use of com.ingrian.security.nae.IngrianProvider in project CipherTrust_Application_Protection by thalescpl-io.
the class RSAEncryptionSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 3) {
System.err.println("Usage: java RSAEncryptionSample user password keyname");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
// get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (Provider provider : providers) {
System.out.println(provider.getInfo());
}
String dataToEncrypt = "dataToEncrypt";
System.out.println("Data to encrypt \"" + dataToEncrypt + "\"");
NAESession session = null;
try {
// create NAE Session: pass in NAE user name and password
session = NAESession.getSession(username, password.toCharArray());
// get RSA public key to encrypt data
// (just a key handle , key data does not leave the Key Manager)
NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
// get a cipher
Cipher encryptCipher = Cipher.getInstance("RSA", "IngrianProvider");
// initialize cipher to encrypt.
encryptCipher.init(Cipher.ENCRYPT_MODE, pubKey);
// encrypt data
byte[] outbuf = encryptCipher.doFinal(dataToEncrypt.getBytes());
// get private key to decrypt data
// (just a key handle , key data does not leave the Key Manager)
NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
// get a cipher for decryption
Cipher decryptCipher = Cipher.getInstance("RSA", "IngrianProvider");
// to decrypt data, initialize cipher to decrypt
decryptCipher.init(Cipher.DECRYPT_MODE, privKey);
// decrypt data
byte[] newbuf = decryptCipher.doFinal(outbuf);
System.out.println("Decrypted data \"" + new String(newbuf) + "\"");
} catch (Exception e) {
e.printStackTrace();
throw e;
} finally {
if (session != null) {
// Close NAESession
session.closeSession();
}
}
}
use of com.ingrian.security.nae.IngrianProvider in project CipherTrust_Application_Protection by thalescpl-io.
the class SignSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 3 && args.length != 4) {
System.err.println("Usage: java SignSample user password keyname saltlength(optional)");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
PSSParameterSpec pssParameterSpec = null;
// Get PSSParameterSpec passing the saltlenth, if provided
if (args.length > 3)
pssParameterSpec = new PSSParameterSpec(Integer.parseInt(args[3]));
// data to sign
byte[] data = "dataToSign".getBytes();
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
// get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
NAESession session = null;
try {
// create NAE Session: pass in Key Manager user name and password
session = NAESession.getSession(username, password.toCharArray());
// Create Signature object
Signature sig = Signature.getInstance("SHA256withRSAPSSPadding", "IngrianProvider");
// Sign data
// Get private key
NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
// Set the PSSParameterSpec in the Signature Object if saltlength is provided
if (pssParameterSpec != null)
sig.setParameter(pssParameterSpec);
// Initialize Signature object for signing
sig.initSign(privKey);
sig.update(data);
byte[] signature = sig.sign();
// Verify signature
// Get public key
NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
// Set the PSSParameterSpec in the Signature Object if saltlength is provided
if (pssParameterSpec != null)
sig.setParameter(pssParameterSpec);
// Initialize Signature object for signature verification
sig.initVerify(pubKey);
sig.update(data);
if (sig.verify(signature))
System.out.println("Signature verified.");
else
System.out.println("Signature verification failed.");
} catch (Exception e) {
e.printStackTrace();
throw e;
} finally {
if (session != null)
// Close NAESession
session.closeSession();
}
}
use of com.ingrian.security.nae.IngrianProvider in project CipherTrust_Application_Protection by thalescpl-io.
the class CustomLoggerSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 3) {
System.err.println("Usage: java CustomLoggerSample user password keyname");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider(new JavaUtilLogger()));
// get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
String dataToMac = "2D2D2D2D2D424547494E2050455253495354454E54204346EB17960";
System.out.println("Data to mac \"" + dataToMac + "\"");
NAESession session = null;
try {
// create HMAC key on the Key Manager
// create NAE Session: pass in Key Manager user name and password
session = NAESession.getSession(username, password.toCharArray());
// create key which is exportable and deletable,
// key owner is passed in Key Manager user.
// For HmacSHA1 key length 160 bits
// For HmacSHA256 key length is 256 bits
// For HmacSHA384 key length is 384 bits
// For HmacSHA512 key length is 512 bits
NAEParameterSpec spec = new NAEParameterSpec(keyName, true, true, 160, session);
KeyGenerator kg = KeyGenerator.getInstance("HmacSHA1", "IngrianProvider");
kg.init(spec);
SecretKey secret_key = kg.generateKey();
// get the handle to created key
NAEKey key = NAEKey.getSecretKey(keyName, session);
// create MAC instance to get the message authentication code
Mac mac = Mac.getInstance("HmacSHA1", "IngrianProvider");
mac.init(key);
byte[] macValue = mac.doFinal(dataToMac.getBytes());
// create MAC instance to verify the message authentication code
Mac macV = Mac.getInstance("HmacSHA1Verify", "IngrianProvider");
macV.init(key, new MACValue(macValue));
byte[] result = macV.doFinal(dataToMac.getBytes());
// check verification result
if (result.length != 1 || result[0] != 1) {
System.out.println("Invalid MAC.");
} else {
System.out.println("MAC Verified OK.");
}
} catch (Exception e) {
System.out.println("The Cause is " + e.getMessage() + ".");
throw e;
} finally {
if (session != null)
session.closeSession();
}
}
use of com.ingrian.security.nae.IngrianProvider in project CipherTrust_Application_Protection by thalescpl-io.
the class KMIPCreateAndEncryptSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 5) {
usage();
}
String keyName = args[4];
int keyLength = 256;
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
KMIPSession kmipSession = null;
NAESession naeSession = null;
try {
// create KMIP Session - specify client X.509 certificate and keystore password
kmipSession = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
// create key custom attributes
NAEKey key;
try {
/* does the key exist? if so, delete it */
/* get..Key method is merely a placeholder for a managed object
* with that name. */
key = NAEKey.getSecretKey(keyName, kmipSession);
/* getUID() will throw an exception if the key does not exist */
if (key.getUID() != null) {
System.out.println("Deleting key " + keyName + " with UID=" + key.getUID());
key.delete();
}
} catch (NAEException missing) {
if (missing.getMessage().equals("Key not found on server.")) {
System.out.println("Key did not exist");
} else
throw missing;
}
/* create a secret key using KMIP JCE key generator */
KMIPAttributes initialAttributes = new KMIPAttributes();
initialAttributes.add(KMIPAttribute.CryptographicUsageMask, (int) (UsageMask.Encrypt.getValue() | UsageMask.Decrypt.getValue()));
Calendar c = Calendar.getInstance();
initialAttributes.addDate(KMIPAttribute.ActivationDate, c);
NAEParameterSpec spec = new NAEParameterSpec(keyName, keyLength, (KMIPAttributes) initialAttributes, kmipSession);
KeyGenerator kg = KeyGenerator.getInstance("AES", "IngrianProvider");
kg.init(spec);
SecretKey secretKey = kg.generateKey();
System.out.println("Created key " + ((NAEKey) secretKey).getName());
/* Once created, you may operate on the KMIP key. For example,
* add a KMIP group attribute to the KMIP - not required, just include
* as a sample of KMIP operations on the key */
KMIPAttributes ka = new KMIPAttributes();
ka.add(KMIPAttribute.ObjectGroup, 0, "group1");
secretKey = NAEKey.getSecretKey(keyName);
NAESecretKey sk = NAEKey.getSecretKey(keyName, kmipSession);
sk.addKMIPAttributes(ka);
/* Now use the NAEKey created for encryption using an NAESession
* to a Key Manager server. Essentially this is the same code as the
* SecretKeyEncryptionSample.java program
* Nothing new is required to use the KMIP-created key on the
* Key Manager server.
*/
// create NAE XML Session: pass in NAE user name and password
naeSession = NAESession.getSession(args[2], args[3].toCharArray());
// Get SecretKey (just a handle to it, key data does not leave the server
// Note: KMIP keys objects need to be re-retrieved on the XML session
key = NAEKey.getSecretKey(keyName, naeSession);
// get IV
NAESecureRandom rng = new NAESecureRandom(naeSession);
byte[] iv = new byte[16];
rng.nextBytes(iv);
IvParameterSpec ivSpec = new IvParameterSpec(iv);
// get a cipher
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "IngrianProvider");
// initialize cipher to encrypt.
cipher.init(Cipher.ENCRYPT_MODE, key, ivSpec);
String dataToEncrypt = "2D2D2D2D2D424547494E2050455253495354454E54204346EB17960";
System.out.println("Data to encrypt \"" + dataToEncrypt + "\"");
// encrypt data
byte[] outbuf = cipher.doFinal(dataToEncrypt.getBytes());
// to decrypt data, initialize cipher to decrypt
cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
// decrypt data
byte[] newbuf = cipher.doFinal(outbuf);
System.out.println("Decrypted data \"" + new String(newbuf) + "\"");
} catch (Exception e) {
System.out.println("The Cause is " + e.getMessage() + ".");
e.printStackTrace();
} finally {
if (kmipSession != null)
kmipSession.closeSession();
if (naeSession != null)
naeSession.closeSession();
}
}
use of com.ingrian.security.nae.IngrianProvider in project CipherTrust_Application_Protection by thalescpl-io.
the class KMIPDiscoverVersionSample method main.
public static void main(String[] args) {
if (args.length != 2) {
usage();
}
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
// version array to check their support on Key Manager
String[] checkversions = { "1.2", "1.3" };
KMIPSession session = null;
try {
// initiate KMIP session
session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
String[] responsefromKS = session.KMIPDiscoverVersions(checkversions);
if (null != responsefromKS && responsefromKS.length > 0)
for (String version : responsefromKS) {
System.out.println("version supported on Key Manager " + version);
}
} finally {
session.closeSession();
}
}
Aggregations