Smart Card Shell

PKCS11Object - Reference Documentation

Class implementing support for objects in cryptographic token with PKCS#11 interface

Index of Methods

Constants

Type Name Description
Number CKO_DATA PKCS#11 object class
Number CKO_CERTIFICATE PKCS#11 object class
Number CKO_PUBLIC_KEY PKCS#11 object class
Number CKO_PRIVATE_KEY PKCS#11 object class
Number CKO_SECRET_KEY PKCS#11 object class
Number CKO_HW_FEATURE PKCS#11 object class
Number CKO_DOMAIN_PARAMETERS PKCS#11 object class
Number CKO_MECHANISM PKCS#11 object class
Number CKA_CLASS PKCS#11 attribute
Number CKA_TOKEN PKCS#11 attribute
Number CKA_PRIVATE PKCS#11 attribute
Number CKA_LABEL PKCS#11 attribute
Number CKA_APPLICATION PKCS#11 attribute
Number CKA_VALUE PKCS#11 attribute
Number CKA_OBJECT_ID PKCS#11 attribute
Number CKA_CERTIFICATE_TYPE PKCS#11 attribute
Number CKA_ISSUER PKCS#11 attribute
Number CKA_SERIAL_NUMBER PKCS#11 attribute
Number CKA_SERIAL_NUMBER PKCS#11 attribute
Number CKA_OWNER PKCS#11 attribute
Number CKA_ATTR_TYPES PKCS#11 attribute
Number CKA_TRUSTED PKCS#11 attribute
Number CKA_CERTIFICATE_CATEGORY PKCS#11 attribute
Number CKA_JAVA_MIDP_SECURITY_DOMAIN PKCS#11 attribute
Number CKA_URL PKCS#11 attribute
Number CKA_HASH_OF_SUBJECT_PUBLIC_KEY PKCS#11 attribute
Number CKA_HASH_OF_ISSUER_PUBLIC_KEY PKCS#11 attribute
Number CKA_CHECK_VALUE PKCS#11 attribute
Number CKA_KEY_TYPE PKCS#11 attribute
Number CKA_SUBJECT PKCS#11 attribute
Number CKA_ID PKCS#11 attribute
Number CKA_SENSITIVE PKCS#11 attribute
Number CKA_ENCRYPT PKCS#11 attribute
Number CKA_DECRYPT PKCS#11 attribute
Number CKA_WRAP PKCS#11 attribute
Number CKA_UNWRAP PKCS#11 attribute
Number CKA_SIGN PKCS#11 attribute
Number CKA_SIGN_RECOVER PKCS#11 attribute
Number CKA_VERIFY PKCS#11 attribute
Number CKA_VERIFY_RECOVER PKCS#11 attribute
Number CKA_DERIVE PKCS#11 attribute
Number CKA_START_DATE PKCS#11 attribute
Number CKA_END_DATE PKCS#11 attribute
Number CKA_MODULUS PKCS#11 attribute
Number CKA_MODULUS_BITS PKCS#11 attribute
Number CKA_PUBLIC_EXPONENT PKCS#11 attribute
Number CKA_PRIVATE_EXPONENT PKCS#11 attribute
Number CKA_PRIME_1 PKCS#11 attribute
Number CKA_PRIME_2 PKCS#11 attribute
Number CKA_EXPONENT_1 PKCS#11 attribute
Number CKA_EXPONENT_2 PKCS#11 attribute
Number CKA_COEFFICIENT PKCS#11 attribute
Number CKA_PRIME PKCS#11 attribute
Number CKA_SUBPRIME PKCS#11 attribute
Number CKA_BASE PKCS#11 attribute
Number CKA_PRIME_BITS PKCS#11 attribute
Number CKA_SUB_PRIME_BITS PKCS#11 attribute
Number CKA_VALUE_BITS PKCS#11 attribute
Number CKA_VALUE_LEN PKCS#11 attribute
Number CKA_EXTRACTABLE PKCS#11 attribute
Number CKA_LOCAL PKCS#11 attribute
Number CKA_NEVER_EXTRACTABLE PKCS#11 attribute
Number CKA_ALWAYS_SENSITIVE PKCS#11 attribute
Number CKA_KEY_GEN_MECHANISM PKCS#11 attribute
Number CKA_MODIFIABLE PKCS#11 attribute
Number CKA_ECDSA_PARAMS PKCS#11 attribute
Number CKA_EC_PARAMS PKCS#11 attribute
Number CKA_EC_POINT PKCS#11 attribute
Number CKA_SECONDARY_AUTH PKCS#11 attribute
Number CKA_AUTH_PIN_FLAGS PKCS#11 attribute
Number CKA_ALWAYS_AUTHENTICATE PKCS#11 attribute
Number CKA_WRAP_WITH_TRUSTED PKCS#11 attribute
Number CKK_RSA PKCS#11 key type
Number CKK_ECDSA PKCS#11 key type
Number CKK_EC PKCS#11 key type
Number CKK_DES PKCS#11 key type
Number CKK_DES2 PKCS#11 key type
Number CKK_DES3 PKCS#11 key type
Number CKK_AES PKCS#11 key type

Constructor

Prototype

PKCS11Object(PKCS11Session session)

Description

Create a PKCS#11 object within the given session using the provided list of attributes. The object is created in the selected token.

The constructor accepts an associative array of attributes. The key must be one of the PKCS11Object.CKA_xxx values. The value can be a number, a string, a ByteString or boolean value. At least the CKA_CLASS must be defined.

Arguments

Type Name Description
PKCS11Session session Previously opened session with PKCS#11 device

Exceptions

Name Value Description
GPError GPError.ARGUMENTS_MISSING Too few arguments in call
GPError GPError.INVALID_ARGUMENTS Too many arguments in call
GPError GPError.INVALID_TYPE Type of argument is invalid for call

Example


// var p = new PKCS11Provider("c:/programme/smart card bundle/opensc-pkcs11.dll");
var p = new PKCS11Provider("C:/usr/local/lsm/bin/lsmpkcs11.dll");

// Login as user in a read/write session
var s = new PKCS11Session(p, 1, true);
s.login("12345678");

var attr = new Array();

attr[PKCS11Object.CKA_CLASS] = PKCS11Object.CKO_SECRET_KEY;
attr[PKCS11Object.CKA_KEY_TYPE] = PKCS11Object.CKK_DES;
attr[PKCS11Object.CKA_LABEL] = "MyTestKey";
attr[PKCS11Object.CKA_TOKEN] = true;
attr[PKCS11Object.CKA_VALUE] = new ByteString("0101010101010101", HEX);

// Create object
var o = new PKCS11Object(s, attr);

getAttribute()

Prototype

ByteString getAttribute(Number attr)

Description

Return the requested attribute as ByteString

Arguments

Type Name Description
Number attr One of the CKA_ attributes

Return

ByteString Value of attribute. null is returned if the attribute is not defined.

Exceptions

Name Value Description
GPError GPError.ARGUMENTS_MISSING Too few arguments in call
GPError GPError.INVALID_ARGUMENTS Too many arguments in call
GPError GPError.INVALID_TYPE Type of argument is invalid for call
GPError GPError.OBJECT_NOT_FOUND The requested attribute can not be read

Example


print("CKA_LABEL = " + o.getAttribute(PKCS11Object.CKA_LABEL).toString(ASCII));

getNumberAttribute()

Prototype

Number getAttribute(Number attr)

Description

Return the requested attribute as Number

Arguments

Type Name Description
Number attr One of the CKA_ attributes

Return

Number Value of attribute

Exceptions

Name Value Description
GPError GPError.ARGUMENTS_MISSING Too few arguments in call
GPError GPError.INVALID_ARGUMENTS Too many arguments in call
GPError GPError.INVALID_TYPE Type of argument is invalid for call
GPError GPError.OBJECT_NOT_FOUND The requested attribute is not defined or can not be read

Example


print("CKA_KEY_TYPE = " + o.getNumberAttribute(PKCS11Object.CKA_KEY_TYPE));

getBooleanAttribute()

Prototype

Boolean getBooleanAttribute(Number attr)

Description

Return the requested attribute as boolean value

Arguments

Type Name Description
Number attr One of the CKA_ attributes

Return

Boolean Boolean value of attribute

Exceptions

Name Value Description
GPError GPError.ARGUMENTS_MISSING Too few arguments in call
GPError GPError.INVALID_ARGUMENTS Too many arguments in call
GPError GPError.INVALID_TYPE Type of argument is invalid for call
GPError GPError.OBJECT_NOT_FOUND The requested attribute is not defined or can not be read

Example


print("CKA_TOKEN = " + o.getBooleanAttribute(PKCS11Object.CKA_TOKEN));

destroy()

Prototype

void destroy()

Description

Destroy the object

Return

Exceptions

Name Value Description
GPError GPError.INVALID_ARGUMENTS Too many arguments in call
GPError GPError.DEVICE_ERROR Error removing object

Example


o.destroy();