Example 16 with KMIPAttributes
use of com.ingrian.security.nae.KMIPAttributes in project CipherTrust_Application_Protection by thalescpl-io.
the class KMIPSecretDataSample method main.
public static void main(String[] args) throws Exception {
if (args.length < 2) {
usage();
}
String keyName = args.length == 3 ? args[2] : "KMIPSecretData";
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
KMIPSession session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
try {
// generate the secret data (the bytes of a public key)
// For IBM Java, change the provider from "SUN/SunRsaSign" to "IBMJCE"
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA", "SunRsaSign");
SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN");
keyGen.initialize(1024, random);
KeyPair keyPair = keyGen.generateKeyPair();
PublicKey pub = keyPair.getPublic();
byte[] data = pub.getEncoded();
// create NAE Session: pass in Key Manager user name and password
// KMIPSession session = KMIPSession.getSession(new NAEClientCertificate( args[0], args[1]));
// create secret data managed object ParameterSpec
KMIPAttributes initialAttributes = new KMIPAttributes();
initialAttributes.add(KMIPAttribute.CryptographicUsageMask, (int) (UsageMask.Verify.getValue()));
NAEParameterSpec spec = new NAEParameterSpec(keyName, 1024, (KMIPAttributes) initialAttributes, session);
// create the secret data object as a KMIP secret data Password type
KMIPSecretData secretDataManagedObject = new KMIPSecretData(keyName, KMIPSecretData.SecretDataType.Password, session);
// register the secret data bytes
secretDataManagedObject.register(data, spec);
// now export() a copy of the secret data back from the Key Manager
byte[] exportedSecretData = secretDataManagedObject.export();
// compare the original and exported bytes
if ((exportedSecretData != null) && Arrays.equals(exportedSecretData, data))
System.out.println("Exported secret data equals original");
else {
System.out.println("Uh-oh!");
}
// print the bytes and close the session
System.out.println("original: " + TTLVUtil.toHexString(data));
System.out.println("exported: " + TTLVUtil.toHexString(exportedSecretData));
} catch (Exception e) {
System.out.println("The Cause is " + e.getMessage() + ".");
e.printStackTrace();
} finally {
if (session != null)
session.closeSession();
}
}
Also used :
KeyPair(java.security.KeyPair)
KMIPAttributes(com.ingrian.security.nae.KMIPAttributes)
NAEParameterSpec(com.ingrian.security.nae.NAEParameterSpec)
PublicKey(java.security.PublicKey)
SecureRandom(java.security.SecureRandom)
KMIPSecretData(com.ingrian.security.nae.KMIPSecretData)
KeyPairGenerator(java.security.KeyPairGenerator)
NAEClientCertificate(com.ingrian.security.nae.NAEClientCertificate)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
KMIPSession(com.ingrian.security.nae.KMIPSession)
Aggregations
IngrianProvider (com.ingrian.security.nae.IngrianProvider)16
KMIPAttributes (com.ingrian.security.nae.KMIPAttributes)16
KMIPSession (com.ingrian.security.nae.KMIPSession)16
NAEClientCertificate (com.ingrian.security.nae.NAEClientCertificate)16
NAEKey (com.ingrian.security.nae.NAEKey)10
NAEParameterSpec (com.ingrian.security.nae.NAEParameterSpec)9
KMIPSecretData (com.ingrian.security.nae.KMIPSecretData)8
NAEPrivateKey (com.ingrian.security.nae.NAEPrivateKey)8
NAEPublicKey (com.ingrian.security.nae.NAEPublicKey)8
NAEException (com.ingrian.security.nae.NAEException)7
NAESecretKey (com.ingrian.security.nae.NAESecretKey)7
KeyGenerator (javax.crypto.KeyGenerator)4
NAECertificate (com.ingrian.security.nae.NAECertificate)3
SecretKey (javax.crypto.SecretKey)3
KeyPair (java.security.KeyPair)2
KeyPairGenerator (java.security.KeyPairGenerator)2
PublicKey (java.security.PublicKey)2
Calendar (java.util.Calendar)2
Attribute (com.ingrian.internal.kmip.api.Attribute)1
ObjectTypes (com.ingrian.internal.kmip.api.ObjectType.ObjectTypes)1
