use of com.ingrian.security.nae.CustomAttributes in project CipherTrust_Application_Protection by thalescpl-io.
the class AdminRequestSample method modifyUserCustomAttrs.
private static void modifyUserCustomAttrs(NAEAdminRequestProcessor processor) {
System.out.print("Enter user-name :");
String userName = sc.next();
CustomAttributes attrsToAdd = new CustomAttributes();
List<String> attrsToDelete = new ArrayList<String>();
System.out.print("Enter Number Of Attribute To Add/Modify :");
int num = Integer.parseInt(sc.next());
while (num-- > 0) {
System.out.print("Enter Attribute Name To Add/Modify :");
String attr = sc.next();
System.out.print("Enter Attribute Value :");
String attrValue = sc.next();
attrsToAdd.addAttribute(attr, attrValue);
}
System.out.print("Enter Number Of Attributes To Delete :");
num = Integer.parseInt(sc.next());
while (num-- > 0) {
System.out.print("Enter Attribute Name To Delete :");
String attr = sc.next();
attrsToDelete.add(attr);
}
NAEUserModifyRequest umr = new NAEUserModifyRequest.Builder().userName(userName).customAttrsToAdd(attrsToAdd).customAttrsToDelete(attrsToDelete).build();
boolean success = processor.modifyUser(umr);
if (success)
System.out.println("User Custom attributes modified successfully");
else
System.out.println("Failure in user Custom attibute modification");
}
use of com.ingrian.security.nae.CustomAttributes in project CipherTrust_Application_Protection by thalescpl-io.
the class KeyNameSample method main.
public static void main(String[] args) {
/**
* KeyName api if used with valid Key Manager user name and password then it
* fetches all the keys names belongs to the user and global keys
* as per the attribute passed. Please read Javadoc for their value.
*/
if (args.length > 14) {
System.err.println("Usage: java KeyNameSample -user [userName] -password [password] -attr [attributName]" + "-attrV [attributeValue] -fingerprint [fingerprint] -offset [keyOffset] -max [maxKeys]");
System.exit(-1);
}
String username = null;
String password = null;
String attributeName = null;
String attributeValue = null;
String fingerprint = null;
int offset = 0;
// maximum key needs to be fetched should be atleast 1
int max = 1;
// extracting values from the given input argument. May have null values.
for (int i = 0; i < args.length; i++) {
if ("-user".equals(args[i]))
username = args[i + 1];
else if ("-password".equals(args[i]))
password = args[i + 1];
else if ("-attr".equals(args[i]))
attributeName = args[i + 1];
else if ("-attrV".equals(args[i]))
attributeValue = args[i + 1];
else if ("-fingerprint".equals(args[i]))
fingerprint = args[i + 1];
else if ("-offset".equals(args[i]))
offset = Integer.parseInt(args[i + 1]);
else if ("-max".equals(args[i]))
max = Integer.parseInt(args[i + 1]);
}
if (username != null && password != null) {
NAESession session = null;
try {
session = NAESession.getSession(username, password.toCharArray());
CustomAttributes attr = new CustomAttributes();
if (attributeValue != null) {
attr.addAttributeForKeyName(attributeName, attributeValue);
attr.addAttributeForKeyName(attributeName + "-1", attributeValue);
}
UserKeysDetail keyNames = NAEKey.getKeyNames(attr, fingerprint, offset, max, session, ConjunctiveOperator.OR);
System.out.println("Key count: " + keyNames.getKeyCount());
System.out.println("Total Keys: " + keyNames.getTotalKeys());
System.out.println("KeyNames: " + keyNames.getKeyNames());
System.out.println("#####################");
} finally {
if (session != null)
session.closeSession();
}
} else {
// In this case all the global keys are fetched through global
// session.
System.out.println("Global Keys are: ");
UserKeysDetail keyNames = NAEKey.getKeyNames(null);
System.out.println("Key count: " + keyNames.getKeyCount());
System.out.println("Total Keys: " + keyNames.getTotalKeys());
System.out.println("KeyNames: " + keyNames.getKeyNames());
}
}
use of com.ingrian.security.nae.CustomAttributes in project CipherTrust_Application_Protection by thalescpl-io.
the class IngrianKeySample method main.
public static void main(String[] args) throws Exception {
if (args.length != 4) {
System.err.println("Usage: java IngrianKeySample user password keyname group");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
String group = args[3];
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
// get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (Provider provider : providers) {
System.out.println(provider.getInfo());
}
NAESession session = null;
try {
// Create AES key on NAE server
// create NAE Session: pass in NAE user name and password
session = NAESession.getSession(username, password.toCharArray());
// set the key permissions to the set of permissions granted to NAE group.
NAEPermission permission = new NAEPermission(group);
// add permission to sign
permission.setSign(true);
// add permission to verify signature
permission.setSignV(true);
NAEPermission[] permissions = { permission };
// create key pair which is exportable and deletable
// key owner is NAE user, default key length 1024 bits and
// permissions granted to sign and verify
NAEParameterSpec rsaParamSpec = new NAEParameterSpec(keyName, true, true, session, permissions);
// create key custom attributes
CustomAttributes attrs = new CustomAttributes("Attr1", "abc");
attrs.addAttribute("Attr2", "1234");
// create key which is exportable, deletable and versioned,
// with custom attributes,
// key owner is passed in NAE user and key length 128 bits
NAEParameterSpec spec = new NAEParameterSpec(keyName, true, true, true, 128, attrs, session);
KeyGenerator kg = KeyGenerator.getInstance("AES", "IngrianProvider");
kg.init(spec);
SecretKey secret_key = kg.generateKey();
NAEKey key = NAEKey.getSecretKey(keyName, session);
// Get default IV assiciated with this key
String defaultIV = key.getDefaultIV();
System.out.println("Key " + keyName + " has default IV " + defaultIV);
// Modify custom attributes.
// Create new attribute to add
CustomAttributes newAttrs = new CustomAttributes("Attr3", "ABC");
// Create list of attribute names to delete
String[] dAttrs = { "Attr1" };
key.modifyCustomAttributes(false, dAttrs, newAttrs);
// Create a new version of the key
int newVersion = key.generateVersion();
// and couple more
newVersion = key.generateVersion();
newVersion = key.generateVersion();
// retire version 1
key.modifyVersion(1, "Retired");
// restrict version 2
key.modifyVersion(2, "Restricted");
// get key instance
NAEKey newKey = NAEKey.getSecretKey(keyName, session);
// get custom attributes
CustomAttributes attributes = newKey.getCustomAttributes();
Hashtable attrTable = attributes.getAttributes();
for (Enumeration e = attrTable.keys(); e.hasMoreElements(); ) {
String name = (String) e.nextElement();
String value = (String) attrTable.get(name);
System.out.println("Key custom attribute - name: " + name + " : value: " + value);
}
if (newKey.isVersioned()) {
System.out.println("\nKey " + newKey.getName() + " is versioned.");
}
System.out.println("Number of key versions: " + newKey.getAllKeyVersions());
System.out.println("Number of active versions: " + newKey.getActiveKeyVersions());
System.out.println("Number of restricted versions: " + newKey.getRestrictedKeyVersions());
System.out.println("Number of retired versions: " + newKey.getRetiredKeyVersions());
System.out.println("Key Version: " + newKey.getKeyVersion() + "\n");
// get key info for all versions of this key
KeyInfoData[] infoData = newKey.getKeyInfoData(true);
System.out.println("Key data for each version");
for (KeyInfoData element : infoData) {
System.out.println("Key version: " + element.getKeyVersion());
System.out.println("Key fingerprint: " + element.getFingerprint());
System.out.println("Key State: " + element.getKeyVersionState());
System.out.println("Key iv: " + element.getDefaultIV() + "\n");
}
session.logEvent("Created versioned key.");
// export all versions of this key
KeyExportData[] keyData = newKey.export(true);
System.out.println("Exported key data for each version");
for (KeyExportData element : keyData) {
System.out.println("Exported Key version: " + element.getKeyVersion());
System.out.println("Exported Key fingerprint: " + element.getFingerprint());
System.out.println("Exported Key data: " + element.getKeyData() + "\n");
}
// import the key back. we can import the key only as a non-versioned key.
NAEParameterSpec spec_import = new NAEParameterSpec(keyName + "Import", true, true, session);
NAEKey.importKey(IngrianProvider.hex2ByteArray(keyData[2].getKeyData()), "AES", spec_import);
NAESecretKey importKey = NAEKey.getSecretKey(keyName + "Import", session);
System.out.println("Imported key data; Key " + importKey.getName() + " was created on NAE Server.\n");
// encrypt data with all key versions
NAEKey allKey = NAEKey.getSecretKey(keyName + "#all", session);
String dataToEncrypt = "2D2D2D2D2D424547494E2050455253495354454E54204346EB17960";
System.out.println("Data to encrypt \"" + dataToEncrypt + "\"");
// get IV
NAESecureRandom rng = new NAESecureRandom(session);
byte[] iv = new byte[16];
rng.nextBytes(iv);
IvParameterSpec ivSpec = new IvParameterSpec(iv);
// get a cipher
Cipher encryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "IngrianProvider");
// initialize cipher to encrypt.
encryptCipher.init(Cipher.ENCRYPT_MODE, allKey, ivSpec);
// encrypt data
// outbuf is an array of ciphertexts; the size of this array is number of key versions;
// each ciphertext is the data encrypted by one version of the key:
// result[0] is the data encrypted with the latest key version.
byte[] outbuf = encryptCipher.doFinal(dataToEncrypt.getBytes());
byte[][] result = IngrianProvider.encryptAllResult(outbuf);
for (byte[] element : result) {
System.out.println("Ciphertext " + IngrianProvider.byteArray2Hex(element));
}
Cipher decryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "IngrianProvider");
// decrypt ciphertext
// init cipher
NAEKey dKey = NAEKey.getSecretKey(keyName, session);
decryptCipher.init(Cipher.DECRYPT_MODE, dKey, ivSpec);
// will use correct key version from cipher text header
byte[] newbuf = decryptCipher.doFinal(result[0]);
System.out.println("Decrypted data \"" + new String(newbuf) + "\"");
} catch (Exception e) {
System.out.println("The Cause is " + e.getMessage() + ".");
e.printStackTrace();
} finally {
if (session != null) {
session.closeSession();
}
}
}
Aggregations