Session Class Reference

Collaboration diagram for Session:

Collaboration graph
[legend]
List of all members.

Detailed Description

Session is a vitally important class to accessing the card. It essentially represents the state of any given instance of interaction. As such, it is crucially important.


Public Member Functions

 Session (Slot *slot, Token *token, CK_VOID_PTR data, CK_NOTIFY notifyFunc)
 Session (Session *other)
 ~Session (void)
CK_RV getInfo (CK_SESSION_INFO *info)
CK_RV login (CK_USER_TYPE userType, const char *pin)
CK_RV login ()
CK_RV logout (void)
CK_RV findObjects (CK_ATTRIBUTE_PTR attributes, CK_ULONG ulCount)
list< CryptoObject * > getSearchResults (CK_ULONG maxToFetch)
UTILCardHandle getHandle ()
CK_SESSION_HANDLE getId ()
CryptoObject * getObjectFromToken (CK_OBJECT_HANDLE handle)
bool isLoggedIn ()
bool isNotLoggedIn ()
CK_RV sign (CK_BYTE *in, CK_ULONG inLen, CK_BYTE *out, CK_ULONG *outLen)
CK_RV decrypt (CK_BYTE *in, CK_ULONG inLen, CK_BYTE *out, CK_ULONG *outLen)
void activate (CK_MECHANISM_TYPE mechanism, CK_OBJECT_HANDLE privKeyId)
Token * getToken ()
void clearSearchResults ()
CK_OBJECT_HANDLE getActiveObj ()
CK_MECHANISM_TYPE getActiveMechanism ()


Constructor & Destructor Documentation

Session::Session Slot *  slot,
Token *  token,
CK_VOID_PTR  data,
CK_NOTIFY  notifyFunc
 

Creates new Session instance existing between 'slot' and 'token'

Parameters:
slot the slot that contains the Token and ultimately this session
token a handle to the token that will allow execution of mechanisms on the card
data not used. For future use with CRYPTOKI and token inset callbacks
notifyFunc not used. For future use with CRYPTOKI and token inset callbacks

Session::Session Session *  other  ) 
 

A copy constructor. Performs a shallow copy except for the ID, which is incremented. This constructor may not be necessary now that exclusivity problems have been ironed out of the middleware (or at least I think they have)

Parameters:
other the session to copy

Session::~Session void   ) 
 

If this is the last instance to be destroyed then it logs out of the card


Member Function Documentation

CK_RV Session::getInfo CK_SESSION_INFO *  info  ) 
 

The mechanism necessary for Cryptoki to get information about this session

Parameters:
info a pointer to the structure that will receive information about this session
Returns:
CKR_OK always

CK_RV Session::login CK_USER_TYPE  userType,
const char *  pin
 

Logs into the card application. By having this session you are connected to the card but not authenticated. Only 1 successfull login to the card is necessary

Parameters:
userType ignored for our purposes, but would refer to the different types of users: Admin/regular
pin the pin used to log into the card.
Returns:
CKR_OK if things went well. Otherwise it will BE CKR_VENDOR_SPECIFIED | piv error code
See also:
pivdefs.h

CK_RV Session::login  ) 
 

Logs into the card application with the already cached pin. If you haven't used the other login method this will fail.

See also:
login(CK_USER_TYPE,const char*)
Returns:
a success code -- see pkcs11t.h
See also:
pkcs11t.h

CK_RV Session::logout void   ) 
 

logs out of the card application.

Returns:
CKR_OK always

CK_RV Session::findObjects CK_ATTRIBUTE_PTR  attributes,
CK_ULONG  ulCount
 

If there had to be 1 method that was the most important this would be it. Cryptoki uses this to find 'Objects' that it needs to perform crypto ops. The array of attributes is applied to all of the objects available and returns an ANDed result. So, all objects that have ALL attributes

Parameters:
attributes an array of attributes for the object being sought. The results aren't actually returned a subsequent call to getSearchResults must be summoned
ulCount the number of attributes
Returns:
CKR_OK always
See also:
getSearchResults(CK_ULONG)

list< CryptoObject * > Session::getSearchResults CK_ULONG  maxToFetch  ) 
 

retrieves the search results from a prior call to findObjects.

Parameters:
maxToFetch the maximum results to return.
Returns:
a std:list of CryptoObjects

UTILCardHandle Session::getHandle  ) 
 

returns the handle used to access the card. This really should only be accessed by other cryptoki objects

Returns:
a handle to the card that is active and logged in

CK_SESSION_HANDLE Session::getId  ) 
 

returns the id that Cryptoki will use to lookup the session at a later point

Returns:
a handle to this session for Cryptoki.

CryptoObject * Session::getObjectFromToken CK_OBJECT_HANDLE  handle  ) 
 

given an Object handle, returns that object

Parameters:
handle the handle to the Object you want
Returns:
a pointer to the CryptoObject or NULL if it doesn't exist

bool Session::isLoggedIn  ) 
 

Returns:
true if this session is already logged into the application

bool Session::isNotLoggedIn  ) 
 

a convenience method for ease of reading.

Returns:
!isLoggedIn()
See also:
isLoggedIn

CK_RV Session::sign CK_BYTE *  in,
CK_ULONG  inLen,
CK_BYTE *  out,
CK_ULONG *  outLen
 

This method directly supports Cryptoki and signs upto 128 bytes and signs using the active mechanism

Parameters:
in the input data to sign
inLen the length of the input data to sign
out the buffer that will receive the signed data
outLen an in/out pointer. IN: tells us how much the outBuffer can accept. OUT: how much was actually put into the buffer
Returns:
a success code -- see pkcs11t.h
See also:
pkcs11t.h

CK_RV Session::decrypt CK_BYTE *  in,
CK_ULONG  inLen,
CK_BYTE *  out,
CK_ULONG *  outLen
 

This method directly supports Cryptoki and decrypts data represented by 'in'

Parameters:
in the input data to sign
inLen the length of the input data to sign
out the buffer that will receive the signed data
outLen an in/out pointer. IN: tells us how much the outBuffer can accept. OUT: how much was actually put into the buffer
Returns:
a success code -- see pkcs11t.h
See also:
pkcs11t.h

void Session::activate CK_MECHANISM_TYPE  mechanism,
CK_OBJECT_HANDLE  privKeyId
 

sets the active Mechanism and private key object that will be used for Signing

Parameters:
mechanism the mechanism to be used for subsequent crypto ops
privKeyId the object ID of the PrivateKey/KeyContainer for the op.

Token * Session::getToken  ) 
 

Returns:
the Token that this session is bound to

void Session::clearSearchResults  ) 
 

clears the search results from a prior findObject call.

CK_OBJECT_HANDLE Session::getActiveObj  ) 
 

Returns:
the active CryptoObject handle that is currently being used for crypto ops

CK_MECHANISM_TYPE Session::getActiveMechanism  ) 
 

Returns:
the mechanism type of the active mechanism used for crypto ops


Generated on Fri Jan 12 15:48:46 2007 for NIST_PKCS11 by doxygen 1.3.1 using KingsTools