/// <summary> /// Logs a user into a token interactively. /// This method should be used only for testing purposes with PKCS11-MOCK module. /// </summary> /// <param name="session">Instance of the extended class</param> public static void InteractiveLogin(this HLA40.Session session) { CKR rv = session.LowLevelPkcs11.C_InteractiveLogin(session.SessionId); if (rv != CKR.CKR_OK) { throw new Pkcs11Exception("C_InteractiveLogin", rv); } }
/// <summary> /// Closes a session between an application and a token /// </summary> /// <param name="session">Session</param> public void CloseSession(Session session) { if (session == null) throw new ArgumentNullException("session"); session.CloseSession(); }
/// <summary> /// Creates the data object. /// </summary> /// <param name='session'>Read-write session with user logged in</param> /// <returns>Object handle</returns> public static ObjectHandle CreateDataObject(Session session) { // Prepare attribute template of new data object List<ObjectAttribute> objectAttributes = new List<ObjectAttribute>(); objectAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_DATA)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_TOKEN, true)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_APPLICATION, Settings.ApplicationName)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, Settings.ApplicationName)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_VALUE, "Data object content")); // Create object return session.CreateObject(objectAttributes); }
/// <summary> /// Generates asymetric key pair. /// </summary> /// <param name='session'>Read-write session with user logged in</param> /// <param name='publicKeyHandle'>Output parameter for public key object handle</param> /// <param name='privateKeyHandle'>Output parameter for private key object handle</param> public static void GenerateKeyPair(Session session, out ObjectHandle publicKeyHandle, out ObjectHandle privateKeyHandle) { // The CKA_ID attribute is intended as a means of distinguishing multiple key pairs held by the same subject byte[] ckaId = session.GenerateRandom(20); // Prepare attribute template of new public key List<ObjectAttribute> publicKeyAttributes = new List<ObjectAttribute>(); publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_TOKEN, true)); publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_PRIVATE, false)); publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, Settings.ApplicationName)); publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_ID, ckaId)); publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_ENCRYPT, true)); publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_VERIFY, true)); publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_VERIFY_RECOVER, true)); publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_WRAP, true)); publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_MODULUS_BITS, 1024)); publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_PUBLIC_EXPONENT, new byte[] { 0x01, 0x00, 0x01 })); // Prepare attribute template of new private key List<ObjectAttribute> privateKeyAttributes = new List<ObjectAttribute>(); privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_TOKEN, true)); privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_PRIVATE, true)); privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, Settings.ApplicationName)); privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_ID, ckaId)); privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_SENSITIVE, true)); privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_DECRYPT, true)); privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_SIGN, true)); privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_SIGN_RECOVER, true)); privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_UNWRAP, true)); // Specify key generation mechanism Mechanism mechanism = new Mechanism(CKM.CKM_RSA_PKCS_KEY_PAIR_GEN); // Generate key pair session.GenerateKeyPair(mechanism, publicKeyAttributes, privateKeyAttributes, out publicKeyHandle, out privateKeyHandle); }
/// <summary> /// Generates symetric key. /// </summary> /// <param name='session'>Read-write session with user logged in</param> /// <returns>Object handle</returns> public static ObjectHandle GenerateKey(Session session) { // Prepare attribute template of new key List<ObjectAttribute> objectAttributes = new List<ObjectAttribute>(); objectAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_SECRET_KEY)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_KEY_TYPE, CKK.CKK_DES3)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_ENCRYPT, true)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_DECRYPT, true)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_DERIVE, true)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_EXTRACTABLE, true)); // Specify key generation mechanism Mechanism mechanism = new Mechanism(CKM.CKM_DES3_KEY_GEN); // Generate key return session.GenerateKey(mechanism, objectAttributes); }