public class CkiSlotManager
extends java.lang.Object
CkiSlotManager slotManager = CkiSlotManager.getDefaultCkiSlotManager(); slotManager.addSlot(new CkiSlotManager.OperationType(AlgID.rsaWithEncryption), slot1); // RSA operations will be done on slot1. slotManager.addSlot(new CkiSlotManager.OperationType(AlgID.dsa), slot2); // DSA operations will be done on slot2. slotManager.setDefaultSlot(slot3); // other operations will be done on slot3. CkiSlotManager.setDefaultCkiSlotManager(slotManager);
CkiParams params = new CkiParams("PhaosLib", 0 , "1234"); params.setMapMessageDigest(false); params.setMapSymmetricCipher(false); params.setManagedState(true); // useful in case of a limited number of sessions.This method initializes the Cryptoki environment by loading the native library in correspondance to the libraryName. It then accesses the slot represented by the slotNumber, retrieves the cryptographic operations supported by the token and registers them with the CkiOIDManager using the
CkiSlotManager.initializeCryptoki(params);
CkiParams
object.CkiParams
object will be performed on hardware devices while the other operations will still be performed by the Phaos Security Engine.
For example, before the call to CkiSlotManager.initializeCryptoki, the method
Signature.getInstance(AlgID.md5WithRSAEncryption);returns a RSAMDSignature object, and the signature process is performed by the software. After the initialization of the Cryptoki library (assuming that the token supports the generation of MD5_RSA signatures), the same method call returns a CkiSignature object, and the signature process is perfomed in hardware.
Another example: before the call to CkiSlotManager.initializeCryptoki, the method
Cipher.getInstance(AlgID.desECB, key);returns a DES object, and the encryption/decryption process is performed by the software. After the initialization of the Cryptoki library, the operation will still be performed in software, even if the algorithm is suppored on the token, because the symmetric ciphers were not set up to be mapped in the
CkiParams
object.
So if an application is using the methods Signature.getInstance, Cipher.getInstance, MessageDigest.getInstance, DiffieHellman.getInstance, KeyPairGenerator.getInstance, SymmetricKeyGenerator.getInstance
for creating objects, this application will only need to call initializeCryptoki
to perform most of the operations on hardware.
Modifier and Type | Class and Description |
---|---|
static class |
CkiSlotManager.OperationType
A class used for mapping operation to slot.
|
Constructor and Description |
---|
CkiSlotManager()
Empty constructor.
|
CkiSlotManager(CkiSlot defaultSlot)
Creates a new CkiSlotManager, setting the default slot for this new object.
|
CkiSlotManager(CkiSlotManager parent)
Creates a new CkiSlotManager with a chained parent.
|
CkiSlotManager(java.lang.String defaultLibName, int defaultSlotNum, CkiAuthenticator authenticator)
Creates a new CkiSlotManager, setting the default slot for this new object.
|
CkiSlotManager(java.lang.String defaultLibName, int defaultSlotNum, java.lang.String pin)
Creates a new CkiSlotManager, setting the default slot for this new object.
|
Modifier and Type | Method and Description |
---|---|
void |
addSlot(CkiSlotManager.OperationType type, CkiSlot slot)
Maps a slot to an operation type.
|
void |
addSlot(CkiSlotManager.OperationType type, java.lang.String libName, int slotNum, CkiAuthenticator authenticator)
Maps a slot to an operation type.
|
void |
addSlot(CkiSlotManager.OperationType type, java.lang.String libName, int slotNum, java.lang.String pin)
Maps a slot to an operation type.
|
CkiMgtSession |
getCkiMgtSession(CkiSlot slot)
Create a CkiMgtSession on the given CkiSlot.
|
CkiMgtSession |
getCkiMgtSession(CkiSlotManager.OperationType type)
Returns a CkiMgtSession where functions corresponding to the operation type will be performed.
|
static CkiParams |
getCkiParams() |
CkiSession |
getCkiSession(CkiSlot slot)
Create a CkiSession on the given CkiSlot.
|
CkiSession |
getCkiSession(CkiSlotManager.OperationType type)
Returns a CkiSession where functions corresponding to the operation type will be performed.
|
static CkiSlotManager |
getDefaultCkiSlotManager()
Gets the default CkiSlotManager for this application.
|
CkiSlot |
getDefaultSlot()
Returns the default slot for this CkiSlotManager object.
|
CkiEventManager |
getEventManager()
Returns the CkiEventManager of this CkiSlotManager.
|
CkiSlotManager |
getParent()
Returns the parent of this CkiSlotManager.
|
CkiSlot |
getSlot(CkiSlotManager.OperationType type)
Returns a CkiSlot where functions corresponding to the operation type will be performed.
|
static CkiSlotManager |
initializeCryptoki(CkiParams params)
Initializes the Cryptoki library and makes the necessary mapping with the Phaos Security Engine.
|
static CkiSlotManager |
initializeCryptoki(java.lang.String defaultLibName, int defaultSlotNum, java.lang.String pin)
Initializes the Cryptoki library and makes the necessary mapping with the Phaos Security Engine.
|
static void |
setDefaultCkiSlotManager(CkiSlotManager defaultSlotManager)
Sets the default CkiSlotManager for this application.
|
void |
setDefaultSlot(CkiSlot defaultSlot)
Sets the default slot for this CkiSlotManager object.
|
void |
setDefaultSlot(java.lang.String defaultLibName, int defaultSlotNum, CkiAuthenticator authenticator)
Sets the default slot for this CkiSlotManager object.
|
void |
setDefaultSlot(java.lang.String defaultLibName, int defaultSlotNum, java.lang.String pin)
Sets the default slot for this CkiSlotManager object.
|
void |
setEventManager(CkiEventManager eventManager)
Sets the CkiEventManager for this CkiSlotManager to use when an error is occuring during a creation of a CkiSession.
|
void |
setParent(CkiSlotManager parent)
Sets the parent of this slotManager.
|
public CkiSlotManager()
public CkiSlotManager(CkiSlotManager parent)
parent
- The CkiSlotManager parent to use.public CkiSlotManager(java.lang.String defaultLibName, int defaultSlotNum, java.lang.String pin) throws CryptokiException
defaultLibName
- The library name corresponding to the default slot.defaultSlotNum
- The default slot number.pin
- The secret pin of the default slot. A BasicCkiAuthenticator object will be used within the default slot to store the pin.CryptokiException
public CkiSlotManager(java.lang.String defaultLibName, int defaultSlotNum, CkiAuthenticator authenticator) throws CryptokiException
defaultLibName
- The library name corresponding to the default slot.defaultSlotNum
- The default slot number.authenticator
- The CkiAuthenticator object to use with the default slot during the authentication process.CryptokiException
public CkiSlotManager(CkiSlot defaultSlot) throws CryptokiException
defaultSlot
- The default slot to use.CryptokiException
public static void setDefaultCkiSlotManager(CkiSlotManager defaultSlotManager)
defaultSlotManager
- The CkiSlotManager to use by default.public static CkiSlotManager getDefaultCkiSlotManager()
public void setEventManager(CkiEventManager eventManager)
eventManager
- The CkiEventManager to use.public CkiEventManager getEventManager()
public static CkiSlotManager initializeCryptoki(java.lang.String defaultLibName, int defaultSlotNum, java.lang.String pin) throws CryptokiException
defaultLibName
- The library name corresponding to the default slot.defaultSlotNum
- The default slot number.pin
- The secret pin of the default slot. A BasicCkiAuthenticator object will be used within the default slot to store the pin.CryptokiException
public static CkiSlotManager initializeCryptoki(CkiParams params) throws CryptokiException
params
- The CkiParams
that contains the necessary information to set up the Cryptoki layer.CryptokiException
public static CkiParams getCkiParams()
public void setDefaultSlot(java.lang.String defaultLibName, int defaultSlotNum, java.lang.String pin) throws CryptokiException
defaultLibName
- The library name corresponding to the default slot.defaultSlotNum
- The default slot number.pin
- The secret pin of the default slot. A BasicCkiAuthenticator object will be used within the default slot to store the pin.CryptokiException
public void setDefaultSlot(java.lang.String defaultLibName, int defaultSlotNum, CkiAuthenticator authenticator) throws CryptokiException
defaultLibName
- The library name corresponding to the default slot.defaultSlotNum
- The default slot number.authenticator
- The CkiAuthenticator object to use with the default slot during the authentication process.CryptokiException
public void setDefaultSlot(CkiSlot defaultSlot)
defaultSlot
- The default slot to use.public CkiSlot getDefaultSlot()
public void addSlot(CkiSlotManager.OperationType type, java.lang.String libName, int slotNum, java.lang.String pin) throws CryptokiException
type
- The operation type to perform onto the given slot.libName
- The library name corresponding to the slot.slotNum
- The slot number.pin
- The secret pin of the slot. A BasicCkiAuthenticator object will be used within the slot to store the pin.CryptokiException
public void addSlot(CkiSlotManager.OperationType type, java.lang.String libName, int slotNum, CkiAuthenticator authenticator) throws CryptokiException
type
- The operation type to perform onto the given slot.libName
- The library name corresponding to the slot.slotNum
- The slot number.authenticator
- The CkiAuthenticator object to use with the slot during the authentication process.CryptokiException
public void addSlot(CkiSlotManager.OperationType type, CkiSlot slot)
type
- The operation type to perform onto the given slot.slot
- The slot to use.public CkiSlot getSlot(CkiSlotManager.OperationType type)
type
- The operation type.public CkiSession getCkiSession(CkiSlotManager.OperationType type)
type
- The operation type.public CkiSession getCkiSession(CkiSlot slot) throws CryptokiException
slot
- The slot where the session will be opened.CryptokiException
public CkiMgtSession getCkiMgtSession(CkiSlotManager.OperationType type)
type
- The operation type.public CkiMgtSession getCkiMgtSession(CkiSlot slot) throws CryptokiException
slot
- The slot where the session will be opened.CryptokiException
public CkiSlotManager getParent()
public void setParent(CkiSlotManager parent)
parent
- The CkiSlotManager to use as a parent for this object.