com.isbc.smartcard.esmarttoken.api

Class Pkcs11Wrapper

java.lang.Object

com.isbc.smartcard.esmarttoken.api.Pkcs11Wrapper

public class Pkcs11Wrapper
extends Object

Wrapper for native invocation

Author:

Sergey Panov

Constructor Summary

Constructors

Constructor and Description
Pkcs11Wrapper()

Method Summary

Modifier and Type	Method and Description
long	cleanCardWrap(javax.smartcardio.CardTerminal term, String moduleName, byte[] pin) Wrapper for native method for clearing card by deleting all object from token
long	createCSRWrap(javax.smartcardio.CardTerminal term, String moduleName, byte[] pin, byte[] publicKeyId, byte[] privateKeyId, String[] dn, String[] attr, String[] ext, List<Byte> buffer) Wrapper for native method to create CSR in PKCS#10 format (C_ISBC_CreateCSR from PKCS#11 API)
long	generateGostR3410_2001KeyPairWrap(javax.smartcardio.CardTerminal term, String moduleName, byte[] pin, String label, byte[] id) Wrapper for native method to generate GOST R 34.10-2001 key pair (C_GenerateKeyPair from PKCS#11 API)
long	generateKeyPairWrap(javax.smartcardio.CardTerminal term, String moduleName, byte[] pin, long modulusBits, String label, byte[] id) Wrapper for native method to generate RSA key pair (C_GenerateKeyPair from PKCS#11 API)
long	getPublicKeyWrap(javax.smartcardio.CardTerminal term, String moduleName, byte[] pin, String label, byte[] id, List<Byte> modulusData, List<Byte> exponentData) Wrapper for native method to generate RSA key pair (C_GenerateKeyPair from PKCS#11 API)
long	getTokenInfoWrap(javax.smartcardio.CardTerminal term, String moduleName, String[] label, String[] manufacturerID, String[] model, String[] serialNumber, String[] flags) Wrapper for native method to token info (C_GetTokenInfo from PKCS#11 API)
long	getX509CertificateWrap(javax.smartcardio.CardTerminal term, String moduleName, byte[] pin, String label, byte[] id, List<Byte> buffer) Wrapper for native method to load certificate in x509 format
long	initCardWrap(javax.smartcardio.CardTerminal term, String moduleName, byte[] pin) Wrapper for native method to initialize token (C_InitToken from PKCS#11 API)
long	listObjectsWrap(javax.smartcardio.CardTerminal term, String moduleName, byte[] pin, List<Pkcs11ObjectAttribute> attrList) Wrapper for native method to list token's objects
long	loadCertWrap(javax.smartcardio.CardTerminal term, String moduleName, byte[] buffer, byte[] pass, byte[] pin) Wrapper for native method for loading certificate from pfx or p12 file by specify PKCS#11 module path and name
long	loadX509CertificateWrap(javax.smartcardio.CardTerminal term, String moduleName, byte[] pin, String label, byte[] id, byte[] buffer) Wrapper for native method to load X509 certificate (C_ISBC_ImportX509Certificate from PKCS#11 API)
long	pkcs7SignWrap(javax.smartcardio.CardTerminal term, String moduleName, byte[] pin, byte[] data, byte[] signCertId, byte[] privateKeyId, byte[][] moreCert, long flag, List<Byte> buffer) Wrapper for native method to sign data in PKCS#7 format (C_ISBC_pkcs7Sign from PKCS#11 API)
long	pkcs7VerifyWrap(String moduleName, byte[] pkcs7Data, byte[] data) Wrapper for native method to verify data in PKCS#7 format (C_ISBC_pkcs7Verify from PKCS#11 API)
long	setPinWrap(javax.smartcardio.CardTerminal term, String moduleName, byte[] oldpin, byte[] newpin) Wrapper for native method to set user PIN (C_SetPIN from PKCS#11 API)
long	setPukWrap(javax.smartcardio.CardTerminal term, String moduleName, byte[] oldpin, byte[] newpin) Wrapper for native method to set SO PIN (C_SetPIN from PKCS#11 API)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Pkcs11Wrapper

public Pkcs11Wrapper()

Method Detail

loadCertWrap

public long loadCertWrap(javax.smartcardio.CardTerminal term,
                         String moduleName,
                         byte[] buffer,
                         byte[] pass,
                         byte[] pin)

Wrapper for native method for loading certificate from pfx or p12 file by specify PKCS#11 module path and name

Parameters:

term - reader object or null for any suitable reader

moduleName - Path and name for PKCS#11 module

buffer - buffer with certificate data

pass - password for loaded file

pin - User PIN for the token

Returns:

Result code for the operation. Code 0 means success. Positive values in according to PKCS #11 v2.30 specification error codes Negative values in according to ErrorCode class

See Also:

ErrorCode

cleanCardWrap

public long cleanCardWrap(javax.smartcardio.CardTerminal term,
                          String moduleName,
                          byte[] pin)

Wrapper for native method for clearing card by deleting all object from token

Parameters:

term - reader object or null for any suitable reader

moduleName - Path and name for PKCS#11 module

pin - User PIN for the token

Returns:

Result code for the operation. Code 0 means success. Positive values in according to PKCS #11 v2.30 specification error codes Negative values in according to ErrorCode class

See Also:

ErrorCode

initCardWrap

public long initCardWrap(javax.smartcardio.CardTerminal term,
                         String moduleName,
                         byte[] pin)

Wrapper for native method to initialize token (C_InitToken from PKCS#11 API)

Parameters:

term - reader object or null for any suitable reader

moduleName - Path and name for PKCS#11 module

pin - User PIN for the token

Returns:

Result code for the operation. Code 0 means success. Positive values in according to PKCS #11 v2.30 specification error codes Negative values in according to ErrorCode class

See Also:

ErrorCode

listObjectsWrap

public long listObjectsWrap(javax.smartcardio.CardTerminal term,
                            String moduleName,
                            byte[] pin,
                            List<Pkcs11ObjectAttribute> attrList)

Wrapper for native method to list token's objects

Parameters:

term - reader object or null for any suitable reader

moduleName - Path and name for PKCS#11 module

pin - User PIN for the token

attrList - List of object attributes

Returns:

Result code for the operation. Code 0 means success. Positive values in according to PKCS #11 v2.30 specification error codes Negative values in according to ErrorCode class

See Also:

ErrorCode

setPinWrap

public long setPinWrap(javax.smartcardio.CardTerminal term,
                       String moduleName,
                       byte[] oldpin,
                       byte[] newpin)

Wrapper for native method to set user PIN (C_SetPIN from PKCS#11 API)

Parameters:

term - reader object or null for any suitable reader

moduleName - Path and name for PKCS#11 module

oldpin - Old PIN for the token

newpin - New PIN for the token

Returns:

Result code for the operation. Code 0 means success. Positive values in according to PKCS #11 v2.30 specification error codes Negative values in according to ErrorCode class

See Also:

ErrorCode

setPukWrap

public long setPukWrap(javax.smartcardio.CardTerminal term,
                       String moduleName,
                       byte[] oldpin,
                       byte[] newpin)

Wrapper for native method to set SO PIN (C_SetPIN from PKCS#11 API)

Parameters:

term - reader object or null for any suitable reader

moduleName - Path and name for PKCS#11 module

oldpin - Old PIN for the token

newpin - New PIN for the token

Returns:

Result code for the operation. Code 0 means success. Positive values in according to PKCS #11 v2.20 specification error codes Negative values in according to ErrorCode class

See Also:

ErrorCode

generateKeyPairWrap

public long generateKeyPairWrap(javax.smartcardio.CardTerminal term,
                                String moduleName,
                                byte[] pin,
                                long modulusBits,
                                String label,
                                byte[] id)

Wrapper for native method to generate RSA key pair (C_GenerateKeyPair from PKCS#11 API)

Parameters:

term - reader object or null for any suitable reader

moduleName - Path and name for PKCS#11 module

pin - User PIN for the token

modulusBits - Number of bits for RSA pair

label - Object label

id - Object ID

Returns:

Result code for the operation. Code 0 means success. Positive values in according to PKCS #11 v2.30 specification error codes Negative values in according to ErrorCode class

See Also:

ErrorCode

getX509CertificateWrap

public long getX509CertificateWrap(javax.smartcardio.CardTerminal term,
                                   String moduleName,
                                   byte[] pin,
                                   String label,
                                   byte[] id,
                                   List<Byte> buffer)

Wrapper for native method to load certificate in x509 format

Parameters:

term - reader object or null for any suitable reader

moduleName - Path and name for PKCS#11 module

pin - User PIN for the token

label - Object label

id - Object ID

buffer - Buffer with certificate content in DER format

Returns:

Result code for the operation. Code 0 means success. Positive values in according to PKCS #11 v2.30 specification error codes Negative values in according to ErrorCode class

See Also:

ErrorCode

getPublicKeyWrap

public long getPublicKeyWrap(javax.smartcardio.CardTerminal term,
                             String moduleName,
                             byte[] pin,
                             String label,
                             byte[] id,
                             List<Byte> modulusData,
                             List<Byte> exponentData)

Wrapper for native method to generate RSA key pair (C_GenerateKeyPair from PKCS#11 API)

Parameters:

term - reader object or null for any suitable reader

moduleName - Path and name for PKCS#11 module

pin - User PIN for the token

label - Object label

id - Object ID

modulusData - Buffer with modules data for the public key

exponentData - Buffer with exponent data for the public key

Returns:

Result code for the operation. Code 0 means success. Positive values in according to PKCS #11 v2.30 specification error codes Negative values in according to ErrorCode class

See Also:

ErrorCode

loadX509CertificateWrap

public long loadX509CertificateWrap(javax.smartcardio.CardTerminal term,
                                    String moduleName,
                                    byte[] pin,
                                    String label,
                                    byte[] id,
                                    byte[] buffer)

Wrapper for native method to load X509 certificate (C_ISBC_ImportX509Certificate from PKCS#11 API)

Parameters:

term - reader object or null for any suitable reader

moduleName - Path and name for PKCS#11 module

buffer - Certificate content in DER format

pin - User PIN for the token

label - Object label

id - Object ID

Returns:

Result code for the operation. Code 0 means success. Positive values in according to PKCS #11 v2.30 specification error codes Negative values in according to ErrorCode class

See Also:

ErrorCode

createCSRWrap

public long createCSRWrap(javax.smartcardio.CardTerminal term,
                          String moduleName,
                          byte[] pin,
                          byte[] publicKeyId,
                          byte[] privateKeyId,
                          String[] dn,
                          String[] attr,
                          String[] ext,
                          List<Byte> buffer)

Wrapper for native method to create CSR in PKCS#10 format (C_ISBC_CreateCSR from PKCS#11 API)

Parameters:

term - reader object or null for any suitable reader

moduleName - Path and name for PKCS#11 module

pin - User PIN for the token

publicKeyId - Public key ID

privateKeyId - Private key ID (commonly the same as Public key ID)

dn - String array with distinguished name (DN) Should be send as pair strings. The first string should be field type or object identified (for example CN) The second string should contain value in UTF8 format

attr - Additional parameters to be included into CSR. Format the same as for DN

ext - Extensions to be included into CSR. Should be send as triplet strings. The first string should be field type (for example keyUsage, subjectAltName etc as defined in RFC 3280) The second string should contain value in UTF8 format The third string should 0 for non-critical or 1 for critical attribute

buffer - Ready CSR content in DER format

Returns:

Result code for the operation. Code 0 means success. Positive values in according to PKCS #11 v2.30 specification error codes Negative values in according to ErrorCode class

See Also:

ErrorCode

pkcs7SignWrap

public long pkcs7SignWrap(javax.smartcardio.CardTerminal term,
                          String moduleName,
                          byte[] pin,
                          byte[] data,
                          byte[] signCertId,
                          byte[] privateKeyId,
                          byte[][] moreCert,
                          long flag,
                          List<Byte> buffer)

Wrapper for native method to sign data in PKCS#7 format (C_ISBC_pkcs7Sign from PKCS#11 API)

Parameters:

term - reader object or null for any suitable reader

moduleName - Path and name for PKCS#11 module

pin - User PIN for the token

data - Data to be signed

signCertId - Certificate ID which used for signing

privateKeyId - Private key ID (commonly the same as Certificate ID)

moreCert - Array with additional certificates

flag - Special flag, 0 - normal signature, 0x40 - detached signature

buffer - PKCS#7 signature in DER format

Returns:

Result code for the operation. Code 0 means success. Positive values in according to PKCS #11 v2.20 specification error codes Negative values in according to ErrorCode class

pkcs7VerifyWrap

public long pkcs7VerifyWrap(String moduleName,
                            byte[] pkcs7Data,
                            byte[] data)

Wrapper for native method to verify data in PKCS#7 format (C_ISBC_pkcs7Verify from PKCS#11 API)

Parameters:

moduleName - Path and name for PKCS#11 module

pkcs7Data - Data in PKCS#7 DER format to be verified

data - Signed data in case of detached signature

Returns:

Result code for the operation. Code 0 means success. Positive values in according to PKCS #11 v2.20 specification error codes Negative values in according to ErrorCode class

getTokenInfoWrap

public long getTokenInfoWrap(javax.smartcardio.CardTerminal term,
                             String moduleName,
                             String[] label,
                             String[] manufacturerID,
                             String[] model,
                             String[] serialNumber,
                             String[] flags)

Wrapper for native method to token info (C_GetTokenInfo from PKCS#11 API)

Parameters:

term - reader object or null for any suitable reader

moduleName - Path and name for PKCS#11 module

label - out data for label

manufacturerID - out data for manufacturerID

model - out data for model

serialNumber - out data for serialNumber

flags - String with flags represented as ULONG value converted to hex string See PKCS #11 v2.30 specification for flags description

Returns:

Result code for the operation. Code 0 means success. Positive values in according to PKCS #11 v2.30 specification error codes Negative values in according to ErrorCode class

generateGostR3410_2001KeyPairWrap

public long generateGostR3410_2001KeyPairWrap(javax.smartcardio.CardTerminal term,
                                              String moduleName,
                                              byte[] pin,
                                              String label,
                                              byte[] id)

Wrapper for native method to generate GOST R 34.10-2001 key pair (C_GenerateKeyPair from PKCS#11 API)

Parameters:

term - reader object or null for any suitable reader

moduleName - Path and name for PKCS#11 module

pin - User PIN for the token

label - Object label

id - Object ID

Returns:

Result code for the operation. Code 0 means success. Positive values in according to PKCS #11 v2.20 specification error codes Negative values in according to ErrorCode class

See Also:

ErrorCode