Example 6 with NAEKey
use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.
the class MultiThreadMacSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 3) {
System.err.println("Usage: java MultiThreadMacSample user password mackeyname");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String mackeyName = args[2];
// this sample will create 5 threads
int threadCount = 5;
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
MultiThreadMacSample[] list = new MultiThreadMacSample[threadCount];
NAESession session = null;
try {
// create NAE Session: pass in Key Manager user name and password
session = NAESession.getSession(username, password.toCharArray());
// get the key
NAEKey key = NAEKey.getSecretKey(mackeyName, session);
for (int i = 0; i < threadCount; i++) {
list[i] = new MultiThreadMacSample(key);
}
for (int i = 0; i < threadCount; i++) {
list[i].start();
}
// wait for all threads to finish before closing session.
for (int i = 0; i < threadCount; i++) {
list[i].join();
}
session.closeSession();
} catch (Exception e) {
System.out.println("Got exception: " + e);
e.printStackTrace();
} finally {
if (session != null)
session.closeSession();
}
}
Also used :
NAEKey(com.ingrian.security.nae.NAEKey)
NAESession(com.ingrian.security.nae.NAESession)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
Example 7 with NAEKey
use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.
the class CustomLoggerSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 3) {
System.err.println("Usage: java CustomLoggerSample user password keyname");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider(new JavaUtilLogger()));
// get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
String dataToMac = "2D2D2D2D2D424547494E2050455253495354454E54204346EB17960";
System.out.println("Data to mac \"" + dataToMac + "\"");
NAESession session = null;
try {
// create HMAC key on the Key Manager
// create NAE Session: pass in Key Manager user name and password
session = NAESession.getSession(username, password.toCharArray());
// create key which is exportable and deletable,
// key owner is passed in Key Manager user.
// For HmacSHA1 key length 160 bits
// For HmacSHA256 key length is 256 bits
// For HmacSHA384 key length is 384 bits
// For HmacSHA512 key length is 512 bits
NAEParameterSpec spec = new NAEParameterSpec(keyName, true, true, 160, session);
KeyGenerator kg = KeyGenerator.getInstance("HmacSHA1", "IngrianProvider");
kg.init(spec);
SecretKey secret_key = kg.generateKey();
// get the handle to created key
NAEKey key = NAEKey.getSecretKey(keyName, session);
// create MAC instance to get the message authentication code
Mac mac = Mac.getInstance("HmacSHA1", "IngrianProvider");
mac.init(key);
byte[] macValue = mac.doFinal(dataToMac.getBytes());
// create MAC instance to verify the message authentication code
Mac macV = Mac.getInstance("HmacSHA1Verify", "IngrianProvider");
macV.init(key, new MACValue(macValue));
byte[] result = macV.doFinal(dataToMac.getBytes());
// check verification result
if (result.length != 1 || result[0] != 1) {
System.out.println("Invalid MAC.");
} else {
System.out.println("MAC Verified OK.");
}
} catch (Exception e) {
System.out.println("The Cause is " + e.getMessage() + ".");
throw e;
} finally {
if (session != null)
session.closeSession();
}
}
Also used :
NAEParameterSpec(com.ingrian.security.nae.NAEParameterSpec)
NAEKey(com.ingrian.security.nae.NAEKey)
Mac(javax.crypto.Mac)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
Provider(java.security.Provider)
MACValue(com.ingrian.security.nae.MACValue)
SecretKey(javax.crypto.SecretKey)
KeyGenerator(javax.crypto.KeyGenerator)
NAESession(com.ingrian.security.nae.NAESession)
Example 8 with NAEKey
use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.
the class CryptoTool method doExport.
/**
* Exports a key to the output stream.
* @param keyName Key name to export
* @param session NAESession
* @throws Exception
* @return Returns whether the operation was successful
*/
private static boolean doExport(String keyName, NAESession session) throws Exception {
// error checking
if (keyName == null) {
System.err.println("Missing key name");
return false;
}
// retrieve NAE key
NAEKey key = NAEKey.getSecretKey(keyName, session);
if ("RSA".equalsIgnoreCase(key.getAlgorithm())) {
// the output stream
try {
key = NAEKey.getPrivateKey(keyName, session);
os.write(key.export());
} catch (Exception e) {
key = NAEKey.getPublicKey(keyName, session);
os.write(key.export());
}
} else {
// if key is non-RSA key, export the key to
// the output stream
os.write(key.export());
}
return true;
}
Also used :
NAEKey(com.ingrian.security.nae.NAEKey)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
NAEException(com.ingrian.security.nae.NAEException)
IOException(java.io.IOException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
Example 9 with NAEKey
use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.
the class KMIPCreateAndEncryptSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 5) {
usage();
}
String keyName = args[4];
int keyLength = 256;
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
KMIPSession kmipSession = null;
NAESession naeSession = null;
try {
// create KMIP Session - specify client X.509 certificate and keystore password
kmipSession = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
// create key custom attributes
NAEKey key;
try {
/* does the key exist? if so, delete it */
/* get..Key method is merely a placeholder for a managed object
* with that name. */
key = NAEKey.getSecretKey(keyName, kmipSession);
/* getUID() will throw an exception if the key does not exist */
if (key.getUID() != null) {
System.out.println("Deleting key " + keyName + " with UID=" + key.getUID());
key.delete();
}
} catch (NAEException missing) {
if (missing.getMessage().equals("Key not found on server.")) {
System.out.println("Key did not exist");
} else
throw missing;
}
/* create a secret key using KMIP JCE key generator */
KMIPAttributes initialAttributes = new KMIPAttributes();
initialAttributes.add(KMIPAttribute.CryptographicUsageMask, (int) (UsageMask.Encrypt.getValue() | UsageMask.Decrypt.getValue()));
Calendar c = Calendar.getInstance();
initialAttributes.addDate(KMIPAttribute.ActivationDate, c);
NAEParameterSpec spec = new NAEParameterSpec(keyName, keyLength, (KMIPAttributes) initialAttributes, kmipSession);
KeyGenerator kg = KeyGenerator.getInstance("AES", "IngrianProvider");
kg.init(spec);
SecretKey secretKey = kg.generateKey();
System.out.println("Created key " + ((NAEKey) secretKey).getName());
/* Once created, you may operate on the KMIP key. For example,
* add a KMIP group attribute to the KMIP - not required, just include
* as a sample of KMIP operations on the key */
KMIPAttributes ka = new KMIPAttributes();
ka.add(KMIPAttribute.ObjectGroup, 0, "group1");
secretKey = NAEKey.getSecretKey(keyName);
NAESecretKey sk = NAEKey.getSecretKey(keyName, kmipSession);
sk.addKMIPAttributes(ka);
/* Now use the NAEKey created for encryption using an NAESession
* to a Key Manager server. Essentially this is the same code as the
* SecretKeyEncryptionSample.java program
* Nothing new is required to use the KMIP-created key on the
* Key Manager server.
*/
// create NAE XML Session: pass in NAE user name and password
naeSession = NAESession.getSession(args[2], args[3].toCharArray());
// Get SecretKey (just a handle to it, key data does not leave the server
// Note: KMIP keys objects need to be re-retrieved on the XML session
key = NAEKey.getSecretKey(keyName, naeSession);
// get IV
NAESecureRandom rng = new NAESecureRandom(naeSession);
byte[] iv = new byte[16];
rng.nextBytes(iv);
IvParameterSpec ivSpec = new IvParameterSpec(iv);
// get a cipher
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "IngrianProvider");
// initialize cipher to encrypt.
cipher.init(Cipher.ENCRYPT_MODE, key, ivSpec);
String dataToEncrypt = "2D2D2D2D2D424547494E2050455253495354454E54204346EB17960";
System.out.println("Data to encrypt \"" + dataToEncrypt + "\"");
// encrypt data
byte[] outbuf = cipher.doFinal(dataToEncrypt.getBytes());
// to decrypt data, initialize cipher to decrypt
cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
// decrypt data
byte[] newbuf = cipher.doFinal(outbuf);
System.out.println("Decrypted data \"" + new String(newbuf) + "\"");
} catch (Exception e) {
System.out.println("The Cause is " + e.getMessage() + ".");
e.printStackTrace();
} finally {
if (kmipSession != null)
kmipSession.closeSession();
if (naeSession != null)
naeSession.closeSession();
}
}
Also used :
NAEException(com.ingrian.security.nae.NAEException)
KMIPAttributes(com.ingrian.security.nae.KMIPAttributes)
NAEParameterSpec(com.ingrian.security.nae.NAEParameterSpec)
NAEKey(com.ingrian.security.nae.NAEKey)
NAESecureRandom(com.ingrian.security.nae.NAESecureRandom)
Calendar(java.util.Calendar)
NAESecretKey(com.ingrian.security.nae.NAESecretKey)
NAEClientCertificate(com.ingrian.security.nae.NAEClientCertificate)
NAEException(com.ingrian.security.nae.NAEException)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
KMIPSession(com.ingrian.security.nae.KMIPSession)
SecretKey(javax.crypto.SecretKey)
NAESecretKey(com.ingrian.security.nae.NAESecretKey)
IvParameterSpec(javax.crypto.spec.IvParameterSpec)
Cipher(javax.crypto.Cipher)
KeyGenerator(javax.crypto.KeyGenerator)
NAESession(com.ingrian.security.nae.NAESession)
Example 10 with NAEKey
use of com.ingrian.security.nae.NAEKey in project CipherTrust_Application_Protection by thalescpl-io.
the class KMIPGetDateRangeSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 4) {
usage();
}
// set the dates
start = Calendar.getInstance();
end = Calendar.getInstance();
try {
start.setTime((Date) inputDateFormat.parse(args[2]));
end.setTime((Date) inputDateFormat.parse(args[3]));
;
} catch (ParseException pe) {
System.err.println("Problem parsing date argument");
System.err.println(pe.getMessage());
usage();
}
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
KMIPSession session = null;
try {
// Create session to KMIP port based on authentication by an NAEClientCertificate
session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
// KMIPAttribute set to hold unique Key Manager identifiers for located keys
Set<String> managedObjectIdentifiers;
// This instance of KMIPAttributes will be used as the KMIP attributes and
// values to be searched for. Note that the date range is indicated by
// addding two InitialDate attributes to the locateAttributes
KMIPAttributes locateAttributes = new KMIPAttributes();
locateAttributes.add(KMIPAttribute.CryptographicAlgorithm, Algorithm.rsa);
locateAttributes.add(KMIPAttribute.InitialDate, 0, start);
locateAttributes.add(KMIPAttribute.InitialDate, 1, end);
// This instance of KMIPAttributes will specify the set of KMIP attributes
// to be returned from the Key Manager
KMIPAttributes getAttributes = new KMIPAttributes();
getAttributes.add(KMIPAttribute.ApplicationSpecificInformation);
// implied null value
getAttributes.add(KMIPAttribute.CryptographicAlgorithm);
getAttributes.add(KMIPAttribute.CryptographicLength);
getAttributes.add(KMIPAttribute.ObjectType);
getAttributes.add(KMIPAttribute.ContactInformation);
getAttributes.add(KMIPAttribute.Digest);
getAttributes.add(KMIPAttribute.InitialDate);
getAttributes.add(KMIPAttribute.Link);
getAttributes.add(KMIPAttribute.ObjectGroup);
// Locate the keys with matching attributes
managedObjectIdentifiers = session.locate(locateAttributes);
if (managedObjectIdentifiers != null) {
System.out.println("\n\nFound " + managedObjectIdentifiers.size() + " managed objects matching key Locate criteria.");
System.out.println("\n\nKeys with attribute rsa and initial date between " + outputDateFormat.format(start.getTime()) + " and " + outputDateFormat.format(end.getTime()));
// for each object found, query all the non-custom attributes
for (String uid : managedObjectIdentifiers) {
System.out.println("\n\nManaged Object UniqueIdentifier: \t" + uid);
Object managedObject = session.getManagedObject(uid);
// not a key
if (managedObject == null)
continue;
if ((managedObject instanceof NAEPublicKey) || (managedObject instanceof NAEPrivateKey) || (managedObject instanceof NAESecretKey)) {
NAEKey key;
if (managedObject instanceof NAEPublicKey)
key = (NAEPublicKey) managedObject;
else if (managedObject instanceof NAEPrivateKey)
key = (NAEPrivateKey) managedObject;
else
key = (NAESecretKey) managedObject;
System.out.println("\tName: \t" + key.getName());
KMIPAttributes returnedAttributes = getAttrs(key, getAttributes);
printKeyInfo(returnedAttributes);
} else if (managedObject instanceof KMIPSecretData) {
System.out.println(((KMIPSecretData) managedObject).getName());
}
}
}
} catch (Exception e) {
System.out.println("The Cause is " + e.getMessage() + ".");
e.printStackTrace();
} finally {
if (session != null)
session.closeSession();
}
}
Also used :
KMIPAttributes(com.ingrian.security.nae.KMIPAttributes)
NAEKey(com.ingrian.security.nae.NAEKey)
NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey)
NAESecretKey(com.ingrian.security.nae.NAESecretKey)
NAEPublicKey(com.ingrian.security.nae.NAEPublicKey)
KMIPSecretData(com.ingrian.security.nae.KMIPSecretData)
NAEClientCertificate(com.ingrian.security.nae.NAEClientCertificate)
NAEException(com.ingrian.security.nae.NAEException)
ParseException(java.text.ParseException)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
KMIPSession(com.ingrian.security.nae.KMIPSession)
ParseException(java.text.ParseException)
Aggregations
NAEKey (com.ingrian.security.nae.NAEKey)32
IngrianProvider (com.ingrian.security.nae.IngrianProvider)25
NAESession (com.ingrian.security.nae.NAESession)20
Cipher (javax.crypto.Cipher)12
KMIPAttributes (com.ingrian.security.nae.KMIPAttributes)10
KMIPSession (com.ingrian.security.nae.KMIPSession)10
NAEClientCertificate (com.ingrian.security.nae.NAEClientCertificate)10
NAEParameterSpec (com.ingrian.security.nae.NAEParameterSpec)10
Provider (java.security.Provider)10
KeyGenerator (javax.crypto.KeyGenerator)9
NAEException (com.ingrian.security.nae.NAEException)8
IvParameterSpec (javax.crypto.spec.IvParameterSpec)8
NAEPrivateKey (com.ingrian.security.nae.NAEPrivateKey)7
NAEPublicKey (com.ingrian.security.nae.NAEPublicKey)7
NAESecretKey (com.ingrian.security.nae.NAESecretKey)7
SecretKey (javax.crypto.SecretKey)7
KMIPSecretData (com.ingrian.security.nae.KMIPSecretData)5
NAECipher (com.ingrian.security.nae.NAECipher)5
NAESecureRandom (com.ingrian.security.nae.NAESecureRandom)5
GCMParameterSpec (com.ingrian.security.nae.GCMParameterSpec)3
