Search in sources :

Example 1 with KMIPTemplate

use of com.ingrian.security.nae.KMIPTemplate in project CipherTrust_Application_Protection by thalescpl-io.

the class KMIPCertLocateSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 3) {
        usage();
    }
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    KMIPSession session = null;
    try {
        // create NAE Session: pass in NAE Client Certificate clicnt key and keystore password
        session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
        // import the certificate
        NAEParameterSpec spec = new NAEParameterSpec(args[2], 1024, (KMIPAttributes) null, session);
        byte[] c = Hex.decodeHex(certBytes.toCharArray());
        NAECertificate.importCertificate(c, null, spec);
        // This set holds the managed object unique identifiers (UIDs)
        Set<String> managedObjectIdentifiers;
        // Locate managed objects with ObjectType Certificate and crypto length = 2048
        // and Issuer Distinguished Name = "CN=KMIP,OU=OASIS,O=TEST,C=US"
        // by adding the KMIPAttribute name and the value to a KMIPAttributes
        // object
        KMIPAttributes queryAttributes = new KMIPAttributes();
        queryAttributes.add(KMIPAttribute.CryptographicLength, 2048);
        queryAttributes.add(KMIPAttribute.ObjectType, ObjectType.ObjectTypes.Certificate);
        // Have the session locate the keys matching the queryAttributes:
        managedObjectIdentifiers = session.locate(queryAttributes);
        System.out.println("Managed objects with attributes rsa, 2048:");
        for (String uid : managedObjectIdentifiers) {
            System.out.println("Managed object Unique Identifier: " + uid);
            // get the objects as Java client NAEKeys or KMIPSecretData objects
            // (Note: Secret Data doesn't have KMIP attributes of
            // algorithm or length, and will not be found by this query,
            // but is included here for completeness.
            Object managedObject = session.getManagedObject(uid);
            if (managedObject instanceof KMIPTemplate)
                break;
            if (managedObject instanceof NAEPublicKey)
                System.out.println(((NAEPublicKey) managedObject).getName());
            else if (managedObject instanceof NAEPrivateKey)
                System.out.println(((NAEPrivateKey) managedObject).getName());
            else if (managedObject instanceof NAESecretKey)
                System.out.println(((NAESecretKey) managedObject).getName());
            else if (managedObject instanceof KMIPSecretData) {
                System.out.println(((KMIPSecretData) managedObject).getName());
            } else if (managedObject instanceof NAECertificate) {
                System.out.println("Object is a certificate");
                System.out.println(((NAECertificate) managedObject).getName());
            }
        }
    } catch (Exception e) {
        System.out.println("The Cause is " + e.getMessage() + ".");
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}
Also used : NAEParameterSpec(com.ingrian.security.nae.NAEParameterSpec) KMIPAttributes(com.ingrian.security.nae.KMIPAttributes) NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAESecretKey(com.ingrian.security.nae.NAESecretKey) NAECertificate(com.ingrian.security.nae.NAECertificate) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) KMIPSecretData(com.ingrian.security.nae.KMIPSecretData) NAEClientCertificate(com.ingrian.security.nae.NAEClientCertificate) IngrianProvider(com.ingrian.security.nae.IngrianProvider) KMIPSession(com.ingrian.security.nae.KMIPSession) KMIPTemplate(com.ingrian.security.nae.KMIPTemplate)

Aggregations

IngrianProvider (com.ingrian.security.nae.IngrianProvider)1 KMIPAttributes (com.ingrian.security.nae.KMIPAttributes)1 KMIPSecretData (com.ingrian.security.nae.KMIPSecretData)1 KMIPSession (com.ingrian.security.nae.KMIPSession)1 KMIPTemplate (com.ingrian.security.nae.KMIPTemplate)1 NAECertificate (com.ingrian.security.nae.NAECertificate)1 NAEClientCertificate (com.ingrian.security.nae.NAEClientCertificate)1 NAEParameterSpec (com.ingrian.security.nae.NAEParameterSpec)1 NAEPrivateKey (com.ingrian.security.nae.NAEPrivateKey)1 NAEPublicKey (com.ingrian.security.nae.NAEPublicKey)1 NAESecretKey (com.ingrian.security.nae.NAESecretKey)1