use of com.ingrian.security.nae.NAEPrivateKey in project CipherTrust_Application_Protection by thalescpl-io.
the class RSAEncryptionSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 3) {
System.err.println("Usage: java RSAEncryptionSample user password keyname");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
// get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (Provider provider : providers) {
System.out.println(provider.getInfo());
}
String dataToEncrypt = "dataToEncrypt";
System.out.println("Data to encrypt \"" + dataToEncrypt + "\"");
NAESession session = null;
try {
// create NAE Session: pass in NAE user name and password
session = NAESession.getSession(username, password.toCharArray());
// get RSA public key to encrypt data
// (just a key handle , key data does not leave the Key Manager)
NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
// get a cipher
Cipher encryptCipher = Cipher.getInstance("RSA", "IngrianProvider");
// initialize cipher to encrypt.
encryptCipher.init(Cipher.ENCRYPT_MODE, pubKey);
// encrypt data
byte[] outbuf = encryptCipher.doFinal(dataToEncrypt.getBytes());
// get private key to decrypt data
// (just a key handle , key data does not leave the Key Manager)
NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
// get a cipher for decryption
Cipher decryptCipher = Cipher.getInstance("RSA", "IngrianProvider");
// to decrypt data, initialize cipher to decrypt
decryptCipher.init(Cipher.DECRYPT_MODE, privKey);
// decrypt data
byte[] newbuf = decryptCipher.doFinal(outbuf);
System.out.println("Decrypted data \"" + new String(newbuf) + "\"");
} catch (Exception e) {
e.printStackTrace();
throw e;
} finally {
if (session != null) {
// Close NAESession
session.closeSession();
}
}
}
use of com.ingrian.security.nae.NAEPrivateKey in project CipherTrust_Application_Protection by thalescpl-io.
the class SignSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 3 && args.length != 4) {
System.err.println("Usage: java SignSample user password keyname saltlength(optional)");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
PSSParameterSpec pssParameterSpec = null;
// Get PSSParameterSpec passing the saltlenth, if provided
if (args.length > 3)
pssParameterSpec = new PSSParameterSpec(Integer.parseInt(args[3]));
// data to sign
byte[] data = "dataToSign".getBytes();
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
// get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
NAESession session = null;
try {
// create NAE Session: pass in Key Manager user name and password
session = NAESession.getSession(username, password.toCharArray());
// Create Signature object
Signature sig = Signature.getInstance("SHA256withRSAPSSPadding", "IngrianProvider");
// Sign data
// Get private key
NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
// Set the PSSParameterSpec in the Signature Object if saltlength is provided
if (pssParameterSpec != null)
sig.setParameter(pssParameterSpec);
// Initialize Signature object for signing
sig.initSign(privKey);
sig.update(data);
byte[] signature = sig.sign();
// Verify signature
// Get public key
NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
// Set the PSSParameterSpec in the Signature Object if saltlength is provided
if (pssParameterSpec != null)
sig.setParameter(pssParameterSpec);
// Initialize Signature object for signature verification
sig.initVerify(pubKey);
sig.update(data);
if (sig.verify(signature))
System.out.println("Signature verified.");
else
System.out.println("Signature verification failed.");
} catch (Exception e) {
e.printStackTrace();
throw e;
} finally {
if (session != null)
// Close NAESession
session.closeSession();
}
}
use of com.ingrian.security.nae.NAEPrivateKey in project CipherTrust_Application_Protection by thalescpl-io.
the class KMIPGetDateRangeSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 4) {
usage();
}
// set the dates
start = Calendar.getInstance();
end = Calendar.getInstance();
try {
start.setTime((Date) inputDateFormat.parse(args[2]));
end.setTime((Date) inputDateFormat.parse(args[3]));
;
} catch (ParseException pe) {
System.err.println("Problem parsing date argument");
System.err.println(pe.getMessage());
usage();
}
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
KMIPSession session = null;
try {
// Create session to KMIP port based on authentication by an NAEClientCertificate
session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
// KMIPAttribute set to hold unique Key Manager identifiers for located keys
Set<String> managedObjectIdentifiers;
// This instance of KMIPAttributes will be used as the KMIP attributes and
// values to be searched for. Note that the date range is indicated by
// addding two InitialDate attributes to the locateAttributes
KMIPAttributes locateAttributes = new KMIPAttributes();
locateAttributes.add(KMIPAttribute.CryptographicAlgorithm, Algorithm.rsa);
locateAttributes.add(KMIPAttribute.InitialDate, 0, start);
locateAttributes.add(KMIPAttribute.InitialDate, 1, end);
// This instance of KMIPAttributes will specify the set of KMIP attributes
// to be returned from the Key Manager
KMIPAttributes getAttributes = new KMIPAttributes();
getAttributes.add(KMIPAttribute.ApplicationSpecificInformation);
// implied null value
getAttributes.add(KMIPAttribute.CryptographicAlgorithm);
getAttributes.add(KMIPAttribute.CryptographicLength);
getAttributes.add(KMIPAttribute.ObjectType);
getAttributes.add(KMIPAttribute.ContactInformation);
getAttributes.add(KMIPAttribute.Digest);
getAttributes.add(KMIPAttribute.InitialDate);
getAttributes.add(KMIPAttribute.Link);
getAttributes.add(KMIPAttribute.ObjectGroup);
// Locate the keys with matching attributes
managedObjectIdentifiers = session.locate(locateAttributes);
if (managedObjectIdentifiers != null) {
System.out.println("\n\nFound " + managedObjectIdentifiers.size() + " managed objects matching key Locate criteria.");
System.out.println("\n\nKeys with attribute rsa and initial date between " + outputDateFormat.format(start.getTime()) + " and " + outputDateFormat.format(end.getTime()));
// for each object found, query all the non-custom attributes
for (String uid : managedObjectIdentifiers) {
System.out.println("\n\nManaged Object UniqueIdentifier: \t" + uid);
Object managedObject = session.getManagedObject(uid);
// not a key
if (managedObject == null)
continue;
if ((managedObject instanceof NAEPublicKey) || (managedObject instanceof NAEPrivateKey) || (managedObject instanceof NAESecretKey)) {
NAEKey key;
if (managedObject instanceof NAEPublicKey)
key = (NAEPublicKey) managedObject;
else if (managedObject instanceof NAEPrivateKey)
key = (NAEPrivateKey) managedObject;
else
key = (NAESecretKey) managedObject;
System.out.println("\tName: \t" + key.getName());
KMIPAttributes returnedAttributes = getAttrs(key, getAttributes);
printKeyInfo(returnedAttributes);
} else if (managedObject instanceof KMIPSecretData) {
System.out.println(((KMIPSecretData) managedObject).getName());
}
}
}
} catch (Exception e) {
System.out.println("The Cause is " + e.getMessage() + ".");
e.printStackTrace();
} finally {
if (session != null)
session.closeSession();
}
}
use of com.ingrian.security.nae.NAEPrivateKey in project CipherTrust_Application_Protection by thalescpl-io.
the class KMIPDeleteAttributeSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 2) {
usage();
}
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
KMIPSession session = null;
try {
// create NAE Session: pass in NAE client certificate information - client key and
// keystore password
session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
/* This Set<String> collection will hold the unique identifiers of the keys
* matching the criteria (algorithm = RSA, length=2048
*/
Set<String> managedObjectIdentifiers;
/* this KMIPAttributes object will contain the KMIPAttribute(s) and the
* values to match for the keys being searched for on the server
*
*/
KMIPAttributes locateAttributes = new KMIPAttributes();
// add CryptographicAlgorithm and length to the attributes to be matched
locateAttributes.add(KMIPAttribute.CryptographicAlgorithm, Algorithm.rsa);
locateAttributes.add(KMIPAttribute.CryptographicLength, 2048);
/* Add a custom KMIP integer attribute at index 0 with the value 1 */
locateAttributes.add("x-int1", 0, 1);
/* this is also the sole attribute to be deleted. */
KMIPAttributes deleteAttributes = new KMIPAttributes();
deleteAttributes.add("x-int1", 0, 1);
/* Locate all RSA keys with a length of 2048 and x-int1 = 1 */
managedObjectIdentifiers = session.locate(locateAttributes);
if (managedObjectIdentifiers != null) {
System.out.println("\n\nFound " + managedObjectIdentifiers.size() + " managed objects matching criteria.");
System.out.println("\n\nKeys with attributes rsa, 2048 and custom attribute x-int=1");
for (String uid : managedObjectIdentifiers) {
System.out.println("\n\nManaged Object UniqueIdentifier: \t" + uid);
Object thingee = session.getManagedObject(uid);
/* Convert each key into the proper type of object
* representing the managed key */
if ((thingee instanceof NAEPublicKey) || (thingee instanceof NAEPrivateKey) || (thingee instanceof NAESecretKey)) {
NAEKey key;
if (thingee instanceof NAEPublicKey)
key = (NAEPublicKey) thingee;
else if (thingee instanceof NAEPrivateKey)
key = (NAEPrivateKey) thingee;
else
key = (NAESecretKey) thingee;
System.out.println("\tName: \t" + key.getName());
/* delete the x-int1 attribute */
key.deleteKMIPAttributes(deleteAttributes);
}
}
}
} catch (Exception e) {
System.out.println("The Cause is " + e.getMessage() + ".");
e.printStackTrace();
} finally {
if (session != null)
session.closeSession();
}
}
use of com.ingrian.security.nae.NAEPrivateKey in project CipherTrust_Application_Protection by thalescpl-io.
the class KMIPGetCustomAttribute method main.
public static void main(String[] args) throws Exception {
if (args.length != 4) {
usage();
}
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
KMIPSession session = null;
try {
// Create session to KMIP port based on authentication by an
// NAEClientCertificate
session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
// KMIPAttribute set to hold unique Key Manager identifiers for
// located keys
Set<String> managedObjectIdentifiers;
// This instance of KMIPAttributes will be used as the KMIP
// attributes and
// values to be searched for
KMIPAttributes locateAttributes = new KMIPAttributes();
locateAttributes.add(KMIPAttribute.CryptographicAlgorithm, Algorithm.rsa);
locateAttributes.add(KMIPAttribute.CryptographicLength, 2048);
// This instance of KMIPAttributes will specify the set of KMIP
// attributes
// to be returned from the Key Manager
// KMIPAttributes addAttributes = new KMIPAttributes();
// addAttributes.add("x-String", 1, "Hello");
KMIPAttributes getAttributes = new KMIPAttributes();
getAttributes.add(KMIPAttribute.ApplicationSpecificInformation);
// implied
getAttributes.add(KMIPAttribute.CryptographicAlgorithm);
// null
// value
getAttributes.add(KMIPAttribute.CryptographicLength);
getAttributes.add(KMIPAttribute.ObjectType);
getAttributes.add(KMIPAttribute.ContactInformation);
getAttributes.add(KMIPAttribute.Digest);
getAttributes.add(KMIPAttribute.InitialDate);
getAttributes.add(KMIPAttribute.Link);
getAttributes.add(KMIPAttribute.ObjectGroup);
String custattrib = args[3];
if (custattrib.contains("#")) {
String[] attrs = custattrib.split("#");
for (String atr : attrs) {
getAttributes.add(atr);
}
} else {
getAttributes.add(custattrib);
}
// Locate the keys with matching attributes
managedObjectIdentifiers = session.locate(locateAttributes);
if (managedObjectIdentifiers != null) {
// for each object found, query all the non-custom attributes
for (String uid : managedObjectIdentifiers) {
Object serverManagedObject = session.getManagedObject(uid);
if (serverManagedObject == null)
// not a key
continue;
if (isKey(serverManagedObject)) {
// NAEKey is the superclass of public/private and secret
// keys
NAEKey key;
if (serverManagedObject instanceof NAEPublicKey)
key = (NAEPublicKey) serverManagedObject;
else if (serverManagedObject instanceof NAEPrivateKey)
key = (NAEPrivateKey) serverManagedObject;
else
key = (NAESecretKey) serverManagedObject;
locateAttributes.getAttributes();
// retrieve and print the key's attributes
if (key.getName().equals(args[2])) {
// key.addKMIPAttributes(addAttributes);
System.out.println("\tName: \t" + key.getName());
KMIPAttributes returnedAttributes = getAttrs(key, getAttributes);
// printKeyInfo(returnedAttributes);
printCustomAttribute(returnedAttributes);
}
} else if (serverManagedObject instanceof KMIPSecretData) {
// KMIPSecretData managed objects do not inherit from
// NAEKey
// coerce to a KMIPSecretData and print the name of the
// object
System.out.println(((KMIPSecretData) serverManagedObject).getName());
}
}
}
} catch (Exception e) {
System.out.println("The Cause is " + e.getMessage() + ".");
e.printStackTrace();
} finally {
if (session != null)
session.closeSession();
}
}
Aggregations