Search in sources :

Example 11 with NAEPrivateKey

use of com.ingrian.security.nae.NAEPrivateKey in project CipherTrust_Application_Protection by thalescpl-io.

the class SelfSignedCertificateUtility method main.

public static void main(String[] args) {
    String userName = null;
    String password = null;
    String file = null;
    String key = null;
    String certPass = null;
    for (int i = 0; i < args.length; i++) {
        if ("-user".equals(args[i]))
            userName = args[i + 1].trim();
        else if ("-password".equals(args[i]))
            password = args[i + 1].trim();
        else if ("-key".equals(args[i]))
            key = args[i + 1].trim();
        else if ("-file".equals(args[i]))
            file = args[i + 1].trim();
        else if ("-certPass".equals(args[i]))
            certPass = args[i + 1].trim();
    }
    if (key == null || file == null)
        usage();
    try {
        Map<String, String> certificateProperties = readPropertiesFrom(file);
        if (certPass != null)
            certificateProperties.put("CertPassword", certPass);
        validateProperties(certificateProperties);
        NAESession session = null;
        PrivateKey privateKey = null;
        PublicKey publicKey = null;
        try {
            if (userName != null && password != null)
                session = NAESession.getSession(userName, password.toCharArray());
            NAEPrivateKey private1 = NAEKey.getPrivateKey(key, session);
            NAEPublicKey public1 = NAEKey.getPublicKey(key, session);
            privateKey = getPrivateKey(private1, certificateProperties.get("Algorithm"));
            publicKey = getPublicKey(public1, certificateProperties.get("Algorithm"));
        } finally {
            if (session != null)
                session.closeSession();
        }
        X509Certificate cert = generateCertificate(publicKey, privateKey, certificateProperties);
        storeCertificateInPFX(privateKey, cert, certificateProperties);
        System.out.println("certificate is stored successfully at " + certificateProperties.get("Destination"));
    } catch (Exception e) {
        e.printStackTrace();
    }
}
Also used : NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) PrivateKey(java.security.PrivateKey) NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) PublicKey(java.security.PublicKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) NAESession(com.ingrian.security.nae.NAESession) X509Certificate(java.security.cert.X509Certificate) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NAEException(com.ingrian.security.nae.NAEException) IOException(java.io.IOException)

Example 12 with NAEPrivateKey

use of com.ingrian.security.nae.NAEPrivateKey in project CipherTrust_Application_Protection by thalescpl-io.

the class CMSSignSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 4) {
        System.err.println("Usage: java CMSSignSample user password keyname caName");
        System.exit(-1);
    }
    String username = args[0];
    String password = args[1];
    String keyName = args[2];
    String caName = args[3];
    // data to sign
    byte[] data = "dataToSign".getBytes();
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    // get the list of all registered JCE providers
    Provider[] providers = Security.getProviders();
    for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
    NAESession session = null;
    try {
        // create NAE Session: pass in Key Manager user name and password
        session = NAESession.getSession(username, password.toCharArray());
        // Create Signature object
        Signature sig = Signature.getInstance("SHA1withRSA", "IngrianProvider");
        SignVerifySpec signVerifySpec = new SignVerifySpec(new Format("cms/detached/smime/enveloped"), new CertList(caName));
        sig.setParameter((AlgorithmParameterSpec) signVerifySpec);
        // Sign data
        // Get private key
        NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
        // Initialize Signature object for signing
        sig.initSign(privKey);
        sig.update(data);
        byte[] signature = sig.sign();
        // Verify signature
        // Get public key
        NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
        // Initialize Signature object for signature verification
        sig.initVerify(pubKey);
        sig.update(data);
        if (sig.verify(signature))
            System.out.println("Signature verified.");
        else
            System.out.println("Signature verification failed.");
        // close NAE session
        session.closeSession();
    } catch (Exception e) {
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}
Also used : NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) IngrianProvider(com.ingrian.security.nae.IngrianProvider) IngrianProvider(com.ingrian.security.nae.IngrianProvider) Provider(java.security.Provider) CertList(com.ingrian.security.nae.CertList) SignVerifySpec(com.ingrian.security.nae.SignVerifySpec) Format(com.ingrian.security.nae.Format) Signature(java.security.Signature) NAESession(com.ingrian.security.nae.NAESession)

Example 13 with NAEPrivateKey

use of com.ingrian.security.nae.NAEPrivateKey in project CipherTrust_Application_Protection by thalescpl-io.

the class FileEncryptionDecryptionSampleUsingRSA method main.

public static void main(String[] args) throws Exception {
    if (args.length != 6) {
        System.err.println("Usage: java FileEncryptionDecryptionSampleUsingRSA userName password asymKeyName fileToEncrypt encryptedFile decryptedFile");
        System.exit(-1);
    }
    String userName = args[0];
    String password = args[1];
    String asymKeyName = args[2];
    String fileToEncrypt = args[3];
    String encryptedFile = args[4];
    String decryptedFile = args[5];
    // Add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    NAESession session = null;
    try {
        // Creates NAE Session and pass in NAE userName and password
        session = NAESession.getSession(userName, password.toCharArray());
        // Creates NAEPublicKey object
        NAEPublicKey asymPubKey = NAEKey.getPublicKey(asymKeyName, session);
        // Get NAESecureRandom object
        NAESecureRandom rng = new NAESecureRandom(session);
        performEncryption(fileToEncrypt, encryptedFile, asymPubKey, rng);
        // Creates NAEPrivateKey object
        NAEPrivateKey asymPrivKey = NAEKey.getPrivateKey(asymKeyName, session);
        performDecryption(encryptedFile, decryptedFile, asymPrivKey);
    } catch (Exception e) {
        System.err.println("The Cause is " + e.getMessage() + ".");
        throw e;
    } finally {
        if (session != null) {
            // Close NAESession
            session.closeSession();
        }
    }
}
Also used : NAESecureRandom(com.ingrian.security.nae.NAESecureRandom) NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) NAESession(com.ingrian.security.nae.NAESession) IngrianProvider(com.ingrian.security.nae.IngrianProvider)

Example 14 with NAEPrivateKey

use of com.ingrian.security.nae.NAEPrivateKey in project CipherTrust_Application_Protection by thalescpl-io.

the class ECCSignSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 3) {
        System.err.println("Usage: java ECCSignSample user password keyname");
        System.exit(-1);
    }
    String userName = args[0];
    String password = args[1];
    String keyName = args[2];
    // Add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    // Get the list of all registered JCE providers
    Provider[] providers = Security.getProviders();
    for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
    // Data to sign
    String dataForSignature = "testdata for ECC Sign Test";
    String signAlgo = "SHA256withECDSA";
    NAESession session = null;
    try {
        // Creates NAESession: pass in NAE user and password
        session = NAESession.getSession(userName, password.toCharArray());
        // Creates a signature object for sign operation
        Signature sig = Signature.getInstance(signAlgo, "IngrianProvider");
        // Sign data
        // Creates NAEPrivateKey object
        NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
        // Initializes the signature object for signing
        sig.initSign(privKey);
        sig.update(dataForSignature.getBytes());
        byte[] signature = sig.sign();
        System.out.println("ECCKey Sign Operation: SUCCESS");
        // Creates a signature object for signVerify operation
        Signature sigVer = Signature.getInstance(signAlgo, "IngrianProvider");
        // Verify signature
        // Get NAEPublicKey
        NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
        // Initializes Signature object for signature verification
        sigVer.initVerify(pubKey);
        sigVer.update(dataForSignature.getBytes());
        if (!sigVer.verify(signature)) {
            System.out.println("Signature Verification: FAILED");
        } else {
            System.out.println("Signature Verification: SUCCESS");
        }
    } catch (Exception e) {
        e.printStackTrace();
        throw e;
    } finally {
        if (session != null)
            // Close NAESession
            session.closeSession();
    }
}
Also used : NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) Signature(java.security.Signature) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) NAESession(com.ingrian.security.nae.NAESession) IngrianProvider(com.ingrian.security.nae.IngrianProvider) IngrianProvider(com.ingrian.security.nae.IngrianProvider) Provider(java.security.Provider)

Example 15 with NAEPrivateKey

use of com.ingrian.security.nae.NAEPrivateKey in project CipherTrust_Application_Protection by thalescpl-io.

the class KMIPCertLocateSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 3) {
        usage();
    }
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    KMIPSession session = null;
    try {
        // create NAE Session: pass in NAE Client Certificate clicnt key and keystore password
        session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
        // import the certificate
        NAEParameterSpec spec = new NAEParameterSpec(args[2], 1024, (KMIPAttributes) null, session);
        byte[] c = Hex.decodeHex(certBytes.toCharArray());
        NAECertificate.importCertificate(c, null, spec);
        // This set holds the managed object unique identifiers (UIDs)
        Set<String> managedObjectIdentifiers;
        // Locate managed objects with ObjectType Certificate and crypto length = 2048
        // and Issuer Distinguished Name = "CN=KMIP,OU=OASIS,O=TEST,C=US"
        // by adding the KMIPAttribute name and the value to a KMIPAttributes
        // object
        KMIPAttributes queryAttributes = new KMIPAttributes();
        queryAttributes.add(KMIPAttribute.CryptographicLength, 2048);
        queryAttributes.add(KMIPAttribute.ObjectType, ObjectType.ObjectTypes.Certificate);
        // Have the session locate the keys matching the queryAttributes:
        managedObjectIdentifiers = session.locate(queryAttributes);
        System.out.println("Managed objects with attributes rsa, 2048:");
        for (String uid : managedObjectIdentifiers) {
            System.out.println("Managed object Unique Identifier: " + uid);
            // get the objects as Java client NAEKeys or KMIPSecretData objects
            // (Note: Secret Data doesn't have KMIP attributes of
            // algorithm or length, and will not be found by this query,
            // but is included here for completeness.
            Object managedObject = session.getManagedObject(uid);
            if (managedObject instanceof KMIPTemplate)
                break;
            if (managedObject instanceof NAEPublicKey)
                System.out.println(((NAEPublicKey) managedObject).getName());
            else if (managedObject instanceof NAEPrivateKey)
                System.out.println(((NAEPrivateKey) managedObject).getName());
            else if (managedObject instanceof NAESecretKey)
                System.out.println(((NAESecretKey) managedObject).getName());
            else if (managedObject instanceof KMIPSecretData) {
                System.out.println(((KMIPSecretData) managedObject).getName());
            } else if (managedObject instanceof NAECertificate) {
                System.out.println("Object is a certificate");
                System.out.println(((NAECertificate) managedObject).getName());
            }
        }
    } catch (Exception e) {
        System.out.println("The Cause is " + e.getMessage() + ".");
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}
Also used : NAEParameterSpec(com.ingrian.security.nae.NAEParameterSpec) KMIPAttributes(com.ingrian.security.nae.KMIPAttributes) NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAESecretKey(com.ingrian.security.nae.NAESecretKey) NAECertificate(com.ingrian.security.nae.NAECertificate) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) KMIPSecretData(com.ingrian.security.nae.KMIPSecretData) NAEClientCertificate(com.ingrian.security.nae.NAEClientCertificate) IngrianProvider(com.ingrian.security.nae.IngrianProvider) KMIPSession(com.ingrian.security.nae.KMIPSession) KMIPTemplate(com.ingrian.security.nae.KMIPTemplate)

Aggregations

NAEPrivateKey (com.ingrian.security.nae.NAEPrivateKey)18 NAEPublicKey (com.ingrian.security.nae.NAEPublicKey)18 IngrianProvider (com.ingrian.security.nae.IngrianProvider)17 KMIPSession (com.ingrian.security.nae.KMIPSession)9 NAEClientCertificate (com.ingrian.security.nae.NAEClientCertificate)9 NAESession (com.ingrian.security.nae.NAESession)9 KMIPAttributes (com.ingrian.security.nae.KMIPAttributes)8 NAEKey (com.ingrian.security.nae.NAEKey)7 Provider (java.security.Provider)7 KMIPSecretData (com.ingrian.security.nae.KMIPSecretData)6 NAEException (com.ingrian.security.nae.NAEException)6 NAEParameterSpec (com.ingrian.security.nae.NAEParameterSpec)5 NAESecretKey (com.ingrian.security.nae.NAESecretKey)5 KeyPair (java.security.KeyPair)5 PrivateKey (java.security.PrivateKey)5 PublicKey (java.security.PublicKey)4 KeyPairGenerator (java.security.KeyPairGenerator)3 Signature (java.security.Signature)3 NAECertificate (com.ingrian.security.nae.NAECertificate)2 NAEPermission (com.ingrian.security.nae.NAEPermission)2