Search in sources :

Example 21 with IngrianProvider

use of com.ingrian.security.nae.IngrianProvider in project CipherTrust_Application_Protection by thalescpl-io.

the class KeyPermissionsSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 4) {
        System.err.println("Usage: java KeyPermissionsSample user password keyname group");
        System.exit(-1);
    }
    String username = args[0];
    String password = args[1];
    String keyName = args[2];
    String group = args[3];
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    // get the list of all registered JCE providers
    Provider[] providers = Security.getProviders();
    for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
    NAESession session = null;
    try {
        // create NAE Session: pass in NAE user name and password
        session = NAESession.getSession(username, password.toCharArray());
        // set the key permissions to the set of permissions granted to NAE group.
        NAEPermission permission = new NAEPermission(group);
        // add permission to encrypt
        permission.setEncrypt(true);
        // add permission to decrypt
        permission.setDecrypt(true);
        NAEPermission[] permissions = { permission };
        // set permission for encryption decryption
        // use builder pattern to make key exportable & versioned ,deletable
        NAEParameterSpec naeParamSpec = new NAEParameterSpec.Builder(keyName).withSession(session).permissions(permissions).deletable(true).exportable(true).versioned(true).keylength(256).build();
        KeyGenerator kg = KeyGenerator.getInstance("AES", "IngrianProvider");
        kg.init(naeParamSpec);
        kg.generateKey();
        // retreive permissions for that key
        List<NAEPermission> linkedPermissions = NAEKey.getKeyPermissions(session, keyName);
        for (NAEPermission naePermission : linkedPermissions) {
            System.out.println(naePermission);
        }
    } catch (Exception e) {
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}
Also used : NAEParameterSpec(com.ingrian.security.nae.NAEParameterSpec) NAEPermission(com.ingrian.security.nae.NAEPermission) IngrianProvider(com.ingrian.security.nae.IngrianProvider) IngrianProvider(com.ingrian.security.nae.IngrianProvider) Provider(java.security.Provider) KeyGenerator(javax.crypto.KeyGenerator) NAESession(com.ingrian.security.nae.NAESession)

Example 22 with IngrianProvider

use of com.ingrian.security.nae.IngrianProvider in project CipherTrust_Application_Protection by thalescpl-io.

the class CMSSignSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 4) {
        System.err.println("Usage: java CMSSignSample user password keyname caName");
        System.exit(-1);
    }
    String username = args[0];
    String password = args[1];
    String keyName = args[2];
    String caName = args[3];
    // data to sign
    byte[] data = "dataToSign".getBytes();
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    // get the list of all registered JCE providers
    Provider[] providers = Security.getProviders();
    for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
    NAESession session = null;
    try {
        // create NAE Session: pass in Key Manager user name and password
        session = NAESession.getSession(username, password.toCharArray());
        // Create Signature object
        Signature sig = Signature.getInstance("SHA1withRSA", "IngrianProvider");
        SignVerifySpec signVerifySpec = new SignVerifySpec(new Format("cms/detached/smime/enveloped"), new CertList(caName));
        sig.setParameter((AlgorithmParameterSpec) signVerifySpec);
        // Sign data
        // Get private key
        NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
        // Initialize Signature object for signing
        sig.initSign(privKey);
        sig.update(data);
        byte[] signature = sig.sign();
        // Verify signature
        // Get public key
        NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
        // Initialize Signature object for signature verification
        sig.initVerify(pubKey);
        sig.update(data);
        if (sig.verify(signature))
            System.out.println("Signature verified.");
        else
            System.out.println("Signature verification failed.");
        // close NAE session
        session.closeSession();
    } catch (Exception e) {
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}
Also used : NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) IngrianProvider(com.ingrian.security.nae.IngrianProvider) IngrianProvider(com.ingrian.security.nae.IngrianProvider) Provider(java.security.Provider) CertList(com.ingrian.security.nae.CertList) SignVerifySpec(com.ingrian.security.nae.SignVerifySpec) Format(com.ingrian.security.nae.Format) Signature(java.security.Signature) NAESession(com.ingrian.security.nae.NAESession)

Example 23 with IngrianProvider

use of com.ingrian.security.nae.IngrianProvider in project CipherTrust_Application_Protection by thalescpl-io.

the class CryptoTool method main.

/**
 * Main routine. First it builds a hash table of parameter values.
 * Then from this hash table, it retrieves all the necessary
 * parameters. Based on the operation specified by the user, the
 * appropriate functions are called.
 */
public static void main(String[] args) throws Exception {
    Map<String, String> arguments;
    // check parameter lengths, etc.
    if (args.length > 0 && args[0].equals(HELP)) {
        printUsage();
        System.exit(0);
    }
    if ((arguments = buildArguments(args)) == null) {
        printErrorAndExit();
    }
    // retrieve IP, port number and protocol
    String ip = (String) arguments.get(IP);
    if (ip != null) {
        System.setProperty("com.ingrian.security.nae.NAE_IP.1", ip);
    }
    String port = (String) arguments.get(PORT);
    if (port != null) {
        System.setProperty("com.ingrian.security.nae.NAE_Port", port);
    }
    String protocol = (String) arguments.get(PROTOCOL);
    if (protocol != null) {
        System.setProperty("com.ingrian.security.nae.Protocol", protocol);
    }
    java.security.Security.addProvider(new IngrianProvider());
    // get input stream
    is = getInputStream(arguments);
    if (is == null) {
        printErrorAndExit();
    }
    // get output stream
    os = getOutputStream(arguments);
    if (os == null) {
        printErrorAndExit();
    }
    // get operation
    int operation = getOperation(args[0]);
    if (operation < 0) {
        printErrorAndExit();
    }
    // get the rest of the parameters..
    String keyName = getKeyName(arguments);
    String algName = getAlgorithmName(arguments);
    String auth = getAuth(arguments);
    // String dbauth = getDBAuth(arguments);
    int keySize = getKeySize(arguments);
    boolean exportable = getExportable(arguments);
    boolean deletable = getDeletable(arguments);
    String inFile = (String) arguments.get(INFILE);
    String outFile = (String) arguments.get(OUTFILE);
    // create NAE session using the user name and
    // password passed in as parameters.
    NAESession session = null;
    String user = null;
    String passwd = null;
    if (auth != null) {
        int colon = auth.indexOf(':');
        if (colon < 1 || colon == (auth.length() - 1)) {
            System.err.println("Invalid -auth argument");
            printErrorAndExit();
        }
        user = auth.substring(0, colon);
        passwd = auth.substring(colon + 1, auth.length());
        if (knownOperations.get(args[0]) != null)
            session = NAESession.getSession(user, passwd.toCharArray());
    }
    // get IV, signature and MAC if available
    byte[] iv = getIV(arguments);
    byte[] signature = getSignature(arguments);
    byte[] mac = getMAC(arguments);
    boolean result = false;
    // parameters for GCM
    String authTagLength = getAuthtaglength(arguments);
    String aad = getAad(arguments);
    String tweakData = getTweakdata(arguments);
    String tweakAlgo = getTweakalgo(arguments);
    // the operation specified by the user.
    try {
        switch(operation) {
            case ENCRYPTINT:
                if (algName.toUpperCase().startsWith("FPE"))
                    result = doEncryptFPE(keyName, algName, iv, session, tweakData, tweakAlgo);
                else if (algName.toUpperCase().contains("GCM"))
                    result = doEncryptGCM(keyName, algName, iv, session, authTagLength, aad, inFile, outFile);
                else
                    result = doEncrypt(keyName, algName, iv, session, outFile);
                break;
            case DECRYPTINT:
                if (algName.toUpperCase().startsWith("FPE"))
                    result = doDecryptFPE(keyName, algName, iv, session, tweakData, tweakAlgo);
                else if (algName.toUpperCase().contains("GCM"))
                    result = doDecryptGCM(keyName, algName, iv, session, authTagLength, aad, inFile, outFile);
                else
                    result = doDecrypt(keyName, algName, iv, session, outFile);
                break;
            case MACINT:
                result = doMAC(keyName, algName, session);
                break;
            case MACVINT:
                result = doMACV(keyName, algName, mac, session);
                break;
            case SIGNINT:
                result = doSign(keyName, algName, session);
                break;
            case SIGNVINT:
                result = doSignV(keyName, algName, signature, session);
                break;
            case GENERATEINT:
                result = doGenerate(keyName, algName, session, exportable, deletable, keySize);
                break;
            case DELETEINT:
                result = doDelete(keyName, session);
                break;
            case IMPORTINT:
                result = doImport(keyName, algName, session, exportable, deletable, keySize);
                break;
            case EXPORTINT:
                result = doExport(keyName, session);
                break;
            case LISTINT:
                result = doList(session);
                break;
            default:
                System.err.println("Invalid operation");
        }
        // if operation failed, print error message.
        if (!result) {
            printErrorAndExit();
        }
    } catch (Exception e) {
        System.out.println("Exception occurred : " + e.getMessage());
    } finally {
        if (os != null) {
            os.flush();
            os.close();
        }
        if (inputscanner != null)
            inputscanner.close();
        if (is != null)
            is.close();
        if (session != null && !session.isClosed())
            session.closeSession();
    }
}
Also used : NAESession(com.ingrian.security.nae.NAESession) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NAEException(com.ingrian.security.nae.NAEException) IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) IngrianProvider(com.ingrian.security.nae.IngrianProvider)

Example 24 with IngrianProvider

use of com.ingrian.security.nae.IngrianProvider in project CipherTrust_Application_Protection by thalescpl-io.

the class ECCEncryptionSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 3) {
        System.err.println("Usage: java ECCEncryptionSample user password keyname");
        System.exit(-1);
    }
    String userName = args[0];
    String password = args[1];
    String keyName = args[2];
    // Add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    // Get the list of all registered JCE providers
    Provider[] providers = Security.getProviders();
    for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
    String dataToEncrypt = "qwerty";
    String algo = "ECIESwithSHA256AES/CBC/PKCS5Padding";
    String provider = "IngrianProvider";
    NAEKey pubKey = null;
    System.out.println("DataToEncrypt = " + dataToEncrypt);
    NAESession session = null;
    try {
        // Creates NAESession: pass in NAE user and password
        session = NAESession.getSession(userName, password.toCharArray());
        // Creates the IvParameterSpec object
        IvParameterSpec ivSpec = new IvParameterSpec("1234567812345678".getBytes());
        // Gets public key to encrypt data (just a key handle , key data does not leave the Key Manager)
        pubKey = NAEKey.getPublicKey(keyName, session);
        // Creates a encryption cipher
        Cipher encryptCipher = Cipher.getInstance(algo, provider);
        // Initializes the cipher to encrypt the data
        encryptCipher.init(Cipher.ENCRYPT_MODE, pubKey, ivSpec);
        // Encrypt data
        byte[] encryptedText = encryptCipher.doFinal(dataToEncrypt.getBytes());
        System.out.println("Encrypted Text: " + IngrianProvider.byteArray2Hex(encryptedText));
        // Creates a decryption cipher object
        Cipher decryptCipher = Cipher.getInstance(algo, provider);
        // Get private key to decrypt data (just a key handle , key data does not leave the Key Manager)
        NAEKey privKey = NAEKey.getPrivateKey(keyName, session);
        // Initializes the cipher to decrypt data
        decryptCipher.init(Cipher.DECRYPT_MODE, privKey, ivSpec);
        // Decrypt data
        byte[] decryptedText = decryptCipher.doFinal(encryptedText);
        System.out.println("Decrypted text: " + IngrianProvider.toString(decryptedText));
    } catch (Exception e) {
        e.printStackTrace();
        throw e;
    } finally {
        if (session != null)
            // Close NAESession
            session.closeSession();
    }
}
Also used : NAEKey(com.ingrian.security.nae.NAEKey) IvParameterSpec(javax.crypto.spec.IvParameterSpec) Cipher(javax.crypto.Cipher) NAESession(com.ingrian.security.nae.NAESession) IngrianProvider(com.ingrian.security.nae.IngrianProvider) IngrianProvider(com.ingrian.security.nae.IngrianProvider) Provider(java.security.Provider)

Example 25 with IngrianProvider

use of com.ingrian.security.nae.IngrianProvider in project CipherTrust_Application_Protection by thalescpl-io.

the class FileEncryptionDecryptionSampleUsingRSA method main.

public static void main(String[] args) throws Exception {
    if (args.length != 6) {
        System.err.println("Usage: java FileEncryptionDecryptionSampleUsingRSA userName password asymKeyName fileToEncrypt encryptedFile decryptedFile");
        System.exit(-1);
    }
    String userName = args[0];
    String password = args[1];
    String asymKeyName = args[2];
    String fileToEncrypt = args[3];
    String encryptedFile = args[4];
    String decryptedFile = args[5];
    // Add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    NAESession session = null;
    try {
        // Creates NAE Session and pass in NAE userName and password
        session = NAESession.getSession(userName, password.toCharArray());
        // Creates NAEPublicKey object
        NAEPublicKey asymPubKey = NAEKey.getPublicKey(asymKeyName, session);
        // Get NAESecureRandom object
        NAESecureRandom rng = new NAESecureRandom(session);
        performEncryption(fileToEncrypt, encryptedFile, asymPubKey, rng);
        // Creates NAEPrivateKey object
        NAEPrivateKey asymPrivKey = NAEKey.getPrivateKey(asymKeyName, session);
        performDecryption(encryptedFile, decryptedFile, asymPrivKey);
    } catch (Exception e) {
        System.err.println("The Cause is " + e.getMessage() + ".");
        throw e;
    } finally {
        if (session != null) {
            // Close NAESession
            session.closeSession();
        }
    }
}
Also used : NAESecureRandom(com.ingrian.security.nae.NAESecureRandom) NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) NAESession(com.ingrian.security.nae.NAESession) IngrianProvider(com.ingrian.security.nae.IngrianProvider)

Aggregations

IngrianProvider (com.ingrian.security.nae.IngrianProvider)45 NAESession (com.ingrian.security.nae.NAESession)27 NAEKey (com.ingrian.security.nae.NAEKey)25 KMIPSession (com.ingrian.security.nae.KMIPSession)19 NAEClientCertificate (com.ingrian.security.nae.NAEClientCertificate)19 Provider (java.security.Provider)19 NAEParameterSpec (com.ingrian.security.nae.NAEParameterSpec)17 NAEPrivateKey (com.ingrian.security.nae.NAEPrivateKey)17 NAEPublicKey (com.ingrian.security.nae.NAEPublicKey)17 KMIPAttributes (com.ingrian.security.nae.KMIPAttributes)16 KeyGenerator (javax.crypto.KeyGenerator)11 Cipher (javax.crypto.Cipher)10 NAEException (com.ingrian.security.nae.NAEException)9 KMIPSecretData (com.ingrian.security.nae.KMIPSecretData)8 NAESecretKey (com.ingrian.security.nae.NAESecretKey)8 SecretKey (javax.crypto.SecretKey)8 IvParameterSpec (javax.crypto.spec.IvParameterSpec)7 NAESecureRandom (com.ingrian.security.nae.NAESecureRandom)6 KeyPair (java.security.KeyPair)6 NAEPermission (com.ingrian.security.nae.NAEPermission)5