Example 1 with NAEKey
use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.
the class AESGCMUpdateSample method main.
public static void main(String[] args) {
if (args.length != 7) {
System.err.println("Usage: java AESGCMUpdateSample user password keyname " + "authTagLength iv aad data");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
int authTagLength = Integer.parseInt(args[3]);
String iv = args[4];
String aad = args[5];
String data = args[6];
/**
* Note: For AES-GCM algorithm, same combination of nonce (IV) and key must not be reused
* during encryption/decryption operations.
*/
byte[] ivBytes = IngrianProvider.hex2ByteArray(iv);
byte[] aadBytes = IngrianProvider.hex2ByteArray(aad);
byte[] dataBytes = data.getBytes();
System.out.println("iv: " + IngrianProvider.byteArray2Hex(ivBytes));
System.out.println("AAD: " + IngrianProvider.byteArray2Hex(aadBytes));
NAESession session = null;
try {
session = NAESession.getSession(username, password.toCharArray(), "hello".toCharArray());
NAEKey key = NAEKey.getSecretKey(keyName, session);
GCMParameterSpec encSpec = new GCMParameterSpec(authTagLength, ivBytes, aadBytes);
Cipher encryptCipher = NAECipher.getNAECipherInstance("AES/GCM/NoPadding", "IngrianProvider");
encryptCipher.init(Cipher.ENCRYPT_MODE, key, encSpec);
byte[] encryptdoFinal = null, encryptUpdate = null, encryptedText;
encryptUpdate = encryptCipher.update(dataBytes);
encryptdoFinal = encryptCipher.doFinal();
if (encryptUpdate == null)
encryptedText = encryptdoFinal;
else
encryptedText = ArrayUtils.addAll(encryptUpdate, encryptdoFinal);
System.out.println("Encrypt: " + IngrianProvider.byteArray2Hex(encryptedText));
GCMParameterSpec decSpec = new GCMParameterSpec(authTagLength, ivBytes, aadBytes);
decSpec.setAuthTag(encSpec.getAuthTag());
byte[] decryptdoFinal = null, decryptUpdate = null, decryptedText;
Cipher decryptCipher = NAECipher.getNAECipherInstance("AES/GCM/NoPadding", "IngrianProvider");
decryptCipher.init(Cipher.DECRYPT_MODE, key, decSpec);
decryptUpdate = decryptCipher.update(encryptedText);
decryptdoFinal = decryptCipher.doFinal();
if (decryptUpdate == null)
decryptedText = decryptdoFinal;
else
decryptedText = ArrayUtils.addAll(decryptUpdate, decryptdoFinal);
System.out.println("data: " + new String(decryptedText));
} catch (Exception e) {
e.printStackTrace();
} finally {
// releasing session
if (session != null) {
session.closeSession();
}
}
}
Also used :
NAEKey(com.ingrian.security.nae.NAEKey)
GCMParameterSpec(com.ingrian.security.nae.GCMParameterSpec)
NAECipher(com.ingrian.security.nae.NAECipher)
Cipher(javax.crypto.Cipher)
NAESession(com.ingrian.security.nae.NAESession)
Example 2 with NAEKey
use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.
the class FF1EncryptionDecryptionSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 5) {
System.err.println("Usage: java FF1EncryptionDecryptionSample user password keyname TweakAlgorithm(Optional) TweakData(Optional)");
System.err.println("Mention null for optional parameter if you don't want to pass it");
/*
* Usage: keyname Supports AES Non-versioned key
* Usage: TweakAlgorithm(Optional) must be from SHA1, SHA256 or None
* Usage: TweakData(Optional) If, tweak data algorithm is 'None' or absent,
the value must be HEX encoded string. In case of valid tweak Algorithm,
the tweak data value can be any ASCII string (not necessarily HEX).
Tweak Data is generated using Tweak Hash Algorithm.
*/
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
String tweakAlgo = null;
if (!args[3].contains("null")) {
tweakAlgo = args[3];
}
String tweakData = null;
if (!args[4].contains("null")) {
tweakData = args[4];
}
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
// get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (Provider provider : providers) {
System.out.println(provider.getInfo());
}
String dataToEncrypt = "36253865463254715234987125394785127934571235487631254876512837451827635487123564875216384728347";
System.out.println("Data to encrypt \"" + dataToEncrypt + "\"");
NAESession session = null;
try {
// create NAE Session: pass in Key Manager user name and password
session = NAESession.getSession(username, password.toCharArray());
// Get SecretKey (just a handle to it, key data does not leave the Key Manager
NAEKey key = NAEKey.getSecretKey(keyName, session);
// For legacy CADP for JAVA clients uncomment following.
// String algorithm = "FPE/FF1/CARD10";
// FF1 algorithm which supports both ACVP and NIST test vectors.
String algorithm = "FPE/FF1v2/CARD10";
FPEParameterAndFormatSpec param = new FPEParameterAndFormatBuilder(tweakData).set_tweakAlgorithm(tweakAlgo).build();
// get a cipher
Cipher encryptCipher = Cipher.getInstance(algorithm, "IngrianProvider");
// initialize cipher to encrypt.
encryptCipher.init(Cipher.ENCRYPT_MODE, key, param);
// encrypt data
byte[] outbuf = encryptCipher.doFinal(dataToEncrypt.getBytes());
System.out.println("FF1 sample 1: ");
System.out.println("encrypted data data \"" + new String(outbuf) + "\"");
Cipher decryptCipher = Cipher.getInstance(algorithm, "IngrianProvider");
// to decrypt data, initialize cipher to decrypt
decryptCipher.init(Cipher.DECRYPT_MODE, key, param);
// decrypt data
byte[] newbuf = decryptCipher.doFinal(outbuf);
System.out.println("Decrypted data \"" + new String(newbuf) + "\"");
// sample 2 custom character set
// For legacy CADP for JAVA clients uncomment following.
// String algorithm = "FPE/FF1/UNICODE";
// FF1 algorithm which supports both ACVP and NIST test vectors.
algorithm = "FPE/FF1v2/UNICODE";
// Define custom character set by providing list of code points. list can have single hex code point like "20" or hex code point range like "30-39".
// space, digits, upper case A-Z
FPECharset charset = FPECharset.getUnicodeRangeCharset("20", "30-39", "41-5A");
// Create character set from characters in LATIN_EXTENDED_A Unicode block. Equivalent to FPECharset.getUnicodeRangeCharset("0100-017F"), where 0100-017F is code point range for LATIN_EXTENDED_A
// FPECharset charset = FPECharset.getUnicodeBlockCharset(UnicodeBlock.LATIN_EXTENDED_A);
FPEParameterAndFormatSpec tweakCharsetParam = new FPEParameterAndFormatBuilder(tweakData).set_tweakAlgorithm(tweakAlgo).set_charset(charset).build();
encryptCipher = Cipher.getInstance(algorithm, "IngrianProvider");
// initialize cipher to encrypt.
encryptCipher.init(Cipher.ENCRYPT_MODE, key, tweakCharsetParam);
outbuf = encryptCipher.doFinal(dataToEncrypt.getBytes());
System.out.println("FF1 sample 2: ");
System.out.println("encrypted data data \"" + new String(outbuf) + "\"");
decryptCipher = Cipher.getInstance(algorithm, "IngrianProvider");
// to decrypt data, initialize cipher to decrypt
decryptCipher.init(Cipher.DECRYPT_MODE, key, tweakCharsetParam);
// decrypt data
newbuf = decryptCipher.doFinal(outbuf);
System.out.println("Decrypted data \"" + new String(newbuf) + "\"");
// close the session
session.closeSession();
} catch (Exception e) {
System.out.println("The Cause is " + e.getMessage() + ".");
throw e;
} finally {
if (session != null) {
session.closeSession();
}
}
}
Also used :
NAEKey(com.ingrian.security.nae.NAEKey)
FPEParameterAndFormatSpec(com.ingrian.security.nae.FPEParameterAndFormatSpec)
FPEParameterAndFormatBuilder(com.ingrian.security.nae.FPEParameterAndFormatSpec.FPEParameterAndFormatBuilder)
Cipher(javax.crypto.Cipher)
NAESession(com.ingrian.security.nae.NAESession)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
Provider(java.security.Provider)
FPECharset(com.ingrian.security.nae.FPECharset)
Example 3 with NAEKey
use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.
the class FileEncryptionSampleUsingGCM method main.
public static void main(String[] args) {
if (args.length != 10) {
System.err.println("Usage: java FileEncryptionSampleUsingGCM user password keyname fileToEncrypt " + "encryptedFile decryptedFile authTagLength iv aad blockSize");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
String srcName = args[3];
String dstName = args[4];
String decrName = args[5];
int authTagLength = Integer.parseInt(args[6]);
String iv = args[7];
String aad = args[8];
int blockSize = Integer.parseInt(args[9]);
/**
* Note: For AES-GCM algorithm, same combination of nonce (IV) and key must not be reused
* during encryption/decryption operations.
*/
byte[] ivBytes = iv.getBytes();
byte[] aadBytes = aad.getBytes();
System.out.println("iv: " + IngrianProvider.byteArray2Hex(ivBytes));
System.out.println("AAD: " + IngrianProvider.byteArray2Hex(aadBytes));
Security.addProvider(new IngrianProvider());
NAESession session = null;
try {
session = NAESession.getSession(username, password.toCharArray());
NAEKey key = NAEKey.getSecretKey(keyName, session);
GCMParameterSpec spec = new GCMParameterSpec(authTagLength, ivBytes, aadBytes);
NAECipher cipher = NAECipher.getNAECipherInstance("AES/GCM/NoPadding", "IngrianProvider");
cipher.init(Cipher.ENCRYPT_MODE, key, spec);
NAEAESGCMCipher gcm = cipher.get_spi();
gcm.update(srcName, dstName, blockSize, cipher);
cipher.init(Cipher.DECRYPT_MODE, key, spec);
gcm = cipher.get_spi();
gcm.update(dstName, decrName, blockSize, cipher);
} catch (Exception e) {
e.printStackTrace();
} finally {
if (session != null) {
session.closeSession();
}
}
}
Also used :
NAEKey(com.ingrian.security.nae.NAEKey)
NAECipher(com.ingrian.security.nae.NAECipher)
GCMParameterSpec(com.ingrian.security.nae.GCMParameterSpec)
NAEAESGCMCipher(com.ingrian.security.nae.NAEAESGCMCipher)
NAESession(com.ingrian.security.nae.NAESession)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
Example 4 with NAEKey
use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.
the class SecretKeyEncryptionSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 3) {
System.err.println("Usage: java SecretKeyEncryptionSample user password keyname");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
// get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (Provider provider : providers) {
System.out.println(provider.getInfo());
}
String dataToEncrypt = "2D2D2D2D2D424547494E2050455253495354454E54204346EB17960";
System.out.println("Data to encrypt \"" + dataToEncrypt + "\"");
NAESession session = null;
try {
// create NAE Session: pass in Key Manager user name and password
session = NAESession.getSession(username, password.toCharArray());
// Get SecretKey (just a handle to it, key data does not leave the Key Manager
NAEKey key = NAEKey.getSecretKey(keyName, session);
// get IV
NAESecureRandom rng = new NAESecureRandom(session);
byte[] iv = new byte[16];
rng.nextBytes(iv);
IvParameterSpec ivSpec = new IvParameterSpec(iv);
// get a cipher
Cipher encryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "IngrianProvider");
// initialize cipher to encrypt.
encryptCipher.init(Cipher.ENCRYPT_MODE, key, ivSpec);
// encrypt data
byte[] outbuf = encryptCipher.doFinal(dataToEncrypt.getBytes());
// get a cipher for decryption
Cipher decryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "IngrianProvider");
// to decrypt data, initialize cipher to decrypt
decryptCipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
// decrypt data
byte[] newbuf = decryptCipher.doFinal(outbuf);
System.out.println("Decrypted data \"" + new String(newbuf) + "\"");
// to encrypt data in the loop
Cipher loopEncryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "IngrianProvider");
// initialize cipher to encrypt.
loopEncryptCipher.init(Cipher.ENCRYPT_MODE, key, ivSpec);
byte[] outbuffer = null;
for (int i = 0; i < 10; i++) {
// encrypt data in the loop
outbuffer = loopEncryptCipher.doFinal(dataToEncrypt.getBytes());
}
// to encrypt data in the loop
Cipher loopDecryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "IngrianProvider");
// to decrypt data in the loop
// initialize cipher to decrypt.
loopDecryptCipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
byte[] decrBuffer = null;
for (int i = 0; i < 10; i++) {
// decrypt data in the loop
decrBuffer = loopDecryptCipher.doFinal(outbuffer);
}
} catch (Exception e) {
System.out.println("The Cause is " + e.getMessage() + ".");
throw e;
} finally {
if (session != null) {
session.closeSession();
}
}
}
Also used :
NAEKey(com.ingrian.security.nae.NAEKey)
NAESecureRandom(com.ingrian.security.nae.NAESecureRandom)
IvParameterSpec(javax.crypto.spec.IvParameterSpec)
Cipher(javax.crypto.Cipher)
NAESession(com.ingrian.security.nae.NAESession)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
Provider(java.security.Provider)
Example 5 with NAEKey
use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.
the class FileEncryptionSampleUsingSEED method main.
public static void main(String[] args) {
if (args.length != 8) {
System.err.println("Usage: java FileEncryptionSampleUsingSEED user password keyname fileToEncrypt " + "encryptedFile decryptedFile iv blockSize");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
String srcName = args[3];
String dstName = args[4];
String decrName = args[5];
String iv = args[6];
int blockSize = Integer.parseInt(args[7]);
byte[] ivBytes = iv.getBytes();
System.out.println("iv: " + IngrianProvider.byteArray2Hex(ivBytes));
String Algo = "SEED/CBC/PKCS5Padding";
Security.addProvider(new IngrianProvider());
NAESession session = null;
try {
session = NAESession.getSession(username, password.toCharArray());
NAEKey key = NAEKey.getSecretKey(keyName, session);
// IvParameterSpec ivSpec = new
// IvParameterSpec(IngrianProvider.hex2ByteArray(iv));
NAECipher cipher = NAECipher.getNAECipherInstance(Algo, "IngrianProvider");
cipher.init(Cipher.ENCRYPT_MODE, key);
NAESEEDCipher seed = cipher.get_seed();
seed.update(srcName, dstName, blockSize, cipher);
cipher.init(Cipher.DECRYPT_MODE, key);
seed = cipher.get_seed();
seed.update(dstName, decrName, blockSize, cipher);
} catch (Exception e) {
e.printStackTrace();
} finally {
if (session != null) {
session.closeSession();
}
}
}
Also used :
NAEKey(com.ingrian.security.nae.NAEKey)
NAECipher(com.ingrian.security.nae.NAECipher)
NAESEEDCipher(com.ingrian.security.nae.NAESEEDCipher)
NAESession(com.ingrian.security.nae.NAESession)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
Aggregations
NAEKey (com.ingrian.security.nae.NAEKey)32
IngrianProvider (com.ingrian.security.nae.IngrianProvider)25
NAESession (com.ingrian.security.nae.NAESession)20
Cipher (javax.crypto.Cipher)12
KMIPAttributes (com.ingrian.security.nae.KMIPAttributes)10
KMIPSession (com.ingrian.security.nae.KMIPSession)10
NAEClientCertificate (com.ingrian.security.nae.NAEClientCertificate)10
NAEParameterSpec (com.ingrian.security.nae.NAEParameterSpec)10
Provider (java.security.Provider)10
KeyGenerator (javax.crypto.KeyGenerator)9
NAEException (com.ingrian.security.nae.NAEException)8
IvParameterSpec (javax.crypto.spec.IvParameterSpec)8
NAEPrivateKey (com.ingrian.security.nae.NAEPrivateKey)7
NAEPublicKey (com.ingrian.security.nae.NAEPublicKey)7
NAESecretKey (com.ingrian.security.nae.NAESecretKey)7
SecretKey (javax.crypto.SecretKey)7
KMIPSecretData (com.ingrian.security.nae.KMIPSecretData)5
NAECipher (com.ingrian.security.nae.NAECipher)5
NAESecureRandom (com.ingrian.security.nae.NAESecureRandom)5
GCMParameterSpec (com.ingrian.security.nae.GCMParameterSpec)3
