pkcs11implementation.java

java 实现的签名方案

  /**
   * C_DecryptDigestUpdate continues a multiple-part decryption and
   * digesting operation.
   * (Dual-function cryptographic operations)
   *
   * @param hSession the session's handle
   *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
   * @param pEncryptedPart the encrypted data part to decrypt and to digest
   *         and encrypted data part's length
   *         (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
   *                         CK_ULONG ulEncryptedPartLen)
   * @return the decrypted and digested data part and the data part's length
   *         (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
   * @exception PKCS11Exception If function returns other value than CKR_OK.
   * @preconditions (pEncryptedPart <> null)
   * @postconditions
   */
  public native byte[] C_DecryptDigestUpdate(long hSession, byte[] pEncryptedPart) throws PKCS11Exception;


  /**
   * C_SignEncryptUpdate continues a multiple-part signing and
   * encryption operation.
   * (Dual-function cryptographic operations)
   *
   * @param hSession the session's handle
   *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
   * @param pPart the data part to sign and to encrypt and the data part's
   *         length
   *         (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
   * @return the signed and encrypted data part and the data part's length
   *         (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
   *                         CK_ULONG_PTR pulEncryptedPartLen)
   * @exception PKCS11Exception If function returns other value than CKR_OK.
   * @preconditions (pPart <> null)
   * @postconditions
   */
  public native byte[] C_SignEncryptUpdate(long hSession, byte[] pPart) throws PKCS11Exception;


  /**
   * C_DecryptVerifyUpdate continues a multiple-part decryption and
   * verify operation.
   * (Dual-function cryptographic operations)
   *
   * @param hSession the session's handle
   *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
   * @param pEncryptedPart the encrypted data part to decrypt and to verify
   *         and the data part's length
   *         (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
   *                         CK_ULONG ulEncryptedPartLen)
   * @return the decrypted and verified data part and the data part's length
   *         (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
   * @exception PKCS11Exception If function returns other value than CKR_OK.
   * @preconditions (pEncryptedPart <> null)
   * @postconditions
   */
  public native byte[] C_DecryptVerifyUpdate(long hSession, byte[] pEncryptedPart) throws PKCS11Exception;



/* *****************************************************************************
 * Key management
 ******************************************************************************/

  /**
   * C_GenerateKey generates a secret key, creating a new key
   * object.
   * (Key management)
   *
   * @param hSession the session's handle
   *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
   * @param pMechanism the key generation mechanism
   *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
   * @param pTemplate the template for the new key and the number of
   *         attributes in the template
   *         (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
   * @return the handle of the new key
   *         (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
   * @exception PKCS11Exception If function returns other value than CKR_OK.
   * @preconditions
   * @postconditions
   */
  public native long C_GenerateKey(long hSession, CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;


  /**
   * C_GenerateKeyPair generates a public-key/private-key pair,
   * creating new key objects.
   * (Key management)
   *
   * @param hSession the session's handle
   *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
   * @param pMechanism the key generation mechanism
   *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
   * @param pPublicKeyTemplate the template for the new public key and the
   *         number of attributes in the template
   *         (PKCS#11 param: CK_ATTRIBUTE_PTR pPublicKeyTemplate,
   *                         CK_ULONG ulPublicKeyAttributeCount)
   * @param pPrivateKeyTemplate the template for the new private key and the
   *         number of attributes in the template
   *         (PKCS#11 param: CK_ATTRIBUTE_PTR pPrivateKeyTemplate
   *                         CK_ULONG ulPrivateKeyAttributeCount)
   * @return a long array with exactly two elements and the public key handle
   *         as the first element and the private key handle as the second
   *         element
   *         (PKCS#11 param: CK_OBJECT_HANDLE_PTR phPublicKey,
   *                         CK_OBJECT_HANDLE_PTR phPrivateKey)
   * @exception PKCS11Exception If function returns other value than CKR_OK.
   * @preconditions (pMechanism <> null)
   * @postconditions (result <> null) and (result.length == 2)
   */
  public native long[] C_GenerateKeyPair(long hSession,
                                   CK_MECHANISM pMechanism,
                                   CK_ATTRIBUTE[] pPublicKeyTemplate,
                                   CK_ATTRIBUTE[] pPrivateKeyTemplate) throws PKCS11Exception;



  /**
   * C_WrapKey wraps (i.e., encrypts) a key.
   * (Key management)
   *
   * @param hSession the session's handle
   *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
   * @param pMechanism the wrapping mechanism
   *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
   * @param hWrappingKey the handle of the wrapping key
   *         (PKCS#11 param: CK_OBJECT_HANDLE hWrappingKey)
   * @param hKey the handle of the key to be wrapped
   *         (PKCS#11 param: CK_OBJECT_HANDLE hKey)
   * @return the wrapped key and the length of the wrapped key
   *         (PKCS#11 param: CK_BYTE_PTR pWrappedKey,
   *                         CK_ULONG_PTR pulWrappedKeyLen)
   * @exception PKCS11Exception If function returns other value than CKR_OK.
   * @preconditions
   * @postconditions (result <> null)
   */
  public native byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism, long hWrappingKey, long hKey) throws PKCS11Exception;


  /**
   * C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
   * key object.
   * (Key management)
   *
   * @param hSession the session's handle
   *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
   * @param pMechanism the unwrapping mechanism
   *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
   * @param hUnwrappingKey the handle of the unwrapping key
   *         (PKCS#11 param: CK_OBJECT_HANDLE hUnwrappingKey)
   * @param pWrappedKey the wrapped key to unwrap and the wrapped key's length
   *         (PKCS#11 param: CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen)
   * @param pTemplate the template for the new key and the number of
   *         attributes in the template
   *         (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
   * @return the handle of the unwrapped key
   *         (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
   * @exception PKCS11Exception If function returns other value than CKR_OK.
   * @preconditions (pWrappedKey <> null)
   * @postconditions
   */
  public native long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism,
                          long hUnwrappingKey, byte[] pWrappedKey,
                          CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;


  /**
   * C_DeriveKey derives a key from a base key, creating a new key
   * object.
   * (Key management)
   *
   * @param hSession the session's handle
   *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
   * @param pMechanism the key derivation mechanism
   *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
   * @param hBaseKey the handle of the base key
   *         (PKCS#11 param: CK_OBJECT_HANDLE hBaseKey)
   * @param pTemplate the template for the new key and the number of
   *         attributes in the template
   *         (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
   * @return the handle of the derived key
   *         (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
   * @exception PKCS11Exception If function returns other value than CKR_OK.
   * @preconditions
   * @postconditions
   */
  public native long C_DeriveKey(long hSession, CK_MECHANISM pMechanism,
                          long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;



/* *****************************************************************************
 * Random number generation
 ******************************************************************************/

  /**
   * C_SeedRandom mixes additional seed material into the token's
   * random number generator.
   * (Random number generation)
   *
   * @param hSession the session's handle
   *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
   * @param pSeed the seed material and the seed material's length
   *         (PKCS#11 param: CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen)
   * @exception PKCS11Exception If function returns other value than CKR_OK.
   * @preconditions (pSeed <> null)
   * @postconditions
   */
  public native void C_SeedRandom(long hSession, byte[] pSeed) throws PKCS11Exception;


  /**
   * C_GenerateRandom generates random data.
   * (Random number generation)
   *
   * @param hSession the session's handle
   *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
   * @param randomData receives the random data and the length of RandomData
   *         is the length of random data to be generated
   *         (PKCS#11 param: CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen)
   * @exception PKCS11Exception If function returns other value than CKR_OK.
   * @preconditions (randomData <> null)
   * @postconditions
   */
  public native void C_GenerateRandom(long hSession, byte[] randomData) throws PKCS11Exception;



/* *****************************************************************************
 * Parallel function management
 ******************************************************************************/

  /**
   * C_GetFunctionStatus is a legacy function; it obtains an
   * updated status of a function running in parallel with an
   * application.
   * (Parallel function management)
   *
   * @param hSession the session's handle
   *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
   * @exception PKCS11Exception If function returns other value than CKR_OK.
   * @preconditions
   * @postconditions
   */
  public native void C_GetFunctionStatus(long hSession) throws PKCS11Exception;


  /**
   * C_CancelFunction is a legacy function; it cancels a function
   * running in parallel.
   * (Parallel function management)
   *
   * @param hSession the session's handle
   *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
   * @exception PKCS11Exception If function returns other value than CKR_OK.
   * @preconditions
   * @postconditions
   */
  public native void C_CancelFunction(long hSession) throws PKCS11Exception;



/* *****************************************************************************
 * Functions added in for Cryptoki Version 2.01 or later
 ******************************************************************************/

  /**
   * C_WaitForSlotEvent waits for a slot event (token insertion,
   * removal, etc.) to occur.
   * (General-purpose)
   *
   * @param flags blocking/nonblocking flag
   *         (PKCS#11 param: CK_FLAGS flags)
   * @param pReserved reserved. Should be null
   *         (PKCS#11 param: CK_VOID_PTR pReserved)
   * @return the slot ID where the event occured
   *         (PKCS#11 param: CK_SLOT_ID_PTR pSlot)
   * @exception PKCS11Exception If function returns other value than CKR_OK.
   * @preconditions (pRserved == null)
   * @postconditions
   */
  public native long C_WaitForSlotEvent(long flags, Object pReserved) throws PKCS11Exception;

  /**
   * Compares this object with the other object.
   * Returns only true, if both objects refer to the same PKCS#11 library.
   *
   * @param otherObject The other PKCS11Implementation.
   * @return True, if this PKCS11Implementation and the other 
   *         PKCS11Implementation refer to the same PKCS#11 library; 
   *         False, otherwise.
   * @preconditions
   * @postconditions
   */
  public boolean equals(java.lang.Object otherObject) {
    boolean equal;

    if (this == otherObject) {
      equal = true;
    } else if (otherObject instanceof PKCS11Implementation) {
      PKCS11Implementation other = (PKCS11Implementation) otherObject;
      
      if (this.pkcs11ModulePath_.equals(other.pkcs11ModulePath_)) {
        equal = true;
      } else {
        try {
          File thisLibarayFile = new File(this.pkcs11ModulePath_);
          File otherLibaryFile = new File(other.pkcs11ModulePath_);
          if (thisLibarayFile.getCanonicalPath().equals(otherLibaryFile.getCanonicalPath())) {
            equal = true;
          } else {
            equal = false;
          }
        } catch(IOException ex) {
          ex.printStackTrace();
          equal = false;
        } 
      } 
    } else {
      equal = false;
    }

    return equal ;
  }

  /**
   * The overriding of this method should ensure that the objects of this class
   * work correctly in a hashtable.
   *
   * @return The hash code of this object.
   * @preconditions
   * @postconditions
   */
  public int hashCode() {
    int hashCode;

    try {
      File thisLibarayFile = new File(this.pkcs11ModulePath_);
      hashCode = thisLibarayFile.getCanonicalPath().hashCode();
    } catch(IOException ex) {
      ex.printStackTrace();
      hashCode = pkcs11ModulePath_.hashCode();
    } 

    return hashCode ;
  }

  /**
   * Returns the string representation of this object.
   *
   * @return The string representation of object
   */
  public String toString() {
    StringBuffer buffer = new StringBuffer();

    buffer.append("Module Name: ");
    buffer.append(pkcs11ModulePath_);

    return buffer.toString() ;
  }

  /**
   * Calls disconnect() to cleanup the native part of the wrapper. Once this
   * method is called, this object cannot be used any longer. Any subsequent
   * call to a C_* method will result in a runtime exception.
   *
   * @exception Throwable If finalization fails.
   */
  public void finalize()
      throws Throwable
  {
    disconnect();
    super.finalize();
  }

}