View Javadoc
1   /*
2    * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
3    */
4   
5   /* Copyright  (c) 2002 Graz University of Technology. All rights reserved.
6    *
7    * Redistribution and use in  source and binary forms, with or without
8    * modification, are permitted  provided that the following conditions are met:
9    *
10   * 1. Redistributions of  source code must retain the above copyright notice,
11   *    this list of conditions and the following disclaimer.
12   *
13   * 2. Redistributions in  binary form must reproduce the above copyright notice,
14   *    this list of conditions and the following disclaimer in the documentation
15   *    and/or other materials provided with the distribution.
16   *
17   * 3. The end-user documentation included with the redistribution, if any, must
18   *    include the following acknowledgment:
19   *
20   *    "This product includes software developed by IAIK of Graz University of
21   *     Technology."
22   *
23   *    Alternately, this acknowledgment may appear in the software itself, if
24   *    and wherever such third-party acknowledgments normally appear.
25   *
26   * 4. The names "Graz University of Technology" and "IAIK of Graz University of
27   *    Technology" must not be used to endorse or promote products derived from
28   *    this software without prior written permission.
29   *
30   * 5. Products derived from this software may not be called
31   *    "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior
32   *    written permission of Graz University of Technology.
33   *
34   *  THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
35   *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
36   *  WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
37   *  PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE
38   *  LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
39   *  OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
40   *  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
41   *  OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
42   *  ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
43   *  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
44   *  OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
45   *  POSSIBILITY  OF SUCH DAMAGE.
46   */
47  
48  package sun.security.pkcs11.wrapper;
49  
50  import java.io.File;
51  import java.io.IOException;
52  import java.util.*;
53  
54  import java.security.AccessController;
55  import java.security.PrivilegedAction;
56  
57  import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
58  
59  /**
60   * This is the default implementation of the PKCS11 interface. IT connects to
61   * the pkcs11wrapper.dll file, which is the native part of this library.
62   * The strange and awkward looking initialization was chosen to avoid calling
63   * loadLibrary from a static initialization block, because this would complicate
64   * the use in applets.
65   *
66   * @author Karl Scheibelhofer <Karl.Scheibelhofer@iaik.at>
67   * @author Martin Schlaeffer <schlaeff@sbox.tugraz.at>
68   * @invariants (pkcs11ModulePath_ <> null)
69   */
70  public class PKCS11 {
71  
72      /**
73       * The name of the native part of the wrapper; i.e. the filename without
74       * the extension (e.g. ".DLL" or ".so").
75       */
76      private static final String PKCS11_WRAPPER = "j2pkcs11";
77  
78      static {
79          // cannot use LoadLibraryAction because that would make the native
80          // library available to the bootclassloader, but we run in the
81          // extension classloader.
82          AccessController.doPrivileged(new PrivilegedAction<Object>() {
83              public Object run() {
84                  System.loadLibrary(PKCS11_WRAPPER);
85                  return null;
86              }
87          });
88          initializeLibrary();
89      }
90  
91      public static void loadNative() {
92          // dummy method that can be called to make sure the native
93          // portion has been loaded. actual loading happens in the
94          // static initializer, hence this method is empty.
95      }
96  
97      /**
98       * The PKCS#11 module to connect to. This is the PKCS#11 driver of the token;
99       * e.g. pk2priv.dll.
100      */
101     private final String pkcs11ModulePath;
102 
103     private long pNativeData;
104 
105     /**
106      * This method does the initialization of the native library. It is called
107      * exactly once for this class.
108      *
109      * @preconditions
110      * @postconditions
111      */
112     private static native void initializeLibrary();
113 
114     // XXX
115     /**
116      * This method does the finalization of the native library. It is called
117      * exactly once for this class. The library uses this method for a clean-up
118      * of any resources.
119      *
120      * @preconditions
121      * @postconditions
122      */
123     private static native void finalizeLibrary();
124 
125     private static final Map<String,PKCS11> moduleMap =
126         new HashMap<String,PKCS11>();
127 
128     /**
129      * Connects to the PKCS#11 driver given. The filename must contain the
130      * path, if the driver is not in the system's search path.
131      *
132      * @param pkcs11ModulePath the PKCS#11 library path
133      * @preconditions (pkcs11ModulePath <> null)
134      * @postconditions
135      */
136     PKCS11(String pkcs11ModulePath, String functionListName)
137             throws IOException {
138         connect(pkcs11ModulePath, functionListName);
139         this.pkcs11ModulePath = pkcs11ModulePath;
140     }
141 
142     public static synchronized PKCS11 getInstance(String pkcs11ModulePath,
143             String functionList, CK_C_INITIALIZE_ARGS pInitArgs,
144             boolean omitInitialize) throws IOException, PKCS11Exception {
145         // we may only call C_Initialize once per native .so/.dll
146         // so keep a cache using the (non-canonicalized!) path
147         PKCS11 pkcs11 = moduleMap.get(pkcs11ModulePath);
148         if (pkcs11 == null) {
149             if ((pInitArgs != null)
150                     && ((pInitArgs.flags & CKF_OS_LOCKING_OK) != 0)) {
151                 pkcs11 = new PKCS11(pkcs11ModulePath, functionList);
152             } else {
153                 pkcs11 = new SynchronizedPKCS11(pkcs11ModulePath, functionList);
154             }
155             if (omitInitialize == false) {
156                 try {
157                     pkcs11.C_Initialize(pInitArgs);
158                 } catch (PKCS11Exception e) {
159                     // ignore already-initialized error code
160                     // rethrow all other errors
161                     if (e.getErrorCode() != CKR_CRYPTOKI_ALREADY_INITIALIZED) {
162                         throw e;
163                     }
164                 }
165             }
166             moduleMap.put(pkcs11ModulePath, pkcs11);
167         }
168         return pkcs11;
169     }
170 
171     /**
172      * Connects this object to the specified PKCS#11 library. This method is for
173      * internal use only.
174      * Declared private, because incorrect handling may result in errors in the
175      * native part.
176      *
177      * @param pkcs11ModulePath The PKCS#11 library path.
178      * @preconditions (pkcs11ModulePath <> null)
179      * @postconditions
180      */
181     private native void connect(String pkcs11ModulePath, String functionListName)
182             throws IOException;
183 
184     /**
185      * Disconnects the PKCS#11 library from this object. After calling this
186      * method, this object is no longer connected to a native PKCS#11 module
187      * and any subsequent calls to C_ methods will fail. This method is for
188      * internal use only.
189      * Declared private, because incorrect handling may result in errors in the
190      * native part.
191      *
192      * @preconditions
193      * @postconditions
194      */
195     private native void disconnect();
196 
197 
198     // Implementation of PKCS11 methods delegated to native pkcs11wrapper library
199 
200 /* *****************************************************************************
201  * General-purpose
202  ******************************************************************************/
203 
204     /**
205      * C_Initialize initializes the Cryptoki library.
206      * (General-purpose)
207      *
208      * @param pInitArgs if pInitArgs is not NULL it gets casted to
209      *         CK_C_INITIALIZE_ARGS_PTR and dereferenced
210      *         (PKCS#11 param: CK_VOID_PTR pInitArgs)
211      * @exception PKCS11Exception If function returns other value than CKR_OK.
212      * @preconditions
213      * @postconditions
214      */
215     native void C_Initialize(Object pInitArgs) throws PKCS11Exception;
216 
217     /**
218      * C_Finalize indicates that an application is done with the
219      * Cryptoki library
220      * (General-purpose)
221      *
222      * @param pReserved is reserved. Should be NULL_PTR
223      *         (PKCS#11 param: CK_VOID_PTR pReserved)
224      * @exception PKCS11Exception If function returns other value than CKR_OK.
225      * @preconditions (pReserved == null)
226      * @postconditions
227      */
228     public native void C_Finalize(Object pReserved) throws PKCS11Exception;
229 
230 
231     /**
232      * C_GetInfo returns general information about Cryptoki.
233      * (General-purpose)
234      *
235      * @return the information.
236      *         (PKCS#11 param: CK_INFO_PTR pInfo)
237      * @exception PKCS11Exception If function returns other value than CKR_OK.
238      * @preconditions
239      * @postconditions (result <> null)
240      */
241     public native CK_INFO C_GetInfo() throws PKCS11Exception;
242 
243 
244 /* *****************************************************************************
245  * Slot and token management
246  ******************************************************************************/
247 
248     /**
249      * C_GetSlotList obtains a list of slots in the system.
250      * (Slot and token management)
251      *
252      * @param tokenPresent if true only Slot IDs with a token are returned
253      *         (PKCS#11 param: CK_BBOOL tokenPresent)
254      * @return a long array of slot IDs and number of Slot IDs
255      *         (PKCS#11 param: CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount)
256      * @exception PKCS11Exception If function returns other value than CKR_OK.
257      * @preconditions
258      * @postconditions (result <> null)
259      */
260     public native long[] C_GetSlotList(boolean tokenPresent)
261             throws PKCS11Exception;
262 
263 
264     /**
265      * C_GetSlotInfo obtains information about a particular slot in
266      * the system.
267      * (Slot and token management)
268      *
269      * @param slotID the ID of the slot
270      *         (PKCS#11 param: CK_SLOT_ID slotID)
271      * @return the slot information
272      *         (PKCS#11 param: CK_SLOT_INFO_PTR pInfo)
273      * @exception PKCS11Exception If function returns other value than CKR_OK.
274      * @preconditions
275      * @postconditions (result <> null)
276      */
277     public native CK_SLOT_INFO C_GetSlotInfo(long slotID) throws PKCS11Exception;
278 
279 
280     /**
281      * C_GetTokenInfo obtains information about a particular token
282      * in the system.
283      * (Slot and token management)
284      *
285      * @param slotID ID of the token's slot
286      *         (PKCS#11 param: CK_SLOT_ID slotID)
287      * @return the token information
288      *         (PKCS#11 param: CK_TOKEN_INFO_PTR pInfo)
289      * @exception PKCS11Exception If function returns other value than CKR_OK.
290      * @preconditions
291      * @postconditions (result <> null)
292      */
293     public native CK_TOKEN_INFO C_GetTokenInfo(long slotID)
294             throws PKCS11Exception;
295 
296 
297     /**
298      * C_GetMechanismList obtains a list of mechanism types
299      * supported by a token.
300      * (Slot and token management)
301      *
302      * @param slotID ID of the token's slot
303      *         (PKCS#11 param: CK_SLOT_ID slotID)
304      * @return a long array of mechanism types and number of mechanism types
305      *         (PKCS#11 param: CK_MECHANISM_TYPE_PTR pMechanismList,
306      *                         CK_ULONG_PTR pulCount)
307      * @exception PKCS11Exception If function returns other value than CKR_OK.
308      * @preconditions
309      * @postconditions (result <> null)
310      */
311     public native long[] C_GetMechanismList(long slotID) throws PKCS11Exception;
312 
313 
314     /**
315      * C_GetMechanismInfo obtains information about a particular
316      * mechanism possibly supported by a token.
317      * (Slot and token management)
318      *
319      * @param slotID ID of the token's slot
320      *         (PKCS#11 param: CK_SLOT_ID slotID)
321      * @param type type of mechanism
322      *         (PKCS#11 param: CK_MECHANISM_TYPE type)
323      * @return the mechanism info
324      *         (PKCS#11 param: CK_MECHANISM_INFO_PTR pInfo)
325      * @exception PKCS11Exception If function returns other value than CKR_OK.
326      * @preconditions
327      * @postconditions (result <> null)
328      */
329     public native CK_MECHANISM_INFO C_GetMechanismInfo(long slotID, long type)
330             throws PKCS11Exception;
331 
332 
333     /**
334      * C_InitToken initializes a token.
335      * (Slot and token management)
336      *
337      * @param slotID ID of the token's slot
338      *         (PKCS#11 param: CK_SLOT_ID slotID)
339      * @param pPin the SO's initial PIN and the length in bytes of the PIN
340      *         (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
341      * @param pLabel 32-byte token label (blank padded)
342      *         (PKCS#11 param: CK_UTF8CHAR_PTR pLabel)
343      * @exception PKCS11Exception If function returns other value than CKR_OK.
344      * @preconditions
345      * @postconditions
346      */
347 //    public native void C_InitToken(long slotID, char[] pPin, char[] pLabel)
348 //            throws PKCS11Exception;
349 
350 
351     /**
352      * C_InitPIN initializes the normal user's PIN.
353      * (Slot and token management)
354      *
355      * @param hSession the session's handle
356      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
357      * @param pPin the normal user's PIN and the length in bytes of the PIN
358      *         (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
359      * @exception PKCS11Exception If function returns other value than CKR_OK.
360      * @preconditions
361      * @postconditions
362      */
363 //    public native void C_InitPIN(long hSession, char[] pPin)
364 //            throws PKCS11Exception;
365 
366 
367     /**
368      * C_SetPIN modifies the PIN of the user who is logged in.
369      * (Slot and token management)
370      *
371      * @param hSession the session's handle
372      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
373      * @param pOldPin the old PIN and the length of the old PIN
374      *         (PKCS#11 param: CK_CHAR_PTR pOldPin, CK_ULONG ulOldLen)
375      * @param pNewPin the new PIN and the length of the new PIN
376      *         (PKCS#11 param: CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen)
377      * @exception PKCS11Exception If function returns other value than CKR_OK.
378      * @preconditions
379      * @postconditions
380      */
381 //    public native void C_SetPIN(long hSession, char[] pOldPin, char[] pNewPin)
382 //            throws PKCS11Exception;
383 
384 
385 
386 /* *****************************************************************************
387  * Session management
388  ******************************************************************************/
389 
390     /**
391      * C_OpenSession opens a session between an application and a
392      * token.
393      * (Session management)
394      *
395      * @param slotID the slot's ID
396      *         (PKCS#11 param: CK_SLOT_ID slotID)
397      * @param flags of CK_SESSION_INFO
398      *         (PKCS#11 param: CK_FLAGS flags)
399      * @param pApplication passed to callback
400      *         (PKCS#11 param: CK_VOID_PTR pApplication)
401      * @param Notify the callback function
402      *         (PKCS#11 param: CK_NOTIFY Notify)
403      * @return the session handle
404      *         (PKCS#11 param: CK_SESSION_HANDLE_PTR phSession)
405      * @exception PKCS11Exception If function returns other value than CKR_OK.
406      * @preconditions
407      * @postconditions
408      */
409     public native long C_OpenSession(long slotID, long flags,
410             Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception;
411 
412 
413     /**
414      * C_CloseSession closes a session between an application and a
415      * token.
416      * (Session management)
417      *
418      * @param hSession the session's handle
419      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
420      * @exception PKCS11Exception If function returns other value than CKR_OK.
421      * @preconditions
422      * @postconditions
423      */
424     public native void C_CloseSession(long hSession) throws PKCS11Exception;
425 
426 
427     /**
428      * C_CloseAllSessions closes all sessions with a token.
429      * (Session management)
430      *
431      * @param slotID the ID of the token's slot
432      *         (PKCS#11 param: CK_SLOT_ID slotID)
433      * @exception PKCS11Exception If function returns other value than CKR_OK.
434      * @preconditions
435      * @postconditions
436      */
437 //    public native void C_CloseAllSessions(long slotID) throws PKCS11Exception;
438 
439 
440     /**
441      * C_GetSessionInfo obtains information about the session.
442      * (Session management)
443      *
444      * @param hSession the session's handle
445      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
446      * @return the session info
447      *         (PKCS#11 param: CK_SESSION_INFO_PTR pInfo)
448      * @exception PKCS11Exception If function returns other value than CKR_OK.
449      * @preconditions
450      * @postconditions (result <> null)
451      */
452     public native CK_SESSION_INFO C_GetSessionInfo(long hSession)
453             throws PKCS11Exception;
454 
455 
456     /**
457      * C_GetOperationState obtains the state of the cryptographic operation
458      * in a session.
459      * (Session management)
460      *
461      * @param hSession session's handle
462      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
463      * @return the state and the state length
464      *         (PKCS#11 param: CK_BYTE_PTR pOperationState,
465      *                         CK_ULONG_PTR pulOperationStateLen)
466      * @exception PKCS11Exception If function returns other value than CKR_OK.
467      * @preconditions
468      * @postconditions (result <> null)
469      */
470     public native byte[] C_GetOperationState(long hSession)
471             throws PKCS11Exception;
472 
473 
474     /**
475      * C_SetOperationState restores the state of the cryptographic
476      * operation in a session.
477      * (Session management)
478      *
479      * @param hSession session's handle
480      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
481      * @param pOperationState the state and the state length
482      *         (PKCS#11 param: CK_BYTE_PTR pOperationState,
483      *                         CK_ULONG ulOperationStateLen)
484      * @param hEncryptionKey en/decryption key
485      *         (PKCS#11 param: CK_OBJECT_HANDLE hEncryptionKey)
486      * @param hAuthenticationKey sign/verify key
487      *         (PKCS#11 param: CK_OBJECT_HANDLE hAuthenticationKey)
488      * @exception PKCS11Exception If function returns other value than CKR_OK.
489      * @preconditions
490      * @postconditions
491      */
492     public native void C_SetOperationState(long hSession, byte[] pOperationState,
493             long hEncryptionKey, long hAuthenticationKey) throws PKCS11Exception;
494 
495 
496     /**
497      * C_Login logs a user into a token.
498      * (Session management)
499      *
500      * @param hSession the session's handle
501      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
502      * @param userType the user type
503      *         (PKCS#11 param: CK_USER_TYPE userType)
504      * @param pPin the user's PIN and the length of the PIN
505      *         (PKCS#11 param: CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
506      * @exception PKCS11Exception If function returns other value than CKR_OK.
507      * @preconditions
508      * @postconditions
509      */
510     public native void C_Login(long hSession, long userType, char[] pPin)
511             throws PKCS11Exception;
512 
513 
514     /**
515      * C_Logout logs a user out from a token.
516      * (Session management)
517      *
518      * @param hSession the session's handle
519      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
520      * @exception PKCS11Exception If function returns other value than CKR_OK.
521      * @preconditions
522      * @postconditions
523      */
524     public native void C_Logout(long hSession) throws PKCS11Exception;
525 
526 
527 
528 /* *****************************************************************************
529  * Object management
530  ******************************************************************************/
531 
532     /**
533      * C_CreateObject creates a new object.
534      * (Object management)
535      *
536      * @param hSession the session's handle
537      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
538      * @param pTemplate the object's template and number of attributes in
539      *         template
540      *         (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
541      * @return the object's handle
542      *         (PKCS#11 param: CK_OBJECT_HANDLE_PTR phObject)
543      * @exception PKCS11Exception If function returns other value than CKR_OK.
544      * @preconditions
545      * @postconditions
546      */
547     public native long C_CreateObject(long hSession, CK_ATTRIBUTE[] pTemplate)
548             throws PKCS11Exception;
549 
550 
551     /**
552      * C_CopyObject copies an object, creating a new object for the
553      * copy.
554      * (Object management)
555      *
556      * @param hSession the session's handle
557      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
558      * @param hObject the object's handle
559      *         (PKCS#11 param: CK_OBJECT_HANDLE hObject)
560      * @param pTemplate the template for the new object and number of attributes
561      *         in template
562      *         (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
563      * @return the handle of the copy
564      *         (PKCS#11 param: CK_OBJECT_HANDLE_PTR phNewObject)
565      * @exception PKCS11Exception If function returns other value than CKR_OK.
566      * @preconditions
567      * @postconditions
568      */
569     public native long C_CopyObject(long hSession, long hObject,
570             CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
571 
572 
573     /**
574      * C_DestroyObject destroys an object.
575      * (Object management)
576      *
577      * @param hSession the session's handle
578      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
579      * @param hObject the object's handle
580      *         (PKCS#11 param: CK_OBJECT_HANDLE hObject)
581      * @exception PKCS11Exception If function returns other value than CKR_OK.
582      * @preconditions
583      * @postconditions
584      */
585     public native void C_DestroyObject(long hSession, long hObject)
586             throws PKCS11Exception;
587 
588 
589     /**
590      * C_GetObjectSize gets the size of an object in bytes.
591      * (Object management)
592      *
593      * @param hSession the session's handle
594      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
595      * @param hObject the object's handle
596      *         (PKCS#11 param: CK_OBJECT_HANDLE hObject)
597      * @return the size of the object
598      *         (PKCS#11 param: CK_ULONG_PTR pulSize)
599      * @exception PKCS11Exception If function returns other value than CKR_OK.
600      * @preconditions
601      * @postconditions
602      */
603 //    public native long C_GetObjectSize(long hSession, long hObject)
604 //            throws PKCS11Exception;
605 
606 
607     /**
608      * C_GetAttributeValue obtains the value of one or more object
609      * attributes. The template attributes also receive the values.
610      * (Object management)
611      * note: in PKCS#11 pTemplate and the result template are the same
612      *
613      * @param hSession the session's handle
614      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
615      * @param hObject the object's handle
616      *         (PKCS#11 param: CK_OBJECT_HANDLE hObject)
617      * @param pTemplate specifies the attributes and number of attributes to get
618      *                  The template attributes also receive the values.
619      *         (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
620      * @exception PKCS11Exception If function returns other value than CKR_OK.
621      * @preconditions (pTemplate <> null)
622      * @postconditions (result <> null)
623      */
624     public native void C_GetAttributeValue(long hSession, long hObject,
625             CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
626 
627 
628     /**
629      * C_SetAttributeValue modifies the value of one or more object
630      * attributes
631      * (Object management)
632      *
633      * @param hSession the session's handle
634      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
635      * @param hObject the object's handle
636      *         (PKCS#11 param: CK_OBJECT_HANDLE hObject)
637      * @param pTemplate specifies the attributes and values to get; number of
638      *         attributes in the template
639      *         (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
640      * @exception PKCS11Exception If function returns other value than CKR_OK.
641      * @preconditions (pTemplate <> null)
642      * @postconditions
643      */
644     public native void C_SetAttributeValue(long hSession, long hObject,
645             CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
646 
647 
648     /**
649      * C_FindObjectsInit initializes a search for token and session
650      * objects that match a template.
651      * (Object management)
652      *
653      * @param hSession the session's handle
654      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
655      * @param pTemplate the object's attribute values to match and the number of
656      *         attributes in search template
657      *         (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
658      * @exception PKCS11Exception If function returns other value than CKR_OK.
659      * @preconditions
660      * @postconditions
661      */
662     public native void C_FindObjectsInit(long hSession, CK_ATTRIBUTE[] pTemplate)
663             throws PKCS11Exception;
664 
665 
666     /**
667      * C_FindObjects continues a search for token and session
668      * objects that match a template, obtaining additional object
669      * handles.
670      * (Object management)
671      *
672      * @param hSession the session's handle
673      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
674      * @param ulMaxObjectCount the max. object handles to get
675      *         (PKCS#11 param: CK_ULONG ulMaxObjectCount)
676      * @return the object's handles and the actual number of objects returned
677      *         (PKCS#11 param: CK_ULONG_PTR pulObjectCount)
678      * @exception PKCS11Exception If function returns other value than CKR_OK.
679      * @preconditions
680      * @postconditions (result <> null)
681      */
682     public native long[] C_FindObjects(long hSession, long ulMaxObjectCount)
683             throws PKCS11Exception;
684 
685 
686     /**
687      * C_FindObjectsFinal finishes a search for token and session
688      * objects.
689      * (Object management)
690      *
691      * @param hSession the session's handle
692      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
693      * @exception PKCS11Exception If function returns other value than CKR_OK.
694      * @preconditions
695      * @postconditions
696      */
697     public native void C_FindObjectsFinal(long hSession) throws PKCS11Exception;
698 
699 
700 
701 /* *****************************************************************************
702  * Encryption and decryption
703  ******************************************************************************/
704 
705     /**
706      * C_EncryptInit initializes an encryption operation.
707      * (Encryption and decryption)
708      *
709      * @param hSession the session's handle
710      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
711      * @param pMechanism the encryption mechanism
712      *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
713      * @param hKey the handle of the encryption key
714      *         (PKCS#11 param: CK_OBJECT_HANDLE hKey)
715      * @exception PKCS11Exception If function returns other value than CKR_OK.
716      * @preconditions
717      * @postconditions
718      */
719     public native void C_EncryptInit(long hSession, CK_MECHANISM pMechanism,
720             long hKey) throws PKCS11Exception;
721 
722 
723     /**
724      * C_Encrypt encrypts single-part data.
725      * (Encryption and decryption)
726      *
727      * @param hSession the session's handle
728      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
729      * @param pData the data to get encrypted and the data's length
730      *         (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
731      * @return the encrypted data and the encrypted data's length
732      *         (PKCS#11 param: CK_BYTE_PTR pEncryptedData,
733      *                         CK_ULONG_PTR pulEncryptedDataLen)
734      * @exception PKCS11Exception If function returns other value than CKR_OK.
735      * @preconditions (pData <> null)
736      * @postconditions (result <> null)
737      */
738     public native int C_Encrypt(long hSession, byte[] in, int inOfs, int inLen,
739             byte[] out, int outOfs, int outLen) throws PKCS11Exception;
740 
741 
742     /**
743      * C_EncryptUpdate continues a multiple-part encryption
744      * operation.
745      * (Encryption and decryption)
746      *
747      * @param hSession the session's handle
748      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
749      * @param pPart the data part to get encrypted and the data part's length
750      *         (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
751      * @return the encrypted data part and the encrypted data part's length
752      *         (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
753                              CK_ULONG_PTR pulEncryptedPartLen)
754      * @exception PKCS11Exception If function returns other value than CKR_OK.
755      * @preconditions (pPart <> null)
756      * @postconditions
757      */
758     public native int C_EncryptUpdate(long hSession, long directIn, byte[] in,
759             int inOfs, int inLen, long directOut, byte[] out, int outOfs,
760             int outLen) throws PKCS11Exception;
761 
762 
763     /**
764      * C_EncryptFinal finishes a multiple-part encryption
765      * operation.
766      * (Encryption and decryption)
767      *
768      * @param hSession the session's handle
769      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
770      * @return the last encrypted data part and the last data part's length
771      *         (PKCS#11 param: CK_BYTE_PTR pLastEncryptedPart,
772                              CK_ULONG_PTR pulLastEncryptedPartLen)
773      * @exception PKCS11Exception If function returns other value than CKR_OK.
774      * @preconditions
775      * @postconditions (result <> null)
776      */
777     public native int C_EncryptFinal(long hSession, long directOut, byte[] out,
778             int outOfs, int outLen) throws PKCS11Exception;
779 
780 
781     /**
782      * C_DecryptInit initializes a decryption operation.
783      * (Encryption and decryption)
784      *
785      * @param hSession the session's handle
786      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
787      * @param pMechanism the decryption mechanism
788      *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
789      * @param hKey the handle of the decryption key
790      *         (PKCS#11 param: CK_OBJECT_HANDLE hKey)
791      * @exception PKCS11Exception If function returns other value than CKR_OK.
792      * @preconditions
793      * @postconditions
794      */
795     public native void C_DecryptInit(long hSession, CK_MECHANISM pMechanism,
796             long hKey) throws PKCS11Exception;
797 
798 
799     /**
800      * C_Decrypt decrypts encrypted data in a single part.
801      * (Encryption and decryption)
802      *
803      * @param hSession the session's handle
804      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
805      * @param pEncryptedData the encrypted data to get decrypted and the
806      *         encrypted data's length
807      *         (PKCS#11 param: CK_BYTE_PTR pEncryptedData,
808      *                         CK_ULONG ulEncryptedDataLen)
809      * @return the decrypted data and the data's length
810      *         (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
811      * @exception PKCS11Exception If function returns other value than CKR_OK.
812      * @preconditions (pEncryptedPart <> null)
813      * @postconditions (result <> null)
814      */
815     public native int C_Decrypt(long hSession, byte[] in, int inOfs, int inLen,
816             byte[] out, int outOfs, int outLen) throws PKCS11Exception;
817 
818 
819     /**
820      * C_DecryptUpdate continues a multiple-part decryption
821      * operation.
822      * (Encryption and decryption)
823      *
824      * @param hSession the session's handle
825      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
826      * @param pEncryptedPart the encrypted data part to get decrypted and the
827      *         encrypted data part's length
828      *         (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
829      *                         CK_ULONG ulEncryptedPartLen)
830      * @return the decrypted data part and the data part's length
831      *         (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
832      * @exception PKCS11Exception If function returns other value than CKR_OK.
833      * @preconditions (pEncryptedPart <> null)
834      * @postconditions
835      */
836     public native int C_DecryptUpdate(long hSession, long directIn, byte[] in,
837             int inOfs, int inLen, long directOut, byte[] out, int outOfs,
838             int outLen) throws PKCS11Exception;
839 
840 
841     /**
842      * C_DecryptFinal finishes a multiple-part decryption
843      * operation.
844      * (Encryption and decryption)
845      *
846      * @param hSession the session's handle
847      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
848      * @return the last decrypted data part and the last data part's length
849      *         (PKCS#11 param: CK_BYTE_PTR pLastPart,
850      *                         CK_ULONG_PTR pulLastPartLen)
851      * @exception PKCS11Exception If function returns other value than CKR_OK.
852      * @preconditions
853      * @postconditions (result <> null)
854      */
855     public native int C_DecryptFinal(long hSession, long directOut, byte[] out,
856             int outOfs, int outLen) throws PKCS11Exception;
857 
858 
859 
860 /* *****************************************************************************
861  * Message digesting
862  ******************************************************************************/
863 
864     /**
865      * C_DigestInit initializes a message-digesting operation.
866      * (Message digesting)
867      *
868      * @param hSession the session's handle
869      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
870      * @param pMechanism the digesting mechanism
871      *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
872      * @exception PKCS11Exception If function returns other value than CKR_OK.
873      * @preconditions
874      * @postconditions
875      */
876     public native void C_DigestInit(long hSession, CK_MECHANISM pMechanism)
877             throws PKCS11Exception;
878 
879 
880     // note that C_DigestSingle does not exist in PKCS#11
881     // we combined the C_DigestInit and C_Digest into a single function
882     // to save on Java<->C transitions and save 5-10% on small digests
883     // this made the C_Digest method redundant, it has been removed
884     /**
885      * C_Digest digests data in a single part.
886      * (Message digesting)
887      *
888      * @param hSession the session's handle
889      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
890      * @param data the data to get digested and the data's length
891      *         (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
892      * @return the message digest and the length of the message digest
893      *         (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
894      * @exception PKCS11Exception If function returns other value than CKR_OK.
895      * @preconditions (data <> null)
896      * @postconditions (result <> null)
897      */
898     public native int C_DigestSingle(long hSession, CK_MECHANISM pMechanism,
899             byte[] in, int inOfs, int inLen, byte[] digest, int digestOfs,
900             int digestLen) throws PKCS11Exception;
901 
902 
903     /**
904      * C_DigestUpdate continues a multiple-part message-digesting
905      * operation.
906      * (Message digesting)
907      *
908      * @param hSession the session's handle
909      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
910      * @param pPart the data to get digested and the data's length
911      *         (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
912      * @exception PKCS11Exception If function returns other value than CKR_OK.
913      * @preconditions (pPart <> null)
914      * @postconditions
915      */
916     public native void C_DigestUpdate(long hSession, long directIn, byte[] in,
917             int inOfs, int inLen) throws PKCS11Exception;
918 
919 
920     /**
921      * C_DigestKey continues a multi-part message-digesting
922      * operation, by digesting the value of a secret key as part of
923      * the data already digested.
924      * (Message digesting)
925      *
926      * @param hSession the session's handle
927      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
928      * @param hKey the handle of the secret key to be digested
929      *         (PKCS#11 param: CK_OBJECT_HANDLE hKey)
930      * @exception PKCS11Exception If function returns other value than CKR_OK.
931      * @preconditions
932      * @postconditions
933      */
934     public native void C_DigestKey(long hSession, long hKey)
935             throws PKCS11Exception;
936 
937 
938     /**
939      * C_DigestFinal finishes a multiple-part message-digesting
940      * operation.
941      * (Message digesting)
942      *
943      * @param hSession the session's handle
944      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
945      * @return the message digest and the length of the message digest
946      *         (PKCS#11 param: CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
947      * @exception PKCS11Exception If function returns other value than CKR_OK.
948      * @preconditions
949      * @postconditions (result <> null)
950      */
951     public native int C_DigestFinal(long hSession, byte[] pDigest, int digestOfs,
952             int digestLen) throws PKCS11Exception;
953 
954 
955 
956 /* *****************************************************************************
957  * Signing and MACing
958  ******************************************************************************/
959 
960     /**
961      * C_SignInit initializes a signature (private key encryption)
962      * operation, where the signature is (will be) an appendix to
963      * the data, and plaintext cannot be recovered from the
964      * signature.
965      * (Signing and MACing)
966      *
967      * @param hSession the session's handle
968      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
969      * @param pMechanism the signature mechanism
970      *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
971      * @param hKey the handle of the signature key
972      *         (PKCS#11 param: CK_OBJECT_HANDLE hKey)
973      * @exception PKCS11Exception If function returns other value than CKR_OK.
974      * @preconditions
975      * @postconditions
976      */
977     public native void C_SignInit(long hSession, CK_MECHANISM pMechanism,
978             long hKey) throws PKCS11Exception;
979 
980 
981     /**
982      * C_Sign signs (encrypts with private key) data in a single
983      * part, where the signature is (will be) an appendix to the
984      * data, and plaintext cannot be recovered from the signature.
985      * (Signing and MACing)
986      *
987      * @param hSession the session's handle
988      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
989      * @param pData the data to sign and the data's length
990      *         (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
991      * @return the signature and the signature's length
992      *         (PKCS#11 param: CK_BYTE_PTR pSignature,
993      *                         CK_ULONG_PTR pulSignatureLen)
994      * @exception PKCS11Exception If function returns other value than CKR_OK.
995      * @preconditions (pData <> null)
996      * @postconditions (result <> null)
997      */
998     public native byte[] C_Sign(long hSession, byte[] pData)
999             throws PKCS11Exception;
1000 
1001 
1002     /**
1003      * C_SignUpdate continues a multiple-part signature operation,
1004      * where the signature is (will be) an appendix to the data,
1005      * and plaintext cannot be recovered from the signature.
1006      * (Signing and MACing)
1007      *
1008      * @param hSession the session's handle
1009      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1010      * @param pPart the data part to sign and the data part's length
1011      *         (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1012      * @exception PKCS11Exception If function returns other value than CKR_OK.
1013      * @preconditions (pPart <> null)
1014      * @postconditions
1015      */
1016     public native void C_SignUpdate(long hSession, long directIn, byte[] in,
1017             int inOfs, int inLen) throws PKCS11Exception;
1018 
1019 
1020     /**
1021      * C_SignFinal finishes a multiple-part signature operation,
1022      * returning the signature.
1023      * (Signing and MACing)
1024      *
1025      * @param hSession the session's handle
1026      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1027      * @return the signature and the signature's length
1028      *         (PKCS#11 param: CK_BYTE_PTR pSignature,
1029      *                         CK_ULONG_PTR pulSignatureLen)
1030      * @exception PKCS11Exception If function returns other value than CKR_OK.
1031      * @preconditions
1032      * @postconditions (result <> null)
1033      */
1034     public native byte[] C_SignFinal(long hSession, int expectedLen)
1035             throws PKCS11Exception;
1036 
1037 
1038     /**
1039      * C_SignRecoverInit initializes a signature operation, where
1040      * the data can be recovered from the signature.
1041      * (Signing and MACing)
1042      *
1043      * @param hSession the session's handle
1044      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1045      * @param pMechanism the signature mechanism
1046      *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1047      * @param hKey the handle of the signature key
1048      *         (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1049      * @exception PKCS11Exception If function returns other value than CKR_OK.
1050      * @preconditions
1051      * @postconditions
1052      */
1053     public native void C_SignRecoverInit(long hSession, CK_MECHANISM pMechanism,
1054             long hKey) throws PKCS11Exception;
1055 
1056 
1057     /**
1058      * C_SignRecover signs data in a single operation, where the
1059      * data can be recovered from the signature.
1060      * (Signing and MACing)
1061      *
1062      * @param hSession the session's handle
1063      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1064      * @param pData the data to sign and the data's length
1065      *         (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
1066      * @return the signature and the signature's length
1067      *         (PKCS#11 param: CK_BYTE_PTR pSignature,
1068      *                         CK_ULONG_PTR pulSignatureLen)
1069      * @exception PKCS11Exception If function returns other value than CKR_OK.
1070      * @preconditions (pData <> null)
1071      * @postconditions (result <> null)
1072      */
1073     public native int C_SignRecover(long hSession, byte[] in, int inOfs,
1074             int inLen, byte[] out, int outOufs, int outLen)
1075             throws PKCS11Exception;
1076 
1077 
1078 
1079 /* *****************************************************************************
1080  * Verifying signatures and MACs
1081  ******************************************************************************/
1082 
1083     /**
1084      * C_VerifyInit initializes a verification operation, where the
1085      * signature is an appendix to the data, and plaintext cannot
1086      * cannot be recovered from the signature (e.g. DSA).
1087      * (Signing and MACing)
1088      *
1089      * @param hSession the session's handle
1090      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1091      * @param pMechanism the verification mechanism
1092      *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1093      * @param hKey the handle of the verification key
1094      *         (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1095      * @exception PKCS11Exception If function returns other value than CKR_OK.
1096      * @preconditions
1097      * @postconditions
1098      */
1099     public native void C_VerifyInit(long hSession, CK_MECHANISM pMechanism,
1100             long hKey) throws PKCS11Exception;
1101 
1102 
1103     /**
1104      * C_Verify verifies a signature in a single-part operation,
1105      * where the signature is an appendix to the data, and plaintext
1106      * cannot be recovered from the signature.
1107      * (Signing and MACing)
1108      *
1109      * @param hSession the session's handle
1110      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1111      * @param pData the signed data and the signed data's length
1112      *         (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG ulDataLen)
1113      * @param pSignature the signature to verify and the signature's length
1114      *         (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
1115      * @exception PKCS11Exception If function returns other value than CKR_OK.
1116      * @preconditions (pData <> null) and (pSignature <> null)
1117      * @postconditions
1118      */
1119     public native void C_Verify(long hSession, byte[] pData, byte[] pSignature)
1120             throws PKCS11Exception;
1121 
1122 
1123     /**
1124      * C_VerifyUpdate continues a multiple-part verification
1125      * operation, where the signature is an appendix to the data,
1126      * and plaintext cannot be recovered from the signature.
1127      * (Signing and MACing)
1128      *
1129      * @param hSession the session's handle
1130      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1131      * @param pPart the signed data part and the signed data part's length
1132      *         (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1133      * @exception PKCS11Exception If function returns other value than CKR_OK.
1134      * @preconditions (pPart <> null)
1135      * @postconditions
1136      */
1137     public native void C_VerifyUpdate(long hSession, long directIn, byte[] in,
1138             int inOfs, int inLen) throws PKCS11Exception;
1139 
1140 
1141     /**
1142      * C_VerifyFinal finishes a multiple-part verification
1143      * operation, checking the signature.
1144      * (Signing and MACing)
1145      *
1146      * @param hSession the session's handle
1147      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1148      * @param pSignature the signature to verify and the signature's length
1149      *         (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
1150      * @exception PKCS11Exception If function returns other value than CKR_OK.
1151      * @preconditions (pSignature <> null)
1152      * @postconditions
1153      */
1154     public native void C_VerifyFinal(long hSession, byte[] pSignature)
1155             throws PKCS11Exception;
1156 
1157 
1158     /**
1159      * C_VerifyRecoverInit initializes a signature verification
1160      * operation, where the data is recovered from the signature.
1161      * (Signing and MACing)
1162      *
1163      * @param hSession the session's handle
1164      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1165      * @param pMechanism the verification mechanism
1166      *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1167      * @param hKey the handle of the verification key
1168      *         (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1169      * @exception PKCS11Exception If function returns other value than CKR_OK.
1170      * @preconditions
1171      * @postconditions
1172      */
1173     public native void C_VerifyRecoverInit(long hSession,
1174             CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception;
1175 
1176 
1177     /**
1178      * C_VerifyRecover verifies a signature in a single-part
1179      * operation, where the data is recovered from the signature.
1180      * (Signing and MACing)
1181      *
1182      * @param hSession the session's handle
1183      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1184      * @param pSignature the signature to verify and the signature's length
1185      *         (PKCS#11 param: CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
1186      * @return the recovered data and the recovered data's length
1187      *         (PKCS#11 param: CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
1188      * @exception PKCS11Exception If function returns other value than CKR_OK.
1189      * @preconditions (pSignature <> null)
1190      * @postconditions (result <> null)
1191      */
1192     public native int C_VerifyRecover(long hSession, byte[] in, int inOfs,
1193             int inLen, byte[] out, int outOufs, int outLen)
1194             throws PKCS11Exception;
1195 
1196 
1197 
1198 /* *****************************************************************************
1199  * Dual-function cryptographic operations
1200  ******************************************************************************/
1201 
1202     /**
1203      * C_DigestEncryptUpdate continues a multiple-part digesting
1204      * and encryption operation.
1205      * (Dual-function cryptographic operations)
1206      *
1207      * @param hSession the session's handle
1208      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1209      * @param pPart the data part to digest and to encrypt and the data's length
1210      *         (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1211      * @return the digested and encrypted data part and the data part's length
1212      *         (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1213      *                         CK_ULONG_PTR pulEncryptedPartLen)
1214      * @exception PKCS11Exception If function returns other value than CKR_OK.
1215      * @preconditions (pPart <> null)
1216      * @postconditions
1217      */
1218 //    public native byte[] C_DigestEncryptUpdate(long hSession, byte[] pPart)
1219 //            throws PKCS11Exception;
1220 
1221 
1222     /**
1223      * C_DecryptDigestUpdate continues a multiple-part decryption and
1224      * digesting operation.
1225      * (Dual-function cryptographic operations)
1226      *
1227      * @param hSession the session's handle
1228      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1229      * @param pEncryptedPart the encrypted data part to decrypt and to digest
1230      *         and encrypted data part's length
1231      *         (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1232      *                         CK_ULONG ulEncryptedPartLen)
1233      * @return the decrypted and digested data part and the data part's length
1234      *         (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
1235      * @exception PKCS11Exception If function returns other value than CKR_OK.
1236      * @preconditions (pEncryptedPart <> null)
1237      * @postconditions
1238      */
1239 //    public native byte[] C_DecryptDigestUpdate(long hSession,
1240 //            byte[] pEncryptedPart) throws PKCS11Exception;
1241 
1242 
1243     /**
1244      * C_SignEncryptUpdate continues a multiple-part signing and
1245      * encryption operation.
1246      * (Dual-function cryptographic operations)
1247      *
1248      * @param hSession the session's handle
1249      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1250      * @param pPart the data part to sign and to encrypt and the data part's
1251      *         length
1252      *         (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
1253      * @return the signed and encrypted data part and the data part's length
1254      *         (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1255      *                         CK_ULONG_PTR pulEncryptedPartLen)
1256      * @exception PKCS11Exception If function returns other value than CKR_OK.
1257      * @preconditions (pPart <> null)
1258      * @postconditions
1259      */
1260 //    public native byte[] C_SignEncryptUpdate(long hSession, byte[] pPart)
1261 //            throws PKCS11Exception;
1262 
1263 
1264     /**
1265      * C_DecryptVerifyUpdate continues a multiple-part decryption and
1266      * verify operation.
1267      * (Dual-function cryptographic operations)
1268      *
1269      * @param hSession the session's handle
1270      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1271      * @param pEncryptedPart the encrypted data part to decrypt and to verify
1272      *         and the data part's length
1273      *         (PKCS#11 param: CK_BYTE_PTR pEncryptedPart,
1274      *                         CK_ULONG ulEncryptedPartLen)
1275      * @return the decrypted and verified data part and the data part's length
1276      *         (PKCS#11 param: CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
1277      * @exception PKCS11Exception If function returns other value than CKR_OK.
1278      * @preconditions (pEncryptedPart <> null)
1279      * @postconditions
1280      */
1281 //    public native byte[] C_DecryptVerifyUpdate(long hSession,
1282 //            byte[] pEncryptedPart) throws PKCS11Exception;
1283 
1284 
1285 
1286 /* *****************************************************************************
1287  * Key management
1288  ******************************************************************************/
1289 
1290     /**
1291      * C_GenerateKey generates a secret key, creating a new key
1292      * object.
1293      * (Key management)
1294      *
1295      * @param hSession the session's handle
1296      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1297      * @param pMechanism the key generation mechanism
1298      *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1299      * @param pTemplate the template for the new key and the number of
1300      *         attributes in the template
1301      *         (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
1302      * @return the handle of the new key
1303      *         (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
1304      * @exception PKCS11Exception If function returns other value than CKR_OK.
1305      * @preconditions
1306      * @postconditions
1307      */
1308     public native long C_GenerateKey(long hSession, CK_MECHANISM pMechanism,
1309             CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
1310 
1311 
1312     /**
1313      * C_GenerateKeyPair generates a public-key/private-key pair,
1314      * creating new key objects.
1315      * (Key management)
1316      *
1317      * @param hSession the session's handle
1318      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1319      * @param pMechanism the key generation mechanism
1320      *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1321      * @param pPublicKeyTemplate the template for the new public key and the
1322      *         number of attributes in the template
1323      *         (PKCS#11 param: CK_ATTRIBUTE_PTR pPublicKeyTemplate,
1324      *                         CK_ULONG ulPublicKeyAttributeCount)
1325      * @param pPrivateKeyTemplate the template for the new private key and the
1326      *         number of attributes in the template
1327      *         (PKCS#11 param: CK_ATTRIBUTE_PTR pPrivateKeyTemplate
1328      *                         CK_ULONG ulPrivateKeyAttributeCount)
1329      * @return a long array with exactly two elements and the public key handle
1330      *         as the first element and the private key handle as the second
1331      *         element
1332      *         (PKCS#11 param: CK_OBJECT_HANDLE_PTR phPublicKey,
1333      *                         CK_OBJECT_HANDLE_PTR phPrivateKey)
1334      * @exception PKCS11Exception If function returns other value than CKR_OK.
1335      * @preconditions (pMechanism <> null)
1336      * @postconditions (result <> null) and (result.length == 2)
1337      */
1338     public native long[] C_GenerateKeyPair(long hSession,
1339             CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate,
1340             CK_ATTRIBUTE[] pPrivateKeyTemplate) throws PKCS11Exception;
1341 
1342 
1343 
1344     /**
1345      * C_WrapKey wraps (i.e., encrypts) a key.
1346      * (Key management)
1347      *
1348      * @param hSession the session's handle
1349      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1350      * @param pMechanism the wrapping mechanism
1351      *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1352      * @param hWrappingKey the handle of the wrapping key
1353      *         (PKCS#11 param: CK_OBJECT_HANDLE hWrappingKey)
1354      * @param hKey the handle of the key to be wrapped
1355      *         (PKCS#11 param: CK_OBJECT_HANDLE hKey)
1356      * @return the wrapped key and the length of the wrapped key
1357      *         (PKCS#11 param: CK_BYTE_PTR pWrappedKey,
1358      *                         CK_ULONG_PTR pulWrappedKeyLen)
1359      * @exception PKCS11Exception If function returns other value than CKR_OK.
1360      * @preconditions
1361      * @postconditions (result <> null)
1362      */
1363     public native byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism,
1364             long hWrappingKey, long hKey) throws PKCS11Exception;
1365 
1366 
1367     /**
1368      * C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
1369      * key object.
1370      * (Key management)
1371      *
1372      * @param hSession the session's handle
1373      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1374      * @param pMechanism the unwrapping mechanism
1375      *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1376      * @param hUnwrappingKey the handle of the unwrapping key
1377      *         (PKCS#11 param: CK_OBJECT_HANDLE hUnwrappingKey)
1378      * @param pWrappedKey the wrapped key to unwrap and the wrapped key's length
1379      *         (PKCS#11 param: CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen)
1380      * @param pTemplate the template for the new key and the number of
1381      *         attributes in the template
1382      *         (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
1383      * @return the handle of the unwrapped key
1384      *         (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
1385      * @exception PKCS11Exception If function returns other value than CKR_OK.
1386      * @preconditions (pWrappedKey <> null)
1387      * @postconditions
1388      */
1389     public native long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism,
1390             long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate)
1391             throws PKCS11Exception;
1392 
1393 
1394     /**
1395      * C_DeriveKey derives a key from a base key, creating a new key
1396      * object.
1397      * (Key management)
1398      *
1399      * @param hSession the session's handle
1400      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1401      * @param pMechanism the key derivation mechanism
1402      *         (PKCS#11 param: CK_MECHANISM_PTR pMechanism)
1403      * @param hBaseKey the handle of the base key
1404      *         (PKCS#11 param: CK_OBJECT_HANDLE hBaseKey)
1405      * @param pTemplate the template for the new key and the number of
1406      *         attributes in the template
1407      *         (PKCS#11 param: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
1408      * @return the handle of the derived key
1409      *         (PKCS#11 param: CK_OBJECT_HANDLE_PTR phKey)
1410      * @exception PKCS11Exception If function returns other value than CKR_OK.
1411      * @preconditions
1412      * @postconditions
1413      */
1414     public native long C_DeriveKey(long hSession, CK_MECHANISM pMechanism,
1415             long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception;
1416 
1417 
1418 
1419 /* *****************************************************************************
1420  * Random number generation
1421  ******************************************************************************/
1422 
1423     /**
1424      * C_SeedRandom mixes additional seed material into the token's
1425      * random number generator.
1426      * (Random number generation)
1427      *
1428      * @param hSession the session's handle
1429      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1430      * @param pSeed the seed material and the seed material's length
1431      *         (PKCS#11 param: CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen)
1432      * @exception PKCS11Exception If function returns other value than CKR_OK.
1433      * @preconditions (pSeed <> null)
1434      * @postconditions
1435      */
1436     public native void C_SeedRandom(long hSession, byte[] pSeed)
1437             throws PKCS11Exception;
1438 
1439 
1440     /**
1441      * C_GenerateRandom generates random data.
1442      * (Random number generation)
1443      *
1444      * @param hSession the session's handle
1445      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1446      * @param RandomData receives the random data and the length of RandomData
1447      *         is the length of random data to be generated
1448      *         (PKCS#11 param: CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen)
1449      * @exception PKCS11Exception If function returns other value than CKR_OK.
1450      * @preconditions (randomData <> null)
1451      * @postconditions
1452      */
1453     public native void C_GenerateRandom(long hSession, byte[] randomData)
1454             throws PKCS11Exception;
1455 
1456 
1457 
1458 /* *****************************************************************************
1459  * Parallel function management
1460  ******************************************************************************/
1461 
1462     /**
1463      * C_GetFunctionStatus is a legacy function; it obtains an
1464      * updated status of a function running in parallel with an
1465      * application.
1466      * (Parallel function management)
1467      *
1468      * @param hSession the session's handle
1469      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1470      * @exception PKCS11Exception If function returns other value than CKR_OK.
1471      * @preconditions
1472      * @postconditions
1473      */
1474 //    public native void C_GetFunctionStatus(long hSession)
1475 //            throws PKCS11Exception;
1476 
1477 
1478     /**
1479      * C_CancelFunction is a legacy function; it cancels a function
1480      * running in parallel.
1481      * (Parallel function management)
1482      *
1483      * @param hSession the session's handle
1484      *         (PKCS#11 param: CK_SESSION_HANDLE hSession)
1485      * @exception PKCS11Exception If function returns other value than CKR_OK.
1486      * @preconditions
1487      * @postconditions
1488      */
1489 //    public native void C_CancelFunction(long hSession) throws PKCS11Exception;
1490 
1491 
1492 
1493 /* *****************************************************************************
1494  * Functions added in for Cryptoki Version 2.01 or later
1495  ******************************************************************************/
1496 
1497     /**
1498      * C_WaitForSlotEvent waits for a slot event (token insertion,
1499      * removal, etc.) to occur.
1500      * (General-purpose)
1501      *
1502      * @param flags blocking/nonblocking flag
1503      *         (PKCS#11 param: CK_FLAGS flags)
1504      * @param pReserved reserved. Should be null
1505      *         (PKCS#11 param: CK_VOID_PTR pReserved)
1506      * @return the slot ID where the event occurred
1507      *         (PKCS#11 param: CK_SLOT_ID_PTR pSlot)
1508      * @exception PKCS11Exception If function returns other value than CKR_OK.
1509      * @preconditions (pRserved == null)
1510      * @postconditions
1511      */
1512 //    public native long C_WaitForSlotEvent(long flags, Object pRserved)
1513 //            throws PKCS11Exception;
1514 
1515     /**
1516      * Returns the string representation of this object.
1517      *
1518      * @return The string representation of object
1519      */
1520     public String toString() {
1521         return "Module name: " + pkcs11ModulePath;
1522     }
1523 
1524     /**
1525      * Calls disconnect() to cleanup the native part of the wrapper. Once this
1526      * method is called, this object cannot be used any longer. Any subsequent
1527      * call to a C_* method will result in a runtime exception.
1528      *
1529      * @exception Throwable If finalization fails.
1530      */
1531     protected void finalize() throws Throwable {
1532         disconnect();
1533     }
1534 
1535 // PKCS11 subclass that has all methods synchronized and delegating to the
1536 // parent. Used for tokens that only support single threaded access
1537 static class SynchronizedPKCS11 extends PKCS11 {
1538 
1539     SynchronizedPKCS11(String pkcs11ModulePath, String functionListName)
1540             throws IOException {
1541         super(pkcs11ModulePath, functionListName);
1542     }
1543 
1544     synchronized void C_Initialize(Object pInitArgs) throws PKCS11Exception {
1545         super.C_Initialize(pInitArgs);
1546     }
1547 
1548     public synchronized void C_Finalize(Object pReserved)
1549             throws PKCS11Exception {
1550         super.C_Finalize(pReserved);
1551     }
1552 
1553     public synchronized CK_INFO C_GetInfo() throws PKCS11Exception {
1554         return super.C_GetInfo();
1555     }
1556 
1557     public synchronized long[] C_GetSlotList(boolean tokenPresent)
1558             throws PKCS11Exception {
1559         return super.C_GetSlotList(tokenPresent);
1560     }
1561 
1562     public synchronized CK_SLOT_INFO C_GetSlotInfo(long slotID)
1563             throws PKCS11Exception {
1564         return super.C_GetSlotInfo(slotID);
1565     }
1566 
1567     public synchronized CK_TOKEN_INFO C_GetTokenInfo(long slotID)
1568             throws PKCS11Exception {
1569         return super.C_GetTokenInfo(slotID);
1570     }
1571 
1572     public synchronized long[] C_GetMechanismList(long slotID)
1573             throws PKCS11Exception {
1574         return super.C_GetMechanismList(slotID);
1575     }
1576 
1577     public synchronized CK_MECHANISM_INFO C_GetMechanismInfo(long slotID,
1578             long type) throws PKCS11Exception {
1579         return super.C_GetMechanismInfo(slotID, type);
1580     }
1581 
1582     public synchronized long C_OpenSession(long slotID, long flags,
1583             Object pApplication, CK_NOTIFY Notify) throws PKCS11Exception {
1584         return super.C_OpenSession(slotID, flags, pApplication, Notify);
1585     }
1586 
1587     public synchronized void C_CloseSession(long hSession)
1588             throws PKCS11Exception {
1589         super.C_CloseSession(hSession);
1590     }
1591 
1592     public synchronized CK_SESSION_INFO C_GetSessionInfo(long hSession)
1593             throws PKCS11Exception {
1594         return super.C_GetSessionInfo(hSession);
1595     }
1596 
1597     public synchronized void C_Login(long hSession, long userType, char[] pPin)
1598             throws PKCS11Exception {
1599         super.C_Login(hSession, userType, pPin);
1600     }
1601 
1602     public synchronized void C_Logout(long hSession) throws PKCS11Exception {
1603         super.C_Logout(hSession);
1604     }
1605 
1606     public synchronized long C_CreateObject(long hSession,
1607             CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1608         return super.C_CreateObject(hSession, pTemplate);
1609     }
1610 
1611     public synchronized long C_CopyObject(long hSession, long hObject,
1612             CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1613         return super.C_CopyObject(hSession, hObject, pTemplate);
1614     }
1615 
1616     public synchronized void C_DestroyObject(long hSession, long hObject)
1617             throws PKCS11Exception {
1618         super.C_DestroyObject(hSession, hObject);
1619     }
1620 
1621     public synchronized void C_GetAttributeValue(long hSession, long hObject,
1622             CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1623         super.C_GetAttributeValue(hSession, hObject, pTemplate);
1624     }
1625 
1626     public synchronized void C_SetAttributeValue(long hSession, long hObject,
1627             CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1628         super.C_SetAttributeValue(hSession, hObject, pTemplate);
1629     }
1630 
1631     public synchronized void C_FindObjectsInit(long hSession,
1632             CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1633         super.C_FindObjectsInit(hSession, pTemplate);
1634     }
1635 
1636     public synchronized long[] C_FindObjects(long hSession,
1637             long ulMaxObjectCount) throws PKCS11Exception {
1638         return super.C_FindObjects(hSession, ulMaxObjectCount);
1639     }
1640 
1641     public synchronized void C_FindObjectsFinal(long hSession)
1642             throws PKCS11Exception {
1643         super.C_FindObjectsFinal(hSession);
1644     }
1645 
1646     public synchronized void C_EncryptInit(long hSession,
1647             CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1648         super.C_EncryptInit(hSession, pMechanism, hKey);
1649     }
1650 
1651     public synchronized int C_Encrypt(long hSession, byte[] in, int inOfs,
1652             int inLen, byte[] out, int outOfs, int outLen)
1653             throws PKCS11Exception {
1654         return super.C_Encrypt(hSession, in, inOfs, inLen, out, outOfs, outLen);
1655     }
1656 
1657     public synchronized int C_EncryptUpdate(long hSession, long directIn,
1658             byte[] in, int inOfs, int inLen, long directOut, byte[] out,
1659             int outOfs, int outLen) throws PKCS11Exception {
1660         return super.C_EncryptUpdate(hSession, directIn, in, inOfs, inLen,
1661                 directOut, out, outOfs, outLen);
1662     }
1663 
1664     public synchronized int C_EncryptFinal(long hSession, long directOut,
1665             byte[] out, int outOfs, int outLen) throws PKCS11Exception {
1666         return super.C_EncryptFinal(hSession, directOut, out, outOfs, outLen);
1667     }
1668 
1669     public synchronized void C_DecryptInit(long hSession,
1670             CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1671         super.C_DecryptInit(hSession, pMechanism, hKey);
1672     }
1673 
1674     public synchronized int C_Decrypt(long hSession, byte[] in, int inOfs,
1675             int inLen, byte[] out, int outOfs, int outLen)
1676             throws PKCS11Exception {
1677         return super.C_Decrypt(hSession, in, inOfs, inLen, out, outOfs, outLen);
1678     }
1679 
1680     public synchronized int C_DecryptUpdate(long hSession, long directIn,
1681             byte[] in, int inOfs, int inLen, long directOut, byte[] out,
1682             int outOfs, int outLen) throws PKCS11Exception {
1683         return super.C_DecryptUpdate(hSession, directIn, in, inOfs, inLen,
1684                 directOut, out, outOfs, outLen);
1685     }
1686 
1687     public synchronized int C_DecryptFinal(long hSession, long directOut,
1688             byte[] out, int outOfs, int outLen) throws PKCS11Exception {
1689         return super.C_DecryptFinal(hSession, directOut, out, outOfs, outLen);
1690     }
1691 
1692     public synchronized void C_DigestInit(long hSession, CK_MECHANISM pMechanism)
1693             throws PKCS11Exception {
1694         super.C_DigestInit(hSession, pMechanism);
1695     }
1696 
1697     public synchronized int C_DigestSingle(long hSession,
1698             CK_MECHANISM pMechanism, byte[] in, int inOfs, int inLen,
1699             byte[] digest, int digestOfs, int digestLen) throws PKCS11Exception {
1700         return super.C_DigestSingle(hSession, pMechanism, in, inOfs, inLen,
1701                 digest, digestOfs, digestLen);
1702     }
1703 
1704     public synchronized void C_DigestUpdate(long hSession, long directIn,
1705             byte[] in, int inOfs, int inLen) throws PKCS11Exception {
1706         super.C_DigestUpdate(hSession, directIn, in, inOfs, inLen);
1707     }
1708 
1709     public synchronized void C_DigestKey(long hSession, long hKey)
1710             throws PKCS11Exception {
1711         super.C_DigestKey(hSession, hKey);
1712     }
1713 
1714     public synchronized int C_DigestFinal(long hSession, byte[] pDigest,
1715             int digestOfs, int digestLen) throws PKCS11Exception {
1716         return super.C_DigestFinal(hSession, pDigest, digestOfs, digestLen);
1717     }
1718 
1719     public synchronized void C_SignInit(long hSession, CK_MECHANISM pMechanism,
1720             long hKey) throws PKCS11Exception {
1721         super.C_SignInit(hSession, pMechanism, hKey);
1722     }
1723 
1724     public synchronized byte[] C_Sign(long hSession, byte[] pData)
1725             throws PKCS11Exception {
1726         return super.C_Sign(hSession, pData);
1727     }
1728 
1729     public synchronized void C_SignUpdate(long hSession, long directIn,
1730             byte[] in, int inOfs, int inLen) throws PKCS11Exception {
1731         super.C_SignUpdate(hSession, directIn, in, inOfs, inLen);
1732     }
1733 
1734     public synchronized byte[] C_SignFinal(long hSession, int expectedLen)
1735             throws PKCS11Exception {
1736         return super.C_SignFinal(hSession, expectedLen);
1737     }
1738 
1739     public synchronized void C_SignRecoverInit(long hSession,
1740             CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1741         super.C_SignRecoverInit(hSession, pMechanism, hKey);
1742     }
1743 
1744     public synchronized int C_SignRecover(long hSession, byte[] in, int inOfs,
1745             int inLen, byte[] out, int outOufs, int outLen)
1746             throws PKCS11Exception {
1747         return super.C_SignRecover(hSession, in, inOfs, inLen, out, outOufs,
1748                 outLen);
1749     }
1750 
1751     public synchronized void C_VerifyInit(long hSession, CK_MECHANISM pMechanism,
1752             long hKey) throws PKCS11Exception {
1753         super.C_VerifyInit(hSession, pMechanism, hKey);
1754     }
1755 
1756     public synchronized void C_Verify(long hSession, byte[] pData,
1757             byte[] pSignature) throws PKCS11Exception {
1758         super.C_Verify(hSession, pData, pSignature);
1759     }
1760 
1761     public synchronized void C_VerifyUpdate(long hSession, long directIn,
1762             byte[] in, int inOfs, int inLen) throws PKCS11Exception {
1763         super.C_VerifyUpdate(hSession, directIn, in, inOfs, inLen);
1764     }
1765 
1766     public synchronized void C_VerifyFinal(long hSession, byte[] pSignature)
1767             throws PKCS11Exception {
1768         super.C_VerifyFinal(hSession, pSignature);
1769     }
1770 
1771     public synchronized void C_VerifyRecoverInit(long hSession,
1772             CK_MECHANISM pMechanism, long hKey) throws PKCS11Exception {
1773         super.C_VerifyRecoverInit(hSession, pMechanism, hKey);
1774     }
1775 
1776     public synchronized int C_VerifyRecover(long hSession, byte[] in, int inOfs,
1777             int inLen, byte[] out, int outOufs, int outLen)
1778             throws PKCS11Exception {
1779         return super.C_VerifyRecover(hSession, in, inOfs, inLen, out, outOufs,
1780                 outLen);
1781     }
1782 
1783     public synchronized long C_GenerateKey(long hSession,
1784             CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pTemplate)
1785             throws PKCS11Exception {
1786         return super.C_GenerateKey(hSession, pMechanism, pTemplate);
1787     }
1788 
1789     public synchronized long[] C_GenerateKeyPair(long hSession,
1790             CK_MECHANISM pMechanism, CK_ATTRIBUTE[] pPublicKeyTemplate,
1791             CK_ATTRIBUTE[] pPrivateKeyTemplate)
1792             throws PKCS11Exception {
1793         return super.C_GenerateKeyPair(hSession, pMechanism, pPublicKeyTemplate,
1794                 pPrivateKeyTemplate);
1795     }
1796 
1797     public synchronized byte[] C_WrapKey(long hSession, CK_MECHANISM pMechanism,
1798             long hWrappingKey, long hKey) throws PKCS11Exception {
1799         return super.C_WrapKey(hSession, pMechanism, hWrappingKey, hKey);
1800     }
1801 
1802     public synchronized long C_UnwrapKey(long hSession, CK_MECHANISM pMechanism,
1803             long hUnwrappingKey, byte[] pWrappedKey, CK_ATTRIBUTE[] pTemplate)
1804             throws PKCS11Exception {
1805         return super.C_UnwrapKey(hSession, pMechanism, hUnwrappingKey,
1806                 pWrappedKey, pTemplate);
1807     }
1808 
1809     public synchronized long C_DeriveKey(long hSession, CK_MECHANISM pMechanism,
1810     long hBaseKey, CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
1811         return super.C_DeriveKey(hSession, pMechanism, hBaseKey, pTemplate);
1812     }
1813 
1814     public synchronized void C_SeedRandom(long hSession, byte[] pSeed)
1815             throws PKCS11Exception {
1816         super.C_SeedRandom(hSession, pSeed);
1817     }
1818 
1819     public synchronized void C_GenerateRandom(long hSession, byte[] randomData)
1820             throws PKCS11Exception {
1821         super.C_GenerateRandom(hSession, randomData);
1822     }
1823 }
1824 }