Class Session

Provides information about a session

Hierarchy (view full)

Constructors

constructor

Properties

deviceError flags handle lib slot state

Methods

clear close copy create createCipher createDecipher createDigest createSign createVerify deriveKey destroy find generateKey generateKeyPair generateRandom getInfo getObject getOperationState initPin login logout setOperationState setPin unwrapKey wrapKey

Constructors

constructor

Properties

deviceError

deviceError: number

An error code defined by the cryptographic device. Used for errors not covered by Cryptoki

flags

flags: number

Bit flags that define the type of session

handle

handle: Buffer

ID of PKCS#11 object

lib

lib: PKCS11

PKCS#11 module

slot

slot: Slot

Slot

state

state: number

The state of the session

Methods

clear

  • clear(): number

  • Removes all session objects

    Returns number

    The number of destroyed objects

close

  • close(): void

  • Closes a session between an application and a token

    Returns void

copy

create

  • create(template): SessionObject

  • creates a new object

    • Only session objects can be created during a read-only session.
    • Only public objects can be created unless the normal user is logged in.

    Parameters

    Returns SessionObject

    The new instance of SessionObject

createCipher

createDecipher

  • createDecipher(alg, key, blockSize?): Decipher

  • Creates the decryption operation

    Parameters

    • alg: MechanismType

      The decryption mechanism

    • key: Key

      The decryption key

    • OptionalblockSize: number

      Block size in bytes

    Returns Decipher

    The decryption operation

createDigest

createSign

createVerify

deriveKey

  • deriveKey(alg, baseKey, template): SecretKey

  • Derives a key from a base key

    Parameters

    Returns SecretKey

    Derived key

  • deriveKey(alg, baseKey, template, callback): void

  • Derives a key from a base key

    Parameters

    • alg: MechanismType

      Key derivation mech

    • baseKey: Key

      Base key

    • template: ITemplate

      New key template

    • callback: Callback<Error, Key>

      Async callback function with derived key

    Returns void

destroy

  • destroy(template): number

  • Removes all session objects matched to template

    Parameters

    Returns number

    The number of destroyed objects

  • destroy(object): number

  • Removes the specified session object

    Parameters

    Returns number

    The number of destroyed objects

  • destroy(): number

  • Removes all session objects

    Returns number

    The number of destroyed objects

find

generateKey

  • generateKey(mechanism, template?): SecretKey

  • Generates a secret key or set of domain parameters, creating a new object.

    Parameters

    • mechanism: MechanismType

      Generation mechanism

    • Optionaltemplate: ITemplate

      Template for the new key or set of domain parameters

    Returns SecretKey

    The secret key

  • generateKey(mechanism, template, callback): void

  • Generates a secret key or set of domain parameters, creating a new object.

    Parameters

    • mechanism: MechanismType

      Generation mechanism

    • template: ITemplate

      Template for the new key or set of domain parameters

    • callback: Callback<Error, SecretKey>

      Async callback with generated key

    Returns void

generateKeyPair

  • generateKeyPair(mechanism, publicTemplate, privateTemplate): IKeyPair

  • Generates an asymmetric key pair

    Parameters

    Returns IKeyPair

    The generated key pair

  • generateKeyPair(mechanism, publicTemplate, privateTemplate, callback): void

  • Generates an asymmetric key pair

    Parameters

    • mechanism: MechanismType

      Generation mechanism

    • publicTemplate: ITemplate

      The public key template

    • privateTemplate: ITemplate

      The private key template

    • callback: Callback<Error, IKeyPair>

      Async callback with generated key pair

    Returns void

generateRandom

  • generateRandom(size): Buffer

  • Generates random data

    Parameters

    • size: number

      Amount of bytes to generate

    Returns Buffer

    New byte array

ProtectedgetInfo

getObject

  • getObject<T>(handle): null | T

  • Returns object from session by handle

    Type Parameters

    Parameters

    • handle: Buffer

      handle of object

    Returns null | T

    The session object or null

getOperationState

  • getOperationState(): Buffer

  • Obtains a copy of the cryptographic operations state of a session, encoded as a string of bytes

    Returns Buffer

initPin

  • initPin(pin): void

  • Initializes the normal user's PIN

    Parameters

    • pin: string

      the normal user's PIN

    Returns void

login

  • login(pin, userType?): void

  • Logs a user into a token

    Parameters

    • pin: string

      the user's PIN.

      • This standard allows PIN values to contain any valid UTF8 character, but the token may impose subset restrictions
    • userType: UserType = UserType.USER

      the user type. Default is UserType.USER

    Returns void

logout

  • logout(): void

  • logs a user out from a token

    Returns void

setOperationState

  • setOperationState(state, encryptionKey?, authenticationKey?): void

  • Restores the cryptographic operations state of a session from a string of bytes obtained with getOperationState

    Parameters

    • state: Buffer

      the saved state

    • encryptionKey: number = 0

      holds key which will be used for an ongoing encryption or decryption operation in the restored session (or 0 if no encryption or decryption key is needed, either because no such operation is ongoing in the stored session or because all the necessary key information is present in the saved state)

    • authenticationKey: number = 0

      holds a handle to the key which will be used for an ongoing signature, MACing, or verification operation in the restored session (or 0 if no such key is needed, either because no such operation is ongoing in the stored session or because all the necessary key information is present in the saved state)

    Returns void

setPin

  • setPin(oldPin, newPin): void

  • modifies the PIN of the user who is logged in

    Parameters

    • oldPin: string

      The old PIN

    • newPin: string

      The new PIN

    Returns void

unwrapKey

  • unwrapKey(alg, unwrappingKey, wrappedKey, template): Key

  • Unwraps (decrypts) a wrapped key

    Parameters

    • alg: MechanismType

      Unwrapping mechanism

    • unwrappingKey: Key

      Unwrapping key

    • wrappedKey: Buffer

      Wrapped key

    • template: ITemplate

      New key template

    Returns Key

    Unwrapped key

  • unwrapKey(alg, unwrappingKey, wrappedKey, template, callback): void

  • Parameters

    Returns void

wrapKey

  • wrapKey(alg, wrappingKey, key): Buffer

  • Wraps (i.e., encrypts) a key

    Parameters

    Returns Buffer

    Wrapped key

  • wrapKey(alg, wrappingKey, key, callback): void

  • Wraps (i.e., encrypts) a key

    Parameters

    • alg: MechanismType

      Wrapping mechanism

    • wrappingKey: Key

      Wrapping key

    • key: Key

      Key to be wrapped

    • callback: Callback<Error, Buffer>

      Async callback function with wrapped key

    Returns void

Settings

Member Visibility

On This Page

Constructors
Properties
Methods