Example 6 with NAEPermission
use of com.ingrian.security.nae.NAEPermission in project CipherTrust_Application_Protection by thalescpl-io.
the class SecretKeySample method main.
public static void main(String[] args) throws Exception {
if (args.length != 4) {
System.err.println("Usage: java SecretKeySample user password keyname group");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
String group = args[3];
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
// get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
NAESession session = null;
try {
// Create AES key on Key Manager
// create NAE Session: pass in Key Manager user name and password
session = NAESession.getSession(username, password.toCharArray());
// create key which is exportable and deletable,
// key owner is passed in Key Manager user and default key length 128 bits
NAEParameterSpec spec = new NAEParameterSpec(keyName, true, true, session);
KeyGenerator kg = KeyGenerator.getInstance("AES", "IngrianProvider");
kg.init(spec);
SecretKey secret_key = kg.generateKey();
// Export key data
NAEKey key = NAEKey.getSecretKey(keyName, session);
byte[] keyData = key.export();
System.out.println("Key " + key.getName() + " was created on Key Manager.");
// Clone that key.
key.cloneKey(keyName + "Cloned");
key = NAEKey.getSecretKey(keyName + "Cloned", session);
System.out.println("Key " + key.getName() + " was cloned on Key Manager.");
// Delete that key from Key Manager
key.delete();
// Import that key back to the Key Manager
// set the key permissions to the set of permissions granted to
// NAE group.
NAEPermission permission = new NAEPermission(group);
// add permission to encrypt
permission.setEncrypt(true);
NAEPermission[] permissions = { permission };
NAEParameterSpec spec_dup = new NAEParameterSpec(keyName + "Dup", true, true, session, permissions);
NAEKey.importKey(keyData, "AES", spec_dup);
key = NAEKey.getSecretKey(keyName + "Dup", session);
System.out.println("Imported key data; Duplicate Key " + key.getName() + " was created on Key Manager.");
} catch (Exception e) {
e.printStackTrace();
} finally {
if (session != null)
session.closeSession();
}
}
Also used :
NAEParameterSpec(com.ingrian.security.nae.NAEParameterSpec)
NAEKey(com.ingrian.security.nae.NAEKey)
NAEPermission(com.ingrian.security.nae.NAEPermission)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
Provider(java.security.Provider)
SecretKey(javax.crypto.SecretKey)
KeyGenerator(javax.crypto.KeyGenerator)
NAESession(com.ingrian.security.nae.NAESession)
Aggregations
NAEPermission (com.ingrian.security.nae.NAEPermission)6
IngrianProvider (com.ingrian.security.nae.IngrianProvider)5
NAEParameterSpec (com.ingrian.security.nae.NAEParameterSpec)5
NAESession (com.ingrian.security.nae.NAESession)5
Provider (java.security.Provider)5
KeyPair (java.security.KeyPair)3
KeyPairGenerator (java.security.KeyPairGenerator)3
KeyGenerator (javax.crypto.KeyGenerator)3
KeyExportData (com.ingrian.security.nae.KeyExportData)2
NAEKey (com.ingrian.security.nae.NAEKey)2
NAEPrivateKey (com.ingrian.security.nae.NAEPrivateKey)2
NAEPublicKey (com.ingrian.security.nae.NAEPublicKey)2
SecretKey (javax.crypto.SecretKey)2
CustomAttributes (com.ingrian.security.nae.CustomAttributes)1
ECCParameterSpec (com.ingrian.security.nae.ECCParameterSpec)1
KeyInfoData (com.ingrian.security.nae.KeyInfoData)1
NAESecretKey (com.ingrian.security.nae.NAESecretKey)1
NAESecureRandom (com.ingrian.security.nae.NAESecureRandom)1
PrivateKey (java.security.PrivateKey)1
PublicKey (java.security.PublicKey)1
