Search in sources :

Example 1 with NAEPublicKey

use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.

the class RSAEncryptionSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 3) {
        System.err.println("Usage: java RSAEncryptionSample user password keyname");
        System.exit(-1);
    }
    String username = args[0];
    String password = args[1];
    String keyName = args[2];
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    // get the list of all registered JCE providers
    Provider[] providers = Security.getProviders();
    for (Provider provider : providers) {
        System.out.println(provider.getInfo());
    }
    String dataToEncrypt = "dataToEncrypt";
    System.out.println("Data to encrypt \"" + dataToEncrypt + "\"");
    NAESession session = null;
    try {
        // create NAE Session: pass in NAE user name and password
        session = NAESession.getSession(username, password.toCharArray());
        // get RSA public key to encrypt data
        // (just a key handle , key data does not leave the Key Manager)
        NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
        // get a cipher
        Cipher encryptCipher = Cipher.getInstance("RSA", "IngrianProvider");
        // initialize cipher to encrypt.
        encryptCipher.init(Cipher.ENCRYPT_MODE, pubKey);
        // encrypt data
        byte[] outbuf = encryptCipher.doFinal(dataToEncrypt.getBytes());
        // get private key to decrypt data
        // (just a key handle , key data does not leave the Key Manager)
        NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
        // get a cipher for decryption
        Cipher decryptCipher = Cipher.getInstance("RSA", "IngrianProvider");
        // to decrypt data, initialize cipher to decrypt
        decryptCipher.init(Cipher.DECRYPT_MODE, privKey);
        // decrypt data
        byte[] newbuf = decryptCipher.doFinal(outbuf);
        System.out.println("Decrypted data  \"" + new String(newbuf) + "\"");
    } catch (Exception e) {
        e.printStackTrace();
        throw e;
    } finally {
        if (session != null) {
            // Close NAESession
            session.closeSession();
        }
    }
}
Also used : NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) Cipher(javax.crypto.Cipher) NAESession(com.ingrian.security.nae.NAESession) IngrianProvider(com.ingrian.security.nae.IngrianProvider) IngrianProvider(com.ingrian.security.nae.IngrianProvider) Provider(java.security.Provider)

Example 2 with NAEPublicKey

use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.

the class SignSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 3 && args.length != 4) {
        System.err.println("Usage: java SignSample user password keyname saltlength(optional)");
        System.exit(-1);
    }
    String username = args[0];
    String password = args[1];
    String keyName = args[2];
    PSSParameterSpec pssParameterSpec = null;
    // Get PSSParameterSpec passing the saltlenth, if provided
    if (args.length > 3)
        pssParameterSpec = new PSSParameterSpec(Integer.parseInt(args[3]));
    // data to sign
    byte[] data = "dataToSign".getBytes();
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    // get the list of all registered JCE providers
    Provider[] providers = Security.getProviders();
    for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
    NAESession session = null;
    try {
        // create NAE Session: pass in Key Manager user name and password
        session = NAESession.getSession(username, password.toCharArray());
        // Create Signature object
        Signature sig = Signature.getInstance("SHA256withRSAPSSPadding", "IngrianProvider");
        // Sign data
        // Get private key
        NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
        // Set the PSSParameterSpec in the Signature Object if saltlength is provided
        if (pssParameterSpec != null)
            sig.setParameter(pssParameterSpec);
        // Initialize Signature object for signing
        sig.initSign(privKey);
        sig.update(data);
        byte[] signature = sig.sign();
        // Verify signature
        // Get public key
        NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
        // Set the PSSParameterSpec in the Signature Object if saltlength is provided
        if (pssParameterSpec != null)
            sig.setParameter(pssParameterSpec);
        // Initialize Signature object for signature verification
        sig.initVerify(pubKey);
        sig.update(data);
        if (sig.verify(signature))
            System.out.println("Signature verified.");
        else
            System.out.println("Signature verification failed.");
    } catch (Exception e) {
        e.printStackTrace();
        throw e;
    } finally {
        if (session != null)
            // Close NAESession
            session.closeSession();
    }
}
Also used : NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) PSSParameterSpec(java.security.spec.PSSParameterSpec) Signature(java.security.Signature) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) NAESession(com.ingrian.security.nae.NAESession) IngrianProvider(com.ingrian.security.nae.IngrianProvider) IngrianProvider(com.ingrian.security.nae.IngrianProvider) Provider(java.security.Provider)

Example 3 with NAEPublicKey

use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.

the class KMIPGetDateRangeSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 4) {
        usage();
    }
    // set the dates
    start = Calendar.getInstance();
    end = Calendar.getInstance();
    try {
        start.setTime((Date) inputDateFormat.parse(args[2]));
        end.setTime((Date) inputDateFormat.parse(args[3]));
        ;
    } catch (ParseException pe) {
        System.err.println("Problem parsing date argument");
        System.err.println(pe.getMessage());
        usage();
    }
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    KMIPSession session = null;
    try {
        // Create session to KMIP port based on authentication by an NAEClientCertificate
        session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
        // KMIPAttribute set to hold unique Key Manager identifiers for located keys
        Set<String> managedObjectIdentifiers;
        // This instance of KMIPAttributes will be used as the KMIP attributes and
        // values to be searched for. Note that the date range is indicated by
        // addding two InitialDate attributes to the locateAttributes
        KMIPAttributes locateAttributes = new KMIPAttributes();
        locateAttributes.add(KMIPAttribute.CryptographicAlgorithm, Algorithm.rsa);
        locateAttributes.add(KMIPAttribute.InitialDate, 0, start);
        locateAttributes.add(KMIPAttribute.InitialDate, 1, end);
        // This instance of KMIPAttributes will specify the set of KMIP attributes
        // to be returned from the Key Manager
        KMIPAttributes getAttributes = new KMIPAttributes();
        getAttributes.add(KMIPAttribute.ApplicationSpecificInformation);
        // implied null value
        getAttributes.add(KMIPAttribute.CryptographicAlgorithm);
        getAttributes.add(KMIPAttribute.CryptographicLength);
        getAttributes.add(KMIPAttribute.ObjectType);
        getAttributes.add(KMIPAttribute.ContactInformation);
        getAttributes.add(KMIPAttribute.Digest);
        getAttributes.add(KMIPAttribute.InitialDate);
        getAttributes.add(KMIPAttribute.Link);
        getAttributes.add(KMIPAttribute.ObjectGroup);
        // Locate the keys with matching attributes
        managedObjectIdentifiers = session.locate(locateAttributes);
        if (managedObjectIdentifiers != null) {
            System.out.println("\n\nFound " + managedObjectIdentifiers.size() + " managed objects matching key Locate criteria.");
            System.out.println("\n\nKeys with attribute rsa and initial date between " + outputDateFormat.format(start.getTime()) + " and " + outputDateFormat.format(end.getTime()));
            // for each object found, query all the non-custom attributes
            for (String uid : managedObjectIdentifiers) {
                System.out.println("\n\nManaged Object UniqueIdentifier: \t" + uid);
                Object managedObject = session.getManagedObject(uid);
                // not a key
                if (managedObject == null)
                    continue;
                if ((managedObject instanceof NAEPublicKey) || (managedObject instanceof NAEPrivateKey) || (managedObject instanceof NAESecretKey)) {
                    NAEKey key;
                    if (managedObject instanceof NAEPublicKey)
                        key = (NAEPublicKey) managedObject;
                    else if (managedObject instanceof NAEPrivateKey)
                        key = (NAEPrivateKey) managedObject;
                    else
                        key = (NAESecretKey) managedObject;
                    System.out.println("\tName: \t" + key.getName());
                    KMIPAttributes returnedAttributes = getAttrs(key, getAttributes);
                    printKeyInfo(returnedAttributes);
                } else if (managedObject instanceof KMIPSecretData) {
                    System.out.println(((KMIPSecretData) managedObject).getName());
                }
            }
        }
    } catch (Exception e) {
        System.out.println("The Cause is " + e.getMessage() + ".");
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}
Also used : KMIPAttributes(com.ingrian.security.nae.KMIPAttributes) NAEKey(com.ingrian.security.nae.NAEKey) NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAESecretKey(com.ingrian.security.nae.NAESecretKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) KMIPSecretData(com.ingrian.security.nae.KMIPSecretData) NAEClientCertificate(com.ingrian.security.nae.NAEClientCertificate) NAEException(com.ingrian.security.nae.NAEException) ParseException(java.text.ParseException) IngrianProvider(com.ingrian.security.nae.IngrianProvider) KMIPSession(com.ingrian.security.nae.KMIPSession) ParseException(java.text.ParseException)

Example 4 with NAEPublicKey

use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.

the class KMIPDeleteAttributeSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 2) {
        usage();
    }
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    KMIPSession session = null;
    try {
        // create NAE Session: pass in NAE client certificate information - client key and
        // keystore password
        session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
        /* This Set<String> collection will hold the unique identifiers of the keys
             * matching the criteria (algorithm = RSA, length=2048
             */
        Set<String> managedObjectIdentifiers;
        /* this KMIPAttributes object will contain the KMIPAttribute(s) and the
             * values to match for the keys being searched for on the server
             * 
             */
        KMIPAttributes locateAttributes = new KMIPAttributes();
        // add CryptographicAlgorithm and length to the attributes to be matched
        locateAttributes.add(KMIPAttribute.CryptographicAlgorithm, Algorithm.rsa);
        locateAttributes.add(KMIPAttribute.CryptographicLength, 2048);
        /* Add a custom KMIP integer attribute at index 0 with the value 1 */
        locateAttributes.add("x-int1", 0, 1);
        /* this is also the sole attribute to be deleted. */
        KMIPAttributes deleteAttributes = new KMIPAttributes();
        deleteAttributes.add("x-int1", 0, 1);
        /* Locate all RSA keys with a length of 2048 and x-int1 = 1 */
        managedObjectIdentifiers = session.locate(locateAttributes);
        if (managedObjectIdentifiers != null) {
            System.out.println("\n\nFound " + managedObjectIdentifiers.size() + " managed objects matching criteria.");
            System.out.println("\n\nKeys with attributes rsa, 2048 and custom attribute x-int=1");
            for (String uid : managedObjectIdentifiers) {
                System.out.println("\n\nManaged Object UniqueIdentifier: \t" + uid);
                Object thingee = session.getManagedObject(uid);
                /* Convert each key into the proper type of object
                     * representing the managed key */
                if ((thingee instanceof NAEPublicKey) || (thingee instanceof NAEPrivateKey) || (thingee instanceof NAESecretKey)) {
                    NAEKey key;
                    if (thingee instanceof NAEPublicKey)
                        key = (NAEPublicKey) thingee;
                    else if (thingee instanceof NAEPrivateKey)
                        key = (NAEPrivateKey) thingee;
                    else
                        key = (NAESecretKey) thingee;
                    System.out.println("\tName: \t" + key.getName());
                    /* delete the x-int1 attribute */
                    key.deleteKMIPAttributes(deleteAttributes);
                }
            }
        }
    } catch (Exception e) {
        System.out.println("The Cause is " + e.getMessage() + ".");
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}
Also used : KMIPAttributes(com.ingrian.security.nae.KMIPAttributes) NAEKey(com.ingrian.security.nae.NAEKey) NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAESecretKey(com.ingrian.security.nae.NAESecretKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) NAEClientCertificate(com.ingrian.security.nae.NAEClientCertificate) IngrianProvider(com.ingrian.security.nae.IngrianProvider) KMIPSession(com.ingrian.security.nae.KMIPSession)

Example 5 with NAEPublicKey

use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.

the class KMIPGetCustomAttribute method main.

public static void main(String[] args) throws Exception {
    if (args.length != 4) {
        usage();
    }
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    KMIPSession session = null;
    try {
        // Create session to KMIP port based on authentication by an
        // NAEClientCertificate
        session = KMIPSession.getSession(new NAEClientCertificate(args[0], args[1].toCharArray()));
        // KMIPAttribute set to hold unique Key Manager identifiers for
        // located keys
        Set<String> managedObjectIdentifiers;
        // This instance of KMIPAttributes will be used as the KMIP
        // attributes and
        // values to be searched for
        KMIPAttributes locateAttributes = new KMIPAttributes();
        locateAttributes.add(KMIPAttribute.CryptographicAlgorithm, Algorithm.rsa);
        locateAttributes.add(KMIPAttribute.CryptographicLength, 2048);
        // This instance of KMIPAttributes will specify the set of KMIP
        // attributes
        // to be returned from the Key Manager
        // KMIPAttributes addAttributes = new KMIPAttributes();
        // addAttributes.add("x-String", 1, "Hello");
        KMIPAttributes getAttributes = new KMIPAttributes();
        getAttributes.add(KMIPAttribute.ApplicationSpecificInformation);
        // implied
        getAttributes.add(KMIPAttribute.CryptographicAlgorithm);
        // null
        // value
        getAttributes.add(KMIPAttribute.CryptographicLength);
        getAttributes.add(KMIPAttribute.ObjectType);
        getAttributes.add(KMIPAttribute.ContactInformation);
        getAttributes.add(KMIPAttribute.Digest);
        getAttributes.add(KMIPAttribute.InitialDate);
        getAttributes.add(KMIPAttribute.Link);
        getAttributes.add(KMIPAttribute.ObjectGroup);
        String custattrib = args[3];
        if (custattrib.contains("#")) {
            String[] attrs = custattrib.split("#");
            for (String atr : attrs) {
                getAttributes.add(atr);
            }
        } else {
            getAttributes.add(custattrib);
        }
        // Locate the keys with matching attributes
        managedObjectIdentifiers = session.locate(locateAttributes);
        if (managedObjectIdentifiers != null) {
            // for each object found, query all the non-custom attributes
            for (String uid : managedObjectIdentifiers) {
                Object serverManagedObject = session.getManagedObject(uid);
                if (serverManagedObject == null)
                    // not a key
                    continue;
                if (isKey(serverManagedObject)) {
                    // NAEKey is the superclass of public/private and secret
                    // keys
                    NAEKey key;
                    if (serverManagedObject instanceof NAEPublicKey)
                        key = (NAEPublicKey) serverManagedObject;
                    else if (serverManagedObject instanceof NAEPrivateKey)
                        key = (NAEPrivateKey) serverManagedObject;
                    else
                        key = (NAESecretKey) serverManagedObject;
                    locateAttributes.getAttributes();
                    // retrieve and print the key's attributes
                    if (key.getName().equals(args[2])) {
                        // key.addKMIPAttributes(addAttributes);
                        System.out.println("\tName: \t" + key.getName());
                        KMIPAttributes returnedAttributes = getAttrs(key, getAttributes);
                        // printKeyInfo(returnedAttributes);
                        printCustomAttribute(returnedAttributes);
                    }
                } else if (serverManagedObject instanceof KMIPSecretData) {
                    // KMIPSecretData managed objects do not inherit from
                    // NAEKey
                    // coerce to a KMIPSecretData and print the name of the
                    // object
                    System.out.println(((KMIPSecretData) serverManagedObject).getName());
                }
            }
        }
    } catch (Exception e) {
        System.out.println("The Cause is " + e.getMessage() + ".");
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}
Also used : KMIPAttributes(com.ingrian.security.nae.KMIPAttributes) NAEKey(com.ingrian.security.nae.NAEKey) NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) KMIPSecretData(com.ingrian.security.nae.KMIPSecretData) NAEClientCertificate(com.ingrian.security.nae.NAEClientCertificate) NAEException(com.ingrian.security.nae.NAEException) IngrianProvider(com.ingrian.security.nae.IngrianProvider) KMIPSession(com.ingrian.security.nae.KMIPSession)

Aggregations

NAEPublicKey (com.ingrian.security.nae.NAEPublicKey)19 NAEPrivateKey (com.ingrian.security.nae.NAEPrivateKey)18 IngrianProvider (com.ingrian.security.nae.IngrianProvider)17 NAESession (com.ingrian.security.nae.NAESession)10 KMIPSession (com.ingrian.security.nae.KMIPSession)9 NAEClientCertificate (com.ingrian.security.nae.NAEClientCertificate)9 KMIPAttributes (com.ingrian.security.nae.KMIPAttributes)8 NAEKey (com.ingrian.security.nae.NAEKey)7 Provider (java.security.Provider)7 KMIPSecretData (com.ingrian.security.nae.KMIPSecretData)6 NAEException (com.ingrian.security.nae.NAEException)6 NAEParameterSpec (com.ingrian.security.nae.NAEParameterSpec)6 NAESecretKey (com.ingrian.security.nae.NAESecretKey)6 KeyPair (java.security.KeyPair)5 PrivateKey (java.security.PrivateKey)5 PublicKey (java.security.PublicKey)4 KeyPairGenerator (java.security.KeyPairGenerator)3 Signature (java.security.Signature)3 Cipher (javax.crypto.Cipher)3 NAECertificate (com.ingrian.security.nae.NAECertificate)2