org.xipki.pkcs11.wrapper

Class PKCS11Module

java.lang.Object

org.xipki.pkcs11.wrapper.PKCS11Module

public class PKCS11Module
extends java.lang.Object

Caution: Unlike the original IAIK PKCS#11 wrapper, we only call initialize() once per native .so/.dll. Once finalize(Object) has been called, the module cannot be initialized anymore.

Objects of this class represent a PKCS#11 module. The application should create an instance by calling getInstance and passing the name of the PKCS#11 module of the desired token; e.g. "slbck.dll". The application must give the full path of the PKCS#11 module unless the module is in the system's search path or in the path of the java.library.path system property.

According to the specification, the application must call the initialize method before calling any other method of the module. This class contains slot and token management functions as defined by the PKCS#11 standard. All applications using this library will contain the following code.

      PKCS11Module pkcs11Module = PKCS11Module.getInstance("cryptoki.dll");
      pkcs11Module.initialize();

      // ... work with the module

      pkcs11Module.finalize(null);
 

Instead of cryptoki.dll, the application will use the name of the PKCS#11 module of the installed crypto hardware. After the application initialized the module, it can get a list of all available slots. A slot is an object that represents a physical or logical device that can accept a cryptographic token; for instance, the card slot of a smart card reader. The application can call

 Slot[] slots = pkcs11Module.getSlotList(false);
 

to get a list of all available slots or

 Slot[] slotsWithToken = pkcs11Module.getSlotList(true);
 

to get a list of all those slots in which there is a currently a token present.

Author:

Karl Scheibelhofer (SIC), Lijun Liao (xipki)

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	PKCS11Module(java.lang.String pkcs11ModulePath) Create a new module that uses the given PKCS11 interface to interact with the token.

Method Summary

Modifier and Type	Method and Description
void	finalize(java.lang.Object args) Caution: Unlike the original PKCS#11 wrapper, we only call initialize() once per native .so/.dll.
ModuleInfo	getInfo() Gets information about the module; i.e.
static PKCS11Module	getInstance(java.lang.String pkcs11ModulePath) Get an instance of this class by giving the name of the PKCS#11 module; e.g.
sun.security.pkcs11.wrapper.PKCS11	getPKCS11() Gets the PKCS#11 module of the wrapper package behind this object.
Slot[]	getSlotList(boolean tokenPresent) Gets a list of slots that can accept tokens that are compatible with this module; e.g.
void	initialize() Initializes the module.
java.lang.String	toString() Returns the string representation of this object.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

PKCS11Module

protected PKCS11Module(java.lang.String pkcs11ModulePath)

Create a new module that uses the given PKCS11 interface to interact with the token.

Parameters:

pkcs11ModulePath - The interface to interact with the token.

Method Detail

getInstance

public static PKCS11Module getInstance(java.lang.String pkcs11ModulePath)
                                throws java.io.IOException

Get an instance of this class by giving the name of the PKCS#11 module; e.g. "slbck.dll". Tries to load the PKCS#11 wrapper native library from the class path (jar file) or library path.

Parameters:

pkcs11ModulePath - The path of the module; e.g. "/path/to/slbck.dll".

Returns:

An instance of Module that is connected to the given PKCS#11 module.

Throws:

java.io.IOException - If connecting to the named module fails.

getInfo

public ModuleInfo getInfo()
                   throws PKCS11Exception

Gets information about the module; i.e. the PKCS#11 module behind.

Returns:

An object holding information about the module.

Throws:

PKCS11Exception - If getting the information fails.

initialize

public void initialize()
                throws TokenException

Initializes the module. The application must call this method before calling any other method of the module.

Throws:

PKCS11Exception - If initialization fails.

TokenException

getSlotList

public Slot[] getSlotList(boolean tokenPresent)
                   throws PKCS11Exception

Gets a list of slots that can accept tokens that are compatible with this module; e.g. a list of PC/SC smart card readers. The parameter determines if the method returns all compatible slots or only those in which there is a compatible token present.

Parameters:

tokenPresent - Whether only slots with present token are returned.

Returns:

An array of Slot objects, may be an empty array but not null.

Throws:

PKCS11Exception - If error occurred.

getPKCS11

public sun.security.pkcs11.wrapper.PKCS11 getPKCS11()

Gets the PKCS#11 module of the wrapper package behind this object.

Returns:

The PKCS#11 module behind this object.

toString

public java.lang.String toString()

Returns the string representation of this object.

Overrides:

toString in class java.lang.Object

Returns:

The string representation of object

finalize

public void finalize(java.lang.Object args)
              throws PKCS11Exception

Caution: Unlike the original PKCS#11 wrapper, we only call initialize() once per native .so/.dll. Once finalize(Object) has been called, the module cannot be initialized anymore.

Finalizes this module. The application should call this method when it finished using the module. Note that this method is different from the finalize method, which is the reserved Java method called by the garbage collector. This method calls the C_Finalize(PKCS11Object) method of the underlying PKCS11 module.

Parameters:

args - Must be null in version 2.x of PKCS#11.

Throws:

PKCS11Exception - If finalization fails.