1 /*
2 * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
3 */
4
5 /* Copyright (c) 2002 Graz University of Technology. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright notice,
11 * this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright notice,
14 * this list of conditions and the following disclaimer in the documentation
15 * and/or other materials provided with the distribution.
16 *
17 * 3. The end-user documentation included with the redistribution, if any, must
18 * include the following acknowledgment:
19 *
20 * "This product includes software developed by IAIK of Graz University of
21 * Technology."
22 *
23 * Alternately, this acknowledgment may appear in the software itself, if
24 * and wherever such third-party acknowledgments normally appear.
25 *
26 * 4. The names "Graz University of Technology" and "IAIK of Graz University of
27 * Technology" must not be used to endorse or promote products derived from
28 * this software without prior written permission.
29 *
30 * 5. Products derived from this software may not be called
31 * "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior
32 * written permission of Graz University of Technology.
33 *
34 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
35 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
36 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
37 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE
38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
39 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
40 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
41 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
42 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
43 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
44 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
45 * POSSIBILITY OF SUCH DAMAGE.
46 */
47
48 package sun.security.pkcs11.wrapper;
49
50 import java.io.File;
51 import java.io.IOException;
52 import java.util.*;
53
54 import java.security.AccessController;
55 import java.security.PrivilegedAction;
56
57 import sun.security.util.Debug;
58
59 import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
60
61 /**
62 * This is the default implementation of the PKCS11 interface. IT connects to
63 * the pkcs11wrapper.dll file, which is the native part of this library.
64 * The strange and awkward looking initialization was chosen to avoid calling
65 * loadLibrary from a static initialization block, because this would complicate
66 * the use in applets.
67 *
68 * @author Karl Scheibelhofer <Karl.Scheibelhofer@iaik.at>
69 * @author Martin Schlaeffer <schlaeff@sbox.tugraz.at>
70 * @invariants (pkcs11ModulePath_ <> null)
71 */
72 public class PKCS11 {
73
74 /**
75 * The name of the native part of the wrapper; i.e. the filename without
76 * the extension (e.g. ".DLL" or ".so").
77 */
78 private static final String PKCS11_WRAPPER = "j2pkcs11";
79
80 static {
81 // cannot use LoadLibraryAction because that would make the native
82 // library available to the bootclassloader, but we run in the
83 // extension classloader.
84 AccessController.doPrivileged(new PrivilegedAction<Object>() {
85 public Object run() {
86 System.loadLibrary(PKCS11_WRAPPER);
87 return null;
88 }
89 });
90 boolean enableDebug = Debug.getInstance("sunpkcs11") != null;
91 initializeLibrary(enableDebug);
92 }
93
94 public static void loadNative() {
95 // dummy method that can be called to make sure the native
96 // portion has been loaded. actual loading happens in the
97 // static initializer, hence this method is empty.
98 }
99
100 /**
101 * The PKCS#11 module to connect to. This is the PKCS#11 driver of the token;
102 * e.g. pk2priv.dll.
103 */
104 private final String pkcs11ModulePath;
105
106 private long pNativeData;
107
108 /**
109 * This method does the initialization of the native library. It is called
110 * exactly once for this class.
111 *
112 * @preconditions
113 * @postconditions
114 */
115 private static native void initializeLibrary(boolean debug);
116
117 // XXX
118 /**
119 * This method does the finalization of the native library. It is called
120 * exactly once for this class. The library uses this method for a clean-up
121 * of any resources.
122 *
123 * @preconditions
124 * @postconditions
125 */
126 private static native void finalizeLibrary();
127
128 private static final Map<String,PKCS11> moduleMap =
129 new HashMap<String,PKCS11>();
130
131 /**
132 * Connects to the PKCS#11 driver given. The filename must contain the
133 * path, if the driver is not in the system's search path.
134 *
135 * @param pkcs11ModulePath the PKCS#11 library path
136 * @preconditions (pkcs11ModulePath <> null)
137 * @postconditions
138 */
139 PKCS11(String pkcs11ModulePath, String functionListName)
140 throws IOException {
141 connect(pkcs11ModulePath, functionListName);
142 this.pkcs11ModulePath = pkcs11ModulePath;
143 }
144
145 public static synchronized PKCS11 getInstance(String pkcs11ModulePath,
146 String functionList, CK_C_INITIALIZE_ARGS pInitArgs,
147 boolean omitInitialize) throws IOException, PKCS11Exception {
148 // we may only call C_Initialize once per native .so/.dll
149 // so keep a cache using the (non-canonicalized!) path
150 PKCS11 pkcs11 = moduleMap.get(pkcs11ModulePath);
151 if (pkcs11 == null) {
152 if ((pInitArgs != null)
153 && ((pInitArgs.flags & CKF_OS_LOCKING_OK) != 0)) {
154 pkcs11 = new PKCS11(pkcs11ModulePath, functionList);
155 } else {
156 pkcs11 = new SynchronizedPKCS11(pkcs11ModulePath, functionList);
157 }
158 if (omitInitialize == false) {
159 try {
160 pkcs11.C_Initialize(pInitArgs);
161 } catch (PKCS11Exception e) {
162 // ignore already-initialized error code
163 // rethrow all other errors
164 if (e.getErrorCode() != CKR_CRYPTOKI_ALREADY_INITIALIZED) {
165 throw e;
166 }
167 }
168 }
169 moduleMap.put(pkcs11ModulePath, pkcs11);
170 }
171 return pkcs11;
172 }
173
174 /**
175 * Connects this object to the specified PKCS#11 library. This method is for
176 * internal use only.
177 * Declared private, because incorrect handling may result in errors in the
178 * native part.
179 *
180 * @param pkcs11ModulePath The PKCS#11 library path.
181 * @preconditions (pkcs11ModulePath <> null)
182 * @postconditions
183 */
184 private native void connect(String pkcs11ModulePath, String functionListName)
185 throws IOException;
186
187 /**
188 * Disconnects the PKCS#11 library from this object. After calling this
189 * method, this object is no longer connected to a native PKCS#11 module
190 * and any subsequent calls to C_ methods will fail. This method is for
191 * internal use only.
192 * Declared private, because incorrect handling may result in errors in the
193 * native part.
194 *
195 * @preconditions
196 * @postconditions
197 */
198 private native void disconnect();
199
200
201 // Implementation of PKCS11 methods delegated to native pkcs11wrapper library
202
203 /* *****************************************************************************
204 * General-purpose
205 ******************************************************************************/
206
207 /**
208 * C_Initialize initializes the Cryptoki library.
209 * (General-purpose)
210 *
211 * @param pInitArgs if pInitArgs is not NULL it gets casted to
212 * CK_C_INITIALIZE_ARGS_PTR and dereferenced
213 * (PKCS#11 param: CK_VOID_PTR pInitArgs)
214 * @exception PKCS11Exception If function returns other value than CKR_OK.
215 * @preconditions
216 * @postconditions
217 */
218 native void C_Initialize(Object pInitArgs) throws PKCS11Exception;
219
220 /**
221 * C_Finalize indicates that an application is done with the
222 * Cryptoki library
223 * (General-purpose)
224 *
225 * @param pReserved is reserved. Should be NULL_PTR
226 * (PKCS#11 param: CK_VOID_PTR pReserved)
227 * @exception PKCS11Exception If function returns other value than CKR_OK.
228 * @preconditions (pReserved == null)
229 * @postconditions
230 */
231 public native void C_Finalize(Object pReserved) throws PKCS11Exception;
232
233
234 /**
235 * C_GetInfo returns general information about Cryptoki.
236 * (General-purpose)
237 *
238 * @return the information.
239 * (PKCS#11 param: CK_INFO_PTR pInfo)
240 * @exception PKCS11Exception If function returns other value than CKR_OK.
241 * @preconditions
242 * @postconditions (result <> null)
243 */
244 public native CK_INFO C_GetInfo() throws PKCS11Exception;
245
246
247 /* *****************************************************************************
248 * Slot and token management
249 ******************************************************************************/
250
251 /**
252 * C_GetSlotList obtains a list of slots in the system.
253 * (Slot and token management)
254 *
255 * @param tokenPresent if true only Slot IDs with a token are returned
256 * (PKCS#11 param: CK_BBOOL tokenPresent)
257 * @return a long array of slot IDs and number of Slot IDs
258 * (PKCS#11 param: CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount)
259 * @exception PKCS11Exception If function returns other value than CKR_OK.
260 * @preconditions
261 * @postconditions (result <> null)
262 */
263 public native long[] C_GetSlotList(boolean tokenPresent)
264 throws PKCS11Exception;
265
266
267 /**
268 * C_GetSlotInfo obtains information about a particular slot in
269 * the system.
270 * (Slot and token management)
271 *
272 * @param slotID the ID of the slot
273 * (PKCS#11 param: CK_SLOT_ID slotID)
274 * @return the slot information
275 * (PKCS#11 param: CK_SLOT_INFO_PTR pInfo)
276 * @exception PKCS11Exception If function returns other value than CKR_OK.
277 * @preconditions
278 * @postconditions (result <> null)
279 */
280 public native CK_SLOT_INFO C_GetSlotInfo(long slotID) throws PKCS11Exception;
281
282
283 /**
284 * C_GetTokenInfo obtains information about a particular token
285 * in the system.
286 * (Slot and token management)
287 *
288 * @param slotID ID of the token's slot
289 * (PKCS#11 param: CK_SLOT_ID slotID)
290 * @return the token information
291 * (PKCS#11 param: CK_TOKEN_INFO_PTR pInfo)
292 * @exception PKCS11Exception If function returns other value than CKR_OK.
293 * @preconditions
294 * @postconditions (result <> null)
295 */
296 public native CK_TOKEN_INFO C_GetTokenInfo(long slotID)
297 throws PKCS11Exception;
298
299
300 /**
301 * C_GetMechanismList obtains a list of mechanism types
302 * supported by a token.
303 * (Slot and token management)
304 *
305 * @param slotID ID of the token's slot
306 * (PKCS#11 param: CK_SLOT_ID slotID)
307 * @return a long array of mechanism types and number of mechanism types
308 * (PKCS#11 param: CK_MECHANISM_TYPE_PTR pMechanismList,
309 * CK_ULONG_PTR pulCount)
310 * @exception PKCS11Exception If function returns other value than CKR_OK.
311 * @preconditions
312 * @postconditions (result <> null)
313 */
314 public native long[] C_GetMechanismList(long slotID) throws PKCS11Exception;
315
316
317 /**
318 * C_GetMechanismInfo obtains information about a particular
319 * mechanism possibly supported by a token.
320 * (Slot and token management)
321 *
322 * @param slotID ID of the token's slot
323 * (PKCS#11 param: CK_SLOT_ID slotID)
324 * @param type type of mechanism
325 * (PKCS#11 param: CK_MECHANISM_TYPE type)
326 * @return the mechanism info
327 * (PKCS#11 param: CK_MECHANISM_INFO_PTR pInfo)
328 * @exception PKCS11Exception If function returns other value than CKR_OK.
329 * @preconditions
330 * @postconditions (result <> null)
331 */
332 public native CK_MECHANISM_INFO C_GetMechanismInfo(long slotID, long type)
333 throws PKCS11Exception;
334
335
336 /**
337 * C_InitToken initializes a token.
338 * (Slot and token management)
339 *
340 * @param slotID ID of the token's slot
341 * (PKCS#11 param: CK_SLOT_ID slotID)
342 * @param pPin the SO's initial PIN and the length in bytes of the PIN
343 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
344 * @param pLabel 32-byte token label (blank padded)
345 * (PKCS#11 param: CK_UTF8CHAR_PTR pLabel)
346 * @exception PKCS11Exception If function returns other value than CKR_OK.
347 * @preconditions
348 * @postconditions
349 */
350 // public native void C_InitToken(long slotID, char[] pPin, char[] pLabel)
351 // throws PKCS11Exception;
352
353
354 /**
355 * C_InitPIN initializes the normal user's PIN.
356 * (Slot and token management)
357 *
358 * @param hSession the session's handle
359 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
360 * @param pPin the normal user's PIN and the length in bytes of the PIN
361 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
362 * @exception PKCS11Exception If function returns other value than CKR_OK.
363 * @preconditions
364 * @postconditions
365 */
366 // public native void C_InitPIN(long hSession, char[] pPin)
367 // throws PKCS11Exception;
368
369
370 /**
371 * C_SetPIN modifies the PIN of the user who is logged in.
372 * (Slot and token management)
373 *
374 * @param hSession the session's handle
375 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
376 * @param pOldPin the old PIN and the length of the old PIN
377 * (PKCS#11 param: CK_CHAR_PTR pOldPin, CK_ULONG ulOldLen)
378 * @param pNewPin the new PIN and the length of the new PIN
379 * (PKCS#11 param: CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen)
380 * @exception PKCS11Exception If function returns other value than CKR_OK.
381 * @preconditions
382 * @postconditions
383 */
384 // public native void C_SetPIN(long hSession, char[] pOldPin, char[] pNewPin)
385 // throws PKCS11Exception;
386
387
388
389 /* *****************************************************************************
390 * Session management
391 ******************************************************************************/
392
393 /**
394 * C_OpenSession opens a session between an application and a
395 * token.
396 * (Session management)
397 *
398 * @param slotID the slot's ID
399 * (PKCS#11 param: CK_SLOT_ID slotID)
400 * @param flags of CK_SESSION_INFO
401 * (PKCS#11 param: CK_FLAGS flags)
402 * @param pApplication passed to callback
403 * (PKCS#11 param: CK_VOID_PTR pApplication)
404 * @param Notify the callback function
405 * (PKCS#11 param: CK_NOTIFY Notify)
406 * @return the session handle
407 * (PKCS#11 param: CK_SESSION_HANDLE_PTR phSession)
408 * @exception PKCS11Exception If function returns other value than CKR_OK.
409 * @preconditions
410 * @postconditions
411 */
412 public native long C_OpenSession(long slotID, long flags,
413 Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception;
414
415
416 /**
417 * C_CloseSession closes a session between an application and a
418 * token.
419 * (Session management)
420 *
421 * @param hSession the session's handle
422 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
423 * @exception PKCS11Exception If function returns other value than CKR_OK.
424 * @preconditions
425 * @postconditions
426 */
427 public native void C_CloseSession(long hSession) throws PKCS11Exception;
428
429
430 /**
431 * C_CloseAllSessions closes all sessions with a token.
432 * (Session management)
433 *
434 * @param slotID the ID of the token's slot
435 * (PKCS#11 param: CK_SLOT_ID slotID)
436 * @exception PKCS11Exception If function returns other value than CKR_OK.
437 * @preconditions
438 * @postconditions
439 */
440 // public native void C_CloseAllSessions(long slotID) throws PKCS11Exception;
441
442
443 /**
444 * C_GetSessionInfo obtains information about the session.
445 * (Session management)
446 *
447 * @param hSession the session's handle
448 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
449 * @return the session info
450 * (PKCS#11 param: CK_SESSION_INFO_PTR pInfo)
451 * @exception PKCS11Exception If function returns other value than CKR_OK.
452 * @preconditions
453 * @postconditions (result <> null)
454 */
455 public native CK_SESSION_INFO C_GetSessionInfo(long hSession)
456 throws PKCS11Exception;
457
458
459 /**
460 * C_GetOperationState obtains the state of the cryptographic operation
461 * in a session.
462 * (Session management)
463 *
464 * @param hSession session's handle
465 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
466 * @return the state and the state length
467 * (PKCS#11 param: CK_BYTE_PTR pOperationState,
468 * CK_ULONG_PTR pulOperationStateLen)
469 * @exception PKCS11Exception If function returns other value than CKR_OK.
470 * @preconditions
471 * @postconditions (result <> null)
472 */
473 public native byte[] C_GetOperationState(long hSession)
474 throws PKCS11Exception;
475
476
477 /**
478 * C_SetOperationState restores the state of the cryptographic
479 * operation in a session.
480 * (Session management)
481 *
482 * @param hSession session's handle
483 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
484 * @param pOperationState the state and the state length
485 * (PKCS#11 param: CK_BYTE_PTR pOperationState,
486 * CK_ULONG ulOperationStateLen)
487 * @param hEncryptionKey en/decryption key
488 * (PKCS#11 param: CK_OBJECT_HANDLE hEncryptionKey)
489 * @param hAuthenticationKey sign/verify key
490 * (PKCS#11 param: CK_OBJECT_HANDLE hAuthenticationKey)
491 * @exception PKCS11Exception If function returns other value than CKR_OK.
492 * @preconditions
493 * @postconditions
494 */
495 public native void C_SetOperationState(long hSession, byte[] pOperationState,
496 long hEncryptionKey, long hAuthenticationKey) throws PKCS11Exception;
497
498
499 /**
500 * C_Login logs a user into a token.
501 * (Session management)
502 *
503 * @param hSession the session's handle
504 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
505 * @param userType the user type
506 * (PKCS#11 param: CK_USER_TYPE userType)
507 * @param pPin the user's PIN and the length of the PIN
508 * (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
509 * @exception PKCS11Exception If function returns other value than CKR_OK.
510 * @preconditions
511 * @postconditions
512 */
513 public native void C_Login(long hSession, long userType, char[] pPin)
514 throws PKCS11Exception;
515
516
517 /**
518 * C_Logout logs a user out from a token.
519 * (Session management)
520 *
521 * @param hSession the session's handle
522 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
523 * @exception PKCS11Exception If function returns other value than CKR_OK.
524 * @preconditions
525 * @postconditions
526 */
527 public native void C_Logout(long hSession) throws PKCS11Exception;
528
529
530
531 /* *****************************************************************************
532 * Object management
533 ******************************************************************************/
534
535 /**
536 * C_CreateObject creates a new object.
537 * (Object management)
538 *
539 * @param hSession the session's handle
540 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
541 * @param pTemplate the object's template and number of attributes in
542 * template
543 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
544 * @return the object's handle
545 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phObject)
546 * @exception PKCS11Exception If function returns other value than CKR_OK.
547 * @preconditions
548 * @postconditions
549 */
550 public native long C_CreateObject(long hSession, CK_ATTRIBUTE[] pTemplate)
551 throws PKCS11Exception;
552
553
554 /**
555 * C_CopyObject copies an object, creating a new object for the
556 * copy.
557 * (Object management)
558 *
559 * @param hSession the session's handle
560 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
561 * @param hObject the object's handle
562 * (PKCS#11 param: CK_OBJECT_HANDLE hObject)
563 * @param pTemplate the template for the new object and number of attributes
564 * in template
565 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
566 * @return the handle of the copy
567 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phNewObject)
568 * @exception PKCS11Exception If function returns other value than CKR_OK.
569 * @preconditions
570 * @postconditions
571 */
572 public native long C_CopyObject(long hSession, long hObject,
573 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
574
575
576 /**
577 * C_DestroyObject destroys an object.
578 * (Object management)
579 *
580 * @param hSession the session's handle
581 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
582 * @param hObject the object's handle
583 * (PKCS#11 param: CK_OBJECT_HANDLE hObject)
584 * @exception PKCS11Exception If function returns other value than CKR_OK.
585 * @preconditions
586 * @postconditions
587 */
588 public native void C_DestroyObject(long hSession, long hObject)
589 throws PKCS11Exception;
590
591
592 /**
593 * C_GetObjectSize gets the size of an object in bytes.
594 * (Object management)
595 *
596 * @param hSession the session's handle
597 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
598 * @param hObject the object's handle
599 * (PKCS#11 param: CK_OBJECT_HANDLE hObject)
600 * @return the size of the object
601 * (PKCS#11 param: CK_ULONG_PTR pulSize)
602 * @exception PKCS11Exception If function returns other value than CKR_OK.
603 * @preconditions
604 * @postconditions
605 */
606 // public native long C_GetObjectSize(long hSession, long hObject)
607 // throws PKCS11Exception;
608
609
610 /**
611 * C_GetAttributeValue obtains the value of one or more object
612 * attributes. The template attributes also receive the values.
613 * (Object management)
614 * note: in PKCS#11 pTemplate and the result template are the same
615 *
616 * @param hSession the session's handle
617 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
618 * @param hObject the object's handle
619 * (PKCS#11 param: CK_OBJECT_HANDLE hObject)
620 * @param pTemplate specifies the attributes and number of attributes to get
621 * The template attributes also receive the values.
622 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
623 * @exception PKCS11Exception If function returns other value than CKR_OK.
624 * @preconditions (pTemplate <> null)
625 * @postconditions (result <> null)
626 */
627 public native void C_GetAttributeValue(long hSession, long hObject,
628 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
629
630
631 /**
632 * C_SetAttributeValue modifies the value of one or more object
633 * attributes
634 * (Object management)
635 *
636 * @param hSession the session's handle
637 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
638 * @param hObject the object's handle
639 * (PKCS#11 param: CK_OBJECT_HANDLE hObject)
640 * @param pTemplate specifies the attributes and values to get; number of
641 * attributes in the template
642 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
643 * @exception PKCS11Exception If function returns other value than CKR_OK.
644 * @preconditions (pTemplate <> null)
645 * @postconditions
646 */
647 public native void C_SetAttributeValue(long hSession, long hObject,
648 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
649
650
651 /**
652 * C_FindObjectsInit initializes a search for token and session
653 * objects that match a template.
654 * (Object management)
655 *
656 * @param hSession the session's handle
657 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
658 * @param pTemplate the object's attribute values to match and the number of
659 * attributes in search template
660 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
661 * @exception PKCS11Exception If function returns other value than CKR_OK.
662 * @preconditions
663 * @postconditions
664 */
665 public native void C_FindObjectsInit(long hSession, CK_ATTRIBUTE[] pTemplate)
666 throws PKCS11Exception;
667
668
669 /**
670 * C_FindObjects continues a search for token and session
671 * objects that match a template, obtaining additional object
672 * handles.
673 * (Object management)
674 *
675 * @param hSession the session's handle
676 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
677 * @param ulMaxObjectCount the max. object handles to get
678 * (PKCS#11 param: CK_ULONG ulMaxObjectCount)
679 * @return the object's handles and the actual number of objects returned
680 * (PKCS#11 param: CK_ULONG_PTR pulObjectCount)
681 * @exception PKCS11Exception If function returns other value than CKR_OK.
682 * @preconditions
683 * @postconditions (result <> null)
684 */
685 public native long[] C_FindObjects(long hSession, long ulMaxObjectCount)
686 throws PKCS11Exception;
687
688
689 /**
690 * C_FindObjectsFinal finishes a search for token and session
691 * objects.
692 * (Object management)
693 *
694 * @param hSession the session's handle
695 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
696 * @exception PKCS11Exception If function returns other value than CKR_OK.
697 * @preconditions
698 * @postconditions
699 */
700 public native void C_FindObjectsFinal(long hSession) throws PKCS11Exception;
701
702
703
704 /* *****************************************************************************
705 * Encryption and decryption
706 ******************************************************************************/
707
708 /**
709 * C_EncryptInit initializes an encryption operation.
710 * (Encryption and decryption)
711 *
712 * @param hSession the session's handle
713 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
714 * @param pMechanism the encryption mechanism
715 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
716 * @param hKey the handle of the encryption key
717 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
718 * @exception PKCS11Exception If function returns other value than CKR_OK.
719 * @preconditions
720 * @postconditions
721 */
722 public native void C_EncryptInit(long hSession, CK_MECHANISM pMechanism,
723 long hKey) throws PKCS11Exception;
724
725
726 /**
727 * C_Encrypt encrypts single-part data.
728 * (Encryption and decryption)
729 *
730 * @param hSession the session's handle
731 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
732 * @param pData the data to get encrypted and the data's length
733 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
734 * @return the encrypted data and the encrypted data's length
735 * (PKCS#11 param: CK_BYTE_PTR pEncryptedData,
736 * CK_ULONG_PTR pulEncryptedDataLen)
737 * @exception PKCS11Exception If function returns other value than CKR_OK.
738 * @preconditions (pData <> null)
739 * @postconditions (result <> null)
740 */
741 public native int C_Encrypt(long hSession, byte[] in, int inOfs, int inLen,
742 byte[] out, int outOfs, int outLen) throws PKCS11Exception;
743
744
745 /**
746 * C_EncryptUpdate continues a multiple-part encryption
747 * operation.
748 * (Encryption and decryption)
749 *
750 * @param hSession the session's handle
751 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
752 * @param pPart the data part to get encrypted and the data part's length
753 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
754 * @return the encrypted data part and the encrypted data part's length
755 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
756 CK_ULONG_PTR pulEncryptedPartLen)
757 * @exception PKCS11Exception If function returns other value than CKR_OK.
758 * @preconditions (pPart <> null)
759 * @postconditions
760 */
761 public native int C_EncryptUpdate(long hSession, long directIn, byte[] in,
762 int inOfs, int inLen, long directOut, byte[] out, int outOfs,
763 int outLen) throws PKCS11Exception;
764
765
766 /**
767 * C_EncryptFinal finishes a multiple-part encryption
768 * operation.
769 * (Encryption and decryption)
770 *
771 * @param hSession the session's handle
772 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
773 * @return the last encrypted data part and the last data part's length
774 * (PKCS#11 param: CK_BYTE_PTR pLastEncryptedPart,
775 CK_ULONG_PTR pulLastEncryptedPartLen)
776 * @exception PKCS11Exception If function returns other value than CKR_OK.
777 * @preconditions
778 * @postconditions (result <> null)
779 */
780 public native int C_EncryptFinal(long hSession, long directOut, byte[] out,
781 int outOfs, int outLen) throws PKCS11Exception;
782
783
784 /**
785 * C_DecryptInit initializes a decryption operation.
786 * (Encryption and decryption)
787 *
788 * @param hSession the session's handle
789 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
790 * @param pMechanism the decryption mechanism
791 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
792 * @param hKey the handle of the decryption key
793 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
794 * @exception PKCS11Exception If function returns other value than CKR_OK.
795 * @preconditions
796 * @postconditions
797 */
798 public native void C_DecryptInit(long hSession, CK_MECHANISM pMechanism,
799 long hKey) throws PKCS11Exception;
800
801
802 /**
803 * C_Decrypt decrypts encrypted data in a single part.
804 * (Encryption and decryption)
805 *
806 * @param hSession the session's handle
807 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
808 * @param pEncryptedData the encrypted data to get decrypted and the
809 * encrypted data's length
810 * (PKCS#11 param: CK_BYTE_PTR pEncryptedData,
811 * CK_ULONG ulEncryptedDataLen)
812 * @return the decrypted data and the data's length
813 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
814 * @exception PKCS11Exception If function returns other value than CKR_OK.
815 * @preconditions (pEncryptedPart <> null)
816 * @postconditions (result <> null)
817 */
818 public native int C_Decrypt(long hSession, byte[] in, int inOfs, int inLen,
819 byte[] out, int outOfs, int outLen) throws PKCS11Exception;
820
821
822 /**
823 * C_DecryptUpdate continues a multiple-part decryption
824 * operation.
825 * (Encryption and decryption)
826 *
827 * @param hSession the session's handle
828 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
829 * @param pEncryptedPart the encrypted data part to get decrypted and the
830 * encrypted data part's length
831 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
832 * CK_ULONG ulEncryptedPartLen)
833 * @return the decrypted data part and the data part's length
834 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
835 * @exception PKCS11Exception If function returns other value than CKR_OK.
836 * @preconditions (pEncryptedPart <> null)
837 * @postconditions
838 */
839 public native int C_DecryptUpdate(long hSession, long directIn, byte[] in,
840 int inOfs, int inLen, long directOut, byte[] out, int outOfs,
841 int outLen) throws PKCS11Exception;
842
843
844 /**
845 * C_DecryptFinal finishes a multiple-part decryption
846 * operation.
847 * (Encryption and decryption)
848 *
849 * @param hSession the session's handle
850 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
851 * @return the last decrypted data part and the last data part's length
852 * (PKCS#11 param: CK_BYTE_PTR pLastPart,
853 * CK_ULONG_PTR pulLastPartLen)
854 * @exception PKCS11Exception If function returns other value than CKR_OK.
855 * @preconditions
856 * @postconditions (result <> null)
857 */
858 public native int C_DecryptFinal(long hSession, long directOut, byte[] out,
859 int outOfs, int outLen) throws PKCS11Exception;
860
861
862
863 /* *****************************************************************************
864 * Message digesting
865 ******************************************************************************/
866
867 /**
868 * C_DigestInit initializes a message-digesting operation.
869 * (Message digesting)
870 *
871 * @param hSession the session's handle
872 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
873 * @param pMechanism the digesting mechanism
874 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
875 * @exception PKCS11Exception If function returns other value than CKR_OK.
876 * @preconditions
877 * @postconditions
878 */
879 public native void C_DigestInit(long hSession, CK_MECHANISM pMechanism)
880 throws PKCS11Exception;
881
882
883 // note that C_DigestSingle does not exist in PKCS#11
884 // we combined the C_DigestInit and C_Digest into a single function
885 // to save on Java<->C transitions and save 5-10% on small digests
886 // this made the C_Digest method redundant, it has been removed
887 /**
888 * C_Digest digests data in a single part.
889 * (Message digesting)
890 *
891 * @param hSession the session's handle
892 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
893 * @param data the data to get digested and the data's length
894 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
895 * @return the message digest and the length of the message digest
896 * (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
897 * @exception PKCS11Exception If function returns other value than CKR_OK.
898 * @preconditions (data <> null)
899 * @postconditions (result <> null)
900 */
901 public native int C_DigestSingle(long hSession, CK_MECHANISM pMechanism,
902 byte[] in, int inOfs, int inLen, byte[] digest, int digestOfs,
903 int digestLen) throws PKCS11Exception;
904
905
906 /**
907 * C_DigestUpdate continues a multiple-part message-digesting
908 * operation.
909 * (Message digesting)
910 *
911 * @param hSession the session's handle
912 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
913 * @param pPart the data to get digested and the data's length
914 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
915 * @exception PKCS11Exception If function returns other value than CKR_OK.
916 * @preconditions (pPart <> null)
917 * @postconditions
918 */
919 public native void C_DigestUpdate(long hSession, long directIn, byte[] in,
920 int inOfs, int inLen) throws PKCS11Exception;
921
922
923 /**
924 * C_DigestKey continues a multi-part message-digesting
925 * operation, by digesting the value of a secret key as part of
926 * the data already digested.
927 * (Message digesting)
928 *
929 * @param hSession the session's handle
930 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
931 * @param hKey the handle of the secret key to be digested
932 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
933 * @exception PKCS11Exception If function returns other value than CKR_OK.
934 * @preconditions
935 * @postconditions
936 */
937 public native void C_DigestKey(long hSession, long hKey)
938 throws PKCS11Exception;
939
940
941 /**
942 * C_DigestFinal finishes a multiple-part message-digesting
943 * operation.
944 * (Message digesting)
945 *
946 * @param hSession the session's handle
947 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
948 * @return the message digest and the length of the message digest
949 * (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
950 * @exception PKCS11Exception If function returns other value than CKR_OK.
951 * @preconditions
952 * @postconditions (result <> null)
953 */
954 public native int C_DigestFinal(long hSession, byte[] pDigest, int digestOfs,
955 int digestLen) throws PKCS11Exception;
956
957
958
959 /* *****************************************************************************
960 * Signing and MACing
961 ******************************************************************************/
962
963 /**
964 * C_SignInit initializes a signature (private key encryption)
965 * operation, where the signature is (will be) an appendix to
966 * the data, and plaintext cannot be recovered from the
967 * signature.
968 * (Signing and MACing)
969 *
970 * @param hSession the session's handle
971 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
972 * @param pMechanism the signature mechanism
973 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
974 * @param hKey the handle of the signature key
975 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
976 * @exception PKCS11Exception If function returns other value than CKR_OK.
977 * @preconditions
978 * @postconditions
979 */
980 public native void C_SignInit(long hSession, CK_MECHANISM pMechanism,
981 long hKey) throws PKCS11Exception;
982
983
984 /**
985 * C_Sign signs (encrypts with private key) data in a single
986 * part, where the signature is (will be) an appendix to the
987 * data, and plaintext cannot be recovered from the signature.
988 * (Signing and MACing)
989 *
990 * @param hSession the session's handle
991 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
992 * @param pData the data to sign and the data's length
993 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
994 * @return the signature and the signature's length
995 * (PKCS#11 param: CK_BYTE_PTR pSignature,
996 * CK_ULONG_PTR pulSignatureLen)
997 * @exception PKCS11Exception If function returns other value than CKR_OK.
998 * @preconditions (pData <> null)
999 * @postconditions (result <> null)
1000 */
1001 public native byte[] C_Sign(long hSession, byte[] pData)
1002 throws PKCS11Exception;
1003
1004
1005 /**
1006 * C_SignUpdate continues a multiple-part signature operation,
1007 * where the signature is (will be) an appendix to the data,
1008 * and plaintext cannot be recovered from the signature.
1009 * (Signing and MACing)
1010 *
1011 * @param hSession the session's handle
1012 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1013 * @param pPart the data part to sign and the data part's length
1014 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1015 * @exception PKCS11Exception If function returns other value than CKR_OK.
1016 * @preconditions (pPart <> null)
1017 * @postconditions
1018 */
1019 public native void C_SignUpdate(long hSession, long directIn, byte[] in,
1020 int inOfs, int inLen) throws PKCS11Exception;
1021
1022
1023 /**
1024 * C_SignFinal finishes a multiple-part signature operation,
1025 * returning the signature.
1026 * (Signing and MACing)
1027 *
1028 * @param hSession the session's handle
1029 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1030 * @return the signature and the signature's length
1031 * (PKCS#11 param: CK_BYTE_PTR pSignature,
1032 * CK_ULONG_PTR pulSignatureLen)
1033 * @exception PKCS11Exception If function returns other value than CKR_OK.
1034 * @preconditions
1035 * @postconditions (result <> null)
1036 */
1037 public native byte[] C_SignFinal(long hSession, int expectedLen)
1038 throws PKCS11Exception;
1039
1040
1041 /**
1042 * C_SignRecoverInit initializes a signature operation, where
1043 * the data can be recovered from the signature.
1044 * (Signing and MACing)
1045 *
1046 * @param hSession the session's handle
1047 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1048 * @param pMechanism the signature mechanism
1049 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1050 * @param hKey the handle of the signature key
1051 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1052 * @exception PKCS11Exception If function returns other value than CKR_OK.
1053 * @preconditions
1054 * @postconditions
1055 */
1056 public native void C_SignRecoverInit(long hSession, CK_MECHANISM pMechanism,
1057 long hKey) throws PKCS11Exception;
1058
1059
1060 /**
1061 * C_SignRecover signs data in a single operation, where the
1062 * data can be recovered from the signature.
1063 * (Signing and MACing)
1064 *
1065 * @param hSession the session's handle
1066 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1067 * @param pData the data to sign and the data's length
1068 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
1069 * @return the signature and the signature's length
1070 * (PKCS#11 param: CK_BYTE_PTR pSignature,
1071 * CK_ULONG_PTR pulSignatureLen)
1072 * @exception PKCS11Exception If function returns other value than CKR_OK.
1073 * @preconditions (pData <> null)
1074 * @postconditions (result <> null)
1075 */
1076 public native int C_SignRecover(long hSession, byte[] in, int inOfs,
1077 int inLen, byte[] out, int outOufs, int outLen)
1078 throws PKCS11Exception;
1079
1080
1081
1082 /* *****************************************************************************
1083 * Verifying signatures and MACs
1084 ******************************************************************************/
1085
1086 /**
1087 * C_VerifyInit initializes a verification operation, where the
1088 * signature is an appendix to the data, and plaintext cannot
1089 * cannot be recovered from the signature (e.g. DSA).
1090 * (Signing and MACing)
1091 *
1092 * @param hSession the session's handle
1093 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1094 * @param pMechanism the verification mechanism
1095 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1096 * @param hKey the handle of the verification key
1097 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1098 * @exception PKCS11Exception If function returns other value than CKR_OK.
1099 * @preconditions
1100 * @postconditions
1101 */
1102 public native void C_VerifyInit(long hSession, CK_MECHANISM pMechanism,
1103 long hKey) throws PKCS11Exception;
1104
1105
1106 /**
1107 * C_Verify verifies a signature in a single-part operation,
1108 * where the signature is an appendix to the data, and plaintext
1109 * cannot be recovered from the signature.
1110 * (Signing and MACing)
1111 *
1112 * @param hSession the session's handle
1113 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1114 * @param pData the signed data and the signed data's length
1115 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
1116 * @param pSignature the signature to verify and the signature's length
1117 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
1118 * @exception PKCS11Exception If function returns other value than CKR_OK.
1119 * @preconditions (pData <> null) and (pSignature <> null)
1120 * @postconditions
1121 */
1122 public native void C_Verify(long hSession, byte[] pData, byte[] pSignature)
1123 throws PKCS11Exception;
1124
1125
1126 /**
1127 * C_VerifyUpdate continues a multiple-part verification
1128 * operation, where the signature is an appendix to the data,
1129 * and plaintext cannot be recovered from the signature.
1130 * (Signing and MACing)
1131 *
1132 * @param hSession the session's handle
1133 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1134 * @param pPart the signed data part and the signed data part's length
1135 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1136 * @exception PKCS11Exception If function returns other value than CKR_OK.
1137 * @preconditions (pPart <> null)
1138 * @postconditions
1139 */
1140 public native void C_VerifyUpdate(long hSession, long directIn, byte[] in,
1141 int inOfs, int inLen) throws PKCS11Exception;
1142
1143
1144 /**
1145 * C_VerifyFinal finishes a multiple-part verification
1146 * operation, checking the signature.
1147 * (Signing and MACing)
1148 *
1149 * @param hSession the session's handle
1150 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1151 * @param pSignature the signature to verify and the signature's length
1152 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
1153 * @exception PKCS11Exception If function returns other value than CKR_OK.
1154 * @preconditions (pSignature <> null)
1155 * @postconditions
1156 */
1157 public native void C_VerifyFinal(long hSession, byte[] pSignature)
1158 throws PKCS11Exception;
1159
1160
1161 /**
1162 * C_VerifyRecoverInit initializes a signature verification
1163 * operation, where the data is recovered from the signature.
1164 * (Signing and MACing)
1165 *
1166 * @param hSession the session's handle
1167 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1168 * @param pMechanism the verification mechanism
1169 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1170 * @param hKey the handle of the verification key
1171 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1172 * @exception PKCS11Exception If function returns other value than CKR_OK.
1173 * @preconditions
1174 * @postconditions
1175 */
1176 public native void C_VerifyRecoverInit(long hSession,
1177 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception;
1178
1179
1180 /**
1181 * C_VerifyRecover verifies a signature in a single-part
1182 * operation, where the data is recovered from the signature.
1183 * (Signing and MACing)
1184 *
1185 * @param hSession the session's handle
1186 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1187 * @param pSignature the signature to verify and the signature's length
1188 * (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
1189 * @return the recovered data and the recovered data's length
1190 * (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
1191 * @exception PKCS11Exception If function returns other value than CKR_OK.
1192 * @preconditions (pSignature <> null)
1193 * @postconditions (result <> null)
1194 */
1195 public native int C_VerifyRecover(long hSession, byte[] in, int inOfs,
1196 int inLen, byte[] out, int outOufs, int outLen)
1197 throws PKCS11Exception;
1198
1199
1200
1201 /* *****************************************************************************
1202 * Dual-function cryptographic operations
1203 ******************************************************************************/
1204
1205 /**
1206 * C_DigestEncryptUpdate continues a multiple-part digesting
1207 * and encryption operation.
1208 * (Dual-function cryptographic operations)
1209 *
1210 * @param hSession the session's handle
1211 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1212 * @param pPart the data part to digest and to encrypt and the data's length
1213 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1214 * @return the digested and encrypted data part and the data part's length
1215 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1216 * CK_ULONG_PTR pulEncryptedPartLen)
1217 * @exception PKCS11Exception If function returns other value than CKR_OK.
1218 * @preconditions (pPart <> null)
1219 * @postconditions
1220 */
1221 // public native byte[] C_DigestEncryptUpdate(long hSession, byte[] pPart)
1222 // throws PKCS11Exception;
1223
1224
1225 /**
1226 * C_DecryptDigestUpdate continues a multiple-part decryption and
1227 * digesting operation.
1228 * (Dual-function cryptographic operations)
1229 *
1230 * @param hSession the session's handle
1231 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1232 * @param pEncryptedPart the encrypted data part to decrypt and to digest
1233 * and encrypted data part's length
1234 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1235 * CK_ULONG ulEncryptedPartLen)
1236 * @return the decrypted and digested data part and the data part's length
1237 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
1238 * @exception PKCS11Exception If function returns other value than CKR_OK.
1239 * @preconditions (pEncryptedPart <> null)
1240 * @postconditions
1241 */
1242 // public native byte[] C_DecryptDigestUpdate(long hSession,
1243 // byte[] pEncryptedPart) throws PKCS11Exception;
1244
1245
1246 /**
1247 * C_SignEncryptUpdate continues a multiple-part signing and
1248 * encryption operation.
1249 * (Dual-function cryptographic operations)
1250 *
1251 * @param hSession the session's handle
1252 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1253 * @param pPart the data part to sign and to encrypt and the data part's
1254 * length
1255 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1256 * @return the signed and encrypted data part and the data part's length
1257 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1258 * CK_ULONG_PTR pulEncryptedPartLen)
1259 * @exception PKCS11Exception If function returns other value than CKR_OK.
1260 * @preconditions (pPart <> null)
1261 * @postconditions
1262 */
1263 // public native byte[] C_SignEncryptUpdate(long hSession, byte[] pPart)
1264 // throws PKCS11Exception;
1265
1266
1267 /**
1268 * C_DecryptVerifyUpdate continues a multiple-part decryption and
1269 * verify operation.
1270 * (Dual-function cryptographic operations)
1271 *
1272 * @param hSession the session's handle
1273 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1274 * @param pEncryptedPart the encrypted data part to decrypt and to verify
1275 * and the data part's length
1276 * (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1277 * CK_ULONG ulEncryptedPartLen)
1278 * @return the decrypted and verified data part and the data part's length
1279 * (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
1280 * @exception PKCS11Exception If function returns other value than CKR_OK.
1281 * @preconditions (pEncryptedPart <> null)
1282 * @postconditions
1283 */
1284 // public native byte[] C_DecryptVerifyUpdate(long hSession,
1285 // byte[] pEncryptedPart) throws PKCS11Exception;
1286
1287
1288
1289 /* *****************************************************************************
1290 * Key management
1291 ******************************************************************************/
1292
1293 /**
1294 * C_GenerateKey generates a secret key, creating a new key
1295 * object.
1296 * (Key management)
1297 *
1298 * @param hSession the session's handle
1299 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1300 * @param pMechanism the key generation mechanism
1301 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1302 * @param pTemplate the template for the new key and the number of
1303 * attributes in the template
1304 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
1305 * @return the handle of the new key
1306 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
1307 * @exception PKCS11Exception If function returns other value than CKR_OK.
1308 * @preconditions
1309 * @postconditions
1310 */
1311 public native long C_GenerateKey(long hSession, CK_MECHANISM pMechanism,
1312 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
1313
1314
1315 /**
1316 * C_GenerateKeyPair generates a public-key/private-key pair,
1317 * creating new key objects.
1318 * (Key management)
1319 *
1320 * @param hSession the session's handle
1321 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1322 * @param pMechanism the key generation mechanism
1323 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1324 * @param pPublicKeyTemplate the template for the new public key and the
1325 * number of attributes in the template
1326 * (PKCS#11 param: CK_ATTRIBUTE_PTR pPublicKeyTemplate,
1327 * CK_ULONG ulPublicKeyAttributeCount)
1328 * @param pPrivateKeyTemplate the template for the new private key and the
1329 * number of attributes in the template
1330 * (PKCS#11 param: CK_ATTRIBUTE_PTR pPrivateKeyTemplate
1331 * CK_ULONG ulPrivateKeyAttributeCount)
1332 * @return a long array with exactly two elements and the public key handle
1333 * as the first element and the private key handle as the second
1334 * element
1335 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phPublicKey,
1336 * CK_OBJECT_HANDLE_PTR phPrivateKey)
1337 * @exception PKCS11Exception If function returns other value than CKR_OK.
1338 * @preconditions (pMechanism <> null)
1339 * @postconditions (result <> null) and (result.length == 2)
1340 */
1341 public native long[] C_GenerateKeyPair(long hSession,
1342 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate,
1343 CK_ATTRIBUTE[] pPrivateKeyTemplate) throws PKCS11Exception;
1344
1345
1346
1347 /**
1348 * C_WrapKey wraps (i.e., encrypts) a key.
1349 * (Key management)
1350 *
1351 * @param hSession the session's handle
1352 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1353 * @param pMechanism the wrapping mechanism
1354 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1355 * @param hWrappingKey the handle of the wrapping key
1356 * (PKCS#11 param: CK_OBJECT_HANDLE hWrappingKey)
1357 * @param hKey the handle of the key to be wrapped
1358 * (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1359 * @return the wrapped key and the length of the wrapped key
1360 * (PKCS#11 param: CK_BYTE_PTR pWrappedKey,
1361 * CK_ULONG_PTR pulWrappedKeyLen)
1362 * @exception PKCS11Exception If function returns other value than CKR_OK.
1363 * @preconditions
1364 * @postconditions (result <> null)
1365 */
1366 public native byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism,
1367 long hWrappingKey, long hKey) throws PKCS11Exception;
1368
1369
1370 /**
1371 * C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
1372 * key object.
1373 * (Key management)
1374 *
1375 * @param hSession the session's handle
1376 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1377 * @param pMechanism the unwrapping mechanism
1378 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1379 * @param hUnwrappingKey the handle of the unwrapping key
1380 * (PKCS#11 param: CK_OBJECT_HANDLE hUnwrappingKey)
1381 * @param pWrappedKey the wrapped key to unwrap and the wrapped key's length
1382 * (PKCS#11 param: CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen)
1383 * @param pTemplate the template for the new key and the number of
1384 * attributes in the template
1385 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
1386 * @return the handle of the unwrapped key
1387 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
1388 * @exception PKCS11Exception If function returns other value than CKR_OK.
1389 * @preconditions (pWrappedKey <> null)
1390 * @postconditions
1391 */
1392 public native long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism,
1393 long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate)
1394 throws PKCS11Exception;
1395
1396
1397 /**
1398 * C_DeriveKey derives a key from a base key, creating a new key
1399 * object.
1400 * (Key management)
1401 *
1402 * @param hSession the session's handle
1403 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1404 * @param pMechanism the key derivation mechanism
1405 * (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1406 * @param hBaseKey the handle of the base key
1407 * (PKCS#11 param: CK_OBJECT_HANDLE hBaseKey)
1408 * @param pTemplate the template for the new key and the number of
1409 * attributes in the template
1410 * (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
1411 * @return the handle of the derived key
1412 * (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
1413 * @exception PKCS11Exception If function returns other value than CKR_OK.
1414 * @preconditions
1415 * @postconditions
1416 */
1417 public native long C_DeriveKey(long hSession, CK_MECHANISM pMechanism,
1418 long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
1419
1420
1421
1422 /* *****************************************************************************
1423 * Random number generation
1424 ******************************************************************************/
1425
1426 /**
1427 * C_SeedRandom mixes additional seed material into the token's
1428 * random number generator.
1429 * (Random number generation)
1430 *
1431 * @param hSession the session's handle
1432 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1433 * @param pSeed the seed material and the seed material's length
1434 * (PKCS#11 param: CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen)
1435 * @exception PKCS11Exception If function returns other value than CKR_OK.
1436 * @preconditions (pSeed <> null)
1437 * @postconditions
1438 */
1439 public native void C_SeedRandom(long hSession, byte[] pSeed)
1440 throws PKCS11Exception;
1441
1442
1443 /**
1444 * C_GenerateRandom generates random data.
1445 * (Random number generation)
1446 *
1447 * @param hSession the session's handle
1448 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1449 * @param RandomData receives the random data and the length of RandomData
1450 * is the length of random data to be generated
1451 * (PKCS#11 param: CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen)
1452 * @exception PKCS11Exception If function returns other value than CKR_OK.
1453 * @preconditions (randomData <> null)
1454 * @postconditions
1455 */
1456 public native void C_GenerateRandom(long hSession, byte[] randomData)
1457 throws PKCS11Exception;
1458
1459
1460
1461 /* *****************************************************************************
1462 * Parallel function management
1463 ******************************************************************************/
1464
1465 /**
1466 * C_GetFunctionStatus is a legacy function; it obtains an
1467 * updated status of a function running in parallel with an
1468 * application.
1469 * (Parallel function management)
1470 *
1471 * @param hSession the session's handle
1472 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1473 * @exception PKCS11Exception If function returns other value than CKR_OK.
1474 * @preconditions
1475 * @postconditions
1476 */
1477 // public native void C_GetFunctionStatus(long hSession)
1478 // throws PKCS11Exception;
1479
1480
1481 /**
1482 * C_CancelFunction is a legacy function; it cancels a function
1483 * running in parallel.
1484 * (Parallel function management)
1485 *
1486 * @param hSession the session's handle
1487 * (PKCS#11 param: CK_SESSION_HANDLE hSession)
1488 * @exception PKCS11Exception If function returns other value than CKR_OK.
1489 * @preconditions
1490 * @postconditions
1491 */
1492 // public native void C_CancelFunction(long hSession) throws PKCS11Exception;
1493
1494
1495
1496 /* *****************************************************************************
1497 * Functions added in for Cryptoki Version 2.01 or later
1498 ******************************************************************************/
1499
1500 /**
1501 * C_WaitForSlotEvent waits for a slot event (token insertion,
1502 * removal, etc.) to occur.
1503 * (General-purpose)
1504 *
1505 * @param flags blocking/nonblocking flag
1506 * (PKCS#11 param: CK_FLAGS flags)
1507 * @param pReserved reserved. Should be null
1508 * (PKCS#11 param: CK_VOID_PTR pReserved)
1509 * @return the slot ID where the event occurred
1510 * (PKCS#11 param: CK_SLOT_ID_PTR pSlot)
1511 * @exception PKCS11Exception If function returns other value than CKR_OK.
1512 * @preconditions (pRserved == null)
1513 * @postconditions
1514 */
1515 // public native long C_WaitForSlotEvent(long flags, Object pRserved)
1516 // throws PKCS11Exception;
1517
1518 /**
1519 * Returns the string representation of this object.
1520 *
1521 * @return The string representation of object
1522 */
1523 public String toString() {
1524 return "Module name: " + pkcs11ModulePath;
1525 }
1526
1527 /**
1528 * Calls disconnect() to cleanup the native part of the wrapper. Once this
1529 * method is called, this object cannot be used any longer. Any subsequent
1530 * call to a C_* method will result in a runtime exception.
1531 *
1532 * @exception Throwable If finalization fails.
1533 */
1534 protected void finalize() throws Throwable {
1535 disconnect();
1536 }
1537
1538 // PKCS11 subclass that has all methods synchronized and delegating to the
1539 // parent. Used for tokens that only support single threaded access
1540 static class SynchronizedPKCS11 extends PKCS11 {
1541
1542 SynchronizedPKCS11(String pkcs11ModulePath, String functionListName)
1543 throws IOException {
1544 super(pkcs11ModulePath, functionListName);
1545 }
1546
1547 synchronized void C_Initialize(Object pInitArgs) throws PKCS11Exception {
1548 super.C_Initialize(pInitArgs);
1549 }
1550
1551 public synchronized void C_Finalize(Object pReserved)
1552 throws PKCS11Exception {
1553 super.C_Finalize(pReserved);
1554 }
1555
1556 public synchronized CK_INFO C_GetInfo() throws PKCS11Exception {
1557 return super.C_GetInfo();
1558 }
1559
1560 public synchronized long[] C_GetSlotList(boolean tokenPresent)
1561 throws PKCS11Exception {
1562 return super.C_GetSlotList(tokenPresent);
1563 }
1564
1565 public synchronized CK_SLOT_INFO C_GetSlotInfo(long slotID)
1566 throws PKCS11Exception {
1567 return super.C_GetSlotInfo(slotID);
1568 }
1569
1570 public synchronized CK_TOKEN_INFO C_GetTokenInfo(long slotID)
1571 throws PKCS11Exception {
1572 return super.C_GetTokenInfo(slotID);
1573 }
1574
1575 public synchronized long[] C_GetMechanismList(long slotID)
1576 throws PKCS11Exception {
1577 return super.C_GetMechanismList(slotID);
1578 }
1579
1580 public synchronized CK_MECHANISM_INFO C_GetMechanismInfo(long slotID,
1581 long type) throws PKCS11Exception {
1582 return super.C_GetMechanismInfo(slotID, type);
1583 }
1584
1585 public synchronized long C_OpenSession(long slotID, long flags,
1586 Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception {
1587 return super.C_OpenSession(slotID, flags, pApplication, Notify);
1588 }
1589
1590 public synchronized void C_CloseSession(long hSession)
1591 throws PKCS11Exception {
1592 super.C_CloseSession(hSession);
1593 }
1594
1595 public synchronized CK_SESSION_INFO C_GetSessionInfo(long hSession)
1596 throws PKCS11Exception {
1597 return super.C_GetSessionInfo(hSession);
1598 }
1599
1600 public synchronized void C_Login(long hSession, long userType, char[] pPin)
1601 throws PKCS11Exception {
1602 super.C_Login(hSession, userType, pPin);
1603 }
1604
1605 public synchronized void C_Logout(long hSession) throws PKCS11Exception {
1606 super.C_Logout(hSession);
1607 }
1608
1609 public synchronized long C_CreateObject(long hSession,
1610 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1611 return super.C_CreateObject(hSession, pTemplate);
1612 }
1613
1614 public synchronized long C_CopyObject(long hSession, long hObject,
1615 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1616 return super.C_CopyObject(hSession, hObject, pTemplate);
1617 }
1618
1619 public synchronized void C_DestroyObject(long hSession, long hObject)
1620 throws PKCS11Exception {
1621 super.C_DestroyObject(hSession, hObject);
1622 }
1623
1624 public synchronized void C_GetAttributeValue(long hSession, long hObject,
1625 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1626 super.C_GetAttributeValue(hSession, hObject, pTemplate);
1627 }
1628
1629 public synchronized void C_SetAttributeValue(long hSession, long hObject,
1630 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1631 super.C_SetAttributeValue(hSession, hObject, pTemplate);
1632 }
1633
1634 public synchronized void C_FindObjectsInit(long hSession,
1635 CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1636 super.C_FindObjectsInit(hSession, pTemplate);
1637 }
1638
1639 public synchronized long[] C_FindObjects(long hSession,
1640 long ulMaxObjectCount) throws PKCS11Exception {
1641 return super.C_FindObjects(hSession, ulMaxObjectCount);
1642 }
1643
1644 public synchronized void C_FindObjectsFinal(long hSession)
1645 throws PKCS11Exception {
1646 super.C_FindObjectsFinal(hSession);
1647 }
1648
1649 public synchronized void C_EncryptInit(long hSession,
1650 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1651 super.C_EncryptInit(hSession, pMechanism, hKey);
1652 }
1653
1654 public synchronized int C_Encrypt(long hSession, byte[] in, int inOfs,
1655 int inLen, byte[] out, int outOfs, int outLen)
1656 throws PKCS11Exception {
1657 return super.C_Encrypt(hSession, in, inOfs, inLen, out, outOfs, outLen);
1658 }
1659
1660 public synchronized int C_EncryptUpdate(long hSession, long directIn,
1661 byte[] in, int inOfs, int inLen, long directOut, byte[] out,
1662 int outOfs, int outLen) throws PKCS11Exception {
1663 return super.C_EncryptUpdate(hSession, directIn, in, inOfs, inLen,
1664 directOut, out, outOfs, outLen);
1665 }
1666
1667 public synchronized int C_EncryptFinal(long hSession, long directOut,
1668 byte[] out, int outOfs, int outLen) throws PKCS11Exception {
1669 return super.C_EncryptFinal(hSession, directOut, out, outOfs, outLen);
1670 }
1671
1672 public synchronized void C_DecryptInit(long hSession,
1673 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1674 super.C_DecryptInit(hSession, pMechanism, hKey);
1675 }
1676
1677 public synchronized int C_Decrypt(long hSession, byte[] in, int inOfs,
1678 int inLen, byte[] out, int outOfs, int outLen)
1679 throws PKCS11Exception {
1680 return super.C_Decrypt(hSession, in, inOfs, inLen, out, outOfs, outLen);
1681 }
1682
1683 public synchronized int C_DecryptUpdate(long hSession, long directIn,
1684 byte[] in, int inOfs, int inLen, long directOut, byte[] out,
1685 int outOfs, int outLen) throws PKCS11Exception {
1686 return super.C_DecryptUpdate(hSession, directIn, in, inOfs, inLen,
1687 directOut, out, outOfs, outLen);
1688 }
1689
1690 public synchronized int C_DecryptFinal(long hSession, long directOut,
1691 byte[] out, int outOfs, int outLen) throws PKCS11Exception {
1692 return super.C_DecryptFinal(hSession, directOut, out, outOfs, outLen);
1693 }
1694
1695 public synchronized void C_DigestInit(long hSession, CK_MECHANISM pMechanism)
1696 throws PKCS11Exception {
1697 super.C_DigestInit(hSession, pMechanism);
1698 }
1699
1700 public synchronized int C_DigestSingle(long hSession,
1701 CK_MECHANISM pMechanism, byte[] in, int inOfs, int inLen,
1702 byte[] digest, int digestOfs, int digestLen) throws PKCS11Exception {
1703 return super.C_DigestSingle(hSession, pMechanism, in, inOfs, inLen,
1704 digest, digestOfs, digestLen);
1705 }
1706
1707 public synchronized void C_DigestUpdate(long hSession, long directIn,
1708 byte[] in, int inOfs, int inLen) throws PKCS11Exception {
1709 super.C_DigestUpdate(hSession, directIn, in, inOfs, inLen);
1710 }
1711
1712 public synchronized void C_DigestKey(long hSession, long hKey)
1713 throws PKCS11Exception {
1714 super.C_DigestKey(hSession, hKey);
1715 }
1716
1717 public synchronized int C_DigestFinal(long hSession, byte[] pDigest,
1718 int digestOfs, int digestLen) throws PKCS11Exception {
1719 return super.C_DigestFinal(hSession, pDigest, digestOfs, digestLen);
1720 }
1721
1722 public synchronized void C_SignInit(long hSession, CK_MECHANISM pMechanism,
1723 long hKey) throws PKCS11Exception {
1724 super.C_SignInit(hSession, pMechanism, hKey);
1725 }
1726
1727 public synchronized byte[] C_Sign(long hSession, byte[] pData)
1728 throws PKCS11Exception {
1729 return super.C_Sign(hSession, pData);
1730 }
1731
1732 public synchronized void C_SignUpdate(long hSession, long directIn,
1733 byte[] in, int inOfs, int inLen) throws PKCS11Exception {
1734 super.C_SignUpdate(hSession, directIn, in, inOfs, inLen);
1735 }
1736
1737 public synchronized byte[] C_SignFinal(long hSession, int expectedLen)
1738 throws PKCS11Exception {
1739 return super.C_SignFinal(hSession, expectedLen);
1740 }
1741
1742 public synchronized void C_SignRecoverInit(long hSession,
1743 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1744 super.C_SignRecoverInit(hSession, pMechanism, hKey);
1745 }
1746
1747 public synchronized int C_SignRecover(long hSession, byte[] in, int inOfs,
1748 int inLen, byte[] out, int outOufs, int outLen)
1749 throws PKCS11Exception {
1750 return super.C_SignRecover(hSession, in, inOfs, inLen, out, outOufs,
1751 outLen);
1752 }
1753
1754 public synchronized void C_VerifyInit(long hSession, CK_MECHANISM pMechanism,
1755 long hKey) throws PKCS11Exception {
1756 super.C_VerifyInit(hSession, pMechanism, hKey);
1757 }
1758
1759 public synchronized void C_Verify(long hSession, byte[] pData,
1760 byte[] pSignature) throws PKCS11Exception {
1761 super.C_Verify(hSession, pData, pSignature);
1762 }
1763
1764 public synchronized void C_VerifyUpdate(long hSession, long directIn,
1765 byte[] in, int inOfs, int inLen) throws PKCS11Exception {
1766 super.C_VerifyUpdate(hSession, directIn, in, inOfs, inLen);
1767 }
1768
1769 public synchronized void C_VerifyFinal(long hSession, byte[] pSignature)
1770 throws PKCS11Exception {
1771 super.C_VerifyFinal(hSession, pSignature);
1772 }
1773
1774 public synchronized void C_VerifyRecoverInit(long hSession,
1775 CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1776 super.C_VerifyRecoverInit(hSession, pMechanism, hKey);
1777 }
1778
1779 public synchronized int C_VerifyRecover(long hSession, byte[] in, int inOfs,
1780 int inLen, byte[] out, int outOufs, int outLen)
1781 throws PKCS11Exception {
1782 return super.C_VerifyRecover(hSession, in, inOfs, inLen, out, outOufs,
1783 outLen);
1784 }
1785
1786 public synchronized long C_GenerateKey(long hSession,
1787 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pTemplate)
1788 throws PKCS11Exception {
1789 return super.C_GenerateKey(hSession, pMechanism, pTemplate);
1790 }
1791
1792 public synchronized long[] C_GenerateKeyPair(long hSession,
1793 CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate,
1794 CK_ATTRIBUTE[] pPrivateKeyTemplate)
1795 throws PKCS11Exception {
1796 return super.C_GenerateKeyPair(hSession, pMechanism, pPublicKeyTemplate,
1797 pPrivateKeyTemplate);
1798 }
1799
1800 public synchronized byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism,
1801 long hWrappingKey, long hKey) throws PKCS11Exception {
1802 return super.C_WrapKey(hSession, pMechanism, hWrappingKey, hKey);
1803 }
1804
1805 public synchronized long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism,
1806 long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate)
1807 throws PKCS11Exception {
1808 return super.C_UnwrapKey(hSession, pMechanism, hUnwrappingKey,
1809 pWrappedKey, pTemplate);
1810 }
1811
1812 public synchronized long C_DeriveKey(long hSession, CK_MECHANISM pMechanism,
1813 long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1814 return super.C_DeriveKey(hSession, pMechanism, hBaseKey, pTemplate);
1815 }
1816
1817 public synchronized void C_SeedRandom(long hSession, byte[] pSeed)
1818 throws PKCS11Exception {
1819 super.C_SeedRandom(hSession, pSeed);
1820 }
1821
1822 public synchronized void C_GenerateRandom(long hSession, byte[] randomData)
1823 throws PKCS11Exception {
1824 super.C_GenerateRandom(hSession, randomData);
1825 }
1826 }
1827 }