Search in sources :

Example 1 with KMIPCertificateIssuer

use of com.ingrian.security.nae.KMIPCertificateIssuer in project CipherTrust_Application_Protection by thalescpl-io.

the class KMIPCertificateSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 3) {
        usage();
    }
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    KMIPSession session = null;
    try {
        // create NAE Session: pass in Key Manager user name and password
        session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
        // create certificate managed object ParameterSpec
        NAEParameterSpec spec = new NAEParameterSpec(args[2], 1024, (KMIPAttributes) null, session);
        // import the certificate
        byte[] c = Hex.decodeHex(certBytes.toCharArray());
        NAECertificate.importCertificate(c, null, spec);
        // query the certificate attributes via KMIP
        session.getUID(args[2]);
        Set<String> attrNames = session.listKMIPAttributes(args[2]);
        System.out.println("Attributes: " + attrNames);
        NAECertificate cert = new NAECertificate(args[2], session);
        KMIPAttributes getAttributes = new KMIPAttributes();
        getAttributes.add(KMIPAttribute.CertificateIdentifier);
        getAttributes.add(KMIPAttribute.ObjectType);
        getAttributes.add(KMIPAttribute.CertificateIssuer);
        getAttributes.add(KMIPAttribute.CertificateType);
        getAttributes.add(KMIPAttribute.CertificateSubject);
        KMIPAttributes gotAttributes = cert.getKMIPAttributes(getAttributes);
        KMIPCertificateIdentifier certIdentifier = gotAttributes.getCertificateIdentifier();
        KMIPCertificateSubject subject = gotAttributes.getCertificateSubject();
        KMIPCertificateTypes certType = gotAttributes.getCertificateType();
        KMIPCertificateIssuer issuer = gotAttributes.getCertificateIssuer();
        ObjectTypes ot = gotAttributes.getObjectType();
        if (ot != null) {
            System.out.println("Object Type KMIP Attribute: " + ot.getPrintName());
        } else {
            System.err.println("Object Type KMIP Attribute is null.");
        }
        if (certType != null) {
            System.out.println("Certificate Type KMIP Attribute: " + certType.getPrintName());
        } else {
            System.err.println("Certificate Type KMIP Attribute is null.");
        }
        if (certIdentifier == null) {
            System.err.println("Certificate Identifier KMIP Attribute is null.");
        } else {
            System.out.println("Certificate Identifier KMIP Attribute:");
            System.out.println("\tIssuer = " + certIdentifier.getIssuer());
            System.out.println("\tSerial Number" + certIdentifier.getSerialNumber());
        }
        if (issuer == null) {
            System.err.println("Certificate Issuer is null.");
        } else {
            System.out.println("Certificate Issuer:");
            System.out.println("\tIssuer Distinguished Name = " + issuer.getCertificateIssuerDistinguishedName());
            if (issuer.getCertificateIssuerAlternativeName() != null) {
                System.out.println("\tIssuer Alternative Name = " + issuer.getCertificateIssuerAlternativeName());
            }
        }
        if (subject == null) {
            System.err.println("Certificate Subject is null.");
        } else {
            System.out.println("Certificate Subject:");
            System.out.println("\tSubject Distinguished Name = " + subject.getCertificateSubjectDistinguishedName());
            if (subject.getCertificateSubjectAlternativeName() != null) {
                System.out.println("\tSubject Alternative Name = " + subject.getCertificateSubjectAlternativeName());
            }
        }
        // now export() a copy of the certificate back from the Key Manager
        byte[] exportedCert = cert.certificateExport();
        // compare the original and exported bytes
        if ((exportedCert != null) && Arrays.equals(Hex.decodeHex(certBytes.toCharArray()), exportedCert))
            System.out.println("Exported Certificate material equals original");
        else {
            System.out.println("Uh-oh!");
        }
        // print the bytes
        System.out.println("original: " + certBytes.toUpperCase());
        System.out.println("exported: " + TTLVUtil.toHexString(exportedCert));
        // delete the test cert and close the session
        cert.delete();
    } catch (Exception e) {
        System.out.println("The Cause is " + e.getMessage() + ".");
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}
Also used : NAEParameterSpec(com.ingrian.security.nae.NAEParameterSpec) KMIPAttributes(com.ingrian.security.nae.KMIPAttributes) KMIPCertificateIssuer(com.ingrian.security.nae.KMIPCertificateIssuer) NAECertificate(com.ingrian.security.nae.NAECertificate) KMIPCertificateIdentifier(com.ingrian.security.nae.KMIPCertificateIdentifier) KMIPCertificateTypes(com.ingrian.security.nae.KMIPCertificateTypes) ObjectTypes(com.ingrian.internal.kmip.api.ObjectType.ObjectTypes) NAEClientCertificate(com.ingrian.security.nae.NAEClientCertificate) IngrianProvider(com.ingrian.security.nae.IngrianProvider) KMIPSession(com.ingrian.security.nae.KMIPSession) KMIPCertificateSubject(com.ingrian.security.nae.KMIPCertificateSubject)

Aggregations

ObjectTypes (com.ingrian.internal.kmip.api.ObjectType.ObjectTypes)1 IngrianProvider (com.ingrian.security.nae.IngrianProvider)1 KMIPAttributes (com.ingrian.security.nae.KMIPAttributes)1 KMIPCertificateIdentifier (com.ingrian.security.nae.KMIPCertificateIdentifier)1 KMIPCertificateIssuer (com.ingrian.security.nae.KMIPCertificateIssuer)1 KMIPCertificateSubject (com.ingrian.security.nae.KMIPCertificateSubject)1 KMIPCertificateTypes (com.ingrian.security.nae.KMIPCertificateTypes)1 KMIPSession (com.ingrian.security.nae.KMIPSession)1 NAECertificate (com.ingrian.security.nae.NAECertificate)1 NAEClientCertificate (com.ingrian.security.nae.NAEClientCertificate)1 NAEParameterSpec (com.ingrian.security.nae.NAEParameterSpec)1