graphene-pk11 - npm Package Compare versions

4

build/types/core/attribute.d.ts

		@@ -0,1 +1,5 @@
		/**
		* Decorator that creates setter/getter for PKCS#11 object attributes
		* @param name Attribute name
		*/
		export declare function attribute(name: string, defaultValue?: any): (target: any, propertyKey: string) => void;

33

build/types/core/collection.d.ts

		import * as pkcs11 from "pkcs11js";
		import * as object from "./object";
		/**
		* Abstract class which represents a collection of items
		*/
		export declare abstract class Collection<T extends object.HandleObject> extends object.BaseObject implements Iterable<T> {
		/**
		* List of inner items
		*/
		protected innerItems: any[];
		/**
		* Type for child item initialization
		*/
		protected classType: object.HandleObjectConstructor<T>;
		/**
		* Initialize a new instance of collection
		* @param items List of IDs
		* @param lib PKCS#11 module
		* @param classType Type for a child item initialization
		*/
		constructor(items: any[], lib: pkcs11.PKCS11, classType: any);
		/**
		* Returns length of collection
		*/
		get length(): number;
		/**
		* Returns item from collection by index
		* @param index Index of element in the collection `[0..n]`
		* @returns Child item
		*/
		items(index: number): T;
		/**
		* Returns the index of the first occurrence of a value in an array.
		* @param obj The value to locate in the array.
		* @param fromIndex The array index at which to begin the search.
		* @remarks If `fromIndex` is omitted, the search starts at index 0.
		*/
		indexOf(obj: T, fromIndex?: number): number;
		/**
		* A method that returns the default iterator for an object. Called by the semantics of the
		* for-of statement.
		*/
		[Symbol.iterator](): {
		@@ -11,0 +44,0 @@ next(): IteratorResult<T>;

4

build/types/core/enumerable.d.ts

		@@ -0,1 +1,5 @@
		/**
		* Decorator that sets the enumerable property of a class field to false.
		* @param value true\|false
		*/
		export declare function enumerable(value: boolean): (target: any, propertyKey: string) => void;

30

build/types/core/object.d.ts

		/// <reference types="node" />
		import * as pkcs11 from "pkcs11js";
		/**
		* ID of PKCS#11 object
		*/
		export declare type Handle = Buffer;
		/**
		* Base class for all PKCS#11 objects
		*/
		export declare class BaseObject {
		/**
		* PKCS#11 module
		*/
		lib: pkcs11.PKCS11;
		/**
		* Initialize a new instance of PKCS#11 object
		* @param lib PKCS#11 module
		*/
		constructor(lib: pkcs11.PKCS11);
		}
		/**
		* Base class for all PKCS#11 objects with IDs
		*/
		export declare abstract class HandleObject extends BaseObject {
		/**
		* ID of PKCS#11 object
		*/
		handle: Handle;
		/**
		* Initialize a new instance of object
		* @param handle ID of PKCS#11 object
		* @param lib PKCS#11 module
		*/
		constructor(handle: Handle, lib: pkcs11.PKCS11);
		/**
		* Retrieves information about PKCS#11 object and fills fields
		*/
		protected abstract getInfo(): void;
		}
		/**
		* Constructor declaration of {@link HandleObject}
		*/
		export declare type HandleObjectConstructor<T extends HandleObject> = new (handle: pkcs11.Handle, lib: pkcs11.PKCS11) => T;

45

build/types/core/type.d.ts

		@@ -0,11 +1,56 @@
		/**
		* Returns `true` if incoming data is string, otherwise `false`
		* @param v Tested value
		*/
		export declare function isString(v: any): v is string;
		/**
		* Returns `true` if incoming data is number, otherwise `false`
		* @param v Tested value
		*/
		export declare function isNumber(v: any): v is number;
		/**
		* Returns `true` if incoming data is boolean, otherwise `false`
		* @param v Tested value
		*/
		export declare function isBoolean(v: any): v is boolean;
		/**
		* Returns `true` if incoming data is undefined, otherwise `false`
		* @param v Tested value
		*/
		export declare function isUndefined(v: any): v is undefined;
		/**
		* Returns `true` if incoming data is null, otherwise `false`
		* @param v Tested value
		*/
		export declare function isNull(v: any): v is null;
		/**
		* Returns `true` if incoming data is empty (undefined or null), otherwise `false`
		* @param v Tested value
		*/
		export declare function isEmpty(v: any): v is null \| undefined;
		/**
		* Returns `true` if incoming data is Function, otherwise `false`
		* @param v Tested value
		*/
		export declare function isFunction(v: any): v is (...args: any[]) => any;
		/**
		* Returns `true` if incoming data is Object, otherwise `false`
		* @param v Tested value
		*/
		export declare function isObject(v: any): v is object;
		/**
		* Returns `true` if incoming data is Array, otherwise `false`
		* @param v Tested value
		*/
		export declare function isArray(v: any): v is any[];
		/**
		* Returns `true` if bit is enabled in flag value, otherwise `false`
		* @param v Flag
		* @param fv Bit value
		*/
		export declare function isFlag(v: number, fv: number): boolean;
		/**
		* Removes padded ends from the string
		* @param text Formatted string
		*/
		export declare function removePadding(text: string): string;

63

build/types/crypto/cipher.d.ts

		@@ -8,10 +8,73 @@ /// <reference types="node" />
		import * as types from '../types';
		/**
		* Represents encryption operation
		* @example
		* ```js
		* // Encrypt multi-part data
		*
		* const alg = {
		* name: "AES_CBC_PAD",
		* params: session.generateRandom(16), // IV
		* };
		* const cipher = session.createCipher(alg, secretKey);
		* let enc = cipher.update("Some message");
		* enc = Buffer.concat([enc, cipher.final()]);
		* console.log(enc.toString("hex")); // 351a253df0d5bc9018afd7eed825ae9a
		* ```
		* @example
		* ```js
		* // Encrypt single-part data
		*
		* const alg = {
		* name: "AES_CBC_PAD",
		* params: session.generateRandom(16), // IV
		* };
		* const enc = session.createCipher(alg, secretKey)
		* .once("Some data", Buffer.alloc(1024));
		* console.log(enc.toString("hex")); // 0a3335e0ec8b0265d6ca70d789649b94
		* ```
		*/
		export declare class Cipher extends core.BaseObject {
		/**
		* Session
		*/
		session: Session;
		/**
		* Creates a new instance of {@link Cipher}
		* @param session Session
		* @param alg The encryption mechanism
		* @param key The encrypting key
		* @param lib PKCS#11 library
		*/
		constructor(session: Session, alg: MechanismType, key: Key, lib: pkcs11.PKCS11);
		/**
		* Continues a multiple-part encryption operation
		* @param data Data to be encrypted
		* @returns Encrypted block
		*/
		update(data: types.CryptoData): Buffer;
		/**
		* Finishes a multiple-part encryption operation
		* @returns The final encrypted block
		*/
		final(): Buffer;
		/**
		* Encrypts single-part data
		* @param data Data to be encrypted
		* @param enc Allocated buffer for encrypted data
		*/
		once(data: types.CryptoData, enc: Buffer): Buffer;
		/**
		* Encrypts single-part data
		* @param data Data to be encrypted
		* @param enc Allocated buffer for encrypted data
		* @param cb Async callback function with encrypted data
		*/
		once(data: types.CryptoData, enc: Buffer, cb: (error: Error, data: Buffer) => void): void;
		/**
		* Initializes an encryption operation
		* @param alg The encryption mechanism
		* @param key The encryption key
		*/
		protected init(alg: MechanismType, key: Key): void;
		}

43

build/types/crypto/decipher.d.ts

		@@ -7,11 +7,54 @@ /// <reference types="node" />
		import { Key } from '../objects';
		/**
		* Represents decryption operation
		*/
		export declare class Decipher extends core.BaseObject {
		/**
		* Session
		*/
		protected session: Session;
		/**
		* Block size
		*/
		protected blockSize: number;
		/**
		* Creates a new instance of {@link Decipher}
		* @param session Session
		* @param alg The decryption mechanism
		* @param key The decryption key
		* @param blockSize Block size
		* @param lib PKCS#11 library
		*/
		constructor(session: Session, alg: MechanismType, key: Key, blockSize: number, lib: pkcs11.PKCS11);
		/**
		* Continues a multiple-part decryption operation
		* @param data Encrypted data
		* @returns Decrypted block
		*/
		update(data: Buffer): Buffer;
		/**
		* Finishes a multiple-part decryption operation
		* @returns Final decrypted block
		*/
		final(): Buffer;
		/**
		* Decrypts encrypted data in a single part
		* @param data Encrypted data
		* @param dec Allocated buffer for decrypted data
		* @returns Decrypted data
		*/
		once(data: Buffer, dec: Buffer): Buffer;
		/**
		* Decrypts encrypted data in a single part
		* @param data Encrypted data
		* @param dec Allocated buffer for decrypted data
		* @param cb Async callback function with decrypted data
		*/
		once(data: Buffer, dec: Buffer, cb: (error: Error, data: Buffer) => void): void;
		/**
		* Initializes a decryption operation
		* @param alg The decryption mechanism
		* @param key The decryption key
		*/
		protected init(alg: MechanismType, key: Key): void;
		}

34

build/types/crypto/digest.d.ts

		@@ -7,10 +7,44 @@ /// <reference types="node" />
		import * as types from "../types";
		/**
		* Represents digest operation
		*/
		export declare class Digest extends core.BaseObject {
		/**
		* Session
		*/
		session: Session;
		/**
		* Creates a new instance of {@link Digest}
		* @param session Session
		* @param alg The digesting mechanism
		* @param lib PKCS#11 library
		*/
		constructor(session: Session, alg: mech.MechanismType, lib: pkcs11.PKCS11);
		/**
		* Continues a multiple-part message-digesting operation operation
		* @param data Data for digest computing
		*/
		update(data: types.CryptoData): void;
		/**
		* Finishes a multiple-part message-digesting operation
		* @returns Computed digest value
		*/
		final(): Buffer;
		/**
		* Digests data in a single part
		* @param data Data for digest computing
		* @returns Computed digest value
		*/
		once(data: types.CryptoData): Buffer;
		/**
		* Digests data in a single part
		* @param data Data for digest computing
		* @param cb Async callback function with computed digest value
		*/
		once(data: types.CryptoData, cb: (error: Error, data: Buffer) => void): void;
		/**
		* Initializes a message-digesting operation
		* @param alg The digesting mechanism
		*/
		protected init(alg: mech.MechanismType): void;
		}

36

build/types/crypto/sign.d.ts

		@@ -8,10 +8,46 @@ /// <reference types="node" />
		import * as types from '../types';
		/**
		* Represents signing operation
		*/
		export declare class Sign extends core.BaseObject {
		/**
		* Session
		*/
		session: Session;
		/**
		* Creates a new instance of signing operation
		* @param session Session
		* @param alg The signing mechanism
		* @param key The signing key
		* @param lib PKCS#11 library
		*/
		constructor(session: Session, alg: mech.MechanismType, key: Key, lib: pkcs11.PKCS11);
		/**
		* Continues a multiple-part signature operation, where the signature is (will be) an appendix to the data
		* @param data The data to be signed
		*/
		update(data: types.CryptoData): void;
		/**
		* Finishes a multiple-part signature operation, returning the signature
		* @returns The signature value
		*/
		final(): Buffer;
		/**
		* Signs (encrypts with private key) data in a single part
		* @param data The data to be signed
		* @returns Signature value
		*/
		once(data: types.CryptoData): Buffer;
		/**
		* Signs (encrypts with private key) data in a single part
		* @param data The data to be signed
		* @param cb Async callback function with signature value
		*/
		once(data: types.CryptoData, cb: (error: Error, data: Buffer) => void): void;
		/**
		* initializes a signature (private key encryption) operation
		* @param alg The signing mechanism
		* @param key The signing key
		*/
		protected init(alg: mech.MechanismType, key: Key): void;
		}

39

build/types/crypto/verify.d.ts

		@@ -8,10 +8,49 @@ /// <reference types="node" />
		import * as types from '../types';
		/**
		* Represents verifying operation
		*/
		export declare class Verify extends core.BaseObject {
		/**
		* Session
		*/
		session: Session;
		/**
		* Create a new instance of verifying operation
		* @param session Session
		* @param alg The verifying mechanism
		* @param key The verifying key
		* @param lib PKCS#11 library
		*/
		constructor(session: Session, alg: MechanismType, key: Key, lib: pkcs11.PKCS11);
		/**
		* Continues a multiple-part verification operation
		* @param data The signed data
		*/
		update(data: types.CryptoData): void;
		/**
		* Finishes a multiple-part verification operation, checking the signature
		* @param signature Th signature value
		* @returns `true` if signature is valid, otherwise `false`
		*/
		final(signature: Buffer): boolean;
		/**
		* Verifies a signature in a single-part operation
		* @param data The signed data
		* @param signature The signature value
		* @returns `true` if signature is valid, otherwise `false`
		*/
		once(data: types.CryptoData, signature: Buffer): boolean;
		/**
		* * Verifies a signature in a single-part operation
		* @param data The signed data
		* @param signature The signature value
		* @param cb Async callback function with boolean result of checking. `true` if signature is valid, otherwise `false`
		*/
		once(data: types.CryptoData, signature: Buffer, cb: (error: Error \| null, valid: boolean) => void): void;
		/**
		* initializes a verification operation
		* @param alg The verifying mechanism
		* @param key The verifying key
		*/
		protected init(alg: MechanismType, key: Key): void;
		}

30

build/types/keys/aes/cbc.d.ts

		/// <reference types="node" />
		import * as pkcs11 from "pkcs11js";
		import { IParams, MechParams } from "../params";
		/**
		* AES-CBC parameters
		*/
		export declare class AesCbcParams implements IParams, pkcs11.AesCBC {
		/**
		* Initialization vector
		* - must have a fixed size of 16 bytes
		*/
		iv: Buffer;
		/**
		* The data
		*/
		data: Buffer;
		type: MechParams;
		/**
		* Creates a new instance of AES-CBC parameters
		* @param iv The initialization vector. Must have a fixed size of 16 bytes
		* @param data The data
		*/
		constructor(iv: Buffer, data?: Buffer);
		toCKI(): Buffer;
		}
		/**
		* AES-CBC encrypted data parameters
		*/
		export declare class AesCbcEncryptDataParams implements IParams, pkcs11.AesCBC {
		/**
		* Initialization vector
		* - must have a fixed size of 16 bytes
		*/
		iv: Buffer;
		/**
		* The data
		*/
		data: Buffer;
		type: MechParams;
		/**
		* Creates a new instance of {@link AesCbcEncryptDataParams}
		* @param iv The initialization vector. Must have a fixed size of 16 bytes
		* @param data The data
		*/
		constructor(iv: Buffer, data?: Buffer);
		toCKI(): pkcs11.AesCBC;
		}

24

build/types/keys/aes/ccm.d.ts

		/// <reference types="node" />
		import * as pkcs11 from "pkcs11js";
		import { IParams, MechParams } from "../params";
		/**
		* AES-CCM parameters
		*/
		export declare class AesCcmParams implements IParams {
		/**
		* Length of the data where 0 <= dataLength < 2^8L
		*/
		dataLength: number;
		/**
		* The nonce
		*/
		nonce: Buffer;
		/**
		* The additional authentication data
		* - This data is authenticated but not encrypted
		*/
		aad: Buffer;
		/**
		* Length of authentication tag (output following cipher text) in bits.
		* - Can be any value between 0 and 128
		*/
		macLength: number;
		type: MechParams;
		/**
		* Creates a new instance of {@link AesCcmParams}
		* @param dataLength Length of the data where 0 <= dataLength < 2^8L
		* @param nonce The nonce
		* @param aad The additional authentication data
		* @param macLength Length of authentication tag (output following cipher text) in bits. Can be any value between 0 and 128
		*/
		constructor(dataLength: number, nonce: Buffer, aad?: Buffer, macLength?: number);
		toCKI(): pkcs11.AesCCM;
		}

26

build/types/keys/aes/gcm.d.ts

		/// <reference types="node" />
		import * as pkcs11 from "pkcs11js";
		import { IParams, MechParams } from "../params";
		/**
		* AES-GCM parameters
		*/
		export declare class AesGcmParams implements IParams {
		/**
		* Initialization vector
		* - The length of the initialization vector can be any number between 1 and 256.
		* 96-bit (12 byte) IV values can be processed more efficiently,
		* so that length is recommended for situations in which efficiency is critical.
		*/
		iv: Buffer;
		/**
		* The additional authentication data.
		* This data is authenticated but not encrypted.
		*/
		aad: Buffer;
		/**
		* The length of authentication tag (output following cipher text) in bits.
		* Can be any value between 0 and 128. Default 128
		*/
		tagBits: number;
		type: MechParams;
		/**
		* Creates a new instance of {@link AesGcmParams}
		* @param iv The initialization vector
		* @param aad The additional authentication data
		* @param tagBits The length of authentication tag (output following cipher text) in bits. Can be any value between 0 and 128
		*/
		constructor(iv: Buffer, aad?: Buffer, tagBits?: number);
		toCKI(): pkcs11.AesGCM;
		}
		/**
		* AES-GCM parameters for Cryptoki v2.40
		*/
		export declare class AesGcm240Params extends AesGcmParams {
		type: MechParams;
		}

24

build/types/keys/ec/curves.d.ts

		/// <reference types="node" />
		/**
		* Structure of named curve
		*/
		export interface INamedCurve {
		@@ -8,6 +11,27 @@ name: string;
		}
		/**
		* Allows to get additional information about named curves
		*/
		export declare class NamedCurve {
		/**
		* Gets {@link INamedCurve} by name
		* @param name Na of the named curve
		* @returns Named curve detailed information
		* @throws {@link Error} if the named curve for specific name is not registered
		*/
		static getByName(name: string): INamedCurve;
		/**
		* Gets {@link INamedCurve} by OID
		* @param oid OID string representation
		* @returns Named curve detailed information
		* @throws {@link Error} if named curve for specific OID is not registered
		*/
		static getByOid(oid: string): INamedCurve;
		/**
		* Gets {@link INamedCurve} by encoded buffer
		* @param buf Encoded named curve value
		* @returns Named curve detailed information
		* @throws {@link Error} if named curve for specific encoded buffer is not registered
		*/
		static getByBuffer(buf: Buffer): INamedCurve;
		}

19

build/types/keys/ec/ecdh.d.ts

		@@ -5,9 +5,28 @@ /// <reference types="node" />
		import { EcKdf } from "./kdf";
		/**
		* ECDH parameters
		*/
		export declare class EcdhParams implements IParams, pkcs11.ECDH1 {
		/**
		* Key derivation function used on the shared secret value
		*/
		kdf: EcKdf;
		/**
		* Some data shared between the two parties
		*/
		sharedData: Buffer;
		/**
		* Other party's EC public key value
		*/
		publicData: Buffer;
		type: MechParams;
		/**
		* Creates an instance of {@link EcdhParams}
		*
		* @param kdf key derivation function used on the shared secret value
		* @param sharedData some data shared between the two parties
		* @param publicData other party's EC public key value
		*/
		constructor(kdf: EcKdf, sharedData?: Buffer \| null, publicData?: Buffer \| null);
		toCKI(): pkcs11.ECDH1;
		}

5

build/types/keys/ec/kdf.d.ts

		@@ -0,1 +1,6 @@
		/**
		* EcKdf is used to indicate the Key Derivation Function (KDF)
		* applied to derive keying data from a shared secret.
		* The key derivation function will be used by the EC key agreement schemes.
		*/
		export declare enum EcKdf {
		@@ -2,0 +7,0 @@ NULL,

6

build/types/keys/params.d.ts

		export interface IParams {
		/**
		* Converts parameter to pkcs11js paramter
		*/
		toCKI(): any;
		}
		/**
		* Enumeration specifies mechanism parameter types
		*/
		export declare enum MechParams {
		@@ -5,0 +11,0 @@ AesCBC = 1,

3

build/types/keys/rsa/mgf.d.ts

		@@ -0,1 +1,4 @@
		/**
		* Enumeration specifies RSA mask generation function
		*/
		export declare enum RsaMgf {
		@@ -2,0 +5,0 @@ MGF1_SHA1,

21

build/types/keys/rsa/oaep.d.ts

		@@ -6,10 +6,31 @@ /// <reference types="node" />
		import { RsaMgf } from "./mgf";
		/**
		* RSA-OAEP parameters
		*/
		export declare class RsaOaepParams implements IParams {
		/**
		* Hash algorithm
		*/
		hashAlgorithm: MechanismEnum;
		/**
		* Mask generation function to use on the encoded block
		*/
		mgf: RsaMgf;
		/**
		* Source
		*/
		source: number;
		/**
		* Source data
		*/
		sourceData: Buffer;
		type: MechParams;
		/**
		* Creates a new instance of {@link RsaOaepParams}
		* @param hashAlg Hash algorithm
		* @param mgf Mask generation function to use on the encoded block
		* @param sourceData Source data
		*/
		constructor(hashAlg?: MechanismEnum, mgf?: RsaMgf, sourceData?: Buffer \| null);
		toCKI(): pkcs11.RsaOAEP;
		}

25

build/types/keys/rsa/pss.d.ts

		@@ -5,9 +5,34 @@ import * as pkcs11 from "pkcs11js";
		import { RsaMgf } from "./mgf";
		/**
		* RSA-PSS parameters
		*/
		export declare class RsaPssParams implements IParams {
		/**
		* Hash algorithm used in the PSS encoding;
		* - if the signature mechanism does not include message hashing,
		* then this value must be the mechanism used by the application to generate
		* the message hash;
		* - if the signature mechanism includes hashing,
		* then this value must match the hash algorithm indicated
		* by the signature mechanism
		*/
		hashAlgorithm: MechanismEnum;
		/**
		* Mask generation function to use on the encoded block
		*/
		mgf: RsaMgf;
		/**
		* Length, in bytes, of the salt value used in the PSS encoding;
		* - typical values are the length of the message hash and zero
		*/
		saltLength: number;
		type: MechParams;
		/**
		* Creates a new instance of {@link RsaPssParams}
		* @param hashAlg Hash algorithm used in the PSS encoding
		* @param mgf Mask generation function to use on the encoded block
		* @param saltLen Length, in bytes, of the salt value used in the PSS encoding
		*/
		constructor(hashAlg?: MechanismEnum, mgf?: RsaMgf, saltLen?: number);
		toCKI(): pkcs11.RsaPSS;
		}

3

build/types/mech_enum.d.ts

		@@ -0,1 +1,4 @@
		/**
		* Enumeration specifies mechanism types
		*/
		export declare enum MechanismEnum {
		@@ -2,0 +5,0 @@ RSA_PKCS_KEY_PAIR_GEN,

120

build/types/mech.d.ts

		@@ -7,40 +7,160 @@ /// <reference types="node" />
		import type { KeyGenMechanism } from "./objects";
		/**
		* Structure that describes algorithm
		*/
		export interface IAlgorithm {
		/**
		* The algorithm name
		*/
		name: keyof typeof MechanismEnum \| string;
		/**
		* The algorithm parameters
		*/
		params: Buffer \| IParams \| null;
		}
		export declare type MechanismType = MechanismEnum \| KeyGenMechanism \| IAlgorithm \| keyof typeof MechanismEnum \| string;
		/**
		* Bit flags specifying mechanism capabilities
		*/
		export declare enum MechanismFlag {
		/**
		* `true` if the mechanism is performed by the device; `false` if the mechanism is performed in software
		*/
		HW,
		/**
		* `true` if the mechanism can be used with encrypt function
		*/
		ENCRYPT,
		/**
		* `true` if the mechanism can be used with decrypt function
		*/
		DECRYPT,
		/**
		* `true` if the mechanism can be used with digest function
		*/
		DIGEST,
		/**
		* `true` if the mechanism can be used with sign function
		*/
		SIGN,
		/**
		* `true` if the mechanism can be used with sign recover function
		*/
		SIGN_RECOVER,
		/**
		* `true` if the mechanism can be used with verify function
		*/
		VERIFY,
		/**
		* `true` if the mechanism can be used with verify recover function
		*/
		VERIFY_RECOVER,
		/**
		* `true` if the mechanism can be used with geberate function
		*/
		GENERATE,
		/**
		* `true` if the mechanism can be used with generate key pair function
		*/
		GENERATE_KEY_PAIR,
		/**
		* `true` if the mechanism can be used with wrap function
		*/
		WRAP,
		/**
		* `true` if the mechanism can be used with unwrap function
		*/
		UNWRAP,
		/**
		* `true` if the mechanism can be used with derive function
		*/
		DERIVE
		}
		/**
		* Represents a PKCS#11 mechanism
		*/
		export declare class Mechanism extends core.HandleObject {
		/**
		* Returns string name from {@link MechanismEnum}. For unregistered mechanism returns string `unknown`.
		* To register a custom mechanism in {@link MechanismEnum} use {@link Mechanism.vendor} static function
		*/
		get name(): string;
		/**
		* Creates PKCS#11 mechanism structure from {@link MechanismType}
		* @param algorithm Mechanism type
		*/
		static create(algorithm: MechanismType): pkcs11.Mechanism;
		/**
		* Adds a vendor mechanisms to {@link MechanismEnum} from the specified file
		* @param jsonFile Path to JSON file with vendor mechanisms
		*/
		static vendor(jsonFile: string): void;
		/**
		* Adds a vendor mechanism to {@link MechanismEnum}
		* @param name Mechanism name
		* @param value Mechanism value
		*/
		static vendor(name: string, value: number): void;
		/**
		* The mechanism type number
		*/
		type: MechanismEnum;
		/**
		* The minimum size of the key for the mechanism
		*
		* _whether this is measured in bits or in bytes is mechanism-dependent_
		*/
		minKeySize: number;
		/**
		* The maximum size of the key for the mechanism
		*
		* _whether this is measured in bits or in bytes is mechanism-dependent_
		*/
		maxKeySize: number;
		/**
		* Bit flag specifying mechanism capabilities
		*/
		flags: number;
		/**
		* The ID of the token’s slot
		*/
		protected slotHandle: core.Handle;
		/**
		* Initializes the mechanism structure
		* @param type The type of mechanism
		* @param handle The ID of mechanism
		* @param slotHandle The ID of the token’s slot
		* @param lib PKCS#11 module
		*/
		constructor(type: number, handle: pkcs11.Handle, slotHandle: core.Handle, lib: pkcs11.PKCS11);
		/**
		* Retrieves information about mechanism and fills object fields
		*/
		protected getInfo(): void;
		}
		/**
		* Represents a collection of PKCS#11 mechanisms
		*/
		export declare class MechanismCollection extends core.Collection<Mechanism> {
		/**
		* The ID of token's slot
		*/
		protected slotHandle: core.Handle;
		/**
		* Initialize a new instance of mechanism collection
		* @param items The list of mechanism types
		* @param slotHandle The ID of token's slot
		* @param lib PKCS#11 module
		*/
		constructor(items: number[], slotHandle: core.Handle, lib: pkcs11.PKCS11);
		/**
		* Returns item from collection by index
		* @param {number} index index of an element in the collection `[0..n]`
		*/
		items(index: number): Mechanism;
		/**
		* Tries to get Mechanism. Returns `null` if it's impossible to get mechanism
		* @param index index of an element in the collection `[0..n]`
		*/
		tryGetItem(index: number): Mechanism \| null;
		}

55

build/types/module.d.ts

		import * as pkcs11 from "pkcs11js";
		import * as core from "./core";
		import { Slot, SlotCollection } from "./slot";
		/**
		* Represents the PKCS#11 module
		*/
		export declare class Module extends core.BaseObject {
		/**
		* Loads PKCS#11 library
		* @param libFile The path to PKCS#11 library
		* @param libName The name of PKCS#11 library
		* @returns The new instance of {@link Module}
		*/
		static load(libFile: string, libName?: string): Module;
		/**
		* Path to PKCS#11 library
		*/
		libFile: string;
		/**
		* Name of PKCS#11 module
		*/
		libName: string;
		/**
		* Cryptoki interface version
		*/
		cryptokiVersion: pkcs11.Version;
		/**
		* blank padded manufacturer ID
		*/
		manufacturerID: string;
		/**
		* Bit flags reserved for future versions. Must be zero for this version
		*/
		flags: number;
		/**
		* Library description
		*/
		libraryDescription: string;
		/**
		* Cryptoki library version number
		*/
		libraryVersion: pkcs11.Version;
		/**
		* Initialize a new instance of {@link Module}
		* @param lib PKCS#11 module
		*/
		constructor(lib: pkcs11.PKCS11);
		/**
		* Initializes the Cryptoki library
		* @param options Initialization options
		*/
		initialize(options?: pkcs11.InitializationOptions): void;
		/**
		* Indicates that an application is done with the Cryptoki library
		*/
		finalize(): void;
		/**
		* obtains a list of slots in the system
		* @param {number} index index of an element in collection
		* @param {number} tokenPresent only slots with tokens. Default `True`
		*/
		getSlots(index: number, tokenPresent?: boolean): Slot;
		/**
		* @param {number} tokenPresent only slots with tokens. Default `True`
		*/
		getSlots(tokenPresent?: boolean): SlotCollection;
		/**
		* Closes PKCS#11 library
		*/
		close(): void;
		/**
		* Retrieves information about module and fills object fields
		*/
		protected getInfo(): void;
		}

121

build/types/object.d.ts

		@@ -6,10 +6,37 @@ /// <reference types="node" />
		import type { Session } from "./session";
		/**
		* Enumeration specifies object classes
		*/
		export declare enum ObjectClass {
		/**
		* Data object
		*/
		DATA,
		/**
		* Certificate object
		*/
		CERTIFICATE,
		/**
		* Public key object
		*/
		PUBLIC_KEY,
		/**
		* Private key object
		*/
		PRIVATE_KEY,
		/**
		* Secret key object
		*/
		SECRET_KEY,
		/**
		* Hardware feature object
		*/
		HW_FEATURE,
		/**
		* This object class was created to support the storage of certain algorithm's extended parameters
		*/
		DOMAIN_PARAMETERS,
		/**
		* Mechanism object
		*/
		MECHANISM,
		@@ -23,24 +50,105 @@ OTP_KEY
		}
		/**
		* Static class that used for session objects creation
		*/
		export declare class SessionObjectFactory {
		private static items;
		/**
		* Registers object constructor
		* @param cko Object class
		* @param type Object type
		* @param cb Callback for object creation
		*/
		static register<T>(cko: ObjectClass, type: any, cb?: SessionObjectFactoryItemCallback): void;
		/**
		* Creates a new object from {@link SessionObject} by specified {@link ObjectClass}
		* @param cko Object class
		* @param object Session object
		* @return Created object
		*/
		static create(cko: ObjectClass, object: SessionObject): any;
		}
		/**
		* Represents a PKCS#11 session object
		*/
		export declare class SessionObject extends HandleObject {
		/**
		* PKCS#11 session
		*/
		session: Session;
		/**
		* Gets the size of an object in bytes
		*/
		get size(): number;
		/**
		* Creates an instance of {@link SessionObject}
		*/
		constructor(object: SessionObject);
		/**
		* Creates an instance of {@link SessionObject}
		*
		* @param {number} handle ID of session object
		* @param {Session} session PKCS#11 session
		* @param {pkcs11.PKCS11} lib PKCS#11 module
		*/
		constructor(handle: core.Handle, session: Session, lib: pkcs11.PKCS11);
		/**
		* Copies an object, creating a new object for the copy
		*
		* @param template Template for the new object
		* @returns The new instance of {@link SessionObject}
		*/
		copy(template: ITemplate): SessionObject;
		/**
		* Destroys an object
		*/
		destroy(): void;
		/**
		* Returns attribute value
		* @param type Attribute type
		* @returns Attribute value in Buffer format
		*/
		getAttribute(type: number): Buffer;
		/**
		* Returns attribute value
		* @param name Attribute name. See {@link ITemplate}
		* @returns Attribute value. Depends on the attribute name
		*/
		getAttribute(name: string): any;
		/**
		* Returns a list of attributes
		* @param attrs The list of attributes for receiving
		* @returns The list of attributes
		*/
		getAttribute(attrs: ITemplate): ITemplate;
		/**
		* Sets attribute value
		* @param type Attribute type
		* @param value Attribute value
		*/
		setAttribute(type: number, value: number \| boolean \| string \| Buffer): void;
		/**
		* Sets attribute value
		* @param name Attribute name. See {@link ITemplate}
		* @param value Attribute value. Depends on attribute name
		*/
		setAttribute(name: string, value: any): void;
		/**
		* Sets attributes from the list of attributes
		* @param attrs The list of attributes
		*/
		setAttribute(attrs: ITemplate): void;
		/**
		* Alias for {@link getAttribute}
		*/
		get(type: number): Buffer;
		get(name: string): any;
		/**
		* Alias for {@link setAttribute}
		*/
		set(type: number, value: number \| boolean \| string \| Buffer): void;
		set(name: string, value: any): void;
		/**
		* Object class (type)
		*/
		class: ObjectClass;
		@@ -51,6 +159,19 @@ toType<T extends SessionObject>(): T;
		import * as core from "./core";
		/**
		* Represents the collection of {@link SessionObject}
		*/
		export declare class SessionObjectCollection extends core.Collection<SessionObject> {
		session: Session;
		/**
		* Creates a new instance of {@link SessionObjectCollection}
		* @param items The kist of {@link SessionObject} handles
		* @param session PKCS#11 session
		* @param lib PKCS#11 module
		*/
		constructor(items: core.Handle[], session: Session, lib: pkcs11.PKCS11);
		/**
		* Returns item from collection by index
		* @param {number} index Index of element in the collection `[0..n]`
		*/
		items(index: number): SessionObject;
		}

28

build/types/objects/certs/attr_cert.d.ts

		/// <reference types="node" />
		import { Certificate } from "./cert";
		/**
		* X.509 attribute certificate objects (certificate type `CKC_X_509_ATTR_CERT`) hold X.509 attribute certificates
		*/
		export declare class AttributeCertificate extends Certificate {
		/**
		* DER-encoding of the attribute certificate's subject field.
		* This is distinct from the `CKA_SUBJECT` attribute contained in `CKC_X_509` certificates
		* because the `ASN.1` syntax and encoding are different.
		* - Must be specified when the object is created
		*/
		owner: Buffer;
		/**
		* DER-encoding of the attribute certificate's issuer field.
		* This is distinct from the `CKA_ISSUER` attribute contained in `CKC_X_509` certificates
		* because the ASN.1 syntax and encoding are different. (default empty)
		*/
		issuer: Buffer;
		/**
		* DER-encoding of the certificate serial number (default empty)
		*/
		serialNumber: Buffer;
		/**
		* BER-encoding of a sequence of object identifier values corresponding
		* to the attribute types contained in the certificate.
		* When present, this field offers an opportunity for applications
		* to search for a particular attribute certificate without fetching
		* and parsing the certificate itself. (default empty)
		*/
		types: Buffer;
		/**
		* BER-encoding of the certificate
		* - Must be specified when the object is created.
		*/
		value: Buffer;
		}

36

build/types/objects/certs/cert.d.ts

		/// <reference types="node" />
		import { Storage } from "../storage";
		/**
		* Enumeration specifies certificate types
		*/
		export declare enum CertificateType {
		/**
		* X509 certificate
		*/
		X_509,
		/**
		* X509 attribute certificate
		*/
		X_509_ATTR_CERT,
		/**
		* WTLS public key certificates
		*/
		WTLS
		}
		/**
		* Enumeration specifies categories of certificate
		*/
		export declare enum CertificateCategory {
		@@ -14,9 +29,30 @@ Unspecified = 0,
		}
		/**
		* Certificate objects (object class CKO_CERTIFICATE) hold public-key or attribute certificates
		*/
		export declare class Certificate extends Storage {
		/**
		* Type of certificate
		*/
		type: CertificateType;
		/**
		* The certificate can be trusted for the application that it was created.
		*/
		trusted: boolean;
		/**
		* Categorization of the certificate
		*/
		category: CertificateCategory;
		/**
		* Checksum
		*/
		checkValue: Buffer;
		/**
		* Start date for the certificate (default empty)
		*/
		startDate: Date;
		/**
		* End date for the certificate (default empty)
		*/
		endDate: Date;
		}

35

build/types/objects/certs/wtls.d.ts

		/// <reference types="node" />
		import { Certificate } from "./cert";
		/**
		* WTLS certificate objects (certificate type `CKC_WTLS`) hold WTLS public key certificates
		*/
		export declare class WtlsCertificate extends Certificate {
		/**
		* WTLS-encoding (Identifier type) of the certificate subject
		* - Must be specified when the object is created.
		* - Can only be empty if `CKA_VALUE` is empty.
		*/
		subject: Buffer;
		/**
		* WTLS-encoding (Identifier type) of the certificate issuer (default empty)
		*/
		issuer: Buffer;
		/**
		* Key identifier for public/private key pair (default empty)
		*/
		id: Buffer;
		/**
		* WTLS-encoding of the certificate
		* - Must be specified when the object is created.
		* - Must be non-empty if `CKA_URL` is empty.
		*/
		value: Buffer;
		/**
		* If not empty this attribute gives the URL where the complete certificate
		* can be obtained (default empty)
		* - Must be non-empty if `CKA_VALUE` is empty
		*/
		url: string;
		/**
		* DER-encoding of the certificate serial number (default empty)
		*/
		serialNumber: Buffer;
		/**
		* SHA-1 hash of the subject public key (default empty)
		* - Can only be empty if `CKA_URL` is empty.
		*/
		subjectKeyIdentifier: Buffer;
		/**
		* SHA-1 hash of the issuer public key (default empty)
		* - Can only be empty if `CKA_URL` is empty.
		*/
		authorityKeyIdentifier: Buffer;
		}

44

build/types/objects/certs/x509.d.ts

		/// <reference types="node" />
		import { Certificate } from "./cert";
		/**
		* Enumeration specifies Java MIDP
		*/
		export declare enum JavaMIDP {
		@@ -9,13 +12,54 @@ Unspecified = 0,
		}
		/**
		* X.509 certificate objects (certificate type `CKC_X_509`) hold X.509 public key certificates
		*/
		export declare class X509Certificate extends Certificate {
		/**
		* DER-encoding of the certificate subject name
		* - Must be specified when the object is created.
		* - Must be non-empty if `CKA_URL` is empty.
		*/
		subject: Buffer;
		/**
		* Key identifier for public/private key pair (default empty)
		*/
		id: Buffer;
		/**
		* DER-encoding of the certificate issuer name (default empty)
		*/
		issuer: Buffer;
		/**
		* HEX-encoding of the certificate serial number (default empty)
		*/
		get serialNumber(): string;
		/**
		* HEX-encoding of the certificate serial number (default empty)
		*/
		set serialNumber(v: string);
		/**
		* BER-encoding of the certificate
		* - Must be specified when the object is created.
		* - Must be non-empty if `CKA_URL` is empty.
		*/
		value: Buffer;
		/**
		* If not empty this attribute gives the URL where the complete certificate
		* can be obtained (default empty)
		* - Must be non-empty if `CKA_VALUE` is empty
		*/
		url: string;
		/**
		* SHA-1 hash of the subject public key (default empty)
		* - Can only be empty if `CKA_URL` is empty.
		*/
		subjectKeyIdentifier: Buffer;
		/**
		* SHA-1 hash of the issuer public key (default empty)
		* - Can only be empty if `CKA_URL` is empty.
		*/
		authorityKeyIdentifier: Buffer;
		/**
		* Java MIDP security domain
		*/
		java: JavaMIDP;
		}

13

build/types/objects/data.d.ts

		/// <reference types="node" />
		import { Storage } from "./storage";
		/**
		* Data objects (object class `CKO_DATA`) hold information defined by an application.
		* Other than providing access to it, Cryptoki does not attach any special meaning to a data object
		*/
		export declare class Data extends Storage {
		/**
		* Description of the application that manages the object (default empty)
		*/
		application: string;
		/**
		* DER-encoding of the object identifier indicating the data object type (default empty)
		*/
		objectId: Buffer;
		/**
		* Value of the object (default empty)
		*/
		value: Buffer;
		}

11

build/types/objects/domain.d.ts

		import * as keys from "./keys";
		import { Storage } from "./storage";
		/**
		* Domain parameter object (object class `CKO_DOMAIN_PARAMETERS`) holds public domain parameters
		*/
		export declare class DomainParameters extends Storage {
		/**
		* Type of key the domain parameters can be used to generate.
		*/
		keyType: keys.KeyType;
		/**
		* `true` only if domain parameters were either * generated locally (i.e., on the token)
		* with a `C_GenerateKey` * created with a `C_CopyObject` call as a copy of domain parameters
		* which had its `CKA_LOCAL` attribute set to `true`
		*/
		local: boolean;
		}

60

build/types/objects/keys/key.d.ts

		/// <reference types="node" />
		import { Storage } from "../storage";
		/**
		* Enumeration specifies key types
		*/
		export declare enum KeyType {
		@@ -39,2 +42,5 @@ RSA,
		}
		/**
		* Enumeration specifies key generation mechanisms
		*/
		export declare enum KeyGenMechanism {
		@@ -73,9 +79,63 @@ AES,
		}
		/**
		* Definition for the base key object class
		* - defines the object class `CKO_PUBLIC_KEY`, `CKO_PRIVATE_KEY` and `CKO_SECRET_KEY` for type `CK_OBJECT_CLASS`
		* as used in the `CKA_CLASS` attribute of objects
		*/
		export declare class Key extends Storage {
		/**
		* Type of key
		* - Must be specified when object is created with `C_CreateObject`
		* - Must be specified when object is unwrapped with `C_UnwrapKey`
		*/
		type: KeyType;
		/**
		* Key identifier for key (default empty)
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification
		* of the attribute during the course of a `C_CopyObject` call.
		*/
		id: Buffer;
		/**
		* Start date for the key (default empty)
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification
		* of the attribute during the course of a `C_CopyObject` call.
		*/
		startDate: Date;
		/**
		* End date for the key (default empty)
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification
		* of the attribute during the course of a `C_CopyObject` call.
		*/
		endDate: Date;
		/**
		* `CK_TRUE` if key supports key derivation
		* (i.e., if other keys can be derived from this one (default `CK_FALSE`)
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification
		* of the attribute during the course of a `C_CopyObject` call.
		* @returns boolean
		*/
		derive: boolean;
		/**
		* `CK_TRUE` only if key was either * generated locally (i.e., on the token)
		* with a `C_GenerateKey` or `C_GenerateKeyPair` call * created with a `C_CopyObject` call
		* as a copy of a key which had its `CKA_LOCAL` attribute set to `CK_TRUE`
		* - Must not be specified when object is created with `C_CreateObject`.
		* - Must not be specified when object is generated with `C_GenerateKey` or `C_GenerateKeyPair`.
		* - Must not be specified when object is unwrapped with `C_UnwrapKey`.
		*/
		local: boolean;
		/**
		* Identifier of the mechanism used to generate the key material.
		* - Must not be specified when object is created with `C_CreateObject`.
		* - Must not be specified when object is generated with `C_GenerateKey` or `C_GenerateKeyPair`.
		* - Must not be specified when object is unwrapped with `C_UnwrapKey`.
		*/
		mechanism: KeyGenMechanism;
		@@ -82,0 +142,0 @@ get allowedMechanisms(): void;

86

build/types/objects/keys/private.d.ts

		/// <reference types="node" />
		import { Key } from "./key";
		/**
		* Private key objects (object class `CKO_PRIVATE_KEY`) hold private keys
		*/
		export declare class PrivateKey extends Key {
		/**
		* DER-encoding of the key subject name (default empty)
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		*/
		subject: Buffer;
		/**
		* `true` if key is sensitive
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Attribute cannot be changed once set to CK_TRUE. It becomes a read only attribute.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		sensitive: boolean;
		/**
		* `true` if key supports decryption
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		decrypt: boolean;
		/**
		* `true` if key supports signatures where the signature is an appendix to the data
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		sign: boolean;
		/**
		* `true` if key supports signatures where the data can be recovered from the signature
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		signRecover: boolean;
		/**
		* `true` if key supports unwrapping (i.e., can be used to unwrap other keys)
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		unwrap: boolean;
		/**
		* `true` if key is extractable and can be wrapped
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Attribute cannot be changed once set to `false`. It becomes a read only attribute.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		extractable: boolean;
		/**
		* `true` if key has always had the `CKA_SENSITIVE` attribute set to `true`
		* - Must not be specified when object is created with `C_CreateObject`.
		* - Must not be specified when object is generated with `C_GenerateKey` or `C_GenerateKeyPair`.
		* - Must not be specified when object is unwrapped with `C_UnwrapKey`.
		*/
		alwaysSensitive: boolean;
		/**
		* `true` if key has never had the `CKA_EXTRACTABLE` attribute set to `true`
		* - Must not be specified when object is created with `C_CreateObject`.
		* - Must not be specified when object is generated with `C_GenerateKey` or `C_GenerateKeyPair`.
		* - Must not be specified when object is unwrapped with `C_UnwrapKey`.
		*/
		neverExtractable: boolean;
		/**
		* `true` if the key can only be wrapped with a wrapping key
		* that has `CKA_TRUSTED` set to `true`. Default is `false`.
		* - Attribute cannot be changed once set to `true`. It becomes a read only attribute.
		*/
		wrapTrusted: boolean;
		/**
		* For wrapping keys. The attribute template to apply to any keys unwrapped
		* using this wrapping key. Any user supplied template is applied after this template
		* as if the object has already been created.
		*/
		get template(): void;
		set template(v: void);
		/**
		* if `true`, the user has to supply the PIN for each use (sign or decrypt) with the key.
		* Default is `false`
		*/
		alwaysAuthenticate: boolean;
		}

51

build/types/objects/keys/public.d.ts

		/// <reference types="node" />
		import { Key } from "./key";
		/**
		* Public key objects (object class CKO_PUBLIC_KEY) hold public keys
		*/
		export declare class PublicKey extends Key {
		/**
		* DER-encoding of the key subject name (default empty)
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		*/
		subject: Buffer;
		/**
		* `true` if key supports encryption
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		encrypt: boolean;
		/**
		* `true` if key supports verification where the signature is an appendix to the data
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		verify: boolean;
		/**
		* `true` if key supports verification where the data is recovered from the signature
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		verifyRecover: boolean;
		/**
		* `true` if key supports wrapping (i.e., can be used to wrap other keys)
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		wrap: boolean;
		/**
		* The key can be trusted for the application that it was created.
		* - The wrapping key can be used to wrap keys with `CKA_WRAP_WITH_TRUSTED` set to `true`.
		* - Can only be set to CK_TRUE by the SO user.
		*/
		trusted: boolean;
		/**
		* For wrapping keys. The attribute template to match against any keys wrapped using this wrapping key.
		* Keys that do not match cannot be wrapped.
		*/
		get template(): void;
		set template(v: void);
		}

103

build/types/objects/keys/secret.d.ts

		/// <reference types="node" />
		import { Key } from "./key";
		/**
		* Secret key objects (object class `CKO_SECRET_KEY`) hold secret keys.
		*/
		export declare class SecretKey extends Key {
		/**
		* `true` if key is sensitive
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Attribute cannot be changed once set to `true`. It becomes a read only attribute.
		*/
		sensitive: boolean;
		/**
		* `true` if key supports encryption
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		encrypt: boolean;
		/**
		* `true` if key supports decryption
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		decrypt: boolean;
		/**
		* `true` if key supports verification (i.e., of authentication codes)
		* where the signature is an appendix to the data
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		verify: boolean;
		/**
		* `true` if key supports signatures (i.e., authentication codes) where the signature is an appendix to the data
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		sign: boolean;
		/**
		* `true` if key supports wrapping (i.e., can be used to wrap other keys)
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		wrap: boolean;
		/**
		* `true` if key supports unwrapping (i.e., can be used to unwrap other keys)
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		unwrap: boolean;
		/**
		* `true` if key is extractable and can be wrapped
		* - May be modified after object is created with a `C_SetAttributeValue` call,
		* or in the process of copying object with a `C_CopyObject` call.
		* However, it is possible that a particular token may not permit modification of the attribute
		* during the course of a `C_CopyObject` call.
		* - Attribute cannot be changed once set to `false`. It becomes a read only attribute.
		* - Default value is token-specific, and may depend on the values of other attributes.
		*/
		extractable: boolean;
		/**
		* `true` if key has always had the `CKA_SENSITIVE` attribute set to `true`
		* - Must not be specified when object is created with `C_CreateObject`.
		* - Must not be specified when object is generated with `C_GenerateKey` or `C_GenerateKeyPair`.
		* - Must not be specified when object is unwrapped with `C_UnwrapKey`.
		*/
		alwaysSensitive: boolean;
		/**
		* `true` if key has never had the `CKA_EXTRACTABLE` attribute set to `true`
		* - Must not be specified when object is created with `C_CreateObject`.
		* - Must not be specified when object is generated with `C_GenerateKey` or `C_GenerateKeyPair`.
		* - Must not be specified when object is unwrapped with `C_UnwrapKey`.
		*/
		neverExtractable: boolean;
		/**
		* Key checksum
		*/
		checkValue: Buffer;
		/**
		* `true` if the key can only be wrapped with a wrapping key
		* that has `CKA_TRUSTED` set to `true`. Default is `false`.
		* - Attribute cannot be changed once set to `true`. It becomes a read only attribute.
		*/
		wrapTrusted: boolean;
		/**
		* The wrapping key can be used to wrap keys with `CKA_WRAP_WITH_TRUSTED` set to `true`.
		* - Can only be set to CK_TRUE by the SO user.
		*/
		trusted: boolean;
		/**
		* For wrapping keys.
		* The attribute template to match against any keys wrapped using this wrapping key.
		* Keys that do not match cannot be wrapped.
		*/
		get wrapTemplate(): void;
		set wrapTemplate(v: void);
		/**
		* For wrapping keys.
		* The attribute template to apply to any keys unwrapped using this wrapping key.
		* Any user supplied template is applied after this template as if the object has already been created.
		*/
		get unwrapTemplate(): void;
		set unwrapTemplate(v: void);
		}

16

build/types/objects/storage.d.ts

		import { SessionObject } from "../object";
		export declare class Storage extends SessionObject {
		/**
		* `true` if object is a token object and
		* `false` if object is a session object.
		* Default is `false`.
		*/
		token: boolean;
		/**
		* `true` if object is a private object and
		* `false` if object is a public object.
		* Default value is token-specific, and may depend on the values of other attributes of the object.
		*/
		private: boolean;
		/**
		* `true` if object can be modified. Default is `false`
		*/
		modifiable: boolean;
		/**
		* Description of the object (default empty)
		*/
		label: string;
		}

222

build/types/session.d.ts

		@@ -13,10 +13,31 @@ /// <reference types="node" />
		export declare enum SessionFlag {
		/**
		* `True` if the session is read/write; `false` if the session is read-only
		*/
		RW_SESSION = 2,
		/**
		* This flag is provided for backward compatibility, and should always be set to `true`
		*/
		SERIAL_SESSION = 4
		}
		/**
		* Enumeration specifies user types
		*/
		export declare enum UserType {
		/**
		* Security Officer
		*/
		SO = 0,
		/**
		* User
		*/
		USER = 1,
		/**
		* Context specific
		*/
		CONTEXT_SPECIFIC = 2
		}
		/**
		* Structure of asymmetric key pair
		*/
		export interface IKeyPair {
		@@ -27,40 +48,241 @@ privateKey: objects.PrivateKey;
		declare type SessionFindCallback = (obj: SessionObject, index: number) => any;
		/**
		* Provides information about a session
		*/
		export declare class Session extends core.HandleObject {
		/**
		* Slot
		*
		* @type {Slot}
		*/
		slot: Slot;
		/**
		* The state of the session
		*/
		state: number;
		/**
		* Bit flags that define the type of session
		*/
		flags: number;
		/**
		* An error code defined by the cryptographic device. Used for errors not covered by Cryptoki
		*/
		deviceError: number;
		/**
		* Creates a new instance of {@link Session}
		* @param handle ID of slot's session
		* @param slot PKCS#11 slot
		* @param lib PKCS#11 module
		*/
		constructor(handle: core.Handle, slot: Slot, lib: pkcs11.PKCS11);
		/**
		* Closes a session between an application and a token
		*/
		close(): void;
		/**
		* Initializes the normal user's PIN
		* @param pin the normal user's PIN
		*/
		initPin(pin: string): void;
		/**
		* modifies the PIN of the user who is logged in
		* @param oldPin The old PIN
		* @param newPin The new PIN
		*/
		setPin(oldPin: string, newPin: string): void;
		/**
		* Obtains a copy of the cryptographic operations state of a session, encoded as a string of bytes
		*/
		getOperationState(): Buffer;
		/**
		* Restores the cryptographic operations state of a session
		* from a string of bytes obtained with getOperationState
		* @param state the saved state
		* @param encryptionKey holds key which will be used for an ongoing encryption
		* or decryption operation in the restored session
		* (or 0 if no encryption or decryption key is needed,
		* either because no such operation is ongoing in the stored session
		* or because all the necessary key information is present in the saved state)
		* @param authenticationKey holds a handle to the key which will be used for an ongoing signature,
		* MACing, or verification operation in the restored session
		* (or 0 if no such key is needed, either because no such operation is ongoing in the stored session
		* or because all the necessary key information is present in the saved state)
		*/
		setOperationState(state: Buffer, encryptionKey?: number, authenticationKey?: number): void;
		/**
		* Logs a user into a token
		* @param pin the user's PIN.
		* - This standard allows PIN values to contain any valid `UTF8` character,
		* but the token may impose subset restrictions
		* @param userType the user type. Default is {@link UserType.USER}
		*/
		login(pin: string, userType?: UserType): void;
		/**
		* logs a user out from a token
		*/
		logout(): void;
		/**
		* creates a new object
		* - Only session objects can be created during a read-only session.
		* - Only public objects can be created unless the normal user is logged in.
		* @param template the object's template
		* @returns The new instance of {@link SessionObject}
		*/
		create(template: ITemplate): SessionObject;
		/**
		* Copies an object, creating a new object for the copy
		* @param object the copied object
		* @param template template for new object
		* @returns The new instance of {@link SessionObject}
		*/
		copy(object: SessionObject, template: ITemplate): SessionObject;
		/**
		* Removes all session objects matched to template
		* @param template The list of attributes
		* @returns The number of destroyed objects
		*/
		destroy(template: ITemplate): number;
		/**
		* Removes the specified session object
		* @param object Object for destroying
		* @returns The number of destroyed objects
		*/
		destroy(object: SessionObject): number;
		/**
		* Removes all session objects
		* @returns The number of destroyed objects
		*/
		destroy(): number;
		/**
		* Removes all session objects
		* @returns The number of destroyed objects
		*/
		clear(): number;
		/**
		* Returns a collection of session objects matched to template
		* @param template Th list of attributes
		* @param callback Optional callback function which is called for each founded object
		* - if callback function returns `false`, it breaks find function.
		* @returns Th collection of session objects
		*/
		find(): SessionObjectCollection;
		find(callback: SessionFindCallback): SessionObjectCollection;
		find(template?: ITemplate \| null, callback?: SessionFindCallback): SessionObjectCollection;
		/**
		* Returns object from session by handle
		* @param handle handle of object
		* @returns The session object or null
		*/
		getObject<T extends SessionObject>(handle: core.Handle): T \| null;
		/**
		* Generates a secret key or set of domain parameters, creating a new object.
		* @param mechanism Generation mechanism
		* @param template Template for the new key or set of domain parameters
		* @returns The secret key
		*/
		generateKey(mechanism: MechanismType, template?: ITemplate): objects.SecretKey;
		/**
		* Generates a secret key or set of domain parameters, creating a new object.
		* @param mechanism Generation mechanism
		* @param template Template for the new key or set of domain parameters
		* @param callback Async callback with generated key
		*/
		generateKey(mechanism: MechanismType, template: ITemplate, callback: Callback<Error, objects.SecretKey>): void;
		/**
		* Generates an asymmetric key pair
		* @param mechanism Generation mechanism
		* @param publicTemplate The public key template
		* @param privateTemplate The private key template
		* @returns The generated key pair
		*/
		generateKeyPair(mechanism: MechanismType, publicTemplate: ITemplate, privateTemplate: ITemplate): IKeyPair;
		/**
		* Generates an asymmetric key pair
		* @param mechanism Generation mechanism
		* @param publicTemplate The public key template
		* @param privateTemplate The private key template
		* @param callback Async callback with generated key pair
		*/
		generateKeyPair(mechanism: MechanismType, publicTemplate: ITemplate, privateTemplate: ITemplate, callback: Callback<Error, IKeyPair>): void;
		/**
		* Creates the signing operation
		* @param alg The signing mechanism
		* @param key The signing key
		* @returns Signing operation
		*/
		createSign(alg: MechanismType, key: Key): Sign;
		/**
		* Creates the verifying operation
		* @param alg The verifying mechanism
		* @param key The verifying key
		*/
		createVerify(alg: MechanismType, key: Key): Verify;
		/**
		* Creates the encryption operation
		* @param alg The encryption mechanism
		* @param key The encryption key
		* @returns The encryption operation
		*/
		createCipher(alg: MechanismType, key: Key): Cipher;
		/**
		* Creates the decryption operation
		* @param alg The decryption mechanism
		* @param key The decryption key
		* @param blockSize Block size in bytes
		* @returns The decryption operation
		*/
		createDecipher(alg: MechanismType, key: Key, blockSize?: number): Decipher;
		/**
		* Creates the digest operation
		* @param alg The digest mechanism
		* @return The digest operation
		*/
		createDigest(alg: MechanismType): Digest;
		/**
		* Wraps (i.e., encrypts) a key
		* @param alg Wrapping mechanism
		* @param wrappingKey Wrapping key
		* @param key Key to be wrapped
		* @returns Wrapped key
		*/
		wrapKey(alg: MechanismType, wrappingKey: Key, key: Key): Buffer;
		/**
		* Wraps (i.e., encrypts) a key
		* @param alg Wrapping mechanism
		* @param wrappingKey Wrapping key
		* @param key Key to be wrapped
		* @param callback Async callback function with wrapped key
		*/
		wrapKey(alg: MechanismType, wrappingKey: Key, key: Key, callback: Callback<Error, Buffer>): void;
		/**
		* Unwraps (decrypts) a wrapped key
		* @param alg Unwrapping mechanism
		* @param unwrappingKey Unwrapping key
		* @param wrappedKey Wrapped key
		* @param template New key template
		* @returns Unwrapped key
		*/
		unwrapKey(alg: MechanismType, unwrappingKey: Key, wrappedKey: Buffer, template: ITemplate): Key;
		unwrapKey(alg: MechanismType, unwrappingKey: Key, wrappedKey: Buffer, template: ITemplate, callback: Callback<Error, Key>): void;
		/**
		* Derives a key from a base key
		* @param alg Key derivation mech
		* @param baseKey Base key
		* @param template New key template
		* @returns Derived key
		*/
		deriveKey(alg: MechanismType, baseKey: Key, template: ITemplate): SecretKey;
		/**
		* Derives a key from a base key
		* @param alg Key derivation mech
		* @param baseKey Base key
		* @param template New key template
		* @param callback Async callback function with derived key
		*/
		deriveKey(alg: MechanismType, baseKey: Key, template: ITemplate, callback: Callback<Error, Key>): void;
		/**
		* Generates random data
		* @param size Amount of bytes to generate
		* @returns New byte array
		*/
		generateRandom(size: number): Buffer;
		@@ -67,0 +289,0 @@ protected getInfo(): void;

74

build/types/slot.d.ts

		@@ -5,26 +5,100 @@ /// <reference types="node" />
		import { Module, SessionFlag, Session, Token, MechanismCollection } from "./";
		/**
		* Enumeration specifies slot flags
		*/
		export declare enum SlotFlag {
		/**
		* `true` if a token is present in the slot (e.g., a device is in the reader)
		*/
		TOKEN_PRESENT = 1,
		/**
		* `true` if the reader supports removable devices
		*/
		REMOVABLE_DEVICE = 2,
		/**
		* `true` if the slot is a hardware slot, as opposed to a software slot implementing a "soft token"
		*/
		HW_SLOT = 4
		}
		/**
		* Represents PKCS#11 slot
		*/
		export declare class Slot extends core.HandleObject {
		/**
		* Character-string description of the slot
		*/
		slotDescription: string;
		/**
		* ID of the slot manufacturer
		*/
		manufacturerID: string;
		/**
		* Bits flags that provide capabilities of the slot
		*/
		flags: SlotFlag;
		/**
		* Version number of the slot's hardware
		*/
		hardwareVersion: pkcs11.Version;
		/**
		* Version number of the slot's firmware
		*/
		firmwareVersion: pkcs11.Version;
		/**
		* PKCS#11 module
		*/
		module: Module;
		/**
		* Creates a new instance of {@link Slot}
		* @param handle ID of token's slot
		* @param module PKCS#11 module
		* @param lib PKCS#11 library
		*/
		constructor(handle: core.Handle, module: Module, lib: pkcs11.PKCS11);
		/**
		* Returns information about token
		* @returns PKCS#11 token structure
		*/
		getToken(): Token;
		/**
		* Obtains a list of mechanism types supported by a token
		* @returns The list of {@link Mechanism}
		*/
		getMechanisms(): MechanismCollection;
		/**
		* Initializes a token
		* @param pin the SO's initial PIN
		* @param label token label
		* @returns Token label
		*/
		initToken(pin: string, label?: string): string;
		/**
		* Opens a session between an application and a token in a particular slot
		*
		* @param flags Indicates the type of session
		* @returns Opened session
		*/
		open(flags?: SessionFlag): Session;
		/**
		* Closes all sessions an application has with a token
		*/
		closeAll(): void;
		protected getInfo(): void;
		}
		/**
		* Collection of slots
		*/
		export declare class SlotCollection extends core.Collection<Slot> {
		/**
		* PKCS#11 module
		*/
		module: Module;
		/**
		* Creates a new instance of {@link SlotCollection}
		* @param items The kist of slot handles
		* @param module PKCS#11 module
		* @param lib PKCS#11 library
		*/
		constructor(items: Buffer[], module: Module, lib: pkcs11.PKCS11);
		items(index: number): Slot;
		}

319

build/types/template.d.ts

		/// <reference types="node" />
		import * as pkcs11 from "pkcs11js";
		/**
		* Represents the list of attributes
		*/
		export interface ITemplate {
		[key: string]: any;
		/**
		* CKA_CLASS
		*/
		class?: number \| null;
		/**
		* CKA_TOKEN
		*/
		token?: boolean \| null;
		/**
		* CKA_PRIVATE
		*/
		private?: boolean \| null;
		/**
		* CKA_LABEL
		*/
		label?: string \| null;
		/**
		* CKA_APPLICATION
		*/
		application?: string \| null;
		/**
		* CKA_VALUE
		*/
		value?: Buffer \| null;
		/**
		* CKA_OBJECT_ID
		*/
		objectId?: Buffer \| null;
		/**
		* CKA_CERTIFICATE_TYPE
		*/
		certType?: number;
		/**
		* CKA_ISSUER
		*/
		issuer?: Buffer \| null;
		/**
		* CKA_SERIAL_NUMBER
		*/
		serial?: Buffer \| null;
		/**
		* CKA_AC_ISSUER
		*/
		issuerAC?: Buffer \| null;
		/**
		* CKA_OWNER
		*/
		owner?: Buffer \| null;
		/**
		* CKA_ATTR_TYPES
		*/
		attrTypes?: Buffer \| null;
		/**
		* CKA_TRUSTED
		*/
		trusted?: boolean \| null;
		/**
		* CKA_CERTIFICATE_CATEGORY
		*/
		certCategory?: number \| null;
		/**
		* CKA_JAVA_MIDP_SECURITY_DOMAIN
		*/
		javaDomain?: number \| null;
		/**
		* CKA_URL
		*/
		url?: string \| null;
		/**
		* CKA_HASH_OF_SUBJECT_PUBLIC_KEY
		*/
		ski?: Buffer \| null;
		/**
		* CKA_HASH_OF_ISSUER_PUBLIC_KEY
		*/
		aki?: Buffer \| null;
		/**
		* CKA_NAME_HASH_ALGORITHM
		*/
		digestName?: number \| null;
		/**
		* CKA_CHECK_VALUE
		*/
		checkValue?: Buffer \| null;
		/**
		* CKA_KEY_TYPE
		*/
		keyType?: number \| null;
		/**
		* CKA_SUBJECT
		*/
		subject?: Buffer \| null;
		/**
		* CKA_ID
		*/
		id?: Buffer \| null;
		/**
		* CKA_SENSITIVE
		*/
		sensitive?: boolean \| null;
		/**
		* CKA_ENCRYPT
		*/
		encrypt?: boolean \| null;
		/**
		* CKA_DECRYPT
		*/
		decrypt?: boolean \| null;
		/**
		* CKA_WRAP
		*/
		wrap?: boolean \| null;
		/**
		* CKA_UNWRAP
		*/
		unwrap?: boolean \| null;
		/**
		* CKA_SIGN
		*/
		sign?: boolean \| null;
		/**
		* CKA_SIGN_RECOVER
		*/
		signRecover?: boolean \| null;
		/**
		* CKA_VERIFY
		*/
		verify?: boolean \| null;
		/**
		* CKA_VERIFY_RECOVER
		*/
		verifyRecover?: boolean \| null;
		/**
		* CKA_DERIVE
		*/
		derive?: boolean \| null;
		/**
		* CKA_START_DATE
		*/
		startDate?: Date \| null;
		/**
		* CKA_END_DATE
		*/
		endDate?: Date \| null;
		/**
		* CKA_MODULUS
		*/
		modulus?: Buffer \| null;
		/**
		* CKA_MODULUS_BITS
		*/
		modulusBits?: number \| null;
		/**
		* CKA_PUBLIC_EXPONENT
		*/
		publicExponent?: Buffer \| null;
		/**
		* CKA_PRIVATE_EXPONENT
		*/
		privateExponent?: Buffer \| null;
		/**
		* CKA_PRIME_1
		*/
		prime1?: Buffer \| null;
		/**
		* CKA_PRIME_2
		*/
		prime2?: Buffer \| null;
		/**
		* CKA_EXPONENT_1
		*/
		exp1?: Buffer \| null;
		/**
		* CKA_EXPONENT_2
		*/
		exp2?: Buffer \| null;
		/**
		* CKA_COEFFICIENT
		*/
		coefficient?: Buffer \| null;
		/**
		* CKA_PRIME
		*/
		prime?: Buffer \| null;
		/**
		* CKA_SUBPRIME
		*/
		subprime?: Buffer \| null;
		/**
		* CKA_BASE
		*/
		base?: Buffer \| null;
		/**
		* CKA_PRIME_BITS
		*/
		primeBits?: number \| null;
		/**
		* CKA_SUBPRIME_BITS
		*/
		subprimeBits?: number \| null;
		/**
		* CKA_VALUE_BITS
		*/
		valueBits?: number \| null;
		/**
		* CKA_VALUE_LEN
		*/
		valueLen?: number \| null;
		/**
		* CKA_EXTRACTABLE
		*/
		extractable?: boolean \| null;
		/**
		* CKA_LOCAL
		*/
		local?: boolean \| null;
		/**
		* CKA_NEVER_EXTRACTABLE
		*/
		neverExtractable?: boolean \| null;
		/**
		* CKA_ALWAYS_SENSITIVE
		*/
		alwaysSensitive?: boolean \| null;
		/**
		* CKA_KEY_GEN_MECHANISM
		*/
		keyGenMechanism?: number \| null;
		/**
		* CKA_MODIFIABLE
		*/
		modifiable?: boolean \| null;
		/**
		* CKA_COPYABLE
		*/
		copyable?: boolean \| null;
		/**
		* CKA_ECDSA_PARAMS
		*/
		paramsECDSA?: Buffer \| null;
		paramsEC?: Buffer \| null;
		/**
		* CKA_EC_POINT
		*/
		pointEC?: Buffer \| null;
		/**
		* CKA_SECONDARY_AUTH
		*/
		secondaryAuth?: boolean \| null;
		/**
		* CKA_AUTH_PIN_FLAGS
		*/
		authPinFlags?: Buffer \| null;
		/**
		* CKA_ALWAYS_AUTHENTICATE
		*/
		alwaysAuth?: boolean \| null;
		/**
		* CKA_WRAP_WITH_TRUSTED
		*/
		wrapWithTrusted?: boolean \| null;
		/**
		* CKA_WRAP_TEMPLATE
		*/
		wrapTemplate?: any \| null;
		/**
		* CKA_UNWRAP_TEMPLATE
		*/
		unwrapTemplate?: any \| null;
		/**
		* CKA_OTP_FORMAT
		*/
		otpFormat?: any \| null;
		/**
		* CKA_OTP_LENGTH
		*/
		otpLength?: any \| null;
		/**
		* CKA_OTP_TIME_INTERVAL
		*/
		otpTimeInterval?: any \| null;
		/**
		* CKA_OTP_USER_FRIENDLY_MODE
		*/
		otpUserFriendlyMode?: any \| null;
		/**
		* CKA_OTP_CHALLENGE_REQUIREMENT
		*/
		otpChallengeReq?: any \| null;
		/**
		* CKA_OTP_TIME_REQUIREMENT
		*/
		otpTimeReq?: any \| null;
		/**
		* CKA_OTP_COUNTER_REQUIREMENT
		*/
		otpCounterReq?: any \| null;
		/**
		* CKA_OTP_PIN_REQUIREMENT
		*/
		otpPinReq?: any \| null;
		/**
		* CKA_OTP_COUNTER
		*/
		otpCounter?: any \| null;
		/**
		* CKA_OTP_TIME
		*/
		otpTime?: any \| null;
		/**
		* CKA_OTP_USER_IDENTIFIER
		*/
		otpUserId?: any \| null;
		/**
		* CKA_OTP_SERVICE_IDENTIFIER
		*/
		otpServiceId?: any \| null;
		/**
		* CKA_OTP_SERVICE_LOGO
		*/
		otpServiceLogo?: any \| null;
		/**
		* CKA_OTP_SERVICE_LOGO_TYPE
		*/
		otpServiceLogoType?: any \| null;
		/**
		* CKA_HW_FEATURE_TYPE
		*/
		hwFeatureType?: any \| null;
		/**
		* CKA_RESET_ON_INIT
		*/
		resetOnInit?: any \| null;
		/**
		* CKA_HAS_RESET
		*/
		hasReset?: any \| null;
		/**
		* CKA_PIXEL_X
		*/
		pixelX?: any \| null;
		/**
		* CKA_PIXEL_Y
		*/
		pixelY?: any \| null;
		/**
		* CKA_RESOLUTION
		*/
		resolution?: any \| null;
		/**
		* CKA_CHAR_ROWS
		*/
		charRows?: any \| null;
		/**
		* CKA_CHAR_COLUMNS
		*/
		charCols?: any \| null;
		/**
		* CKA_COLOR
		*/
		color?: any \| null;
		/**
		* CKA_BITS_PER_PIXEL
		*/
		bitsPerPixel?: any \| null;
		/**
		* CKA_CHAR_SETS
		*/
		charSets?: any \| null;
		/**
		* CKA_ENCODING_METHODS
		*/
		encMethod?: any \| null;
		/**
		* CKA_MIME_TYPES
		*/
		mimeTypes?: any \| null;
		/**
		* CKA_MECHANISM_TYPE
		*/
		mechanismType?: any \| null;
		/**
		* CKA_REQUIRED_CMS_ATTRIBUTES
		*/
		requiredCmsAttrs?: any \| null;
		/**
		* CKA_DEFAULT_CMS_ATTRIBUTES
		*/
		defaultCmsAttrs?: any \| null;
		/**
		* CKA_SUPPORTED_CMS_ATTRIBUTES
		*/
		supportedCmsAttrs?: any \| null;
		/**
		* CKA_ALLOWED_MECHANISMS
		*/
		allowedMechanisms?: any \| null;
		}
		export declare type AttributeItemType = "number" \| "boolean" \| "string" \| "buffer" \| "date";
		/**
		* Static class that allows to convert graphene template to pkcs11js template and back
		*/
		export declare class Template {
		/**
		* Converts Graphene Template to PKCS#11 Template
		* @param tmpl Graphene Template
		* @returns pkcs11js template
		*/
		static toPkcs11(tmpl: ITemplate \| null): pkcs11.Template;
		/**
		* Converts PKCS#11 Template to Graphene Template
		* @param tmpl PKCS#11 Template
		* @returns Graphene template
		*/
		static fromPkcs11(tmpl: pkcs11.Template): ITemplate;
		}
		/**
		* Registers attribute items
		* @param name The name of attribute
		* @param value PKCS#11 number value of attribute
		* @param type The string name of type
		*/
		export declare function registerAttribute(name: string, value: number, type: AttributeItemType): void;

58

build/types/token.d.ts

		@@ -24,20 +24,78 @@ import * as pkcs11 from "pkcs11js";
		}
		/**
		* Represents PKCS#11 token structure
		*/
		export declare class Token extends core.HandleObject {
		/**
		* Application-defined label, assigned during token initialization
		*/
		label: string;
		/**
		* ID of the device manufacturer
		*/
		manufacturerID: string;
		/**
		* Model of the device
		*/
		model: string;
		/**
		* Character-string serial number of the device.
		*/
		serialNumber: string;
		/**
		* Bit flags indicating capabilities and status of the device
		*/
		flags: TokenFlag;
		/**
		* Maximum number of sessions that can be opened with the token at one time by a single application
		*/
		maxSessionCount: number;
		/**
		* Number of sessions that this application currently has open with the token
		*/
		sessionCount: number;
		/**
		* maximum number of read/write sessions that can be opened
		* with the token at one time by a single application
		*/
		maxRwSessionCount: number;
		/**
		* Number of read/write sessions that this application currently has open with the token
		*/
		rwSessionCount: number;
		/**
		* Maximum length in bytes of the PIN
		*/
		maxPinLen: number;
		/**
		* Minimum length in bytes of the PIN
		*/
		minPinLen: number;
		/**
		* The total amount of memory on the token in bytes in which public objects may be stored
		*/
		totalPublicMemory: number;
		/**
		* The amount of free (unused) memory on the token in bytes for public objects
		*/
		freePublicMemory: number;
		/**
		* The total amount of memory on the token in bytes in which private objects may be stored
		*/
		totalPrivateMemory: number;
		/**
		* The amount of free (unused) memory on the token in bytes for private objects
		*/
		freePrivateMemory: number;
		/**
		* Version number of hardware
		*/
		hardwareVersion: pkcs11.Version;
		/**
		* Version number of firmware
		*/
		firmwareVersion: pkcs11.Version;
		/**
		* Current time. Null when a token does not have a clock.
		*/
		utcTime: Date \| null;
		@@ -44,0 +102,0 @@ constructor(handle: core.Handle, lib: pkcs11.PKCS11);

2

package.json

		{
		"name": "graphene-pk11",
		"version": "2.2.0",
		"version": "2.2.1",
		"description": "A simple layer for interacting with PKCS #11 / PKCS11 / CryptoKI for Node in TypeScript",
		@@ -5,0 +5,0 @@ "main": "./build/cjs/index.js",

graphene-pk11 - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics