use of com.ingrian.security.nae.NAEPrivateKey in project CipherTrust_Application_Protection by thalescpl-io.
the class SelfSignedCertificateUtility method main.
public static void main(String[] args) {
String userName = null;
String password = null;
String file = null;
String key = null;
String certPass = null;
for (int i = 0; i < args.length; i++) {
if ("-user".equals(args[i]))
userName = args[i + 1].trim();
else if ("-password".equals(args[i]))
password = args[i + 1].trim();
else if ("-key".equals(args[i]))
key = args[i + 1].trim();
else if ("-file".equals(args[i]))
file = args[i + 1].trim();
else if ("-certPass".equals(args[i]))
certPass = args[i + 1].trim();
}
if (key == null || file == null)
usage();
try {
Map<String, String> certificateProperties = readPropertiesFrom(file);
if (certPass != null)
certificateProperties.put("CertPassword", certPass);
validateProperties(certificateProperties);
NAESession session = null;
PrivateKey privateKey = null;
PublicKey publicKey = null;
try {
if (userName != null && password != null)
session = NAESession.getSession(userName, password.toCharArray());
NAEPrivateKey private1 = NAEKey.getPrivateKey(key, session);
NAEPublicKey public1 = NAEKey.getPublicKey(key, session);
privateKey = getPrivateKey(private1, certificateProperties.get("Algorithm"));
publicKey = getPublicKey(public1, certificateProperties.get("Algorithm"));
} finally {
if (session != null)
session.closeSession();
}
X509Certificate cert = generateCertificate(publicKey, privateKey, certificateProperties);
storeCertificateInPFX(privateKey, cert, certificateProperties);
System.out.println("certificate is stored successfully at " + certificateProperties.get("Destination"));
} catch (Exception e) {
e.printStackTrace();
}
}
use of com.ingrian.security.nae.NAEPrivateKey in project CipherTrust_Application_Protection by thalescpl-io.
the class CMSSignSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 4) {
System.err.println("Usage: java CMSSignSample user password keyname caName");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
String caName = args[3];
// data to sign
byte[] data = "dataToSign".getBytes();
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
// get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
NAESession session = null;
try {
// create NAE Session: pass in Key Manager user name and password
session = NAESession.getSession(username, password.toCharArray());
// Create Signature object
Signature sig = Signature.getInstance("SHA1withRSA", "IngrianProvider");
SignVerifySpec signVerifySpec = new SignVerifySpec(new Format("cms/detached/smime/enveloped"), new CertList(caName));
sig.setParameter((AlgorithmParameterSpec) signVerifySpec);
// Sign data
// Get private key
NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
// Initialize Signature object for signing
sig.initSign(privKey);
sig.update(data);
byte[] signature = sig.sign();
// Verify signature
// Get public key
NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
// Initialize Signature object for signature verification
sig.initVerify(pubKey);
sig.update(data);
if (sig.verify(signature))
System.out.println("Signature verified.");
else
System.out.println("Signature verification failed.");
// close NAE session
session.closeSession();
} catch (Exception e) {
e.printStackTrace();
} finally {
if (session != null)
session.closeSession();
}
}
use of com.ingrian.security.nae.NAEPrivateKey in project CipherTrust_Application_Protection by thalescpl-io.
the class FileEncryptionDecryptionSampleUsingRSA method main.
public static void main(String[] args) throws Exception {
if (args.length != 6) {
System.err.println("Usage: java FileEncryptionDecryptionSampleUsingRSA userName password asymKeyName fileToEncrypt encryptedFile decryptedFile");
System.exit(-1);
}
String userName = args[0];
String password = args[1];
String asymKeyName = args[2];
String fileToEncrypt = args[3];
String encryptedFile = args[4];
String decryptedFile = args[5];
// Add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
NAESession session = null;
try {
// Creates NAE Session and pass in NAE userName and password
session = NAESession.getSession(userName, password.toCharArray());
// Creates NAEPublicKey object
NAEPublicKey asymPubKey = NAEKey.getPublicKey(asymKeyName, session);
// Get NAESecureRandom object
NAESecureRandom rng = new NAESecureRandom(session);
performEncryption(fileToEncrypt, encryptedFile, asymPubKey, rng);
// Creates NAEPrivateKey object
NAEPrivateKey asymPrivKey = NAEKey.getPrivateKey(asymKeyName, session);
performDecryption(encryptedFile, decryptedFile, asymPrivKey);
} catch (Exception e) {
System.err.println("The Cause is " + e.getMessage() + ".");
throw e;
} finally {
if (session != null) {
// Close NAESession
session.closeSession();
}
}
}
use of com.ingrian.security.nae.NAEPrivateKey in project CipherTrust_Application_Protection by thalescpl-io.
the class ECCSignSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 3) {
System.err.println("Usage: java ECCSignSample user password keyname");
System.exit(-1);
}
String userName = args[0];
String password = args[1];
String keyName = args[2];
// Add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
// Get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
// Data to sign
String dataForSignature = "testdata for ECC Sign Test";
String signAlgo = "SHA256withECDSA";
NAESession session = null;
try {
// Creates NAESession: pass in NAE user and password
session = NAESession.getSession(userName, password.toCharArray());
// Creates a signature object for sign operation
Signature sig = Signature.getInstance(signAlgo, "IngrianProvider");
// Sign data
// Creates NAEPrivateKey object
NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
// Initializes the signature object for signing
sig.initSign(privKey);
sig.update(dataForSignature.getBytes());
byte[] signature = sig.sign();
System.out.println("ECCKey Sign Operation: SUCCESS");
// Creates a signature object for signVerify operation
Signature sigVer = Signature.getInstance(signAlgo, "IngrianProvider");
// Verify signature
// Get NAEPublicKey
NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
// Initializes Signature object for signature verification
sigVer.initVerify(pubKey);
sigVer.update(dataForSignature.getBytes());
if (!sigVer.verify(signature)) {
System.out.println("Signature Verification: FAILED");
} else {
System.out.println("Signature Verification: SUCCESS");
}
} catch (Exception e) {
e.printStackTrace();
throw e;
} finally {
if (session != null)
// Close NAESession
session.closeSession();
}
}
use of com.ingrian.security.nae.NAEPrivateKey in project CipherTrust_Application_Protection by thalescpl-io.
the class KMIPCertLocateSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 3) {
usage();
}
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
KMIPSession session = null;
try {
// create NAE Session: pass in NAE Client Certificate clicnt key and keystore password
session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
// import the certificate
NAEParameterSpec spec = new NAEParameterSpec(args[2], 1024, (KMIPAttributes) null, session);
byte[] c = Hex.decodeHex(certBytes.toCharArray());
NAECertificate.importCertificate(c, null, spec);
// This set holds the managed object unique identifiers (UIDs)
Set<String> managedObjectIdentifiers;
// Locate managed objects with ObjectType Certificate and crypto length = 2048
// and Issuer Distinguished Name = "CN=KMIP,OU=OASIS,O=TEST,C=US"
// by adding the KMIPAttribute name and the value to a KMIPAttributes
// object
KMIPAttributes queryAttributes = new KMIPAttributes();
queryAttributes.add(KMIPAttribute.CryptographicLength, 2048);
queryAttributes.add(KMIPAttribute.ObjectType, ObjectType.ObjectTypes.Certificate);
// Have the session locate the keys matching the queryAttributes:
managedObjectIdentifiers = session.locate(queryAttributes);
System.out.println("Managed objects with attributes rsa, 2048:");
for (String uid : managedObjectIdentifiers) {
System.out.println("Managed object Unique Identifier: " + uid);
// get the objects as Java client NAEKeys or KMIPSecretData objects
// (Note: Secret Data doesn't have KMIP attributes of
// algorithm or length, and will not be found by this query,
// but is included here for completeness.
Object managedObject = session.getManagedObject(uid);
if (managedObject instanceof KMIPTemplate)
break;
if (managedObject instanceof NAEPublicKey)
System.out.println(((NAEPublicKey) managedObject).getName());
else if (managedObject instanceof NAEPrivateKey)
System.out.println(((NAEPrivateKey) managedObject).getName());
else if (managedObject instanceof NAESecretKey)
System.out.println(((NAESecretKey) managedObject).getName());
else if (managedObject instanceof KMIPSecretData) {
System.out.println(((KMIPSecretData) managedObject).getName());
} else if (managedObject instanceof NAECertificate) {
System.out.println("Object is a certificate");
System.out.println(((NAECertificate) managedObject).getName());
}
}
} catch (Exception e) {
System.out.println("The Cause is " + e.getMessage() + ".");
e.printStackTrace();
} finally {
if (session != null)
session.closeSession();
}
}
Aggregations