public class LunaTokenObject
extends java.lang.Object
The LunaTokenObject encapsulates the token object handle and implements a number of methods for accessing the object.
Modifier and Type | Method and Description |
---|---|
void |
assign()
assigns this object.
|
void |
authorize(java.lang.String value,
boolean override)
authorizes this object.
|
void |
cacheAuthorizedSession(LunaSession session)
caches authorized session on the slot this HSM object lives in
|
static void |
clearDeriveTemplate()
remove all elements from derive template
|
void |
deleteCachedAuthorizedSession()
delete the cached authorized session for this object
|
void |
DestroyObject()
Destroys the object on the HSM.
|
java.lang.String |
GetAlias()
Returns the alias of the HSM object wrapped by this object.
|
LunaSession |
getAuthorizedSession() |
boolean |
GetBooleanAttribute(long attribute)
Gets the boolean value of the given attribute.
|
LunaSession |
getCachedAuthorizedSession()
Returns a cached authorized session on the slot this HSM object lives in
|
long[] |
GetClassAndType()
Returns the PKCS11 key class (CKO_PUBLIC_KEY, CKO_PRIVATE_KEY, etc) and type (CKK_AES, CKK_RSA, etc) for the HSM
object wrapped by this object.
|
java.util.Date |
GetDateMadePersistent()
Gets the date and time that the HSM object wrapped by this object was made persistent.
|
static LunaCKAttribute[] |
getDeriveTemplate() |
byte[] |
GetFingerprint()
Returns the fingerprint of the HSM object wrapped by this object.
|
int |
GetHandle()
Returns the handle of the HSM object wrapped by this object.
|
byte[] |
GetLargeAttribute(long attribute)
Returns the value of the requested attribute as a byte array.
|
byte[] |
GetOUID()
Returns the CKA_OUID of the object in the HSM.
|
LunaSession |
getSession()
Returns a session on the slot this HSM object lives in
|
LunaSession |
getSessionForAuthorization()
Returns a session for authorization on the slot this HSM object lives in
|
int |
getSlot()
Returns the slot number of the HSM object wrapped by this object
|
long |
GetSmallAttribute(long attribute)
Returns the requested attribute value of the given key, interpreted as a PKCS CK_ULONG.
|
void |
incrementFailedAuthCount()
increment the failed auth attempt count for this object.
|
boolean |
isInitialized() |
boolean |
IsObjectPersistent()
Checks if the HSM object wrapped by this object is persistent.
|
static LunaTokenObject |
LocateCertByAlias(java.lang.String alias,
int slot)
Finds a persistent cert in the given slot by its alias.
|
static LunaTokenObject |
LocateKeyByAlias(java.lang.String alias)
Finds a key in the default slot by its alias.
|
static LunaTokenObject |
LocateKeyByAlias(java.lang.String alias,
int slot)
Finds a persistent key in the given slot by its alias.
|
static LunaTokenObject |
LocateObjectByAlias(java.lang.String alias)
Finds a persistent object in the default slot by its alias.
|
static LunaTokenObject |
LocateObjectByAlias(java.lang.String alias,
int slot)
Finds a persistent object in the given slot by its alias.
|
static LunaTokenObject |
LocateObjectByFingerprint(byte[] fingerprint)
Finds a persistent object in the default slot by its fingerprint.
|
static LunaTokenObject |
LocateObjectByFingerprint(byte[] fingerprint,
int slot)
Finds a persistent object in the given slot by its fingerprint.
|
static LunaTokenObject |
LocateObjectByHandle(int handle)
Finds an object in the default slot by its object handle.
|
static LunaTokenObject |
LocateObjectByHandle(int handle,
int slot)
Finds an object in the given slot by its object handle.
|
static LunaTokenObject |
LocateObjectByHandle(int handle,
int slot,
java.util.Map<java.lang.Long,java.lang.Object> sessionParameters)
Finds an object in the given slot by its object handle.
|
static LunaTokenObject |
LocateObjectByOUID(byte[] ouid,
int slot)
Finds an object in the given slot by its CKA_OUID.
|
void |
MakePersistent(java.lang.String alias)
If this object is currently a session object, it is persisted with the given alias.
|
void |
resetAuthorizationData(java.lang.String newValue)
resets the auth data this object.
|
void |
resetAuthorizedSession() |
void |
setAuthorizationData(java.lang.String oldValue,
java.lang.String newValue)
Sets the auth data this object.
|
long |
SetBooleanAttribute(long attribute,
boolean value)
Sets the value of the given boolean attribute.
|
static void |
setDeriveTemplate(LunaCKAttribute[] aInTempl)
set the desired derive template
|
long |
SetLargeAttribute(long attribute,
byte[] value)
Sets the value of a large attribute.
|
long |
SetSmallAttribute(long attribute,
long value)
Sets the value of the given attribute, as a PKCS CK_ULONG.
|
long |
setUsageCount(long value)
Sets the usage count for this object.
|
public static void clearDeriveTemplate()
public static void setDeriveTemplate(LunaCKAttribute[] aInTempl)
aInTempl
- derive templatepublic static LunaCKAttribute[] getDeriveTemplate()
public static LunaTokenObject LocateObjectByAlias(java.lang.String alias)
alias
- The alias for the object to findpublic static LunaTokenObject LocateObjectByAlias(java.lang.String alias, int slot)
alias
- The alias for the object to findslot
- The slot to searchpublic static LunaTokenObject LocateCertByAlias(java.lang.String alias, int slot)
alias
- The alias for the cert to findslot
- The slot to searchpublic static LunaTokenObject LocateObjectByFingerprint(byte[] fingerprint)
fingerprint
- The SHA-1 fingerprint of the object to findpublic static LunaTokenObject LocateObjectByFingerprint(byte[] fingerprint, int slot)
fingerprint
- The SHA-1 fingerprint of the object to findslot
- The slot to searchpublic static LunaTokenObject LocateObjectByHandle(int handle)
handle
- The object handle of the object to findpublic static LunaTokenObject LocateObjectByHandle(int handle, int slot)
handle
- The object handle of the object to findslot
- The slot to searchpublic static LunaTokenObject LocateObjectByHandle(int handle, int slot, java.util.Map<java.lang.Long,java.lang.Object> sessionParameters)
handle
- The object handle of the object to findslot
- The slot to searchsessionParameters
- parameters which will eliminate attribute call to the HSM.public static LunaTokenObject LocateKeyByAlias(java.lang.String alias)
LocateObjectByAlias
this method only matches on
private and secret keys.alias
- The alias of the object to findpublic static LunaTokenObject LocateKeyByAlias(java.lang.String alias, int slot)
LocateObjectByAlias
this method only
matches on private and secret keys.alias
- The alias of the key to findslot
- The slot to searchpublic static LunaTokenObject LocateObjectByOUID(byte[] ouid, int slot)
ouid
- The ouid of the object to findslot
- The slot to searchpublic int GetHandle()
public long[] GetClassAndType()
LunaException
- If this object is uninitializedpublic byte[] GetLargeAttribute(long attribute)
GetSmallAttribute
method is preferred.attribute
- The PKCS11 CKA_* id of the attributeLunaException
- If this object is uninitializedpublic long SetLargeAttribute(long attribute, byte[] value)
attribute
- The PKCS11 CKA_* id of the attributevalue
- The value to assign to the given attributeLunaException
- If this object is uninitializedpublic long GetSmallAttribute(long attribute)
If the attribute being requested is not actually a CK_ULONG on the HSM, then this method will return a numerical interpretation of the first 4 bytes of the attribute.
attribute
- The PKCS11 CKA_* id of the attributeLunaException
- If this object is uninitializedpublic long SetSmallAttribute(long attribute, long value)
attribute
- The PKCS11 CKA_* id of the attributevalue
- The value to assign to the given attributeLunaException
- If this object is uninitializedpublic boolean GetBooleanAttribute(long attribute)
attribute
- The PKCS11 CKA_* id of the attributeLunaException
- If this object is uninitializedpublic long SetBooleanAttribute(long attribute, boolean value)
attribute
- The PKCS11 CKA_* id of the attributevalue
- The value to assign to the given attributeLunaException
- If this object is uninitializedpublic long setUsageCount(long value)
value
- The new usage countpublic byte[] GetFingerprint()
public byte[] GetOUID()
public void MakePersistent(java.lang.String alias)
LunaTokenObject
is changed to point to the new object on the HSM. The old object is not removed from
the HSMalias
- The alias to assign to the HSM objectLunaException
- if the LunaTokenObject
object is uninitialized, if alias
is null, or if
alias
points to a non-existent keyLunaPartitionFullException
- if the HSM partition does not have enough storage space to create the new token objectpublic java.lang.String GetAlias()
public void DestroyObject()
public java.util.Date GetDateMadePersistent()
Date
object representing the time that this HSM object was made persistent, or null if this
object is not persistentpublic boolean IsObjectPersistent()
true
if the HSM object is persistentpublic LunaSession getSession()
LunaException
- If there are no users currently logged in to the slot of this objectpublic LunaSession getSessionForAuthorization()
LunaException
- If there are no users currently logged in to the slot of this objectpublic LunaSession getAuthorizedSession()
public void resetAuthorizedSession()
public void cacheAuthorizedSession(LunaSession session)
session
- the session object to cacheLunaException
- If there are no users currently logged in to the slot of this objectpublic LunaSession getCachedAuthorizedSession()
LunaException
- If there are no users currently logged in to the slot of this objectpublic void deleteCachedAuthorizedSession()
LunaException
- If there are no users currently logged in to the slot of this objectpublic int getSlot()
public boolean isInitialized()
public void setAuthorizationData(java.lang.String oldValue, java.lang.String newValue)
oldValue
- old auth datanewValue
- new auth datapublic void resetAuthorizationData(java.lang.String newValue)
newValue
- new auth datapublic void authorize(java.lang.String value, boolean override)
value
- auth dataoverride
- get a new session from the HSM regardless as to whether we've already got onepublic void assign()
public void incrementFailedAuthCount()
Copyright 2014-2018 SafeNet. All rights reserved.