Search in sources :

Example 1 with KMIPBatchResults

use of com.ingrian.security.nae.KMIPBatchResults in project CipherTrust_Application_Protection by thalescpl-io.

the class KMIPBatchSample method main.

public static void main(String[] args) throws Exception {
    KMIPSession session = null;
    int keyLength = 256;
    if (args.length != 3) {
        usage();
    }
    String keyName = args[2];
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    try {
        // create KMIP Session - specify client X.509 certificate and keystore password
        session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
        // create key custom attributes
        session.startBatching();
        System.out.println("Batching set to " + session.isBatching());
        for (int i = 0; i < 10; i++) {
            /* create a secret key using JCE key generator */
            NAEParameterSpec spec = new NAEParameterSpec(keyName + "-" + i, keyLength, (KMIPAttributes) null, session);
            KeyGenerator kg = KeyGenerator.getInstance("AES", "IngrianProvider");
            kg.init(spec);
            kg.generateKey();
        }
        KMIPBatchResults kbr = session.flushBatch();
        for (KMIPBatchItemResult batchResult : kbr.values()) {
            if (batchResult.getStatus() == Statuses.Success) {
                System.out.println(batchResult.getOperation().getPrintName() + " : " + batchResult.getStatus().getPrintName());
                System.out.println("UIDs affected: " + batchResult.getUIDs());
            } else {
                System.out.println(batchResult.getOperation().getPrintName() + " OPERATION FAILED: " + batchResult.getStatusMessage());
            }
        }
        System.out.println("Batching set to " + session.isBatching());
        // the KMIPsession is now not in batching mode. KMIP Operations will be sent
        // to the server when the line of code is executed. Operations are shown
        // which add, modify, or delete attributes in one request, with the KMIP CADP for JAVA
        // session utilizing KMIP batching implicitly based on sets of UIDs
        KMIPAttributes queryAttributes = new KMIPAttributes();
        queryAttributes.add(KMIPAttribute.CryptographicAlgorithm, Algorithm.aes);
        queryAttributes.add(KMIPAttribute.CryptographicLength, 256);
        // Have the session locate the keys matching the queryAttributes:
        Set<String> managedObjectIdentifiers = session.locate(queryAttributes);
        // loop through the UIDs of the matching managed objects
        KMIPAttributes addAttrs = new KMIPAttributes();
        addAttrs.add(KMIPAttribute.ContactInformation, 0, "Contact Information");
        for (String uid : managedObjectIdentifiers) {
            System.out.println("Managed object Unique Identifier: " + uid);
            // get the objects as Java client NAEKeys or KMIPSecretData objects
            // (Note: Secret Data doesn't have KMIP attributes of
            // algorithm or length, and will not be found by this query,
            // but is included here for completeness.
            Object managedObject = session.getManagedObject(uid);
            if (managedObject instanceof NAESecretKey) {
                NAESecretKey nsk = (NAESecretKey) managedObject;
                nsk.refreshKMIPInfo();
                if (nsk.getName().startsWith("KMIPBatch")) {
                    System.out.println(((NAESecretKey) managedObject).getName());
                }
                nsk.addKMIPAttributes(addAttrs);
            }
        }
        waitForInput();
        KMIPAttributes modAttrs = new KMIPAttributes();
        modAttrs.add(KMIPAttribute.ContactInformation, 0, "Modified Contact Information");
        Set<String> modUIDs = session.modifyAllAttributes(managedObjectIdentifiers, modAttrs);
        System.out.println("Modified " + modUIDs.size() + " attributes in a single request.");
        waitForInput();
        Set<String> delUIDs = session.deleteAll(new ArrayList<String>(managedObjectIdentifiers));
        System.out.println("Deleted " + delUIDs.size() + " managed objects in a single request.");
    } catch (Exception e) {
        System.out.println("The Cause is " + e.getMessage() + ".");
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}
Also used : NAEParameterSpec(com.ingrian.security.nae.NAEParameterSpec) KMIPAttributes(com.ingrian.security.nae.KMIPAttributes) NAESecretKey(com.ingrian.security.nae.NAESecretKey) KMIPBatchItemResult(com.ingrian.security.nae.KMIPBatchItemResult) NAEClientCertificate(com.ingrian.security.nae.NAEClientCertificate) IOException(java.io.IOException) KMIPSession(com.ingrian.security.nae.KMIPSession) IngrianProvider(com.ingrian.security.nae.IngrianProvider) KMIPBatchResults(com.ingrian.security.nae.KMIPBatchResults) KeyGenerator(javax.crypto.KeyGenerator)

Aggregations

IngrianProvider (com.ingrian.security.nae.IngrianProvider)1 KMIPAttributes (com.ingrian.security.nae.KMIPAttributes)1 KMIPBatchItemResult (com.ingrian.security.nae.KMIPBatchItemResult)1 KMIPBatchResults (com.ingrian.security.nae.KMIPBatchResults)1 KMIPSession (com.ingrian.security.nae.KMIPSession)1 NAEClientCertificate (com.ingrian.security.nae.NAEClientCertificate)1 NAEParameterSpec (com.ingrian.security.nae.NAEParameterSpec)1 NAESecretKey (com.ingrian.security.nae.NAESecretKey)1 IOException (java.io.IOException)1 KeyGenerator (javax.crypto.KeyGenerator)1