Examples with IngrianProvider com.ingrian.security.nae.IngrianProvider used on opensource projects

Example 6 with IngrianProvider

use of com.ingrian.security.nae.IngrianProvider in project CipherTrust_Application_Protection by thalescpl-io.

the class RSAEncryptionSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 3) {
        System.err.println("Usage: java RSAEncryptionSample user password keyname");
        System.exit(-1);
    }
    String username = args[0];
    String password = args[1];
    String keyName = args[2];
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    // get the list of all registered JCE providers
    Provider[] providers = Security.getProviders();
    for (Provider provider : providers) {
        System.out.println(provider.getInfo());
    }
    String dataToEncrypt = "dataToEncrypt";
    System.out.println("Data to encrypt \"" + dataToEncrypt + "\"");
    NAESession session = null;
    try {
        // create NAE Session: pass in NAE user name and password
        session = NAESession.getSession(username, password.toCharArray());
        // get RSA public key to encrypt data
        // (just a key handle , key data does not leave the Key Manager)
        NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
        // get a cipher
        Cipher encryptCipher = Cipher.getInstance("RSA", "IngrianProvider");
        // initialize cipher to encrypt.
        encryptCipher.init(Cipher.ENCRYPT_MODE, pubKey);
        // encrypt data
        byte[] outbuf = encryptCipher.doFinal(dataToEncrypt.getBytes());
        // get private key to decrypt data
        // (just a key handle , key data does not leave the Key Manager)
        NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
        // get a cipher for decryption
        Cipher decryptCipher = Cipher.getInstance("RSA", "IngrianProvider");
        // to decrypt data, initialize cipher to decrypt
        decryptCipher.init(Cipher.DECRYPT_MODE, privKey);
        // decrypt data
        byte[] newbuf = decryptCipher.doFinal(outbuf);
        System.out.println("Decrypted data  \"" + new String(newbuf) + "\"");
    } catch (Exception e) {
        e.printStackTrace();
        throw e;
    } finally {
        if (session != null) {
            // Close NAESession
            session.closeSession();
        }
    }
}

Example 7 with IngrianProvider

use of com.ingrian.security.nae.IngrianProvider in project CipherTrust_Application_Protection by thalescpl-io.

the class SignSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 3 && args.length != 4) {
        System.err.println("Usage: java SignSample user password keyname saltlength(optional)");
        System.exit(-1);
    }
    String username = args[0];
    String password = args[1];
    String keyName = args[2];
    PSSParameterSpec pssParameterSpec = null;
    // Get PSSParameterSpec passing the saltlenth, if provided
    if (args.length > 3)
        pssParameterSpec = new PSSParameterSpec(Integer.parseInt(args[3]));
    // data to sign
    byte[] data = "dataToSign".getBytes();
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    // get the list of all registered JCE providers
    Provider[] providers = Security.getProviders();
    for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
    NAESession session = null;
    try {
        // create NAE Session: pass in Key Manager user name and password
        session = NAESession.getSession(username, password.toCharArray());
        // Create Signature object
        Signature sig = Signature.getInstance("SHA256withRSAPSSPadding", "IngrianProvider");
        // Sign data
        // Get private key
        NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
        // Set the PSSParameterSpec in the Signature Object if saltlength is provided
        if (pssParameterSpec != null)
            sig.setParameter(pssParameterSpec);
        // Initialize Signature object for signing
        sig.initSign(privKey);
        sig.update(data);
        byte[] signature = sig.sign();
        // Verify signature
        // Get public key
        NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
        // Set the PSSParameterSpec in the Signature Object if saltlength is provided
        if (pssParameterSpec != null)
            sig.setParameter(pssParameterSpec);
        // Initialize Signature object for signature verification
        sig.initVerify(pubKey);
        sig.update(data);
        if (sig.verify(signature))
            System.out.println("Signature verified.");
        else
            System.out.println("Signature verification failed.");
    } catch (Exception e) {
        e.printStackTrace();
        throw e;
    } finally {
        if (session != null)
            // Close NAESession
            session.closeSession();
    }
}

Example 8 with IngrianProvider

use of com.ingrian.security.nae.IngrianProvider in project CipherTrust_Application_Protection by thalescpl-io.

the class CustomLoggerSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 3) {
        System.err.println("Usage: java CustomLoggerSample user password keyname");
        System.exit(-1);
    }
    String username = args[0];
    String password = args[1];
    String keyName = args[2];
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider(new JavaUtilLogger()));
    // get the list of all registered JCE providers
    Provider[] providers = Security.getProviders();
    for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
    String dataToMac = "2D2D2D2D2D424547494E2050455253495354454E54204346EB17960";
    System.out.println("Data to mac \"" + dataToMac + "\"");
    NAESession session = null;
    try {
        // create HMAC key on the Key Manager
        // create NAE Session: pass in Key Manager user name and password
        session = NAESession.getSession(username, password.toCharArray());
        // create key which is exportable and deletable,
        // key owner is passed in Key Manager user.
        // For HmacSHA1 key length 160 bits
        // For HmacSHA256 key length is 256 bits
        // For HmacSHA384 key length is 384 bits
        // For HmacSHA512 key length is 512 bits
        NAEParameterSpec spec = new NAEParameterSpec(keyName, true, true, 160, session);
        KeyGenerator kg = KeyGenerator.getInstance("HmacSHA1", "IngrianProvider");
        kg.init(spec);
        SecretKey secret_key = kg.generateKey();
        // get the handle to created key
        NAEKey key = NAEKey.getSecretKey(keyName, session);
        // create MAC instance to get the message authentication code
        Mac mac = Mac.getInstance("HmacSHA1", "IngrianProvider");
        mac.init(key);
        byte[] macValue = mac.doFinal(dataToMac.getBytes());
        // create MAC instance to verify the message authentication code
        Mac macV = Mac.getInstance("HmacSHA1Verify", "IngrianProvider");
        macV.init(key, new MACValue(macValue));
        byte[] result = macV.doFinal(dataToMac.getBytes());
        // check verification result
        if (result.length != 1 || result[0] != 1) {
            System.out.println("Invalid MAC.");
        } else {
            System.out.println("MAC Verified OK.");
        }
    } catch (Exception e) {
        System.out.println("The Cause is " + e.getMessage() + ".");
        throw e;
    } finally {
        if (session != null)
            session.closeSession();
    }
}

Example 9 with IngrianProvider

use of com.ingrian.security.nae.IngrianProvider in project CipherTrust_Application_Protection by thalescpl-io.

the class KMIPCreateAndEncryptSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 5) {
        usage();
    }
    String keyName = args[4];
    int keyLength = 256;
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    KMIPSession kmipSession = null;
    NAESession naeSession = null;
    try {
        // create KMIP Session - specify client X.509 certificate and keystore password
        kmipSession = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
        // create key custom attributes
        NAEKey key;
        try {
            /* does the key exist? if so, delete it */
            /* get..Key method is merely a placeholder for a managed object 
                * with that name. */
            key = NAEKey.getSecretKey(keyName, kmipSession);
            /* getUID() will throw an exception if the key does not exist */
            if (key.getUID() != null) {
                System.out.println("Deleting key " + keyName + " with UID=" + key.getUID());
                key.delete();
            }
        } catch (NAEException missing) {
            if (missing.getMessage().equals("Key not found on server.")) {
                System.out.println("Key did not exist");
            } else
                throw missing;
        }
        /* create a secret key using KMIP JCE key generator */
        KMIPAttributes initialAttributes = new KMIPAttributes();
        initialAttributes.add(KMIPAttribute.CryptographicUsageMask, (int) (UsageMask.Encrypt.getValue() | UsageMask.Decrypt.getValue()));
        Calendar c = Calendar.getInstance();
        initialAttributes.addDate(KMIPAttribute.ActivationDate, c);
        NAEParameterSpec spec = new NAEParameterSpec(keyName, keyLength, (KMIPAttributes) initialAttributes, kmipSession);
        KeyGenerator kg = KeyGenerator.getInstance("AES", "IngrianProvider");
        kg.init(spec);
        SecretKey secretKey = kg.generateKey();
        System.out.println("Created key " + ((NAEKey) secretKey).getName());
        /* Once created, you may operate on the KMIP key. For example, 
             * add a KMIP group attribute to the KMIP - not required, just include 
             * as a sample of KMIP operations on the key */
        KMIPAttributes ka = new KMIPAttributes();
        ka.add(KMIPAttribute.ObjectGroup, 0, "group1");
        secretKey = NAEKey.getSecretKey(keyName);
        NAESecretKey sk = NAEKey.getSecretKey(keyName, kmipSession);
        sk.addKMIPAttributes(ka);
        /* Now use the NAEKey created for encryption using an NAESession
             * to a Key Manager server. Essentially this is the same code as the
             * SecretKeyEncryptionSample.java program
             * Nothing new is required to use the KMIP-created key on the 
             * Key Manager server.
             */
        // create NAE XML Session: pass in NAE user name and password
        naeSession = NAESession.getSession(args[2], args[3].toCharArray());
        // Get SecretKey (just a handle to it, key data does not leave the server
        // Note: KMIP keys objects need to be re-retrieved on the XML session
        key = NAEKey.getSecretKey(keyName, naeSession);
        // get IV
        NAESecureRandom rng = new NAESecureRandom(naeSession);
        byte[] iv = new byte[16];
        rng.nextBytes(iv);
        IvParameterSpec ivSpec = new IvParameterSpec(iv);
        // get a cipher
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "IngrianProvider");
        // initialize cipher to encrypt.
        cipher.init(Cipher.ENCRYPT_MODE, key, ivSpec);
        String dataToEncrypt = "2D2D2D2D2D424547494E2050455253495354454E54204346EB17960";
        System.out.println("Data to encrypt \"" + dataToEncrypt + "\"");
        // encrypt data
        byte[] outbuf = cipher.doFinal(dataToEncrypt.getBytes());
        // to decrypt data, initialize cipher to decrypt
        cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
        // decrypt data
        byte[] newbuf = cipher.doFinal(outbuf);
        System.out.println("Decrypted data  \"" + new String(newbuf) + "\"");
    } catch (Exception e) {
        System.out.println("The Cause is " + e.getMessage() + ".");
        e.printStackTrace();
    } finally {
        if (kmipSession != null)
            kmipSession.closeSession();
        if (naeSession != null)
            naeSession.closeSession();
    }
}

Example 10 with IngrianProvider

use of com.ingrian.security.nae.IngrianProvider in project CipherTrust_Application_Protection by thalescpl-io.

the class KMIPDiscoverVersionSample method main.

public static void main(String[] args) {
    if (args.length != 2) {
        usage();
    }
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    // version array to check their support on Key Manager
    String[] checkversions = { "1.2", "1.3" };
    KMIPSession session = null;
    try {
        // initiate KMIP session
        session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
        String[] responsefromKS = session.KMIPDiscoverVersions(checkversions);
        if (null != responsefromKS && responsefromKS.length > 0)
            for (String version : responsefromKS) {
                System.out.println("version supported on Key Manager " + version);
            }
    } finally {
        session.closeSession();
    }
}