 852 * (PKCS#11 param: CK_BYTE_PTR pLastPart, 853 * CK_ULONG_PTR pulLastPartLen) 854 * @exception PKCS11Exception If function returns other value than CKR_OK. 855 * @preconditions 856 * @postconditions (result <> null) 857 */ 858 public native int C_DecryptFinal(long hSession, long directOut, byte[] out, 859 int outOfs, int outLen) throws PKCS11Exception; 860 861 862 863 /* ***************************************************************************** 864 * Message digesting 865 ******************************************************************************/ 866 867 /** 868 * C_DigestInit initializes a message-digesting operation. 869 * (Message digesting) 870 * 871 * @param hSession the session's handle 872 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 873 * @param pMechanism the digesting mechanism 874 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 875 * @exception PKCS11Exception If function returns other value than CKR_OK. 876 * @preconditions 877 * @postconditions 878 */ 879 public native void C_DigestInit(long hSession, CK_MECHANISM pMechanism) 880 throws PKCS11Exception; 881 882 883 // note that C_DigestSingle does not exist in PKCS#11 884 // we combined the C_DigestInit and C_Digest into a single function 885 // to save on Java<->C transitions and save 5-10% on small digests 886 // this made the C_Digest method redundant, it has been removed 887 /** 888 * C_Digest digests data in a single part. 889 * (Message digesting) 890 * 891 * @param hSession the session's handle 892 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 893 * @param data the data to get digested and the data's length 894 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 895 * @return the message digest and the length of the message digest 896 * (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) 897 * @exception PKCS11Exception If function returns other value than CKR_OK. 898 * @preconditions (data <> null) 899 * @postconditions (result <> null) 900 */ 901 public native int C_DigestSingle(long hSession, CK_MECHANISM pMechanism, 902 byte[] in, int inOfs, int inLen, byte[] digest, int digestOfs, 903 int digestLen) throws PKCS11Exception; 904 905 906 /** 907 * C_DigestUpdate continues a multiple-part message-digesting 908 * operation. 909 * (Message digesting) 910 * 911 * @param hSession the session's handle 912 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 913 * @param pPart the data to get digested and the data's length 914 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 915 * @exception PKCS11Exception If function returns other value than CKR_OK. 916 * @preconditions (pPart <> null) 917 * @postconditions 918 */ 919 public native void C_DigestUpdate(long hSession, long directIn, byte[] in, 920 int inOfs, int inLen) throws PKCS11Exception; 921 922 923 /** 924 * C_DigestKey continues a multi-part message-digesting 925 * operation, by digesting the value of a secret key as part of 926 * the data already digested. 927 * (Message digesting) 928 * 929 * @param hSession the session's handle 930 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 931 * @param hKey the handle of the secret key to be digested 932 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 933 * @exception PKCS11Exception If function returns other value than CKR_OK. 934 * @preconditions 935 * @postconditions 936 */ 937 public native void C_DigestKey(long hSession, long hKey) 938 throws PKCS11Exception; 939 940 941 /** 942 * C_DigestFinal finishes a multiple-part message-digesting 943 * operation. 944 * (Message digesting) 945 * 946 * @param hSession the session's handle 947 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 948 * @return the message digest and the length of the message digest 949 * (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) 950 * @exception PKCS11Exception If function returns other value than CKR_OK. 951 * @preconditions 952 * @postconditions (result <> null) 953 */ 954 public native int C_DigestFinal(long hSession, byte[] pDigest, int digestOfs, 955 int digestLen) throws PKCS11Exception; 956 957 958 959 /* ***************************************************************************** 960 * Signing and MACing 961 ******************************************************************************/ 962 963 /** 964 * C_SignInit initializes a signature (private key encryption) 965 * operation, where the signature is (will be) an appendix to 966 * the data, and plaintext cannot be recovered from the 967 * signature. 968 * (Signing and MACing) 969 * 970 * @param hSession the session's handle 971 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 972 * @param pMechanism the signature mechanism 973 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 974 * @param hKey the handle of the signature key 975 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 976 * @exception PKCS11Exception If function returns other value than CKR_OK. 977 * @preconditions 978 * @postconditions 979 */ 980 public native void C_SignInit(long hSession, CK_MECHANISM pMechanism, 981 long hKey) throws PKCS11Exception; 982 983 984 /** 985 * C_Sign signs (encrypts with private key) data in a single 986 * part, where the signature is (will be) an appendix to the 987 * data, and plaintext cannot be recovered from the signature. 988 * (Signing and MACing) 989 * 990 * @param hSession the session's handle 991 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 992 * @param pData the data to sign and the data's length 993 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 994 * @return the signature and the signature's length 995 * (PKCS#11 param: CK_BYTE_PTR pSignature, 996 * CK_ULONG_PTR pulSignatureLen) 997 * @exception PKCS11Exception If function returns other value than CKR_OK. 998 * @preconditions (pData <> null) 999 * @postconditions (result <> null) 1000 */ 1001 public native byte[] C_Sign(long hSession, byte[] pData) 1002 throws PKCS11Exception; 1003 1004 1005 /** 1006 * C_SignUpdate continues a multiple-part signature operation, 1007 * where the signature is (will be) an appendix to the data, 1008 * and plaintext cannot be recovered from the signature. 1009 * (Signing and MACing) 1010 * 1011 * @param hSession the session's handle 1012 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1013 * @param pPart the data part to sign and the data part's length 1014 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1015 * @exception PKCS11Exception If function returns other value than CKR_OK. 1016 * @preconditions (pPart <> null) 1017 * @postconditions 1018 */ 1019 public native void C_SignUpdate(long hSession, long directIn, byte[] in, 1020 int inOfs, int inLen) throws PKCS11Exception; 1021 1022 1023 /** 1024 * C_SignFinal finishes a multiple-part signature operation, 1025 * returning the signature. 1026 * (Signing and MACing) 1027 * 1028 * @param hSession the session's handle 1029 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1030 * @return the signature and the signature's length 1031 * (PKCS#11 param: CK_BYTE_PTR pSignature, 1032 * CK_ULONG_PTR pulSignatureLen) 1033 * @exception PKCS11Exception If function returns other value than CKR_OK. 1034 * @preconditions 1035 * @postconditions (result <> null) 1036 */ 1037 public native byte[] C_SignFinal(long hSession, int expectedLen) 1038 throws PKCS11Exception; 1039 1040 1041 /** 1042 * C_SignRecoverInit initializes a signature operation, where 1043 * the data can be recovered from the signature. 1044 * (Signing and MACing) 1045 * 1046 * @param hSession the session's handle 1047 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1048 * @param pMechanism the signature mechanism 1049 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1050 * @param hKey the handle of the signature key 1051 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1052 * @exception PKCS11Exception If function returns other value than CKR_OK. 1053 * @preconditions 1054 * @postconditions 1055 */ 1056 public native void C_SignRecoverInit(long hSession, CK_MECHANISM pMechanism, 1057 long hKey) throws PKCS11Exception; 1058 1059 1060 /** 1061 * C_SignRecover signs data in a single operation, where the 1062 * data can be recovered from the signature. 1063 * (Signing and MACing) 1064 * 1065 * @param hSession the session's handle 1066 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1067 * @param pData the data to sign and the data's length 1068 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 1069 * @return the signature and the signature's length 1070 * (PKCS#11 param: CK_BYTE_PTR pSignature, 1071 * CK_ULONG_PTR pulSignatureLen) 1072 * @exception PKCS11Exception If function returns other value than CKR_OK. 1073 * @preconditions (pData <> null) 1074 * @postconditions (result <> null) 1075 */ 1076 public native int C_SignRecover(long hSession, byte[] in, int inOfs, 1077 int inLen, byte[] out, int outOufs, int outLen) 1078 throws PKCS11Exception; 1079 1080 1081 1082 /* ***************************************************************************** 1083 * Verifying signatures and MACs 1084 ******************************************************************************/ 1085 1086 /** 1087 * C_VerifyInit initializes a verification operation, where the 1088 * signature is an appendix to the data, and plaintext cannot 1089 * cannot be recovered from the signature (e.g. DSA). 1090 * (Signing and MACing) 1091 * 1092 * @param hSession the session's handle 1093 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1094 * @param pMechanism the verification mechanism 1095 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1096 * @param hKey the handle of the verification key 1097 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1098 * @exception PKCS11Exception If function returns other value than CKR_OK. 1099 * @preconditions 1100 * @postconditions 1101 */ 1102 public native void C_VerifyInit(long hSession, CK_MECHANISM pMechanism, 1103 long hKey) throws PKCS11Exception; 1104 1105 1106 /** 1107 * C_Verify verifies a signature in a single-part operation, 1108 * where the signature is an appendix to the data, and plaintext 1109 * cannot be recovered from the signature. 1110 * (Signing and MACing) 1111 * 1112 * @param hSession the session's handle 1113 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1114 * @param pData the signed data and the signed data's length 1115 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen) 1116 * @param pSignature the signature to verify and the signature's length 1117 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) 1118 * @exception PKCS11Exception If function returns other value than CKR_OK. 1119 * @preconditions (pData <> null) and (pSignature <> null) 1120 * @postconditions 1121 */ 1122 public native void C_Verify(long hSession, byte[] pData, byte[] pSignature) 1123 throws PKCS11Exception; 1124 1125 1126 /** 1127 * C_VerifyUpdate continues a multiple-part verification 1128 * operation, where the signature is an appendix to the data, 1129 * and plaintext cannot be recovered from the signature. 1130 * (Signing and MACing) 1131 * 1132 * @param hSession the session's handle 1133 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1134 * @param pPart the signed data part and the signed data part's length 1135 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1136 * @exception PKCS11Exception If function returns other value than CKR_OK. 1137 * @preconditions (pPart <> null) 1138 * @postconditions 1139 */ 1140 public native void C_VerifyUpdate(long hSession, long directIn, byte[] in, 1141 int inOfs, int inLen) throws PKCS11Exception; 1142 1143 1144 /** 1145 * C_VerifyFinal finishes a multiple-part verification 1146 * operation, checking the signature. 1147 * (Signing and MACing) 1148 * 1149 * @param hSession the session's handle 1150 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1151 * @param pSignature the signature to verify and the signature's length 1152 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) 1153 * @exception PKCS11Exception If function returns other value than CKR_OK. 1154 * @preconditions (pSignature <> null) 1155 * @postconditions 1156 */ 1157 public native void C_VerifyFinal(long hSession, byte[] pSignature) 1158 throws PKCS11Exception; 1159 1160 1161 /** 1162 * C_VerifyRecoverInit initializes a signature verification 1163 * operation, where the data is recovered from the signature. 1164 * (Signing and MACing) 1165 * 1166 * @param hSession the session's handle 1167 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1168 * @param pMechanism the verification mechanism 1169 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1170 * @param hKey the handle of the verification key 1171 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1172 * @exception PKCS11Exception If function returns other value than CKR_OK. 1173 * @preconditions 1174 * @postconditions 1175 */ 1176 public native void C_VerifyRecoverInit(long hSession, 1177 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception; 1178 1179 1180 /** 1181 * C_VerifyRecover verifies a signature in a single-part 1182 * operation, where the data is recovered from the signature. 1183 * (Signing and MACing) 1184 * 1185 * @param hSession the session's handle 1186 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1187 * @param pSignature the signature to verify and the signature's length 1188 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) 1189 * @return the recovered data and the recovered data's length 1190 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) 1191 * @exception PKCS11Exception If function returns other value than CKR_OK. 1192 * @preconditions (pSignature <> null) 1193 * @postconditions (result <> null) 1194 */ 1195 public native int C_VerifyRecover(long hSession, byte[] in, int inOfs, 1196 int inLen, byte[] out, int outOufs, int outLen) 1197 throws PKCS11Exception; 1198 1199 1200 1201 /* ***************************************************************************** 1202 * Dual-function cryptographic operations 1203 ******************************************************************************/ 1204 1205 /** 1206 * C_DigestEncryptUpdate continues a multiple-part digesting 1207 * and encryption operation. 1208 * (Dual-function cryptographic operations) 1209 * 1210 * @param hSession the session's handle 1211 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1212 * @param pPart the data part to digest and to encrypt and the data's length 1213 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1214 * @return the digested and encrypted data part and the data part's length 1215 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1216 * CK_ULONG_PTR pulEncryptedPartLen) 1217 * @exception PKCS11Exception If function returns other value than CKR_OK. 1218 * @preconditions (pPart <> null) 1219 * @postconditions 1220 */ 1221 // public native byte[] C_DigestEncryptUpdate(long hSession, byte[] pPart) 1222 // throws PKCS11Exception; 1223 1224 1225 /** 1226 * C_DecryptDigestUpdate continues a multiple-part decryption and 1227 * digesting operation. 1228 * (Dual-function cryptographic operations) 1229 * 1230 * @param hSession the session's handle 1231 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1232 * @param pEncryptedPart the encrypted data part to decrypt and to digest 1233 * and encrypted data part's length 1234 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1235 * CK_ULONG ulEncryptedPartLen) 1236 * @return the decrypted and digested data part and the data part's length 1237 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) 1238 * @exception PKCS11Exception If function returns other value than CKR_OK. 1239 * @preconditions (pEncryptedPart <> null) 1240 * @postconditions 1241 */ 1242 // public native byte[] C_DecryptDigestUpdate(long hSession, 1243 // byte[] pEncryptedPart) throws PKCS11Exception; 1244 1245 1246 /** 1247 * C_SignEncryptUpdate continues a multiple-part signing and 1248 * encryption operation. 1249 * (Dual-function cryptographic operations) 1250 * 1251 * @param hSession the session's handle 1252 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1253 * @param pPart the data part to sign and to encrypt and the data part's 1254 * length 1255 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen) 1256 * @return the signed and encrypted data part and the data part's length 1257 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1258 * CK_ULONG_PTR pulEncryptedPartLen) 1259 * @exception PKCS11Exception If function returns other value than CKR_OK. 1260 * @preconditions (pPart <> null) 1261 * @postconditions 1262 */ 1263 // public native byte[] C_SignEncryptUpdate(long hSession, byte[] pPart) 1264 // throws PKCS11Exception; 1265 1266 1267 /** 1268 * C_DecryptVerifyUpdate continues a multiple-part decryption and 1269 * verify operation. 1270 * (Dual-function cryptographic operations) 1271 * 1272 * @param hSession the session's handle 1273 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1274 * @param pEncryptedPart the encrypted data part to decrypt and to verify 1275 * and the data part's length 1276 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, 1277 * CK_ULONG ulEncryptedPartLen) 1278 * @return the decrypted and verified data part and the data part's length 1279 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) 1280 * @exception PKCS11Exception If function returns other value than CKR_OK. 1281 * @preconditions (pEncryptedPart <> null) 1282 * @postconditions 1283 */ 1284 // public native byte[] C_DecryptVerifyUpdate(long hSession, 1285 // byte[] pEncryptedPart) throws PKCS11Exception; 1286 1287 1288 1289 /* ***************************************************************************** 1290 * Key management 1291 ******************************************************************************/ 1292 1293 /** 1294 * C_GenerateKey generates a secret key, creating a new key 1295 * object. 1296 * (Key management) 1297 * 1298 * @param hSession the session's handle 1299 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1300 * @param pMechanism the key generation mechanism 1301 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1302 * @param pTemplate the template for the new key and the number of 1303 * attributes in the template 1304 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 1305 * @return the handle of the new key 1306 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey) 1307 * @exception PKCS11Exception If function returns other value than CKR_OK. 1308 * @preconditions 1309 * @postconditions 1310 */ 1311 public native long C_GenerateKey(long hSession, CK_MECHANISM pMechanism, 1312 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 1313 1314 1315 /** 1316 * C_GenerateKeyPair generates a public-key/private-key pair, 1317 * creating new key objects. 1318 * (Key management) 1319 * 1320 * @param hSession the session's handle 1321 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1322 * @param pMechanism the key generation mechanism 1323 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1324 * @param pPublicKeyTemplate the template for the new public key and the 1325 * number of attributes in the template 1326 * (PKCS#11 param: CK_ATTRIBUTE_PTR pPublicKeyTemplate, 1327 * CK_ULONG ulPublicKeyAttributeCount) 1328 * @param pPrivateKeyTemplate the template for the new private key and the 1329 * number of attributes in the template 1330 * (PKCS#11 param: CK_ATTRIBUTE_PTR pPrivateKeyTemplate 1331 * CK_ULONG ulPrivateKeyAttributeCount) 1332 * @return a long array with exactly two elements and the public key handle 1333 * as the first element and the private key handle as the second 1334 * element 1335 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phPublicKey, 1336 * CK_OBJECT_HANDLE_PTR phPrivateKey) 1337 * @exception PKCS11Exception If function returns other value than CKR_OK. 1338 * @preconditions (pMechanism <> null) 1339 * @postconditions (result <> null) and (result.length == 2) 1340 */ 1341 public native long[] C_GenerateKeyPair(long hSession, 1342 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate, 1343 CK_ATTRIBUTE[] pPrivateKeyTemplate) throws PKCS11Exception; 1344 1345 1346 1347 /** 1348 * C_WrapKey wraps (i.e., encrypts) a key. 1349 * (Key management) 1350 * 1351 * @param hSession the session's handle 1352 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1353 * @param pMechanism the wrapping mechanism 1354 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1355 * @param hWrappingKey the handle of the wrapping key 1356 * (PKCS#11 param: CK_OBJECT_HANDLE hWrappingKey) 1357 * @param hKey the handle of the key to be wrapped 1358 * (PKCS#11 param: CK_OBJECT_HANDLE hKey) 1359 * @return the wrapped key and the length of the wrapped key 1360 * (PKCS#11 param: CK_BYTE_PTR pWrappedKey, 1361 * CK_ULONG_PTR pulWrappedKeyLen) 1362 * @exception PKCS11Exception If function returns other value than CKR_OK. 1363 * @preconditions 1364 * @postconditions (result <> null) 1365 */ 1366 public native byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism, 1367 long hWrappingKey, long hKey) throws PKCS11Exception; 1368 1369 1370 /** 1371 * C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new 1372 * key object. 1373 * (Key management) 1374 * 1375 * @param hSession the session's handle 1376 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1377 * @param pMechanism the unwrapping mechanism 1378 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1379 * @param hUnwrappingKey the handle of the unwrapping key 1380 * (PKCS#11 param: CK_OBJECT_HANDLE hUnwrappingKey) 1381 * @param pWrappedKey the wrapped key to unwrap and the wrapped key's length 1382 * (PKCS#11 param: CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen) 1383 * @param pTemplate the template for the new key and the number of 1384 * attributes in the template 1385 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 1386 * @return the handle of the unwrapped key 1387 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey) 1388 * @exception PKCS11Exception If function returns other value than CKR_OK. 1389 * @preconditions (pWrappedKey <> null) 1390 * @postconditions 1391 */ 1392 public native long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism, 1393 long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate) 1394 throws PKCS11Exception; 1395 1396 1397 /** 1398 * C_DeriveKey derives a key from a base key, creating a new key 1399 * object. 1400 * (Key management) 1401 * 1402 * @param hSession the session's handle 1403 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1404 * @param pMechanism the key derivation mechanism 1405 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism) 1406 * @param hBaseKey the handle of the base key 1407 * (PKCS#11 param: CK_OBJECT_HANDLE hBaseKey) 1408 * @param pTemplate the template for the new key and the number of 1409 * attributes in the template 1410 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) 1411 * @return the handle of the derived key 1412 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey) 1413 * @exception PKCS11Exception If function returns other value than CKR_OK. 1414 * @preconditions 1415 * @postconditions 1416 */ 1417 public native long C_DeriveKey(long hSession, CK_MECHANISM pMechanism, 1418 long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception; 1419 1420 1421 1422 /* ***************************************************************************** 1423 * Random number generation 1424 ******************************************************************************/ 1425 1426 /** 1427 * C_SeedRandom mixes additional seed material into the token's 1428 * random number generator. 1429 * (Random number generation) 1430 * 1431 * @param hSession the session's handle 1432 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1433 * @param pSeed the seed material and the seed material's length 1434 * (PKCS#11 param: CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen) 1435 * @exception PKCS11Exception If function returns other value than CKR_OK. 1436 * @preconditions (pSeed <> null) 1437 * @postconditions 1438 */ 1439 public native void C_SeedRandom(long hSession, byte[] pSeed) 1440 throws PKCS11Exception; 1441 1442 1443 /** 1444 * C_GenerateRandom generates random data. 1445 * (Random number generation) 1446 * 1447 * @param hSession the session's handle 1448 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1449 * @param RandomData receives the random data and the length of RandomData 1450 * is the length of random data to be generated 1451 * (PKCS#11 param: CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen) 1452 * @exception PKCS11Exception If function returns other value than CKR_OK. 1453 * @preconditions (randomData <> null) 1454 * @postconditions 1455 */ 1456 public native void C_GenerateRandom(long hSession, byte[] randomData) 1457 throws PKCS11Exception; 1458 1459 1460 1461 /* ***************************************************************************** 1462 * Parallel function management 1463 ******************************************************************************/ 1464 1465 /** 1466 * C_GetFunctionStatus is a legacy function; it obtains an 1467 * updated status of a function running in parallel with an 1468 * application. 1469 * (Parallel function management) 1470 * 1471 * @param hSession the session's handle 1472 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1473 * @exception PKCS11Exception If function returns other value than CKR_OK. 1474 * @preconditions 1475 * @postconditions 1476 */ 1477 // public native void C_GetFunctionStatus(long hSession) 1478 // throws PKCS11Exception; 1479 1480 1481 /** 1482 * C_CancelFunction is a legacy function; it cancels a function 1483 * running in parallel. 1484 * (Parallel function management) 1485 * 1486 * @param hSession the session's handle 1487 * (PKCS#11 param: CK_SESSION_HANDLE hSession) 1488 * @exception PKCS11Exception If function returns other value than CKR_OK. 1489 * @preconditions 1490 * @postconditions 1491 */ 1492 // public native void C_CancelFunction(long hSession) throws PKCS11Exception; 1493 1494 1495 1496 /* ***************************************************************************** 1497 * Functions added in for Cryptoki Version 2.01 or later 1498 ******************************************************************************/ 1499 1500 /** 1501 * C_WaitForSlotEvent waits for a slot event (token insertion, 1502 * removal, etc.) to occur. 1503 * (General-purpose) 1504 * 1505 * @param flags blocking/nonblocking flag 1506 * (PKCS#11 param: CK_FLAGS flags) 1507 * @param pReserved reserved. Should be null 1508 * (PKCS#11 param: CK_VOID_PTR pReserved) 1509 * @return the slot ID where the event occurred 1510 * (PKCS#11 param: CK_SLOT_ID_PTR pSlot) 1511 * @exception PKCS11Exception If function returns other value than CKR_OK. 1512 * @preconditions (pRserved == null) 1513 * @postconditions 1514 */ 1515 // public native long C_WaitForSlotEvent(long flags, Object pRserved) 1516 // throws PKCS11Exception; 1517 1518 /** 1519 * Returns the string representation of this object. 1520 * 1521 * @return The string representation of object 1522 */ 1523 public String toString() { 1524 return "Module name: " + pkcs11ModulePath; 1525 } 1526 1527 /** 1528 * Calls disconnect() to cleanup the native part of the wrapper. Once this 1529 * method is called, this object cannot be used any longer. Any subsequent 1530 * call to a C_* method will result in a runtime exception. 1531 * 1532 * @exception Throwable If finalization fails. 1533 */ 1534 protected void finalize() throws Throwable { 1535 disconnect(); 1536 } 1537 1538 // PKCS11 subclass that has all methods synchronized and delegating to the 1539 // parent. Used for tokens that only support single threaded access 1540 static class SynchronizedPKCS11 extends PKCS11 { 1541 1542 SynchronizedPKCS11(String pkcs11ModulePath, String functionListName) 1543 throws IOException { 1544 super(pkcs11ModulePath, functionListName); 1545 } 1546 1547 synchronized void C_Initialize(Object pInitArgs) throws PKCS11Exception { 1548 super.C_Initialize(pInitArgs); 1549 } 1550 1551 public synchronized void C_Finalize(Object pReserved) 1552 throws PKCS11Exception { 1553 super.C_Finalize(pReserved); 1554 } 1555 1556 public synchronized CK_INFO C_GetInfo() throws PKCS11Exception { 1557 return super.C_GetInfo(); 1558 } 1559 1560 public synchronized long[] C_GetSlotList(boolean tokenPresent) 1561 throws PKCS11Exception { 1562 return super.C_GetSlotList(tokenPresent); 1563 } 1564 1565 public synchronized CK_SLOT_INFO C_GetSlotInfo(long slotID) 1566 throws PKCS11Exception { 1567 return super.C_GetSlotInfo(slotID); 1568 } 1569 1570 public synchronized CK_TOKEN_INFO C_GetTokenInfo(long slotID) 1571 throws PKCS11Exception { 1572 return super.C_GetTokenInfo(slotID); 1573 } 1574 1575 public synchronized long[] C_GetMechanismList(long slotID) 1576 throws PKCS11Exception { 1577 return super.C_GetMechanismList(slotID); 1578 } 1579 1580 public synchronized CK_MECHANISM_INFO C_GetMechanismInfo(long slotID, 1581 long type) throws PKCS11Exception { 1582 return super.C_GetMechanismInfo(slotID, type); 1583 } 1584 1585 public synchronized long C_OpenSession(long slotID, long flags, 1586 Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception { 1587 return super.C_OpenSession(slotID, flags, pApplication, Notify); 1588 } 1589 1590 public synchronized void C_CloseSession(long hSession) 1591 throws PKCS11Exception { 1592 super.C_CloseSession(hSession); 1593 } 1594 1595 public synchronized CK_SESSION_INFO C_GetSessionInfo(long hSession) 1596 throws PKCS11Exception { 1597 return super.C_GetSessionInfo(hSession); 1598 } 1599 1600 public synchronized void C_Login(long hSession, long userType, char[] pPin) 1601 throws PKCS11Exception { 1602 super.C_Login(hSession, userType, pPin); 1603 } 1604 1605 public synchronized void C_Logout(long hSession) throws PKCS11Exception { 1606 super.C_Logout(hSession); 1607 } 1608 1609 public synchronized long C_CreateObject(long hSession, 1610 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1611 return super.C_CreateObject(hSession, pTemplate); 1612 } 1613 1614 public synchronized long C_CopyObject(long hSession, long hObject, 1615 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1616 return super.C_CopyObject(hSession, hObject, pTemplate); 1617 } 1618 1619 public synchronized void C_DestroyObject(long hSession, long hObject) 1620 throws PKCS11Exception { 1621 super.C_DestroyObject(hSession, hObject); 1622 } 1623 1624 public synchronized void C_GetAttributeValue(long hSession, long hObject, 1625 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1626 super.C_GetAttributeValue(hSession, hObject, pTemplate); 1627 } 1628 1629 public synchronized void C_SetAttributeValue(long hSession, long hObject, 1630 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1631 super.C_SetAttributeValue(hSession, hObject, pTemplate); 1632 } 1633 1634 public synchronized void C_FindObjectsInit(long hSession, 1635 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1636 super.C_FindObjectsInit(hSession, pTemplate); 1637 } 1638 1639 public synchronized long[] C_FindObjects(long hSession, 1640 long ulMaxObjectCount) throws PKCS11Exception { 1641 return super.C_FindObjects(hSession, ulMaxObjectCount); 1642 } 1643 1644 public synchronized void C_FindObjectsFinal(long hSession) 1645 throws PKCS11Exception { 1646 super.C_FindObjectsFinal(hSession); 1647 } 1648 1649 public synchronized void C_EncryptInit(long hSession, 1650 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1651 super.C_EncryptInit(hSession, pMechanism, hKey); 1652 } 1653 1654 public synchronized int C_Encrypt(long hSession, byte[] in, int inOfs, 1655 int inLen, byte[] out, int outOfs, int outLen) 1656 throws PKCS11Exception { 1657 return super.C_Encrypt(hSession, in, inOfs, inLen, out, outOfs, outLen); 1658 } 1659 1660 public synchronized int C_EncryptUpdate(long hSession, long directIn, 1661 byte[] in, int inOfs, int inLen, long directOut, byte[] out, 1662 int outOfs, int outLen) throws PKCS11Exception { 1663 return super.C_EncryptUpdate(hSession, directIn, in, inOfs, inLen, 1664 directOut, out, outOfs, outLen); 1665 } 1666 1667 public synchronized int C_EncryptFinal(long hSession, long directOut, 1668 byte[] out, int outOfs, int outLen) throws PKCS11Exception { 1669 return super.C_EncryptFinal(hSession, directOut, out, outOfs, outLen); 1670 } 1671 1672 public synchronized void C_DecryptInit(long hSession, 1673 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1674 super.C_DecryptInit(hSession, pMechanism, hKey); 1675 } 1676 1677 public synchronized int C_Decrypt(long hSession, byte[] in, int inOfs, 1678 int inLen, byte[] out, int outOfs, int outLen) 1679 throws PKCS11Exception { 1680 return super.C_Decrypt(hSession, in, inOfs, inLen, out, outOfs, outLen); 1681 } 1682 1683 public synchronized int C_DecryptUpdate(long hSession, long directIn, 1684 byte[] in, int inOfs, int inLen, long directOut, byte[] out, 1685 int outOfs, int outLen) throws PKCS11Exception { 1686 return super.C_DecryptUpdate(hSession, directIn, in, inOfs, inLen, 1687 directOut, out, outOfs, outLen); 1688 } 1689 1690 public synchronized int C_DecryptFinal(long hSession, long directOut, 1691 byte[] out, int outOfs, int outLen) throws PKCS11Exception { 1692 return super.C_DecryptFinal(hSession, directOut, out, outOfs, outLen); 1693 } 1694 1695 public synchronized void C_DigestInit(long hSession, CK_MECHANISM pMechanism) 1696 throws PKCS11Exception { 1697 super.C_DigestInit(hSession, pMechanism); 1698 } 1699 1700 public synchronized int C_DigestSingle(long hSession, 1701 CK_MECHANISM pMechanism, byte[] in, int inOfs, int inLen, 1702 byte[] digest, int digestOfs, int digestLen) throws PKCS11Exception { 1703 return super.C_DigestSingle(hSession, pMechanism, in, inOfs, inLen, 1704 digest, digestOfs, digestLen); 1705 } 1706 1707 public synchronized void C_DigestUpdate(long hSession, long directIn, 1708 byte[] in, int inOfs, int inLen) throws PKCS11Exception { 1709 super.C_DigestUpdate(hSession, directIn, in, inOfs, inLen); 1710 } 1711 1712 public synchronized void C_DigestKey(long hSession, long hKey) 1713 throws PKCS11Exception { 1714 super.C_DigestKey(hSession, hKey); 1715 } 1716 1717 public synchronized int C_DigestFinal(long hSession, byte[] pDigest, 1718 int digestOfs, int digestLen) throws PKCS11Exception { 1719 return super.C_DigestFinal(hSession, pDigest, digestOfs, digestLen); 1720 } 1721 1722 public synchronized void C_SignInit(long hSession, CK_MECHANISM pMechanism, 1723 long hKey) throws PKCS11Exception { 1724 super.C_SignInit(hSession, pMechanism, hKey); 1725 } 1726 1727 public synchronized byte[] C_Sign(long hSession, byte[] pData) 1728 throws PKCS11Exception { 1729 return super.C_Sign(hSession, pData); 1730 } 1731 1732 public synchronized void C_SignUpdate(long hSession, long directIn, 1733 byte[] in, int inOfs, int inLen) throws PKCS11Exception { 1734 super.C_SignUpdate(hSession, directIn, in, inOfs, inLen); 1735 } 1736 1737 public synchronized byte[] C_SignFinal(long hSession, int expectedLen) 1738 throws PKCS11Exception { 1739 return super.C_SignFinal(hSession, expectedLen); 1740 } 1741 1742 public synchronized void C_SignRecoverInit(long hSession, 1743 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1744 super.C_SignRecoverInit(hSession, pMechanism, hKey); 1745 } 1746 1747 public synchronized int C_SignRecover(long hSession, byte[] in, int inOfs, 1748 int inLen, byte[] out, int outOufs, int outLen) 1749 throws PKCS11Exception { 1750 return super.C_SignRecover(hSession, in, inOfs, inLen, out, outOufs, 1751 outLen); 1752 } 1753 1754 public synchronized void C_VerifyInit(long hSession, CK_MECHANISM pMechanism, 1755 long hKey) throws PKCS11Exception { 1756 super.C_VerifyInit(hSession, pMechanism, hKey); 1757 } 1758 1759 public synchronized void C_Verify(long hSession, byte[] pData, 1760 byte[] pSignature) throws PKCS11Exception { 1761 super.C_Verify(hSession, pData, pSignature); 1762 } 1763 1764 public synchronized void C_VerifyUpdate(long hSession, long directIn, 1765 byte[] in, int inOfs, int inLen) throws PKCS11Exception { 1766 super.C_VerifyUpdate(hSession, directIn, in, inOfs, inLen); 1767 } 1768 1769 public synchronized void C_VerifyFinal(long hSession, byte[] pSignature) 1770 throws PKCS11Exception { 1771 super.C_VerifyFinal(hSession, pSignature); 1772 } 1773 1774 public synchronized void C_VerifyRecoverInit(long hSession, 1775 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception { 1776 super.C_VerifyRecoverInit(hSession, pMechanism, hKey); 1777 } 1778 1779 public synchronized int C_VerifyRecover(long hSession, byte[] in, int inOfs, 1780 int inLen, byte[] out, int outOufs, int outLen) 1781 throws PKCS11Exception { 1782 return super.C_VerifyRecover(hSession, in, inOfs, inLen, out, outOufs, 1783 outLen); 1784 } 1785 1786 public synchronized long C_GenerateKey(long hSession, 1787 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pTemplate) 1788 throws PKCS11Exception { 1789 return super.C_GenerateKey(hSession, pMechanism, pTemplate); 1790 } 1791 1792 public synchronized long[] C_GenerateKeyPair(long hSession, 1793 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate, 1794 CK_ATTRIBUTE[] pPrivateKeyTemplate) 1795 throws PKCS11Exception { 1796 return super.C_GenerateKeyPair(hSession, pMechanism, pPublicKeyTemplate, 1797 pPrivateKeyTemplate); 1798 } 1799 1800 public synchronized byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism, 1801 long hWrappingKey, long hKey) throws PKCS11Exception { 1802 return super.C_WrapKey(hSession, pMechanism, hWrappingKey, hKey); 1803 } 1804 1805 public synchronized long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism, 1806 long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate) 1807 throws PKCS11Exception { 1808 return super.C_UnwrapKey(hSession, pMechanism, hUnwrappingKey, 1809 pWrappedKey, pTemplate); 1810 } 1811 1812 public synchronized long C_DeriveKey(long hSession, CK_MECHANISM pMechanism, 1813 long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception { 1814 return super.C_DeriveKey(hSession, pMechanism, hBaseKey, pTemplate); 1815 } 1816 1817 public synchronized void C_SeedRandom(long hSession, byte[] pSeed) 1818 throws PKCS11Exception { 1819 super.C_SeedRandom(hSession, pSeed); 1820 } 1821 1822 public synchronized void C_GenerateRandom(long hSession, byte[] randomData) 1823 throws PKCS11Exception { 1824 super.C_GenerateRandom(hSession, randomData); 1825 } 1826 } 1827 }