Search in sources :

Example 1 with CustomAttributes

use of com.ingrian.security.nae.CustomAttributes in project CipherTrust_Application_Protection by thalescpl-io.

the class AdminRequestSample method modifyUserCustomAttrs.

private static void modifyUserCustomAttrs(NAEAdminRequestProcessor processor) {
    System.out.print("Enter user-name :");
    String userName = sc.next();
    CustomAttributes attrsToAdd = new CustomAttributes();
    List<String> attrsToDelete = new ArrayList<String>();
    System.out.print("Enter Number Of Attribute To Add/Modify :");
    int num = Integer.parseInt(sc.next());
    while (num-- > 0) {
        System.out.print("Enter Attribute Name To Add/Modify :");
        String attr = sc.next();
        System.out.print("Enter Attribute Value :");
        String attrValue = sc.next();
        attrsToAdd.addAttribute(attr, attrValue);
    }
    System.out.print("Enter Number Of Attributes To Delete :");
    num = Integer.parseInt(sc.next());
    while (num-- > 0) {
        System.out.print("Enter Attribute Name To Delete :");
        String attr = sc.next();
        attrsToDelete.add(attr);
    }
    NAEUserModifyRequest umr = new NAEUserModifyRequest.Builder().userName(userName).customAttrsToAdd(attrsToAdd).customAttrsToDelete(attrsToDelete).build();
    boolean success = processor.modifyUser(umr);
    if (success)
        System.out.println("User Custom attributes modified successfully");
    else
        System.out.println("Failure in user Custom attibute modification");
}
Also used : CustomAttributes(com.ingrian.security.nae.CustomAttributes) ArrayList(java.util.ArrayList) NAEUserModifyRequest(com.ingrian.security.nae.NAEUserModifyRequest)

Example 2 with CustomAttributes

use of com.ingrian.security.nae.CustomAttributes in project CipherTrust_Application_Protection by thalescpl-io.

the class KeyNameSample method main.

public static void main(String[] args) {
    /**
     * KeyName api if used with valid Key Manager user name and password then it
     * fetches all the keys names belongs to the user and global keys
     * as per the attribute passed. Please read Javadoc for their value.
     */
    if (args.length > 14) {
        System.err.println("Usage: java KeyNameSample -user [userName] -password [password] -attr [attributName]" + "-attrV [attributeValue] -fingerprint [fingerprint] -offset [keyOffset] -max [maxKeys]");
        System.exit(-1);
    }
    String username = null;
    String password = null;
    String attributeName = null;
    String attributeValue = null;
    String fingerprint = null;
    int offset = 0;
    // maximum key needs to be fetched should be atleast 1
    int max = 1;
    // extracting values from the given input argument. May have null values.
    for (int i = 0; i < args.length; i++) {
        if ("-user".equals(args[i]))
            username = args[i + 1];
        else if ("-password".equals(args[i]))
            password = args[i + 1];
        else if ("-attr".equals(args[i]))
            attributeName = args[i + 1];
        else if ("-attrV".equals(args[i]))
            attributeValue = args[i + 1];
        else if ("-fingerprint".equals(args[i]))
            fingerprint = args[i + 1];
        else if ("-offset".equals(args[i]))
            offset = Integer.parseInt(args[i + 1]);
        else if ("-max".equals(args[i]))
            max = Integer.parseInt(args[i + 1]);
    }
    if (username != null && password != null) {
        NAESession session = null;
        try {
            session = NAESession.getSession(username, password.toCharArray());
            CustomAttributes attr = new CustomAttributes();
            if (attributeValue != null) {
                attr.addAttributeForKeyName(attributeName, attributeValue);
                attr.addAttributeForKeyName(attributeName + "-1", attributeValue);
            }
            UserKeysDetail keyNames = NAEKey.getKeyNames(attr, fingerprint, offset, max, session, ConjunctiveOperator.OR);
            System.out.println("Key count: " + keyNames.getKeyCount());
            System.out.println("Total Keys: " + keyNames.getTotalKeys());
            System.out.println("KeyNames: " + keyNames.getKeyNames());
            System.out.println("#####################");
        } finally {
            if (session != null)
                session.closeSession();
        }
    } else {
        // In this case all the global keys are fetched through global
        // session.
        System.out.println("Global Keys are: ");
        UserKeysDetail keyNames = NAEKey.getKeyNames(null);
        System.out.println("Key count: " + keyNames.getKeyCount());
        System.out.println("Total Keys: " + keyNames.getTotalKeys());
        System.out.println("KeyNames: " + keyNames.getKeyNames());
    }
}
Also used : CustomAttributes(com.ingrian.security.nae.CustomAttributes) UserKeysDetail(com.ingrian.security.nae.UserKeysDetail) NAESession(com.ingrian.security.nae.NAESession)

Example 3 with CustomAttributes

use of com.ingrian.security.nae.CustomAttributes in project CipherTrust_Application_Protection by thalescpl-io.

the class IngrianKeySample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 4) {
        System.err.println("Usage: java IngrianKeySample user password keyname group");
        System.exit(-1);
    }
    String username = args[0];
    String password = args[1];
    String keyName = args[2];
    String group = args[3];
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    // get the list of all registered JCE providers
    Provider[] providers = Security.getProviders();
    for (Provider provider : providers) {
        System.out.println(provider.getInfo());
    }
    NAESession session = null;
    try {
        // Create AES key on NAE server
        // create NAE Session: pass in NAE user name and password
        session = NAESession.getSession(username, password.toCharArray());
        // set the key permissions to the set of permissions granted to NAE group.
        NAEPermission permission = new NAEPermission(group);
        // add permission to sign
        permission.setSign(true);
        // add permission to verify signature
        permission.setSignV(true);
        NAEPermission[] permissions = { permission };
        // create key pair which is exportable and deletable
        // key owner is NAE user, default key length 1024 bits and
        // permissions granted to sign and verify
        NAEParameterSpec rsaParamSpec = new NAEParameterSpec(keyName, true, true, session, permissions);
        // create key custom attributes
        CustomAttributes attrs = new CustomAttributes("Attr1", "abc");
        attrs.addAttribute("Attr2", "1234");
        // create key which is exportable, deletable and versioned,
        // with custom attributes,
        // key owner is passed in NAE user and  key length 128 bits
        NAEParameterSpec spec = new NAEParameterSpec(keyName, true, true, true, 128, attrs, session);
        KeyGenerator kg = KeyGenerator.getInstance("AES", "IngrianProvider");
        kg.init(spec);
        SecretKey secret_key = kg.generateKey();
        NAEKey key = NAEKey.getSecretKey(keyName, session);
        // Get default IV assiciated with this key
        String defaultIV = key.getDefaultIV();
        System.out.println("Key " + keyName + " has default IV " + defaultIV);
        // Modify custom attributes.
        // Create new attribute to add
        CustomAttributes newAttrs = new CustomAttributes("Attr3", "ABC");
        // Create list of attribute names to delete
        String[] dAttrs = { "Attr1" };
        key.modifyCustomAttributes(false, dAttrs, newAttrs);
        // Create a new version of the key
        int newVersion = key.generateVersion();
        // and couple more
        newVersion = key.generateVersion();
        newVersion = key.generateVersion();
        // retire version 1
        key.modifyVersion(1, "Retired");
        // restrict version 2
        key.modifyVersion(2, "Restricted");
        // get key instance
        NAEKey newKey = NAEKey.getSecretKey(keyName, session);
        // get custom attributes
        CustomAttributes attributes = newKey.getCustomAttributes();
        Hashtable attrTable = attributes.getAttributes();
        for (Enumeration e = attrTable.keys(); e.hasMoreElements(); ) {
            String name = (String) e.nextElement();
            String value = (String) attrTable.get(name);
            System.out.println("Key custom attribute - name: " + name + " : value: " + value);
        }
        if (newKey.isVersioned()) {
            System.out.println("\nKey " + newKey.getName() + " is versioned.");
        }
        System.out.println("Number of key versions: " + newKey.getAllKeyVersions());
        System.out.println("Number of active versions: " + newKey.getActiveKeyVersions());
        System.out.println("Number of restricted versions: " + newKey.getRestrictedKeyVersions());
        System.out.println("Number of retired versions: " + newKey.getRetiredKeyVersions());
        System.out.println("Key Version: " + newKey.getKeyVersion() + "\n");
        // get key info for all versions of this key
        KeyInfoData[] infoData = newKey.getKeyInfoData(true);
        System.out.println("Key data for each version");
        for (KeyInfoData element : infoData) {
            System.out.println("Key version: " + element.getKeyVersion());
            System.out.println("Key fingerprint: " + element.getFingerprint());
            System.out.println("Key State: " + element.getKeyVersionState());
            System.out.println("Key iv: " + element.getDefaultIV() + "\n");
        }
        session.logEvent("Created versioned key.");
        // export all versions of this key
        KeyExportData[] keyData = newKey.export(true);
        System.out.println("Exported key data for each version");
        for (KeyExportData element : keyData) {
            System.out.println("Exported Key version: " + element.getKeyVersion());
            System.out.println("Exported Key fingerprint: " + element.getFingerprint());
            System.out.println("Exported Key data: " + element.getKeyData() + "\n");
        }
        // import the key back. we can import the key only as a non-versioned key.
        NAEParameterSpec spec_import = new NAEParameterSpec(keyName + "Import", true, true, session);
        NAEKey.importKey(IngrianProvider.hex2ByteArray(keyData[2].getKeyData()), "AES", spec_import);
        NAESecretKey importKey = NAEKey.getSecretKey(keyName + "Import", session);
        System.out.println("Imported key data; Key " + importKey.getName() + " was created on NAE Server.\n");
        // encrypt data with all key versions
        NAEKey allKey = NAEKey.getSecretKey(keyName + "#all", session);
        String dataToEncrypt = "2D2D2D2D2D424547494E2050455253495354454E54204346EB17960";
        System.out.println("Data to encrypt \"" + dataToEncrypt + "\"");
        // get IV
        NAESecureRandom rng = new NAESecureRandom(session);
        byte[] iv = new byte[16];
        rng.nextBytes(iv);
        IvParameterSpec ivSpec = new IvParameterSpec(iv);
        // get a cipher
        Cipher encryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "IngrianProvider");
        // initialize cipher to encrypt.
        encryptCipher.init(Cipher.ENCRYPT_MODE, allKey, ivSpec);
        // encrypt data
        // outbuf is an array of ciphertexts; the size of this array is number of key versions;
        // each ciphertext is the data encrypted by one version of the key:
        // result[0] is the data encrypted with the latest key version.
        byte[] outbuf = encryptCipher.doFinal(dataToEncrypt.getBytes());
        byte[][] result = IngrianProvider.encryptAllResult(outbuf);
        for (byte[] element : result) {
            System.out.println("Ciphertext " + IngrianProvider.byteArray2Hex(element));
        }
        Cipher decryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "IngrianProvider");
        // decrypt ciphertext
        // init cipher
        NAEKey dKey = NAEKey.getSecretKey(keyName, session);
        decryptCipher.init(Cipher.DECRYPT_MODE, dKey, ivSpec);
        // will use correct key version from cipher text header
        byte[] newbuf = decryptCipher.doFinal(result[0]);
        System.out.println("Decrypted data  \"" + new String(newbuf) + "\"");
    } catch (Exception e) {
        System.out.println("The Cause is " + e.getMessage() + ".");
        e.printStackTrace();
    } finally {
        if (session != null) {
            session.closeSession();
        }
    }
}
Also used : NAEParameterSpec(com.ingrian.security.nae.NAEParameterSpec) NAEPermission(com.ingrian.security.nae.NAEPermission) NAEKey(com.ingrian.security.nae.NAEKey) KeyExportData(com.ingrian.security.nae.KeyExportData) IngrianProvider(com.ingrian.security.nae.IngrianProvider) CustomAttributes(com.ingrian.security.nae.CustomAttributes) KeyInfoData(com.ingrian.security.nae.KeyInfoData) KeyGenerator(javax.crypto.KeyGenerator) Enumeration(java.util.Enumeration) NAESecureRandom(com.ingrian.security.nae.NAESecureRandom) Hashtable(java.util.Hashtable) NAESecretKey(com.ingrian.security.nae.NAESecretKey) Provider(java.security.Provider) IngrianProvider(com.ingrian.security.nae.IngrianProvider) SecretKey(javax.crypto.SecretKey) NAESecretKey(com.ingrian.security.nae.NAESecretKey) IvParameterSpec(javax.crypto.spec.IvParameterSpec) Cipher(javax.crypto.Cipher) NAESession(com.ingrian.security.nae.NAESession)

Aggregations

CustomAttributes (com.ingrian.security.nae.CustomAttributes)3 NAESession (com.ingrian.security.nae.NAESession)2 IngrianProvider (com.ingrian.security.nae.IngrianProvider)1 KeyExportData (com.ingrian.security.nae.KeyExportData)1 KeyInfoData (com.ingrian.security.nae.KeyInfoData)1 NAEKey (com.ingrian.security.nae.NAEKey)1 NAEParameterSpec (com.ingrian.security.nae.NAEParameterSpec)1 NAEPermission (com.ingrian.security.nae.NAEPermission)1 NAESecretKey (com.ingrian.security.nae.NAESecretKey)1 NAESecureRandom (com.ingrian.security.nae.NAESecureRandom)1 NAEUserModifyRequest (com.ingrian.security.nae.NAEUserModifyRequest)1 UserKeysDetail (com.ingrian.security.nae.UserKeysDetail)1 Provider (java.security.Provider)1 ArrayList (java.util.ArrayList)1 Enumeration (java.util.Enumeration)1 Hashtable (java.util.Hashtable)1 Cipher (javax.crypto.Cipher)1 KeyGenerator (javax.crypto.KeyGenerator)1 SecretKey (javax.crypto.SecretKey)1 IvParameterSpec (javax.crypto.spec.IvParameterSpec)1