IAIK PKCS#11 Wrapper
version 1.5

iaik.pkcs.pkcs11.wrapper
Interface PKCS11

All Known Implementing Classes:
PKCS11Implementation

public interface PKCS11

If the underlaying PKCS#11 function retuns CK_OK, the method returns normally. If the return value of the underlying function is not CK_OK, it throws PKCS11Exception with the return value as error code.

Author:
Karl Scheibelhofer

Method Summary
 void C_CancelFunction(long hSession)
          C_CancelFunction is a legacy function; it cancels a function running in parallel.
 void C_CloseAllSessions(long slotID)
          C_CloseAllSessions closes all sessions with a token.
 void C_CloseSession(long hSession)
          C_CloseSession closes a session between an application and a token.
 long C_CopyObject(long hSession, long hObject, CK_ATTRIBUTE[] pTemplate, boolean useUtf8)
          C_CopyObject copies an object, creating a new object for the copy.
 long C_CreateObject(long hSession, CK_ATTRIBUTE[] pTemplate, boolean useUtf8)
          C_CreateObject creates a new object.
 byte[] C_Decrypt(long hSession, byte[] pEncryptedData)
          C_Decrypt decrypts encrypted data in a single part.
 byte[] C_DecryptDigestUpdate(long hSession, byte[] pEncryptedPart)
          C_DecryptDigestUpdate continues a multiple-part decryption and digesting operation.
 byte[] C_DecryptFinal(long hSession)
          C_DecryptFinal finishes a multiple-part decryption operation.
 void C_DecryptInit(long hSession, CK_MECHANISM pMechanism, long hKey, boolean useUtf8)
          C_DecryptInit initializes a decryption operation.
 byte[] C_DecryptUpdate(long hSession, byte[] pEncryptedPart)
          C_DecryptUpdate continues a multiple-part decryption operation.
 byte[] C_DecryptVerifyUpdate(long hSession, byte[] pEncryptedPart)
          C_DecryptVerifyUpdate continues a multiple-part decryption and verify operation.
 long C_DeriveKey(long hSession, CK_MECHANISM pMechanism, long hBaseKey, CK_ATTRIBUTE[] pTemplate, boolean useUtf8)
          C_DeriveKey derives a key from a base key, creating a new key object.
 void C_DestroyObject(long hSession, long hObject)
          C_DestroyObject destroys an object.
 byte[] C_Digest(long hSession, byte[] data)
          C_Digest digests data in a single part.
 byte[] C_DigestEncryptUpdate(long hSession, byte[] pPart)
          C_DigestEncryptUpdate continues a multiple-part digesting and encryption operation.
 byte[] C_DigestFinal(long hSession)
          C_DigestFinal finishes a multiple-part message-digesting operation.
 void C_DigestInit(long hSession, CK_MECHANISM pMechanism, boolean useUtf8)
          C_DigestInit initializes a message-digesting operation.
 void C_DigestKey(long hSession, long hKey)
          C_DigestKey continues a multi-part message-digesting operation, by digesting the value of a secret key as part of the data already digested.
 void C_DigestUpdate(long hSession, byte[] pPart)
          C_DigestUpdate continues a multiple-part message-digesting operation.
 byte[] C_Encrypt(long hSession, byte[] pData)
          C_Encrypt encrypts single-part data.
 byte[] C_EncryptFinal(long hSession)
          C_EncryptFinal finishes a multiple-part encryption operation.
 void C_EncryptInit(long hSession, CK_MECHANISM pMechanism, long hKey, boolean useUtf8)
          C_EncryptInit initializes an encryption operation.
 byte[] C_EncryptUpdate(long hSession, byte[] pPart)
          C_EncryptUpdate continues a multiple-part encryption operation.
 void C_Finalize(java.lang.Object pReserved)
          C_Finalize indicates that an application is done with the Cryptoki library (General-purpose)
 long[] C_FindObjects(long hSession, long ulMaxObjectCount)
          C_FindObjects continues a search for token and session objects that match a template, obtaining additional object handles.
 void C_FindObjectsFinal(long hSession)
          C_FindObjectsFinal finishes a search for token and session objects.
 void C_FindObjectsInit(long hSession, CK_ATTRIBUTE[] pTemplate, boolean useUtf8)
          C_FindObjectsInit initializes a search for token and session objects that match a template.
 long C_GenerateKey(long hSession, CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pTemplate, boolean useUtf8)
          C_GenerateKey generates a secret key, creating a new key object.
 long[] C_GenerateKeyPair(long hSession, CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate, CK_ATTRIBUTE[] pPrivateKeyTemplate, boolean useUtf8)
          C_GenerateKeyPair generates a public native-key/private-key pair, creating new key objects.
 void C_GenerateRandom(long hSession, byte[] randomData)
          C_GenerateRandom generates random data.
 void C_GetAttributeValue(long hSession, long hObject, CK_ATTRIBUTE[] pTemplate, boolean useUtf8)
          C_GetAttributeValue obtains the value of one or more object attributes.
 void C_GetFunctionStatus(long hSession)
          C_GetFunctionStatus is a legacy function; it obtains an updated status of a function running in parallel with an application.
 CK_INFO C_GetInfo()
          C_GetInfo returns general information about Cryptoki.
 CK_MECHANISM_INFO C_GetMechanismInfo(long slotID, long type)
          C_GetMechanismInfo obtains information about a particular mechanism possibly supported by a token.
 long[] C_GetMechanismList(long slotID)
          C_GetMechanismList obtains a list of mechanism types supported by a token.
 long C_GetObjectSize(long hSession, long hObject)
          C_GetObjectSize gets the size of an object in bytes.
 byte[] C_GetOperationState(long hSession)
          C_GetOperationState obtains the state of the cryptographic operation in a session.
 CK_SESSION_INFO C_GetSessionInfo(long hSession)
          C_GetSessionInfo obtains information about the session.
 CK_SLOT_INFO C_GetSlotInfo(long slotID)
          C_GetSlotInfo obtains information about a particular slot in the system.
 long[] C_GetSlotList(boolean tokenPresent)
          C_GetSlotList obtains a list of slots in the system.
 CK_TOKEN_INFO C_GetTokenInfo(long slotID)
          C_GetTokenInfo obtains information about a particular token in the system.
 void C_Initialize(java.lang.Object pInitArgs, boolean useUtf8)
          C_Initialize initializes the Cryptoki library.
 void C_InitPIN(long hSession, char[] pPin, boolean useUtf8)
          C_InitPIN initializes the normal user's PIN.
 void C_InitToken(long slotID, char[] pPin, char[] pLabel, boolean useUtf8)
          C_InitToken initializes a token.
 void C_Login(long hSession, long userType, char[] pPin, boolean useUtf8)
          C_Login logs a user into a token.
 void C_Logout(long hSession)
          C_Logout logs a user out from a token.
 long C_OpenSession(long slotID, long flags, java.lang.Object pApplication, CK_NOTIFY Notify)
          C_OpenSession opens a session between an application and a token.
 void C_SeedRandom(long hSession, byte[] pSeed)
          C_SeedRandom mixes additional seed material into the token's random number generator.
 void C_SetAttributeValue(long hSession, long hObject, CK_ATTRIBUTE[] pTemplate, boolean useUtf8)
          C_SetAttributeValue modifies the value of one or more object attributes (Object management)
 void C_SetOperationState(long hSession, byte[] pOperationState, long hEncryptionKey, long hAuthenticationKey)
          C_SetOperationState restores the state of the cryptographic operation in a session.
 void C_SetPIN(long hSession, char[] pOldPin, char[] pNewPin, boolean useUtf8)
          C_SetPIN modifies the PIN of the user who is logged in.
 byte[] C_Sign(long hSession, byte[] pData)
          C_Sign signs (encrypts with private key) data in a single part, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
 byte[] C_SignEncryptUpdate(long hSession, byte[] pPart)
          C_SignEncryptUpdate continues a multiple-part signing and encryption operation.
 byte[] C_SignFinal(long hSession)
          C_SignFinal finishes a multiple-part signature operation, returning the signature.
 void C_SignInit(long hSession, CK_MECHANISM pMechanism, long hKey, boolean useUtf8)
          C_SignInit initializes a signature (private key encryption) operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
 byte[] C_SignRecover(long hSession, byte[] pData)
          C_SignRecover signs data in a single operation, where the data can be recovered from the signature.
 void C_SignRecoverInit(long hSession, CK_MECHANISM pMechanism, long hKey, boolean useUtf8)
          C_SignRecoverInit initializes a signature operation, where the data can be recovered from the signature.
 void C_SignUpdate(long hSession, byte[] pPart)
          C_SignUpdate continues a multiple-part signature operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.
 long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism, long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate, boolean useUtf8)
          C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object.
 void C_Verify(long hSession, byte[] pData, byte[] pSignature)
          C_Verify verifies a signature in a single-part operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
 void C_VerifyFinal(long hSession, byte[] pSignature)
          C_VerifyFinal finishes a multiple-part verification operation, checking the signature.
 void C_VerifyInit(long hSession, CK_MECHANISM pMechanism, long hKey, boolean useUtf8)
          C_VerifyInit initializes a verification operation, where the signature is an appendix to the data, and plaintext cannot cannot be recovered from the signature (e.g.
 byte[] C_VerifyRecover(long hSession, byte[] pSignature)
          C_VerifyRecover verifies a signature in a single-part operation, where the data is recovered from the signature.
 void C_VerifyRecoverInit(long hSession, CK_MECHANISM pMechanism, long hKey, boolean useUtf8)
          C_VerifyRecoverInit initializes a signature verification operation, where the data is recovered from the signature.
 void C_VerifyUpdate(long hSession, byte[] pPart)
          C_VerifyUpdate continues a multiple-part verification operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.
 long C_WaitForSlotEvent(long flags, java.lang.Object pReserved)
          C_WaitForSlotEvent waits for a slot event (token insertion, removal, etc.) to occur.
 byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism, long hWrappingKey, long hKey, boolean useUtf8)
          C_WrapKey wraps (i.e., encrypts) a key.
 void finalize()
          This method can be used to cleanup this object.
 

Method Detail

C_Initialize

public void C_Initialize(java.lang.Object pInitArgs,
                         boolean useUtf8)
                  throws PKCS11Exception
C_Initialize initializes the Cryptoki library. (General-purpose)
Parameters:
pInitArgs - if pInitArgs is not NULL it gets casted to CK_C_INITIALIZE_ARGS_PTR and dereferenced (PKCS#11 param: CK_VOID_PTR pInitArgs)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_Finalize

public void C_Finalize(java.lang.Object pReserved)
                throws PKCS11Exception
C_Finalize indicates that an application is done with the Cryptoki library (General-purpose)
Parameters:
pReserved - is reserved. Should be NULL_PTR (PKCS#11 param: CK_VOID_PTR pReserved)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_GetInfo

public CK_INFO C_GetInfo()
                  throws PKCS11Exception
C_GetInfo returns general information about Cryptoki. (General-purpose)
Returns:
the information. (PKCS#11 param: CK_INFO_PTR pInfo)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_GetSlotList

public long[] C_GetSlotList(boolean tokenPresent)
                     throws PKCS11Exception
C_GetSlotList obtains a list of slots in the system. (Slot and token management)
Parameters:
tokenPresent - if true only Slot IDs with a token are returned (PKCS#11 param: CK_BBOOL tokenPresent)
Returns:
a long array of slot IDs and number of Slot IDs (PKCS#11 param: CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_GetSlotInfo

public CK_SLOT_INFO C_GetSlotInfo(long slotID)
                           throws PKCS11Exception
C_GetSlotInfo obtains information about a particular slot in the system. (Slot and token management)
Parameters:
slotID - the ID of the slot (PKCS#11 param: CK_SLOT_ID slotID)
Returns:
the slot information (PKCS#11 param: CK_SLOT_INFO_PTR pInfo)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_GetTokenInfo

public CK_TOKEN_INFO C_GetTokenInfo(long slotID)
                             throws PKCS11Exception
C_GetTokenInfo obtains information about a particular token in the system. (Slot and token management)
Parameters:
slotID - ID of the token's slot (PKCS#11 param: CK_SLOT_ID slotID)
Returns:
the token information (PKCS#11 param: CK_TOKEN_INFO_PTR pInfo)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_GetMechanismList

public long[] C_GetMechanismList(long slotID)
                          throws PKCS11Exception
C_GetMechanismList obtains a list of mechanism types supported by a token. (Slot and token management)
Parameters:
slotID - ID of the token's slot (PKCS#11 param: CK_SLOT_ID slotID)
Returns:
a long array of mechanism types and number of mechanism types (PKCS#11 param: CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pulCount)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_GetMechanismInfo

public CK_MECHANISM_INFO C_GetMechanismInfo(long slotID,
                                            long type)
                                     throws PKCS11Exception
C_GetMechanismInfo obtains information about a particular mechanism possibly supported by a token. (Slot and token management)
Parameters:
slotID - ID of the token's slot (PKCS#11 param: CK_SLOT_ID slotID)
type - type of mechanism (PKCS#11 param: CK_MECHANISM_TYPE type)
Returns:
the mechanism info (PKCS#11 param: CK_MECHANISM_INFO_PTR pInfo)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_InitToken

public void C_InitToken(long slotID,
                        char[] pPin,
                        char[] pLabel,
                        boolean useUtf8)
                 throws PKCS11Exception
C_InitToken initializes a token. (Slot and token management)
Parameters:
slotID - ID of the token's slot (PKCS#11 param: CK_SLOT_ID slotID)
pPin - the SO's initial PIN and the length in bytes of the PIN (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
pLabel - 32-byte token label (blank padded) (PKCS#11 param: CK_UTF8CHAR_PTR pLabel)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_InitPIN

public void C_InitPIN(long hSession,
                      char[] pPin,
                      boolean useUtf8)
               throws PKCS11Exception
C_InitPIN initializes the normal user's PIN. (Slot and token management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pPin - the normal user's PIN and the length in bytes of the PIN (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_SetPIN

public void C_SetPIN(long hSession,
                     char[] pOldPin,
                     char[] pNewPin,
                     boolean useUtf8)
              throws PKCS11Exception
C_SetPIN modifies the PIN of the user who is logged in. (Slot and token management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pOldPin - the old PIN and the length of the old PIN (PKCS#11 param: CK_CHAR_PTR pOldPin, CK_ULONG ulOldLen)
pNewPin - the new PIN and the length of the new PIN (PKCS#11 param: CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen)
patchPin - if pin should be changed from ASCII to UTF8 encoding in case of incorrect pin
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_OpenSession

public long C_OpenSession(long slotID,
                          long flags,
                          java.lang.Object pApplication,
                          CK_NOTIFY Notify)
                   throws PKCS11Exception
C_OpenSession opens a session between an application and a token. (Session management)
Parameters:
slotID - the slot's ID (PKCS#11 param: CK_SLOT_ID slotID)
flags - of CK_SESSION_INFO (PKCS#11 param: CK_FLAGS flags)
pApplication - passed to callback (PKCS#11 param: CK_VOID_PTR pApplication)
Notify - the callback function (PKCS#11 param: CK_NOTIFY Notify)
Returns:
the session handle (PKCS#11 param: CK_SESSION_HANDLE_PTR phSession)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_CloseSession

public void C_CloseSession(long hSession)
                    throws PKCS11Exception
C_CloseSession closes a session between an application and a token. (Session management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_CloseAllSessions

public void C_CloseAllSessions(long slotID)
                        throws PKCS11Exception
C_CloseAllSessions closes all sessions with a token. (Session management)
Parameters:
slotID - the ID of the token's slot (PKCS#11 param: CK_SLOT_ID slotID)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_GetSessionInfo

public CK_SESSION_INFO C_GetSessionInfo(long hSession)
                                 throws PKCS11Exception
C_GetSessionInfo obtains information about the session. (Session management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
Returns:
the session info (PKCS#11 param: CK_SESSION_INFO_PTR pInfo)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_GetOperationState

public byte[] C_GetOperationState(long hSession)
                           throws PKCS11Exception
C_GetOperationState obtains the state of the cryptographic operation in a session. (Session management)
Parameters:
hSession - session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
Returns:
the state and the state length (PKCS#11 param: CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_SetOperationState

public void C_SetOperationState(long hSession,
                                byte[] pOperationState,
                                long hEncryptionKey,
                                long hAuthenticationKey)
                         throws PKCS11Exception
C_SetOperationState restores the state of the cryptographic operation in a session. (Session management)
Parameters:
hSession - session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pOperationState - the state and the state length (PKCS#11 param: CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen)
hEncryptionKey - en/decryption key (PKCS#11 param: CK_OBJECT_HANDLE hEncryptionKey)
hAuthenticationKey - sign/verify key (PKCS#11 param: CK_OBJECT_HANDLE hAuthenticationKey)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_Login

public void C_Login(long hSession,
                    long userType,
                    char[] pPin,
                    boolean useUtf8)
             throws PKCS11Exception
C_Login logs a user into a token. (Session management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
userType - the user type (PKCS#11 param: CK_USER_TYPE userType)
pPin - the user's PIN and the length of the PIN (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
patchPin - if pin should be changed from ASCII to UTF8 encoding in case of incorrect pin
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_Logout

public void C_Logout(long hSession)
              throws PKCS11Exception
C_Logout logs a user out from a token. (Session management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_CreateObject

public long C_CreateObject(long hSession,
                           CK_ATTRIBUTE[] pTemplate,
                           boolean useUtf8)
                    throws PKCS11Exception
C_CreateObject creates a new object. (Object management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pTemplate - the object's template and number of attributes in template (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
Returns:
the object's handle (PKCS#11 param: CK_OBJECT_HANDLE_PTR phObject)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_CopyObject

public long C_CopyObject(long hSession,
                         long hObject,
                         CK_ATTRIBUTE[] pTemplate,
                         boolean useUtf8)
                  throws PKCS11Exception
C_CopyObject copies an object, creating a new object for the copy. (Object management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
hObject - the object's handle (PKCS#11 param: CK_OBJECT_HANDLE hObject)
pTemplate - the template for the new object and number of attributes in template (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
Returns:
the handle of the copy (PKCS#11 param: CK_OBJECT_HANDLE_PTR phNewObject)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_DestroyObject

public void C_DestroyObject(long hSession,
                            long hObject)
                     throws PKCS11Exception
C_DestroyObject destroys an object. (Object management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
hObject - the object's handle (PKCS#11 param: CK_OBJECT_HANDLE hObject)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_GetObjectSize

public long C_GetObjectSize(long hSession,
                            long hObject)
                     throws PKCS11Exception
C_GetObjectSize gets the size of an object in bytes. (Object management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
hObject - the object's handle (PKCS#11 param: CK_OBJECT_HANDLE hObject)
Returns:
the size of the object (PKCS#11 param: CK_ULONG_PTR pulSize)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_GetAttributeValue

public void C_GetAttributeValue(long hSession,
                                long hObject,
                                CK_ATTRIBUTE[] pTemplate,
                                boolean useUtf8)
                         throws PKCS11Exception
C_GetAttributeValue obtains the value of one or more object attributes. The template attributes also receive the values. (Object management) note: in PKCS#11 pTemplate and the result template are the same
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
hObject - the object's handle (PKCS#11 param: CK_OBJECT_HANDLE hObject)
pTemplate - Specifies the attributes and number of attributes to get. The template attributes also receive the values. (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_SetAttributeValue

public void C_SetAttributeValue(long hSession,
                                long hObject,
                                CK_ATTRIBUTE[] pTemplate,
                                boolean useUtf8)
                         throws PKCS11Exception
C_SetAttributeValue modifies the value of one or more object attributes (Object management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
hObject - the object's handle (PKCS#11 param: CK_OBJECT_HANDLE hObject)
pTemplate - specifies the attributes and values to get; number of attributes in the template (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_FindObjectsInit

public void C_FindObjectsInit(long hSession,
                              CK_ATTRIBUTE[] pTemplate,
                              boolean useUtf8)
                       throws PKCS11Exception
C_FindObjectsInit initializes a search for token and session objects that match a template. (Object management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pTemplate - the object's attribute values to match and the number of attributes in search template (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_FindObjects

public long[] C_FindObjects(long hSession,
                            long ulMaxObjectCount)
                     throws PKCS11Exception
C_FindObjects continues a search for token and session objects that match a template, obtaining additional object handles. (Object management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
ulMaxObjectCount - the max. object handles to get (PKCS#11 param: CK_ULONG ulMaxObjectCount)
Returns:
the object's handles and the actual number of objects returned (PKCS#11 param: CK_ULONG_PTR pulObjectCount)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_FindObjectsFinal

public void C_FindObjectsFinal(long hSession)
                        throws PKCS11Exception
C_FindObjectsFinal finishes a search for token and session objects. (Object management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_EncryptInit

public void C_EncryptInit(long hSession,
                          CK_MECHANISM pMechanism,
                          long hKey,
                          boolean useUtf8)
                   throws PKCS11Exception
C_EncryptInit initializes an encryption operation. (Encryption and decryption)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pMechanism - the encryption mechanism (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
hKey - the handle of the encryption key (PKCS#11 param: CK_OBJECT_HANDLE hKey)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_Encrypt

public byte[] C_Encrypt(long hSession,
                        byte[] pData)
                 throws PKCS11Exception
C_Encrypt encrypts single-part data. (Encryption and decryption)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pData - the data to get encrypted and the data's length (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
Returns:
the encrypted data and the encrypted data's length (PKCS#11 param: CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_EncryptUpdate

public byte[] C_EncryptUpdate(long hSession,
                              byte[] pPart)
                       throws PKCS11Exception
C_EncryptUpdate continues a multiple-part encryption operation. (Encryption and decryption)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pPart - the data part to get encrypted and the data part's length (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
Returns:
the encrypted data part and the encrypted data part's length (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_EncryptFinal

public byte[] C_EncryptFinal(long hSession)
                      throws PKCS11Exception
C_EncryptFinal finishes a multiple-part encryption operation. (Encryption and decryption)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
Returns:
the last encrypted data part and the last data part's length (PKCS#11 param: CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pulLastEncryptedPartLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_DecryptInit

public void C_DecryptInit(long hSession,
                          CK_MECHANISM pMechanism,
                          long hKey,
                          boolean useUtf8)
                   throws PKCS11Exception
C_DecryptInit initializes a decryption operation. (Encryption and decryption)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pMechanism - the decryption mechanism (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
hKey - the handle of the decryption key (PKCS#11 param: CK_OBJECT_HANDLE hKey)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_Decrypt

public byte[] C_Decrypt(long hSession,
                        byte[] pEncryptedData)
                 throws PKCS11Exception
C_Decrypt decrypts encrypted data in a single part. (Encryption and decryption)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pEncryptedData - the encrypted data to get decrypted and the encrypted data's length (PKCS#11 param: CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen)
Returns:
the decrypted data and the data's length (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_DecryptUpdate

public byte[] C_DecryptUpdate(long hSession,
                              byte[] pEncryptedPart)
                       throws PKCS11Exception
C_DecryptUpdate continues a multiple-part decryption operation. (Encryption and decryption)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pEncryptedPart - the encrypted data part to get decrypted and the encrypted data part's length (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen)
Returns:
the decrypted data part and the data part's length (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_DecryptFinal

public byte[] C_DecryptFinal(long hSession)
                      throws PKCS11Exception
C_DecryptFinal finishes a multiple-part decryption operation. (Encryption and decryption)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
Returns:
the last decrypted data part and the last data part's length (PKCS#11 param: CK_BYTE_PTR pLastPart, CK_ULONG_PTR pulLastPartLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_DigestInit

public void C_DigestInit(long hSession,
                         CK_MECHANISM pMechanism,
                         boolean useUtf8)
                  throws PKCS11Exception
C_DigestInit initializes a message-digesting operation. (Message digesting)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pMechanism - the digesting mechanism (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_Digest

public byte[] C_Digest(long hSession,
                       byte[] data)
                throws PKCS11Exception
C_Digest digests data in a single part. (Message digesting)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
data - the data to get digested and the data's length (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
Returns:
the message digest and the length of the message digest (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_DigestUpdate

public void C_DigestUpdate(long hSession,
                           byte[] pPart)
                    throws PKCS11Exception
C_DigestUpdate continues a multiple-part message-digesting operation. (Message digesting)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pPart - the data to get digested and the data's length (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_DigestKey

public void C_DigestKey(long hSession,
                        long hKey)
                 throws PKCS11Exception
C_DigestKey continues a multi-part message-digesting operation, by digesting the value of a secret key as part of the data already digested. (Message digesting)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
hKey - the handle of the secret key to be digested (PKCS#11 param: CK_OBJECT_HANDLE hKey)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_DigestFinal

public byte[] C_DigestFinal(long hSession)
                     throws PKCS11Exception
C_DigestFinal finishes a multiple-part message-digesting operation. (Message digesting)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
Returns:
the message digest and the length of the message digest (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_SignInit

public void C_SignInit(long hSession,
                       CK_MECHANISM pMechanism,
                       long hKey,
                       boolean useUtf8)
                throws PKCS11Exception
C_SignInit initializes a signature (private key encryption) operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature. (Signing and MACing)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pMechanism - the signature mechanism (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
hKey - the handle of the signature key (PKCS#11 param: CK_OBJECT_HANDLE hKey)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_Sign

public byte[] C_Sign(long hSession,
                     byte[] pData)
              throws PKCS11Exception
C_Sign signs (encrypts with private key) data in a single part, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature. (Signing and MACing)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pData - the data to sign and the data's length (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
Returns:
the signature and the signature's length (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_SignUpdate

public void C_SignUpdate(long hSession,
                         byte[] pPart)
                  throws PKCS11Exception
C_SignUpdate continues a multiple-part signature operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature. (Signing and MACing)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pPart - the data part to sign and the data part's length (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_SignFinal

public byte[] C_SignFinal(long hSession)
                   throws PKCS11Exception
C_SignFinal finishes a multiple-part signature operation, returning the signature. (Signing and MACing)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
Returns:
the signature and the signature's length (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_SignRecoverInit

public void C_SignRecoverInit(long hSession,
                              CK_MECHANISM pMechanism,
                              long hKey,
                              boolean useUtf8)
                       throws PKCS11Exception
C_SignRecoverInit initializes a signature operation, where the data can be recovered from the signature. (Signing and MACing)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pMechanism - the signature mechanism (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
hKey - the handle of the signature key (PKCS#11 param: CK_OBJECT_HANDLE hKey)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_SignRecover

public byte[] C_SignRecover(long hSession,
                            byte[] pData)
                     throws PKCS11Exception
C_SignRecover signs data in a single operation, where the data can be recovered from the signature. (Signing and MACing)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pData - the data to sign and the data's length (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
Returns:
the signature and the signature's length (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_VerifyInit

public void C_VerifyInit(long hSession,
                         CK_MECHANISM pMechanism,
                         long hKey,
                         boolean useUtf8)
                  throws PKCS11Exception
C_VerifyInit initializes a verification operation, where the signature is an appendix to the data, and plaintext cannot cannot be recovered from the signature (e.g. DSA). (Signing and MACing)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pMechanism - the verification mechanism (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
hKey - the handle of the verification key (PKCS#11 param: CK_OBJECT_HANDLE hKey)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_Verify

public void C_Verify(long hSession,
                     byte[] pData,
                     byte[] pSignature)
              throws PKCS11Exception
C_Verify verifies a signature in a single-part operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature. (Signing and MACing)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pData - the signed data and the signed data's length (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
pSignature - the signature to verify and the signature's length (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_VerifyUpdate

public void C_VerifyUpdate(long hSession,
                           byte[] pPart)
                    throws PKCS11Exception
C_VerifyUpdate continues a multiple-part verification operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature. (Signing and MACing)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pPart - the signed data part and the signed data part's length (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_VerifyFinal

public void C_VerifyFinal(long hSession,
                          byte[] pSignature)
                   throws PKCS11Exception
C_VerifyFinal finishes a multiple-part verification operation, checking the signature. (Signing and MACing)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pSignature - the signature to verify and the signature's length (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_VerifyRecoverInit

public void C_VerifyRecoverInit(long hSession,
                                CK_MECHANISM pMechanism,
                                long hKey,
                                boolean useUtf8)
                         throws PKCS11Exception
C_VerifyRecoverInit initializes a signature verification operation, where the data is recovered from the signature. (Signing and MACing)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pMechanism - the verification mechanism (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
hKey - the handle of the verification key (PKCS#11 param: CK_OBJECT_HANDLE hKey)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_VerifyRecover

public byte[] C_VerifyRecover(long hSession,
                              byte[] pSignature)
                       throws PKCS11Exception
C_VerifyRecover verifies a signature in a single-part operation, where the data is recovered from the signature. (Signing and MACing)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pSignature - the signature to verify and the signature's length (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
Returns:
the recovered data and the recovered data's length (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_DigestEncryptUpdate

public byte[] C_DigestEncryptUpdate(long hSession,
                                    byte[] pPart)
                             throws PKCS11Exception
C_DigestEncryptUpdate continues a multiple-part digesting and encryption operation. (Dual-function cryptographic operations)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pPart - the data part to digest and to encrypt and the data's length (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
Returns:
the digested and encrypted data part and the data part's length (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_DecryptDigestUpdate

public byte[] C_DecryptDigestUpdate(long hSession,
                                    byte[] pEncryptedPart)
                             throws PKCS11Exception
C_DecryptDigestUpdate continues a multiple-part decryption and digesting operation. (Dual-function cryptographic operations)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pEncryptedPart - the encrypted data part to decrypt and to digest and encrypted data part's length (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen)
Returns:
the decrypted and digested data part and the data part's length (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_SignEncryptUpdate

public byte[] C_SignEncryptUpdate(long hSession,
                                  byte[] pPart)
                           throws PKCS11Exception
C_SignEncryptUpdate continues a multiple-part signing and encryption operation. (Dual-function cryptographic operations)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pPart - the data part to sign and to encrypt and the data part's length (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
Returns:
the signed and encrypted data part and the data part's length (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_DecryptVerifyUpdate

public byte[] C_DecryptVerifyUpdate(long hSession,
                                    byte[] pEncryptedPart)
                             throws PKCS11Exception
C_DecryptVerifyUpdate continues a multiple-part decryption and verify operation. (Dual-function cryptographic operations)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pEncryptedPart - the encrypted data part to decrypt and to verify and the data part's length (PKCS#11 param: CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen)
Returns:
the decrypted and verified data part and the data part's length (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_GenerateKey

public long C_GenerateKey(long hSession,
                          CK_MECHANISM pMechanism,
                          CK_ATTRIBUTE[] pTemplate,
                          boolean useUtf8)
                   throws PKCS11Exception
C_GenerateKey generates a secret key, creating a new key object. (Key management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pMechanism - the key generation mechanism (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
pTemplate - the template for the new key and the number of attributes in the template (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
Returns:
the handle of the new key (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_GenerateKeyPair

public long[] C_GenerateKeyPair(long hSession,
                                CK_MECHANISM pMechanism,
                                CK_ATTRIBUTE[] pPublicKeyTemplate,
                                CK_ATTRIBUTE[] pPrivateKeyTemplate,
                                boolean useUtf8)
                         throws PKCS11Exception
C_GenerateKeyPair generates a public native-key/private-key pair, creating new key objects. (Key management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pMechanism - the key generation mechanism (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
pPublicKeyTemplate - the template for the new public key and the number of attributes in the template (PKCS#11 param: CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount)
pPrivateKeyTemplate - the template for the new private key and the number of attributes in the template (PKCS#11 param: CK_ATTRIBUTE_PTR pPrivateKeyTemplate CK_ULONG ulPrivateKeyAttributeCount)
Returns:
a long array with exactly two elements and the public key handle as the first element and the private key handle as the second element (PKCS#11 param: CK_OBJECT_HANDLE_PTR phPublicKey, CK_OBJECT_HANDLE_PTR phPrivateKey)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_WrapKey

public byte[] C_WrapKey(long hSession,
                        CK_MECHANISM pMechanism,
                        long hWrappingKey,
                        long hKey,
                        boolean useUtf8)
                 throws PKCS11Exception
C_WrapKey wraps (i.e., encrypts) a key. (Key management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pMechanism - the wrapping mechanism (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
hWrappingKey - the handle of the wrapping key (PKCS#11 param: CK_OBJECT_HANDLE hWrappingKey)
hKey - the handle of the key to be wrapped (PKCS#11 param: CK_OBJECT_HANDLE hKey)
Returns:
the wrapped key and the length of the wrapped key (PKCS#11 param: CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_UnwrapKey

public long C_UnwrapKey(long hSession,
                        CK_MECHANISM pMechanism,
                        long hUnwrappingKey,
                        byte[] pWrappedKey,
                        CK_ATTRIBUTE[] pTemplate,
                        boolean useUtf8)
                 throws PKCS11Exception
C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. (Key management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pMechanism - the unwrapping mechanism (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
hUnwrappingKey - the handle of the unwrapping key (PKCS#11 param: CK_OBJECT_HANDLE hUnwrappingKey)
pWrappedKey - the wrapped key to unwrap and the wrapped key's length (PKCS#11 param: CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen)
pTemplate - the template for the new key and the number of attributes in the template (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
Returns:
the handle of the unwrapped key (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_DeriveKey

public long C_DeriveKey(long hSession,
                        CK_MECHANISM pMechanism,
                        long hBaseKey,
                        CK_ATTRIBUTE[] pTemplate,
                        boolean useUtf8)
                 throws PKCS11Exception
C_DeriveKey derives a key from a base key, creating a new key object. (Key management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pMechanism - the key derivation mechanism (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
hBaseKey - the handle of the base key (PKCS#11 param: CK_OBJECT_HANDLE hBaseKey)
pTemplate - the template for the new key and the number of attributes in the template (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
Returns:
the handle of the derived key (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_SeedRandom

public void C_SeedRandom(long hSession,
                         byte[] pSeed)
                  throws PKCS11Exception
C_SeedRandom mixes additional seed material into the token's random number generator. (Random number generation)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
pSeed - the seed material and the seed material's length (PKCS#11 param: CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_GenerateRandom

public void C_GenerateRandom(long hSession,
                             byte[] randomData)
                      throws PKCS11Exception
C_GenerateRandom generates random data. (Random number generation)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
randomData - receives the random data and the length of RandomData is the length of random data to be generated (PKCS#11 param: CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_GetFunctionStatus

public void C_GetFunctionStatus(long hSession)
                         throws PKCS11Exception
C_GetFunctionStatus is a legacy function; it obtains an updated status of a function running in parallel with an application. (Parallel function management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_CancelFunction

public void C_CancelFunction(long hSession)
                      throws PKCS11Exception
C_CancelFunction is a legacy function; it cancels a function running in parallel. (Parallel function management)
Parameters:
hSession - the session's handle (PKCS#11 param: CK_SESSION_HANDLE hSession)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

C_WaitForSlotEvent

public long C_WaitForSlotEvent(long flags,
                               java.lang.Object pReserved)
                        throws PKCS11Exception
C_WaitForSlotEvent waits for a slot event (token insertion, removal, etc.) to occur. (General-purpose)
Parameters:
flags - blocking/nonblocking flag (PKCS#11 param: CK_FLAGS flags)
pReserved - reserved. Should be null (PKCS#11 param: CK_VOID_PTR pReserved)
Returns:
the slot ID where the event occured (PKCS#11 param: CK_SLOT_ID_PTR pSlot)
Throws:
PKCS11Exception - If function returns other value than CKR_OK.

finalize

public void finalize()
              throws java.lang.Throwable
This method can be used to cleanup this object. Made public to enable explicit cleanup, because garbage collection using System.gc() does not always collect the free object immediately.
Overrides:
finalize in class java.lang.Object
Throws:
java.lang.Throwable - If finalization fails.

IAIK PKCS#11 Wrapper
version 1.5

IAIK JavaSecurity Website http://jce.iaik.tugraz.at/

IAIK at Graz University of Technology, Austria, Europe
Copyright 2001-2004, IAIK, Graz University of Technology, Inffeldgasse 16a, 8010 Graz, Austria. All Rights Reserved.
version 1.5