public class CkiSession
extends java.lang.Object
Modifier | Constructor and Description |
---|---|
protected |
CkiSession(CkiSlot ckiSlot) |
Modifier and Type | Method and Description |
---|---|
void |
close()
Closes the current connection.
|
CkiObject |
createObject(CkiAttributeTemplate ckiAttributeTemplate)
Stores an
object on the PKCS#11 token and returns the CkiObject corresponding to the object. |
byte[] |
decrypt(CkiMechanism mechanism, CkiObject key, byte[] encryptedData)
Decrypts the given data given the algorithm.
|
byte[] |
decryptFinal()
Finalizes the decryption function and returns the remainnig decrypted bytes that were not already computed.
|
void |
decryptInit(CkiMechanism mechanism, CkiObject key)
Initializes this session for performing decryption operations.
|
byte[] |
decryptUpdate(byte[] encryptedData)
Adds the given bytes to the decryption function and returns the decrypted data.
|
CkiObject |
deriveKey(CkiMechanism mechanism, CkiAttributeTemplate ckiAttributeTemplate, CkiObject key)
Derives a key using the given mechanism.
|
byte[] |
digest(CkiMechanism mechanism, byte[] data)
Creates a digest of the specified data.
|
java.lang.Object[] |
digestAndDecryptSSL3(boolean useManagedState, byte[] operationState, byte[] secret, byte[] seqNumb, byte type, byte[] pad1, byte[] pad2, byte[] content, long macSize, CkiMechanism cipherMechanism, CkiMechanism digestMechanism, long blocksize, CkiObject key)
Digest and decrypt data for SSL3 connections.
|
java.lang.Object[] |
digestAndEncryptSSL3(boolean useManagedState, byte[] operationState, byte[] secret, byte[] seqNumb, byte type, byte[] length, byte[] pad1, byte[] pad2, byte[] content, long macSize, CkiMechanism cipherMechanism, CkiMechanism digestMechanism, long blocksize, CkiObject key)
Digest and encrypt data for SSL3 connections.
|
byte[] |
digestFinal()
Finalizes the hashing function and returns the result.
|
void |
digestInit(CkiMechanism mechanism)
Initializes this session for performing hashing operations.
|
void |
digestKey(CkiObject key)
Adds the bytes of the key to the hashing function.
|
void |
digestUpdate(byte[] data)
Adds the given bytes to the hashing function.
|
byte[] |
encrypt(CkiMechanism mechanism, CkiObject key, byte[] data)
Encrypts the given data given the algorithm.
|
byte[] |
encryptFinal()
Finalizes the encryption function and returns the remainnig encrypted bytes that were not already computed.
|
void |
encryptInit(CkiMechanism mechanism, CkiObject key)
Initializes this session for performing encryption operations.
|
byte[] |
encryptUpdate(byte[] data)
Adds the given bytes to the encryption function and returns the encrypted data.
|
void |
finalize()
The
finalize() method is called when the JVM is running the garbage collector. |
CkiObject |
findObject(CkiAttributeTemplate ckiAttributeTemplate)
Creates a new CkiObject corresponding to the object defined by the template on the token.
|
CkiObject |
generateKey(CkiMechanism mechanism, CkiAttributeTemplate ckiAttributeTemplate)
Generates a
SymmetricKey on the PKCS#11 token and returns the keyID corresponding to this key. |
byte[] |
generateKeyPair(CkiMechanism mechanism, CkiAttributeTemplate publicKeyTemplate, CkiAttributeTemplate privateKeyTemplate)
Generates a
KeyPair on the PKCS#11 token and returns the keyID corresponding to these keys. |
byte[] |
generateMAC(byte[] secret, byte[] pad1, byte[] pad2, byte[] label, byte[] content, long macSize, CkiMechanism mech)
Generates the MAC for SSL3 connections.
|
byte[] |
generateMAC(byte[] secret, byte[] seqNumb, byte type, byte[] length, byte[] pad1, byte[] pad2, byte[] content, long macSize, CkiMechanism mech)
Generates the MAC for SSL3 connections.
|
CkiObject |
generateMasterSecret(byte[] clientRandom, byte[] serverRandom, CkiObject preMasterSecret)
Generates the master secret for SSL3 connections.
|
CkiObject |
generateMS(byte[] clientRandom, byte[] serverRandom, CkiObject preMasterSecret)
Generates the master secret for SSL3 connections.
|
byte[] |
generateRandom(long randomLength)
Generates an array of bytes using the random number generator of the token.
|
java.lang.Object[] |
generateSecrets(long objID, long macSize, long keySize, long expKeySize, long ivSize, boolean isExportable, byte[] clientRandom, byte[] serverRandom, CkiObject masterSecret)
Generates the secrets for SSL3 connections.
|
byte[] |
generateSSL3MS(byte[] clientRandom, byte[] serverRandom, byte[] pms)
Generates the master secret for SSL3 connections.
|
java.lang.Object[] |
generateSSL3Secrets(byte[] clientRandom, byte[] serverRandom, long macSize, long keySize, long expKeySize, long ivSize, boolean isExportable, byte[] ms, long keyType, boolean cipherInSoftware)
Generates the secrets for SSL3 connections.
|
CkiAttributeTemplate |
getAttributes(CkiAttributeTemplate ckiAttributeTemplate, CkiObject ckiObject)
Retrieves attributes of an object from the PKCS #11 token.
|
CkiSlot |
getCkiSlot()
Returns the slot corresponding to this session.
|
static CkiSession |
getInstance(CkiSlot ckiSlot)
Creates a new instance of CkiSession on the specified slot.
|
byte[] |
getState()
Gets the state of the token.
|
boolean |
isClosed()
Says if the session is still opened (false) or closed (true).
|
boolean |
isReadOnly()
Says if the session is read only or read/write.
|
void |
login()
Performs a login procedure on the current token.
|
void |
logout()
Performs a logout from the current token.
|
java.util.Enumeration |
objects(CkiAttributeTemplate ckiAttributeTemplate)
Retrieves an
Enumeration of objects from the PKCS #11 token that match the template passed in parameters. |
void |
removeObject(CkiObject ckiObject)
Removes an object from the PKCS #11 token.
|
boolean |
seed(byte[] dataSeed)
Seeds the token for random number generation operations
|
void |
setAttributes(CkiAttributeTemplate ckiAttributeTemplate, CkiObject ckiObject)
Set attributes of an object stored in the PKCS #11 token.
|
void |
setPin(java.lang.String oldPin, java.lang.String pin)
Changes the User pin with the new password.
|
void |
setState(byte[] state)
Sets the state of the token.
|
void |
setState(byte[] state, CkiObject key)
Sets the state of the token.
|
byte[] |
sign(CkiMechanism mechanism, CkiObject key, byte[] data)
Creates a signature from the specified data by digest and signature operation.
|
CkiObject |
unwrap(CkiMechanism mechanism, CkiObject unwrappingKey, byte[] wrappedKey, CkiAttributeTemplate ckiAttributeTemplate)
Unwraps the given data given the algorithm and the unwrapping key.
|
boolean |
verify(CkiMechanism mechanism, CkiObject key, byte[] signature, byte[] data)
Verifies a signature with a given data.
|
byte[] |
wrap(CkiMechanism mechanism, CkiObject wrappingKey, CkiObject key)
Wraps the given key given the algorithm and the wrapping key.
|
protected CkiSession(CkiSlot ckiSlot) throws CryptokiException
CryptokiException
public static CkiSession getInstance(CkiSlot ckiSlot) throws CryptokiException
ckiSlot
- The CkiSlot object representing the slot where the session will be opened.CryptokiException
public void close() throws CryptokiException
CryptokiException
public void login() throws CryptokiException
CryptokiException
public void logout() throws CryptokiException
CryptokiException
public void setPin(java.lang.String oldPin, java.lang.String pin) throws CryptokiException
oldPin
- The old passwordpin
- The new passwordCryptokiException
public boolean isReadOnly()
public boolean isClosed()
public CkiSlot getCkiSlot()
public void finalize()
finalize()
method is called when the JVM is running the garbage collector. This method will close the session if it has not been closed already.finalize
in class java.lang.Object
public CkiObject findObject(CkiAttributeTemplate ckiAttributeTemplate) throws CryptokiException
ckiAttributeTemplate
- The template used to find the key.CryptokiException
public byte[] generateKeyPair(CkiMechanism mechanism, CkiAttributeTemplate publicKeyTemplate, CkiAttributeTemplate privateKeyTemplate) throws CryptokiException
Generates a KeyPair
on the PKCS#11 token and returns the keyID corresponding to these keys.
mechanism
- The CkiMechanism to use to generate the key pair.publicKeyTemplate
- The template of the public key.privateKeyTemplate
- The template of the private key.CryptokiException
public CkiObject generateKey(CkiMechanism mechanism, CkiAttributeTemplate ckiAttributeTemplate) throws CryptokiException
Generates a SymmetricKey
on the PKCS#11 token and returns the keyID corresponding to this key.
mechanism
- The mechanism template to use for the creation of the symmetric key.ckiAttributeTemplate
- The template of the key. It must at least contain the size of the key if it is required by the mechanism.CryptokiException
public CkiObject deriveKey(CkiMechanism mechanism, CkiAttributeTemplate ckiAttributeTemplate, CkiObject key) throws CryptokiException
mechanism
- The mechanism to use for deriving the key.ckiAttributeTemplate
- The template used to create the new keykey
- The key to derive.CryptokiException
public CkiObject createObject(CkiAttributeTemplate ckiAttributeTemplate) throws CryptokiException
Stores an object
on the PKCS#11 token and returns the CkiObject corresponding to the object.
ckiAttributeTemplate
- The template containing the attributes of the object to import.CryptokiException
public void removeObject(CkiObject ckiObject) throws CryptokiException
ckiObject
- The CkiObject ot be removed.CryptokiException
public java.util.Enumeration objects(CkiAttributeTemplate ckiAttributeTemplate) throws CryptokiException
Enumeration
of objects from the PKCS #11 token that match the template passed in parameters.ckiAttributeTemplate
- The template used for searching the objects.CryptokiException
public CkiAttributeTemplate getAttributes(CkiAttributeTemplate ckiAttributeTemplate, CkiObject ckiObject) throws CryptokiException
ckiAttributeTemplate
- The attributes to be retrieved.ckiObject
- The CkiObject corresponding to the object to get the attributes from.CryptokiException
public void setAttributes(CkiAttributeTemplate ckiAttributeTemplate, CkiObject ckiObject) throws CryptokiException
ckiAttributeTemplate
- The attributes to be set.ckiObject
- The CkiObject corresponding to the object to set the attributes.CryptokiException
public byte[] digest(CkiMechanism mechanism, byte[] data) throws CryptokiException
mechanism
- The digest function to use.data
- The data used to create the digestCryptokiException
public void digestInit(CkiMechanism mechanism) throws CryptokiException
mechanism
- The mechanism representing the message digest function to perform.CryptokiException
public void digestUpdate(byte[] data) throws CryptokiException
data
- The data to add to the hashing function.CryptokiException
public void digestKey(CkiObject key) throws CryptokiException
key
- The handle of the key representing the bytes to add to the hashing function.CryptokiException
public byte[] digestFinal() throws CryptokiException
CryptokiException
public byte[] sign(CkiMechanism mechanism, CkiObject key, byte[] data) throws CryptokiException
mechanism
- The digest function and the signature function to use.key
- The key to use for the creation of the signature.data
- The data used to create the signature.CryptokiException
public boolean verify(CkiMechanism mechanism, CkiObject key, byte[] signature, byte[] data) throws CryptokiException
mechanism
- The hashing function and the signature function to use.key
- The key to use for the verification of the signature.signature
- The signature to verify.data
- The data to compare to the signature.CryptokiException
public byte[] encrypt(CkiMechanism mechanism, CkiObject key, byte[] data) throws CryptokiException
mechanism
- The encryption function to use.key
- The key to use for the encryption (public key for key pair encryption).data
- The data to encrypt.CryptokiException
public void encryptInit(CkiMechanism mechanism, CkiObject key) throws CryptokiException
mechanism
- The mechanism representing the encryption function to perform.key
- The key to use for the encryption operations.CryptokiException
public byte[] encryptUpdate(byte[] data) throws CryptokiException
data
- The data to add to the encryption function.CryptokiException
public byte[] encryptFinal() throws CryptokiException
CryptokiException
public byte[] decrypt(CkiMechanism mechanism, CkiObject key, byte[] encryptedData) throws CryptokiException
mechanism
- The decryption function to use.key
- The key to use for the decryption (private key for key pair encryption)encryptedData
- The encryptedData to decryptCryptokiException
public void decryptInit(CkiMechanism mechanism, CkiObject key) throws CryptokiException
mechanism
- The mechanism representing the decryption function to perform.key
- The key to use for the decryption operations.CryptokiException
public byte[] decryptUpdate(byte[] encryptedData) throws CryptokiException
encryptedData
- The encrypted data to add to the decryption function.CryptokiException
public byte[] decryptFinal() throws CryptokiException
CryptokiException
public byte[] wrap(CkiMechanism mechanism, CkiObject wrappingKey, CkiObject key) throws CryptokiException
mechanism
- The wrapping function to use.wrappingKey
- The key to use for the wrapping.key
- The key to wrap.CryptokiException
public CkiObject unwrap(CkiMechanism mechanism, CkiObject unwrappingKey, byte[] wrappedKey, CkiAttributeTemplate ckiAttributeTemplate) throws CryptokiException
mechanism
- The unwrapping function to use.unwrappingKey
- The key to use for the unwrapping.wrappedKey
- The wrapped key to unwrap.ckiAttributeTemplate
- The template used for the storage of the unwrapped key.CryptokiException
public boolean seed(byte[] dataSeed) throws CryptokiException
dataSeed
- The data that will be used for the seeding.CryptokiException
public byte[] generateRandom(long randomLength) throws CryptokiException
randomLength
- The number of bytes to be generated.CryptokiException
public byte[] getState() throws CryptokiException
CryptokiException
public void setState(byte[] state) throws CryptokiException
state
- The array of bytes representing the state of the token.CryptokiException
public void setState(byte[] state, CkiObject key) throws CryptokiException
state
- The array of bytes representing the state of the token.key
- A handle to a key on the token.CryptokiException
public CkiObject generateMasterSecret(byte[] clientRandom, byte[] serverRandom, CkiObject preMasterSecret) throws CryptokiException
CryptokiException
public CkiObject generateMS(byte[] clientRandom, byte[] serverRandom, CkiObject preMasterSecret) throws CryptokiException
CryptokiException
public java.lang.Object[] generateSecrets(long objID, long macSize, long keySize, long expKeySize, long ivSize, boolean isExportable, byte[] clientRandom, byte[] serverRandom, CkiObject masterSecret) throws CryptokiException
CryptokiException
public byte[] generateSSL3MS(byte[] clientRandom, byte[] serverRandom, byte[] pms) throws CryptokiException
CryptokiException
public java.lang.Object[] generateSSL3Secrets(byte[] clientRandom, byte[] serverRandom, long macSize, long keySize, long expKeySize, long ivSize, boolean isExportable, byte[] ms, long keyType, boolean cipherInSoftware) throws CryptokiException
CryptokiException
public byte[] generateMAC(byte[] secret, byte[] seqNumb, byte type, byte[] length, byte[] pad1, byte[] pad2, byte[] content, long macSize, CkiMechanism mech) throws CryptokiException
CryptokiException
public byte[] generateMAC(byte[] secret, byte[] pad1, byte[] pad2, byte[] label, byte[] content, long macSize, CkiMechanism mech) throws CryptokiException
CryptokiException
public java.lang.Object[] digestAndEncryptSSL3(boolean useManagedState, byte[] operationState, byte[] secret, byte[] seqNumb, byte type, byte[] length, byte[] pad1, byte[] pad2, byte[] content, long macSize, CkiMechanism cipherMechanism, CkiMechanism digestMechanism, long blocksize, CkiObject key) throws CryptokiException
CryptokiException
public java.lang.Object[] digestAndDecryptSSL3(boolean useManagedState, byte[] operationState, byte[] secret, byte[] seqNumb, byte type, byte[] pad1, byte[] pad2, byte[] content, long macSize, CkiMechanism cipherMechanism, CkiMechanism digestMechanism, long blocksize, CkiObject key) throws CryptokiException
CryptokiException