functions.java

java 实现的签名方案

   */
  public static int hashCode(CK_DATE date) {
    int hash = 0;

    if (date != null) {
      if (date.year.length == 4) {
        hash ^= ((int) (0xFFFF & date.year[0])) << 16;
        hash ^= (int) (0xFFFF & date.year[1]);
        hash ^= ((int) (0xFFFF & date.year[2])) << 16;
        hash ^= (int) (0xFFFF & date.year[3]);
      }
      if (date.month.length == 2) {
        hash ^= ((int) (0xFFFF & date.month[0])) << 16;
        hash ^= (int) (0xFFFF & date.month[1]);
      }
      if (date.day.length == 2) {
        hash ^= ((int) (0xFFFF & date.day[0])) << 16;
        hash ^= (int) (0xFFFF & date.day[1]);
      }
    }

    return hash ;
  }

  /**
   * This method checks, if the mechanism with the given code is a full
   * encrypt/decrypt mechanism; i.e. it supports the encryptUpdate()
   * and decryptUpdate() functions.
   * This is the information as provided by the table on page 229
   * of the PKCS#11 v2.11 standard.
   * If this method returns true, the mechanism can be used with the encrypt and
   * decrypt functions including encryptUpdate and decryptUpdate.
   *
   * @param mechanismCode The code of the mechanism to check.
   * @return True, if the provided mechanism is a full encrypt/decrypt
   *         mechanism. False, otherwise.
   * @preconditions
   * @postconditions
   */
  public static boolean isFullEncryptDecryptMechanism(long mechanismCode) {
    // build the hashtable on demand (=first use)
    if (fullEncryptDecryptMechanisms_ == null) {
      Hashtable fullEncryptDecryptMechanisms = new Hashtable();
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_RC2_ECB), PKCS11Constants.NAME_CKM_RC2_ECB);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_RC2_CBC), PKCS11Constants.NAME_CKM_RC2_CBC);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_RC2_CBC_PAD), PKCS11Constants.NAME_CKM_RC2_CBC_PAD);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_RC4), PKCS11Constants.NAME_CKM_RC4);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_DES_ECB), PKCS11Constants.NAME_CKM_DES_ECB);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_DES_CBC), PKCS11Constants.NAME_CKM_DES_CBC);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_DES_CBC_PAD), PKCS11Constants.NAME_CKM_DES_CBC_PAD);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_DES3_ECB), PKCS11Constants.NAME_CKM_DES3_ECB);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_DES3_CBC), PKCS11Constants.NAME_CKM_DES3_CBC);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_DES3_CBC_PAD), PKCS11Constants.NAME_CKM_DES3_CBC_PAD);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_CDMF_ECB), PKCS11Constants.NAME_CKM_CDMF_ECB);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_CDMF_CBC), PKCS11Constants.NAME_CKM_CDMF_CBC);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_CDMF_CBC_PAD), PKCS11Constants.NAME_CKM_CDMF_CBC_PAD);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_CAST_ECB), PKCS11Constants.NAME_CKM_CAST_ECB);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_CAST_CBC), PKCS11Constants.NAME_CKM_CAST_CBC);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_CAST_CBC_PAD), PKCS11Constants.NAME_CKM_CAST_CBC_PAD);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_CAST3_ECB), PKCS11Constants.NAME_CKM_CAST3_ECB);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_CAST3_CBC), PKCS11Constants.NAME_CKM_CAST3_CBC);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_CAST3_CBC_PAD), PKCS11Constants.NAME_CKM_CAST3_CBC_PAD);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_CAST5_ECB), PKCS11Constants.NAME_CKM_CAST5_ECB);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_CAST128_ECB), PKCS11Constants.NAME_CKM_CAST128_ECB);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_CAST5_CBC), PKCS11Constants.NAME_CKM_CAST5_CBC);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_CAST128_CBC), PKCS11Constants.NAME_CKM_CAST128_CBC);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_CAST5_CBC_PAD), PKCS11Constants.NAME_CKM_CAST5_CBC_PAD);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_CAST128_CBC_PAD), PKCS11Constants.NAME_CKM_CAST128_CBC_PAD);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_RC5_ECB), PKCS11Constants.NAME_CKM_RC5_ECB);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_RC5_CBC), PKCS11Constants.NAME_CKM_RC5_CBC);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_RC5_CBC_PAD), PKCS11Constants.NAME_CKM_RC5_CBC_PAD);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_AES_ECB), PKCS11Constants.NAME_CKM_AES_ECB);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_AES_CBC), PKCS11Constants.NAME_CKM_AES_CBC);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_AES_CBC_PAD), PKCS11Constants.NAME_CKM_AES_CBC_PAD);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_IDEA_ECB), PKCS11Constants.NAME_CKM_IDEA_ECB);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_IDEA_CBC), PKCS11Constants.NAME_CKM_IDEA_CBC);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_IDEA_CBC_PAD), PKCS11Constants.NAME_CKM_IDEA_CBC_PAD);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_SKIPJACK_ECB64), PKCS11Constants.NAME_CKM_SKIPJACK_ECB64);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_SKIPJACK_CBC64), PKCS11Constants.NAME_CKM_SKIPJACK_CBC64);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_SKIPJACK_OFB64), PKCS11Constants.NAME_CKM_SKIPJACK_OFB64);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_SKIPJACK_CFB64), PKCS11Constants.NAME_CKM_SKIPJACK_CFB64);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_SKIPJACK_CFB32), PKCS11Constants.NAME_CKM_SKIPJACK_CFB32);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_SKIPJACK_CFB16), PKCS11Constants.NAME_CKM_SKIPJACK_CFB16);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_SKIPJACK_CFB8), PKCS11Constants.NAME_CKM_SKIPJACK_CFB8);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_BATON_ECB128), PKCS11Constants.NAME_CKM_BATON_ECB128);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_BATON_ECB96), PKCS11Constants.NAME_CKM_BATON_ECB96);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_BATON_CBC128), PKCS11Constants.NAME_CKM_BATON_CBC128);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_BATON_COUNTER), PKCS11Constants.NAME_CKM_BATON_COUNTER);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_BATON_SHUFFLE), PKCS11Constants.NAME_CKM_BATON_SHUFFLE);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_JUNIPER_ECB128), PKCS11Constants.NAME_CKM_JUNIPER_ECB128);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_JUNIPER_CBC128), PKCS11Constants.NAME_CKM_JUNIPER_CBC128);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_JUNIPER_COUNTER), PKCS11Constants.NAME_CKM_JUNIPER_COUNTER);
      fullEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_JUNIPER_SHUFFLE), PKCS11Constants.NAME_CKM_JUNIPER_SHUFFLE);
      fullEncryptDecryptMechanisms_ = fullEncryptDecryptMechanisms;
    }

    return fullEncryptDecryptMechanisms_.containsKey(new Long(mechanismCode))  ;
  }

  /**
   * This method checks, if the mechanism with the given code is a
   * single-operation encrypt/decrypt mechanism; i.e. it does not support the
   * encryptUpdate() and decryptUpdate() functions.
   * This is the information as provided by the table on page 229
   * of the PKCS#11 v2.11 standard.
   * If this method returns true, the mechanism can be used with the encrypt and
   * decrypt functions excluding encryptUpdate and decryptUpdate.
   *
   * @param mechanismCode The code of the mechanism to check.
   * @return True, if the provided mechanism is a single-operation
   *         encrypt/decrypt mechanism. False, otherwise.
   * @preconditions
   * @postconditions
   */
  public static boolean isSingleOperationEncryptDecryptMechanism(long mechanismCode) {
    // build the hashtable on demand (=first use)
    if (singleOperationEncryptDecryptMechanisms_ == null) {
      Hashtable singleOperationEncryptDecryptMechanisms = new Hashtable();
      singleOperationEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_RSA_PKCS), PKCS11Constants.NAME_CKM_RSA_PKCS);
      singleOperationEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_RSA_PKCS_OAEP), PKCS11Constants.NAME_CKM_RSA_PKCS_OAEP);
      singleOperationEncryptDecryptMechanisms.put(new Long(PKCS11Constants.CKM_RSA_X_509), PKCS11Constants.NAME_CKM_RSA_X_509);
      singleOperationEncryptDecryptMechanisms_ = singleOperationEncryptDecryptMechanisms;
    }

    return singleOperationEncryptDecryptMechanisms_.containsKey(new Long(mechanismCode))  ;
  }

  /**
   * This method checks, if the mechanism with the given code is a full
   * sign/verify mechanism; i.e. it supports the signUpdate()
   * and verifyUpdate() functions.
   * This is the information as provided by the table on page 229
   * of the PKCS#11 v2.11 standard.
   * If this method returns true, the mechanism can be used with the sign and
   * verify functions including signUpdate and verifyUpdate.
   *
   * @param mechanismCode The code of the mechanism to check.
   * @return True, if the provided mechanism is a full sign/verify
   *         mechanism. False, otherwise.
   * @preconditions
   * @postconditions
   */
  public static boolean isFullSignVerifyMechanism(long mechanismCode) {
    // build the hashtable on demand (=first use)
    if (fullSignVerifyMechanisms_ == null) {
      Hashtable fullSignVerifyMechanisms = new Hashtable();
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_MD2_RSA_PKCS), PKCS11Constants.NAME_CKM_MD2_RSA_PKCS);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_MD5_RSA_PKCS), PKCS11Constants.NAME_CKM_MD5_RSA_PKCS);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_SHA1_RSA_PKCS), PKCS11Constants.NAME_CKM_SHA1_RSA_PKCS);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_RIPEMD128_RSA_PKCS), PKCS11Constants.NAME_CKM_RIPEMD128_RSA_PKCS);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_RIPEMD160_RSA_PKCS), PKCS11Constants.NAME_CKM_RIPEMD160_RSA_PKCS);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_SHA1_RSA_PKCS_PSS), PKCS11Constants.NAME_CKM_SHA1_RSA_PKCS_PSS);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_SHA1_RSA_X9_31), PKCS11Constants.NAME_CKM_SHA1_RSA_X9_31);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_DSA_SHA1), PKCS11Constants.NAME_CKM_DSA_SHA1);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_RC2_MAC), PKCS11Constants.NAME_CKM_RC2_MAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_RC2_MAC_GENERAL), PKCS11Constants.NAME_CKM_RC2_MAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_DES_MAC), PKCS11Constants.NAME_CKM_DES_MAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_DES_MAC_GENERAL), PKCS11Constants.NAME_CKM_DES_MAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_DES3_MAC), PKCS11Constants.NAME_CKM_DES3_MAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_DES3_MAC_GENERAL), PKCS11Constants.NAME_CKM_DES3_MAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_CDMF_MAC), PKCS11Constants.NAME_CKM_CDMF_MAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_CDMF_MAC_GENERAL), PKCS11Constants.NAME_CKM_CDMF_MAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_MD2_HMAC), PKCS11Constants.NAME_CKM_MD2_HMAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_MD2_HMAC_GENERAL), PKCS11Constants.NAME_CKM_MD2_HMAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_MD5_HMAC), PKCS11Constants.NAME_CKM_MD5_HMAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_MD5_HMAC_GENERAL), PKCS11Constants.NAME_CKM_MD5_HMAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_SHA_1_HMAC), PKCS11Constants.NAME_CKM_SHA_1_HMAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_SHA_1_HMAC_GENERAL), PKCS11Constants.NAME_CKM_SHA_1_HMAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_RIPEMD128_HMAC), PKCS11Constants.NAME_CKM_RIPEMD128_HMAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_RIPEMD128_HMAC_GENERAL), PKCS11Constants.NAME_CKM_RIPEMD128_HMAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_RIPEMD160_HMAC), PKCS11Constants.NAME_CKM_RIPEMD160_HMAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_RIPEMD160_HMAC_GENERAL), PKCS11Constants.NAME_CKM_RIPEMD160_HMAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_CAST_MAC), PKCS11Constants.NAME_CKM_CAST_MAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_CAST_MAC_GENERAL), PKCS11Constants.NAME_CKM_CAST_MAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_CAST3_MAC), PKCS11Constants.NAME_CKM_CAST3_MAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_CAST3_MAC_GENERAL), PKCS11Constants.NAME_CKM_CAST3_MAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_CAST5_MAC), PKCS11Constants.NAME_CKM_CAST5_MAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_CAST128_MAC), PKCS11Constants.NAME_CKM_CAST128_MAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_CAST5_MAC_GENERAL), PKCS11Constants.NAME_CKM_CAST5_MAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_CAST128_MAC_GENERAL), PKCS11Constants.NAME_CKM_CAST128_MAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_RC5_MAC), PKCS11Constants.NAME_CKM_RC5_MAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_RC5_MAC_GENERAL), PKCS11Constants.NAME_CKM_RC5_MAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_AES_MAC), PKCS11Constants.NAME_CKM_AES_MAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_AES_MAC_GENERAL), PKCS11Constants.NAME_CKM_AES_MAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_IDEA_MAC), PKCS11Constants.NAME_CKM_IDEA_MAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_IDEA_MAC_GENERAL), PKCS11Constants.NAME_CKM_IDEA_MAC_GENERAL);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_SSL3_MD5_MAC), PKCS11Constants.NAME_CKM_SSL3_MD5_MAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_SSL3_SHA1_MAC), PKCS11Constants.NAME_CKM_SSL3_SHA1_MAC);
      fullSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_ECDSA_SHA1), PKCS11Constants.NAME_CKM_ECDSA_SHA1);
      fullSignVerifyMechanisms_ = fullSignVerifyMechanisms;
    }

    return fullSignVerifyMechanisms_.containsKey(new Long(mechanismCode))  ;
  }

  /**
   * This method checks, if the mechanism with the given code is a
   * single-operation sign/verify mechanism; i.e. it does not support the
   * signUpdate() and encryptUpdate() functions.
   * This is the information as provided by the table on page 229
   * of the PKCS#11 v2.11 standard.
   * If this method returns true, the mechanism can be used with the sign and
   * verify functions excluding signUpdate and encryptUpdate.
   *
   * @param mechanismCode The code of the mechanism to check.
   * @return True, if the provided mechanism is a single-operation
   *         sign/verify mechanism. False, otherwise.
   * @preconditions
   * @postconditions
   */
  public static boolean isSingleOperationSignVerifyMechanism(long mechanismCode) {
    // build the hashtable on demand (=first use)
    if (singleOperationSignVerifyMechanisms_ == null) {
      Hashtable singleOperationSignVerifyMechanisms = new Hashtable();
      singleOperationSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_RSA_PKCS), PKCS11Constants.NAME_CKM_RSA_PKCS);
      singleOperationSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_RSA_PKCS_PSS), PKCS11Constants.NAME_CKM_RSA_PKCS_PSS);
      singleOperationSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_RSA_9796), PKCS11Constants.NAME_CKM_RSA_9796);
      singleOperationSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_RSA_X_509), PKCS11Constants.NAME_CKM_RSA_X_509);
      singleOperationSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_RSA_X9_31), PKCS11Constants.NAME_CKM_RSA_X9_31);
      singleOperationSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_DSA), PKCS11Constants.NAME_CKM_DSA);
      singleOperationSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_FORTEZZA_TIMESTAMP), PKCS11Constants.NAME_CKM_FORTEZZA_TIMESTAMP);
      singleOperationSignVerifyMechanisms.put(new Long(PKCS11Constants.CKM_ECDSA), PKCS11Constants.NAME_CKM_ECDSA);
      singleOperationSignVerifyMechanisms_ = singleOperationSignVerifyMechanisms;
    }

    return singleOperationSignVerifyMechanisms_.containsKey(new Long(mechanismCode))  ;
  }

  /**
   * This method checks, if the mechanism with the given code is a sign/verify
   * mechanism with message recovery.
   * This is the information as provided by the table on page 229
   * of the PKCS#11 v2.11 standard.
   * If this method returns true, the mechanism can be used with the signRecover
   * and verifyRecover functions.
   *
   * @param mechanismCode The code of the mechanism to check.
   * @return True, if the provided mechanism is a sign/verify mechanism with
   *         message recovery. False, otherwise.
   * @preconditions
   * @postconditions
   */
  public static boolean isSignVerifyRecoverMechanism(long mechanismCode) {
    // build the hashtable on demand (=first use)
    if (signVerifyRecoverMechanisms_ == null) {
      Hashtable signVerifyRecoverMechanisms = new Hashtable();
      signVerifyRecoverMechanisms.put(new Long(PKCS11Constants.CKM_RSA_PKCS), PKCS11Constants.NAME_CKM_RSA_PKCS);
      signVerifyRecoverMechanisms.put(new Long(PKCS11Constants.CKM_RSA_9796), PKCS11Constants.NAME_CKM_RSA_9796);
      signVerifyRecoverMechanisms.put(new Long(PKCS11Constants.CKM_RSA_X_509), PKCS11Constants.NAME_CKM_RSA_X_509);
      signVerifyRecoverMechanisms_ = signVerifyRecoverMechanisms;
    }

    return signVerifyRecoverMechanisms_.containsKey(new Long(mechanismCode))  ;
  }

  /**
   * This method checks, if the mechanism with the given code is a digest
   * mechanism.
   * This is the information as provided by the table on page 229
   * of the PKCS#11 v2.11 standard.
   * If this method returns true, the mechanism can be used with the digest
   * functions.
   *
   * @param mechanismCode The code of the mechanism to check.
   * @return True, if the provided mechanism is a digest mechanism. False,
   *         otherwise.
   * @preconditions
   * @postconditions
   */
  public static boolean isDigestMechanism(long mechanismCode) {
    // build the hashtable on demand (=first use)
    if (digestMechanisms_ == null) {
      Hashtable digestMechanisms = new Hashtable();
      digestMechanisms.put(new Long(PKCS11Constants.CKM_MD2), PKCS11Constants.NAME_CKM_MD2);
      digestMechanisms.put(new Long(PKCS11Constants.CKM_MD5), PKCS11Constants.NAME_CKM_MD5);
      digestMechanisms.put(new Long(PKCS11Constants.CKM_SHA_1), PKCS11Constants.NAME_CKM_SHA_1);
      digestMechanisms.put(new Long(PKCS11Constants.CKM_RIPEMD128), PKCS11Constants.NAME_CKM_RIP