The JCPROV PKCS#11 Java Wrapper
This section describes how to install and use the JCPROV Java wrapper for the PKCS#11 API. It contains the following topics:
JCPROV Overview
JCPROV is a Java wrapper for the PKCS#11 API. JCPROV is designed to be as similar to the PKCS#11 API as the Java language allows, allowing developers who are familiar with the PKCS#11 API to rapidly develop Java-based programs that exercise the PKCS#11 API.
AES-GMAC and AES-GCM are supported in JCPROV. Use CK_AES_GCM_PARAMS.java to define the GMAC operation. Implementation is the same as for PKCS#11.
JDK compatibility
The JCPROV Java API is compatible with JDK 1.5.0 or higher.
The JCPROV library
The JCPROV library is implemented in jcprov.jar, under the namespace com.safenetinc.jcprov. It is accompanied by a shared library that provides the native methods used to access the appropriate PKCS#11 library. The name of the shared library is platform dependent, as follows:
| Operating system | Shared library |
|---|---|
| Windows ( 64 bit) | jcprov.dll |
| Linux | libjcprov.so |
Installing JCPROV
The software is installed in the location specified in the following table:
| Operating system | Installation location |
|---|---|
| Windows |
<unzip_location>\jcprov |
| Linux |
<untar_location>/jcprov |
The installation includes a samples subdirectory and a javadocs subdirectory.
| Parameter | Description |
|---|---|
| -keytype | |
| -keyName | Specifies the name (label) of the key you want to delete. Enter this parameter followed by the name (label) of the key you want to delete. |
| -slot | Specifies the slot for the HSM or partition that contains the key you want to delete. Optionally enter this parameter followed by the slot identifier for the HSM or partition that contains the key you want to delete. If this parameter is not specified, the default slot is used. Default: 1 |
| -password | Specifies the password for the slot. Optionally enter this parameter followed by the slot password to delete a private key. |
| Parameter | Description |
|---|---|
| -keytype | |
| -keyName | Specifies the name (label) of the key you want to use to perform the encryption/decryption operation. Enter this parameter followed by the name (label) of the key you want to use to perform the encryption/decryption operation. |
| -slot | Specifies the slot for the HSM or partition that contains the key you want to use to perform the encryption/decryption operation. Optionally enter this parameter followed by the slot identifier for the HSM or partition that contains the key you want to use to perform the encryption/decryption operation. If this parameter is not specified, the default slot is used. Default: 1 |
| -password | Specifies the password for the slot. Optionally enter this parameter followed by the slot password to encrypt/decrypt a private key. |
| Parameter | Description |
|---|---|
| -keytype | |
| -keyName | Specifies the name (label) of the key you want to generate. Enter this parameter followed by the name (label) of the key you want to generate. |
| -slot | Specifies the slot for the HSM or partition where you want to generate the key. Optionally enter this parameter followed by the slot identifier for the HSM or partition where you want to generate the key. If this parameter is not specified, the default slot is used. Default: 1 |
| -password | Specifies the password for the slot. Optionally enter this parameter followed by the slot password to generate a private key. |
| Parameter | Description |
|---|---|
| -info | Retrieve general information. |
| -slot | Retrieve slot information for the specified slot. Enter this parameter followed by the slot identifier for the slot you want to retrieve information from. If <slotId> is not specified, information is retrieved for all available slots. |
| -token | Retrieve token information for the HSM or partition in the specified slot. Enter this parameter followed by the slot identifier for the HSM or partition you want to retrieve information from. If <slotId> is not specified, information is retrieved for all available slots. |
| Parameter | Description |
|---|---|
| -numthreads | Specifies the number of threads you want to start. Enter this parameter followed by an integer that specifies the number of threads you want to start. |
| -keyName | Specifies the triple-DES key to use for the encryption operation. Enter this parameter followed by the name (label) of the key to use for the encryption operation. |
| -locking | |
| -v | Specifies the password for the slot. Optionally enter this parameter followed by the slot password to generate a private key. |
JCPROV API Documentation
The JCPROV API is documented in a series of javadocs. The documentation is located in the <jcprov_installation_directory>/javadocs directory.
