Package com.ellipticsecure.ehsm

Interface EHSMLibrary

  • All Superinterfaces:
    com.sun.jna.Library
    public interface EHSMLibrary
extends com.sun.jna.Library
    This is a low level interface for the eHSM shared library. It is recommended that the standard SunPKCS11 provider be used to perform cryptographic operations and this library only for eHSM specific functions.
    Author:
    Kobus Grobler

    • Nested Class Summary

      • Nested classes/interfaces inherited from interface com.sun.jna.Library

        com.sun.jna.Library.Handler

    • Field Summary

      • Fields inherited from interface com.sun.jna.Library

        OPTION_ALLOW_OBJECTS, OPTION_CALLING_CONVENTION, OPTION_CLASSLOADER, OPTION_FUNCTION_MAPPER, OPTION_INVOCATION_MAPPER, OPTION_OPEN_FLAGS, OPTION_STRING_ENCODING, OPTION_STRUCTURE_ALIGNMENT, OPTION_TYPE_MAPPER

    • Method Summary

      All Methods Static Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      long C_CloseSession​(com.sun.jna.NativeLong hSession)  
      long C_DestroyObject​(com.sun.jna.NativeLong hSession, com.sun.jna.NativeLong hObject)  
      long C_Finalize​(com.sun.jna.Pointer p)  
      long C_GetSlotList​(byte tokenPresent, com.sun.jna.NativeLong[] pSlotList, com.sun.jna.ptr.NativeLongByReference pCount)  
      long C_GetTokenInfo​(com.sun.jna.NativeLong slotID, CKTokenInfo info)  
      long C_Initialize​(com.sun.jna.Pointer p)  
      long C_InitPIN​(com.sun.jna.NativeLong hSession, String pPin, com.sun.jna.NativeLong ulPinLen)  
      long C_InitToken​(com.sun.jna.NativeLong slotID, String pPin, com.sun.jna.NativeLong ulPinLen, String pLabel)
      Initializes the device.
      long C_Login​(com.sun.jna.NativeLong hSession, com.sun.jna.NativeLong userType, String pPin, com.sun.jna.NativeLong ulPinLen)  
      long C_Logout​(com.sun.jna.NativeLong hSession)  
      long C_OpenSession​(com.sun.jna.NativeLong slotID, com.sun.jna.NativeLong pFlags, com.sun.jna.Pointer pApplicationn, com.sun.jna.Pointer notify, com.sun.jna.ptr.NativeLongByReference pSession)  
      long C_SetPIN​(com.sun.jna.NativeLong hSession, String pOldPin, com.sun.jna.NativeLong ulOldLen, String pNewPin, com.sun.jna.NativeLong ulNewLen)  
      static String GetBIP32XPub​(@NonNull EHSMLibrary lib, @NonNull com.sun.jna.NativeLong session, int net, @lombok.NonNull int[] indexes)
      This is a helper method to encode the public address in XPUB format.
      static String getDefaultLibraryName()
      Returns the default library name for the platform.
      static EHSMLibrary getInstance​(@NonNull String libraryName)
      Retrieves an instance of the EHSMLibrary.
      static void throwIfNotOK​(long ckr)
      A Utility method that checks the return code from a method and throws EHSMException if it is not CKR_OK.
      long u32FactoryReset​(com.sun.jna.NativeLong slot)
      Performs a factory reset.
      long u32GetBitcoinPub​(com.sun.jna.NativeLong hSession, int[] indexes, com.sun.jna.NativeLong indexCnt, byte[] out, com.sun.jna.ptr.NativeLongByReference outLen)
      Get the BTC public key at the specified BIP32 path.
      long u32GetTokenConfig​(com.sun.jna.NativeLong slot, EHSMConfig config)
      Retrieves the device specific token configuration.
      long u32HasBitcoinKey​(com.sun.jna.NativeLong hSession, com.sun.jna.ptr.NativeLongByReference handle)
      Check if the device as a bitcoin key set.
      long u32ImportBitcoinKey​(com.sun.jna.NativeLong hSession, byte[] seedIn, com.sun.jna.NativeLong seedLen)
      Import a BTC key from the specified seed.
      long u32SetBitOptions​(com.sun.jna.NativeLong slot, short bitOptions)
      Sets the bit options field.
      long u32SetSessionTimeout​(com.sun.jna.NativeLong slot, byte mins)
      Sets the session timeout in minutes.
      long u32SignBitcoinHash​(com.sun.jna.NativeLong session, byte[] hash, com.sun.jna.NativeLong hashLen, int[] indexes, com.sun.jna.NativeLong indexCnt, byte[] sig, com.sun.jna.ptr.NativeLongByReference sigLenInOut)
      Signs a BTC hash with the specified key at the BIP32 path.

    • Method Detail

      • getInstance

        static EHSMLibrary getInstance​(@NonNull
                               @NonNull String libraryName)
        Retrieves an instance of the EHSMLibrary.
        Parameters:
        libraryName - the name of the shared library file - see getDefaultLibraryName().
        Returns:
        an instance.

      • throwIfNotOK

        static void throwIfNotOK​(long ckr)
        A Utility method that checks the return code from a method and throws EHSMException if it is not CKR_OK.
        Parameters:
        ckr - the CK return code

      • u32FactoryReset

        long u32FactoryReset​(com.sun.jna.NativeLong slot)
        Performs a factory reset. By default (depending on settings) requires a user action to be performed first, i.e. a button press. C: uint32_t u32FactoryReset(CK_SLOT_ID slot)
        Parameters:
        slot - the slot ID
        Returns:
        a CKR result code, CKR_OK if success.

      • u32GetTokenConfig

        long u32GetTokenConfig​(com.sun.jna.NativeLong slot,
                       EHSMConfig config)
        Retrieves the device specific token configuration. C: uint32_t u32GetTokenConfig(CK_SLOT_ID slot, tEHSMConfig *config)
        Parameters:
        slot - the slot ID
        config - the device config
        Returns:
        a CKR result code, CKR_OK if success.

      • u32SetBitOptions

        long u32SetBitOptions​(com.sun.jna.NativeLong slot,
                      short bitOptions)
        Sets the bit options field. The SO user needs to be logged in prior to this call. 0xFFFF are all default bits. C: uint32_t u32SetBitOptions(CK_SLOT_ID slot, uint16_t bitOptions)
        Parameters:
        slot - the slot ID
        bitOptions - the bit options field.
        Returns:
        CKR_OK if success or another CKR result code if it fails.

      • u32SetSessionTimeout

        long u32SetSessionTimeout​(com.sun.jna.NativeLong slot,
                          byte mins)
        Sets the session timeout in minutes. "0" means no timeout. C: uint32_t u32SetSessionTimeout(CK_SLOT_ID slot, uint8_t mins)
        Parameters:
        slot - the slot ID
        mins - the session timeout in minutes
        Returns:
        CKR_OK if success or another CKR result code if it fails.

      • u32HasBitcoinKey

        long u32HasBitcoinKey​(com.sun.jna.NativeLong hSession,
                      com.sun.jna.ptr.NativeLongByReference handle)
        Check if the device as a bitcoin key set. C: uint32_t u32HasBitcoinKey(CK_SESSION_HANDLE session, CK_OBJECT_HANDLE *handle)
        Parameters:
        hSession - the session handle.
        handle - if a BTC key exists it's handle will be returned here.
        Returns:
        BTC_KEY_NOT_FOUND if no BTC key is found, CKR_OK if a key is found (handle will be valid) or another CKR_XX error code.

      • u32ImportBitcoinKey

        long u32ImportBitcoinKey​(com.sun.jna.NativeLong hSession,
                         byte[] seedIn,
                         com.sun.jna.NativeLong seedLen)
        Import a BTC key from the specified seed. C: uint32_t u32ImportBitcoinKey(CK_SESSION_HANDLE session, const uint8_t* seedIn, size_t seedLen)
        Parameters:
        hSession - the session handle.
        seedIn - the seed.
        seedLen - the length of the seed.
        Returns:
        CKR_OK if success or another CKR result code if it fails.

      • u32GetBitcoinPub

        long u32GetBitcoinPub​(com.sun.jna.NativeLong hSession,
                      int[] indexes,
                      com.sun.jna.NativeLong indexCnt,
                      byte[] out,
                      com.sun.jna.ptr.NativeLongByReference outLen)
        Get the BTC public key at the specified BIP32 path.
        Parameters:
        hSession - the session handle.
        indexes - the BIP32 path to the key.
        indexCnt - the number of indexes elements supplied.
        out - the raw binary public key (without network)
        outLen - the length of the public key.
        Returns:
        CKR_OK if success or another CKR result code if it fails.

      • GetBIP32XPub

        static String GetBIP32XPub​(@NonNull
                           @NonNull EHSMLibrary lib,
                           @NonNull
                           @NonNull com.sun.jna.NativeLong session,
                           int net,
                           @NonNull
                           @lombok.NonNull int[] indexes)
        This is a helper method to encode the public address in XPUB format.
        Parameters:
        lib - instance to this library.
        session - a session handle.
        net - the network used.
        indexes - the path to the public key.
        Returns:
        the Base58 encoded public key (address).

      • u32SignBitcoinHash

        long u32SignBitcoinHash​(com.sun.jna.NativeLong session,
                        byte[] hash,
                        com.sun.jna.NativeLong hashLen,
                        int[] indexes,
                        com.sun.jna.NativeLong indexCnt,
                        byte[] sig,
                        com.sun.jna.ptr.NativeLongByReference sigLenInOut)
        Signs a BTC hash with the specified key at the BIP32 path. C: uint32_t u32SignBitcoinHash(CK_SESSION_HANDLE session, const uint8_t* hash, size_t hashLen, uint32_t* indexes, size_t indexCnt, uint8_t* sig, size_t *sigLenInOut)
        Parameters:
        session - the session handle.
        hash - the (32) byte hash to sign.
        hashLen - the hash length.
        indexes - the BIP32 path to the key.
        indexCnt - the number of indexes elements supplied.
        sig - tbe raw binary signature.
        sigLenInOut - the length of the signature.
        Returns:
        CKR_OK if success or another CKR result code if it fails.

      • C_Initialize

        long C_Initialize​(com.sun.jna.Pointer p)

      • C_Finalize

        long C_Finalize​(com.sun.jna.Pointer p)

      • C_GetTokenInfo

        long C_GetTokenInfo​(com.sun.jna.NativeLong slotID,
                    CKTokenInfo info)

      • C_InitToken

        long C_InitToken​(com.sun.jna.NativeLong slotID,
                 String pPin,
                 com.sun.jna.NativeLong ulPinLen,
                 String pLabel)
        Initializes the device. C: CK_RV C_InitToken(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pLabel)
        Parameters:
        slotID - the slot ID
        pPin - the SO PIN to use
        ulPinLen - the SO PIN length
        pLabel - The device label - 32 characters. Note: this should be padded with spaces if less than 32 bytes.
        Returns:
        CKR_OK if the function succeeds.

      • C_GetSlotList

        long C_GetSlotList​(byte tokenPresent,
                   com.sun.jna.NativeLong[] pSlotList,
                   com.sun.jna.ptr.NativeLongByReference pCount)

      • C_OpenSession

        long C_OpenSession​(com.sun.jna.NativeLong slotID,
                   com.sun.jna.NativeLong pFlags,
                   com.sun.jna.Pointer pApplicationn,
                   com.sun.jna.Pointer notify,
                   com.sun.jna.ptr.NativeLongByReference pSession)

      • C_CloseSession

        long C_CloseSession​(com.sun.jna.NativeLong hSession)

      • C_Login

        long C_Login​(com.sun.jna.NativeLong hSession,
             com.sun.jna.NativeLong userType,
             String pPin,
             com.sun.jna.NativeLong ulPinLen)

      • C_Logout

        long C_Logout​(com.sun.jna.NativeLong hSession)

      • C_SetPIN

        long C_SetPIN​(com.sun.jna.NativeLong hSession,
              String pOldPin,
              com.sun.jna.NativeLong ulOldLen,
              String pNewPin,
              com.sun.jna.NativeLong ulNewLen)

      • C_InitPIN

        long C_InitPIN​(com.sun.jna.NativeLong hSession,
               String pPin,
               com.sun.jna.NativeLong ulPinLen)

      • C_DestroyObject

        long C_DestroyObject​(com.sun.jna.NativeLong hSession,
                     com.sun.jna.NativeLong hObject)

      • getDefaultLibraryName

        static String getDefaultLibraryName()
        Returns the default library name for the platform.
        Returns:
        the library name