Search in sources :

Example 11 with NAEPublicKey

use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.

the class ByokSample method wrapKeyFromKS.

private static byte[] wrapKeyFromKS(String username, String password, String aesKeyName, String wrappingKeyName, String wrappingAlgo, byte[] publicKey, String cloudName, String hash256Path) throws Exception {
    String pemString = null;
    if (publicKey != null) {
        PemObject pemObject = new PemObject("RSA PUBLIC KEY", publicKey);
        StringWriter stringWriter = new StringWriter();
        PemWriter pemWriter = new PemWriter(stringWriter);
        pemWriter.writeObject(pemObject);
        pemWriter.close();
        pemString = stringWriter.toString();
    }
    NAESession session = null;
    try {
        // create nae session
        session = NAESession.getSession(username, password.toCharArray());
        NAESecretKey secretKey = NAEKey.getSecretKey(aesKeyName, session);
        if (isKeyNameValid(secretKey))
            validateKeySize(secretKey, 256);
        else {
            createAES256Key(aesKeyName, session);
            secretKey = NAEKey.getSecretKey(aesKeyName, session);
        }
        // Need not import if publicKey is null
        if (publicKey != null) {
            // key import spec
            NAEParameterSpec rsaParamSpec = new NAEParameterSpec(wrappingKeyName, true, true, session, null);
            // import the rsa public key
            NAEPublicKey.importKey(pemString.getBytes("UTF-8"), "RSA", rsaParamSpec);
        }
        // get key handle to the imported RSA key
        NAEPublicKey pubRSAKey = NAEKey.getPublicKey(wrappingKeyName, session);
        // spec for key to be wrapped
        NAEParameterSpec aesSpec = new NAEParameterSpec(aesKeyName, true, true, 256, session);
        // setting padding format to wrap a key
        aesSpec.setWrapPaddingFormat("PKCS1.5".equals(wrappingAlgo.toUpperCase()) ? WrapFormatPadding.DEFAULT : WrapFormatPadding.valueOf(wrappingAlgo.toUpperCase()));
        // Init a JCE Cipher in WRAP_MODE to do the key wrapping.
        Cipher cipher = Cipher.getInstance("RSA", "IngrianProvider");
        cipher.init(Cipher.WRAP_MODE, pubRSAKey, aesSpec);
        byte[] wrappedByte = cipher.wrap(secretKey);
        // write hash
        if (cloudName.equalsIgnoreCase("salesforce")) {
            writeHashToTheFile(cloudName, secretKey.getKeyData(), hash256Path);
        }
        return wrappedByte;
    } finally {
        if (session != null)
            session.closeSession();
    }
}
Also used : PemObject(org.bouncycastle.util.io.pem.PemObject) NAEParameterSpec(com.ingrian.security.nae.NAEParameterSpec) StringWriter(java.io.StringWriter) PemWriter(org.bouncycastle.util.io.pem.PemWriter) NAESecretKey(com.ingrian.security.nae.NAESecretKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) Cipher(javax.crypto.Cipher) NAESession(com.ingrian.security.nae.NAESession)

Example 12 with NAEPublicKey

use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.

the class SelfSignedCertificateUtility method main.

public static void main(String[] args) {
    String userName = null;
    String password = null;
    String file = null;
    String key = null;
    String certPass = null;
    for (int i = 0; i < args.length; i++) {
        if ("-user".equals(args[i]))
            userName = args[i + 1].trim();
        else if ("-password".equals(args[i]))
            password = args[i + 1].trim();
        else if ("-key".equals(args[i]))
            key = args[i + 1].trim();
        else if ("-file".equals(args[i]))
            file = args[i + 1].trim();
        else if ("-certPass".equals(args[i]))
            certPass = args[i + 1].trim();
    }
    if (key == null || file == null)
        usage();
    try {
        Map<String, String> certificateProperties = readPropertiesFrom(file);
        if (certPass != null)
            certificateProperties.put("CertPassword", certPass);
        validateProperties(certificateProperties);
        NAESession session = null;
        PrivateKey privateKey = null;
        PublicKey publicKey = null;
        try {
            if (userName != null && password != null)
                session = NAESession.getSession(userName, password.toCharArray());
            NAEPrivateKey private1 = NAEKey.getPrivateKey(key, session);
            NAEPublicKey public1 = NAEKey.getPublicKey(key, session);
            privateKey = getPrivateKey(private1, certificateProperties.get("Algorithm"));
            publicKey = getPublicKey(public1, certificateProperties.get("Algorithm"));
        } finally {
            if (session != null)
                session.closeSession();
        }
        X509Certificate cert = generateCertificate(publicKey, privateKey, certificateProperties);
        storeCertificateInPFX(privateKey, cert, certificateProperties);
        System.out.println("certificate is stored successfully at " + certificateProperties.get("Destination"));
    } catch (Exception e) {
        e.printStackTrace();
    }
}
Also used : NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) PrivateKey(java.security.PrivateKey) NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) PublicKey(java.security.PublicKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) NAESession(com.ingrian.security.nae.NAESession) X509Certificate(java.security.cert.X509Certificate) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) NAEException(com.ingrian.security.nae.NAEException) IOException(java.io.IOException)

Example 13 with NAEPublicKey

use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.

the class CMSSignSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 4) {
        System.err.println("Usage: java CMSSignSample user password keyname caName");
        System.exit(-1);
    }
    String username = args[0];
    String password = args[1];
    String keyName = args[2];
    String caName = args[3];
    // data to sign
    byte[] data = "dataToSign".getBytes();
    // add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    // get the list of all registered JCE providers
    Provider[] providers = Security.getProviders();
    for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
    NAESession session = null;
    try {
        // create NAE Session: pass in Key Manager user name and password
        session = NAESession.getSession(username, password.toCharArray());
        // Create Signature object
        Signature sig = Signature.getInstance("SHA1withRSA", "IngrianProvider");
        SignVerifySpec signVerifySpec = new SignVerifySpec(new Format("cms/detached/smime/enveloped"), new CertList(caName));
        sig.setParameter((AlgorithmParameterSpec) signVerifySpec);
        // Sign data
        // Get private key
        NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
        // Initialize Signature object for signing
        sig.initSign(privKey);
        sig.update(data);
        byte[] signature = sig.sign();
        // Verify signature
        // Get public key
        NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
        // Initialize Signature object for signature verification
        sig.initVerify(pubKey);
        sig.update(data);
        if (sig.verify(signature))
            System.out.println("Signature verified.");
        else
            System.out.println("Signature verification failed.");
        // close NAE session
        session.closeSession();
    } catch (Exception e) {
        e.printStackTrace();
    } finally {
        if (session != null)
            session.closeSession();
    }
}
Also used : NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) IngrianProvider(com.ingrian.security.nae.IngrianProvider) IngrianProvider(com.ingrian.security.nae.IngrianProvider) Provider(java.security.Provider) CertList(com.ingrian.security.nae.CertList) SignVerifySpec(com.ingrian.security.nae.SignVerifySpec) Format(com.ingrian.security.nae.Format) Signature(java.security.Signature) NAESession(com.ingrian.security.nae.NAESession)

Example 14 with NAEPublicKey

use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.

the class FileEncryptionDecryptionSampleUsingRSA method main.

public static void main(String[] args) throws Exception {
    if (args.length != 6) {
        System.err.println("Usage: java FileEncryptionDecryptionSampleUsingRSA userName password asymKeyName fileToEncrypt encryptedFile decryptedFile");
        System.exit(-1);
    }
    String userName = args[0];
    String password = args[1];
    String asymKeyName = args[2];
    String fileToEncrypt = args[3];
    String encryptedFile = args[4];
    String decryptedFile = args[5];
    // Add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    NAESession session = null;
    try {
        // Creates NAE Session and pass in NAE userName and password
        session = NAESession.getSession(userName, password.toCharArray());
        // Creates NAEPublicKey object
        NAEPublicKey asymPubKey = NAEKey.getPublicKey(asymKeyName, session);
        // Get NAESecureRandom object
        NAESecureRandom rng = new NAESecureRandom(session);
        performEncryption(fileToEncrypt, encryptedFile, asymPubKey, rng);
        // Creates NAEPrivateKey object
        NAEPrivateKey asymPrivKey = NAEKey.getPrivateKey(asymKeyName, session);
        performDecryption(encryptedFile, decryptedFile, asymPrivKey);
    } catch (Exception e) {
        System.err.println("The Cause is " + e.getMessage() + ".");
        throw e;
    } finally {
        if (session != null) {
            // Close NAESession
            session.closeSession();
        }
    }
}
Also used : NAESecureRandom(com.ingrian.security.nae.NAESecureRandom) NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) NAESession(com.ingrian.security.nae.NAESession) IngrianProvider(com.ingrian.security.nae.IngrianProvider)

Example 15 with NAEPublicKey

use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.

the class ECCSignSample method main.

public static void main(String[] args) throws Exception {
    if (args.length != 3) {
        System.err.println("Usage: java ECCSignSample user password keyname");
        System.exit(-1);
    }
    String userName = args[0];
    String password = args[1];
    String keyName = args[2];
    // Add Ingrian provider to the list of JCE providers
    Security.addProvider(new IngrianProvider());
    // Get the list of all registered JCE providers
    Provider[] providers = Security.getProviders();
    for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
    // Data to sign
    String dataForSignature = "testdata for ECC Sign Test";
    String signAlgo = "SHA256withECDSA";
    NAESession session = null;
    try {
        // Creates NAESession: pass in NAE user and password
        session = NAESession.getSession(userName, password.toCharArray());
        // Creates a signature object for sign operation
        Signature sig = Signature.getInstance(signAlgo, "IngrianProvider");
        // Sign data
        // Creates NAEPrivateKey object
        NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
        // Initializes the signature object for signing
        sig.initSign(privKey);
        sig.update(dataForSignature.getBytes());
        byte[] signature = sig.sign();
        System.out.println("ECCKey Sign Operation: SUCCESS");
        // Creates a signature object for signVerify operation
        Signature sigVer = Signature.getInstance(signAlgo, "IngrianProvider");
        // Verify signature
        // Get NAEPublicKey
        NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
        // Initializes Signature object for signature verification
        sigVer.initVerify(pubKey);
        sigVer.update(dataForSignature.getBytes());
        if (!sigVer.verify(signature)) {
            System.out.println("Signature Verification: FAILED");
        } else {
            System.out.println("Signature Verification: SUCCESS");
        }
    } catch (Exception e) {
        e.printStackTrace();
        throw e;
    } finally {
        if (session != null)
            // Close NAESession
            session.closeSession();
    }
}
Also used : NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey) Signature(java.security.Signature) NAEPublicKey(com.ingrian.security.nae.NAEPublicKey) NAESession(com.ingrian.security.nae.NAESession) IngrianProvider(com.ingrian.security.nae.IngrianProvider) IngrianProvider(com.ingrian.security.nae.IngrianProvider) Provider(java.security.Provider)

Aggregations

NAEPublicKey (com.ingrian.security.nae.NAEPublicKey)19 NAEPrivateKey (com.ingrian.security.nae.NAEPrivateKey)18 IngrianProvider (com.ingrian.security.nae.IngrianProvider)17 NAESession (com.ingrian.security.nae.NAESession)10 KMIPSession (com.ingrian.security.nae.KMIPSession)9 NAEClientCertificate (com.ingrian.security.nae.NAEClientCertificate)9 KMIPAttributes (com.ingrian.security.nae.KMIPAttributes)8 NAEKey (com.ingrian.security.nae.NAEKey)7 Provider (java.security.Provider)7 KMIPSecretData (com.ingrian.security.nae.KMIPSecretData)6 NAEException (com.ingrian.security.nae.NAEException)6 NAEParameterSpec (com.ingrian.security.nae.NAEParameterSpec)6 NAESecretKey (com.ingrian.security.nae.NAESecretKey)6 KeyPair (java.security.KeyPair)5 PrivateKey (java.security.PrivateKey)5 PublicKey (java.security.PublicKey)4 KeyPairGenerator (java.security.KeyPairGenerator)3 Signature (java.security.Signature)3 Cipher (javax.crypto.Cipher)3 NAECertificate (com.ingrian.security.nae.NAECertificate)2