Example 11 with NAEPublicKey
use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.
the class ByokSample method wrapKeyFromKS.
private static byte[] wrapKeyFromKS(String username, String password, String aesKeyName, String wrappingKeyName, String wrappingAlgo, byte[] publicKey, String cloudName, String hash256Path) throws Exception {
String pemString = null;
if (publicKey != null) {
PemObject pemObject = new PemObject("RSA PUBLIC KEY", publicKey);
StringWriter stringWriter = new StringWriter();
PemWriter pemWriter = new PemWriter(stringWriter);
pemWriter.writeObject(pemObject);
pemWriter.close();
pemString = stringWriter.toString();
}
NAESession session = null;
try {
// create nae session
session = NAESession.getSession(username, password.toCharArray());
NAESecretKey secretKey = NAEKey.getSecretKey(aesKeyName, session);
if (isKeyNameValid(secretKey))
validateKeySize(secretKey, 256);
else {
createAES256Key(aesKeyName, session);
secretKey = NAEKey.getSecretKey(aesKeyName, session);
}
// Need not import if publicKey is null
if (publicKey != null) {
// key import spec
NAEParameterSpec rsaParamSpec = new NAEParameterSpec(wrappingKeyName, true, true, session, null);
// import the rsa public key
NAEPublicKey.importKey(pemString.getBytes("UTF-8"), "RSA", rsaParamSpec);
}
// get key handle to the imported RSA key
NAEPublicKey pubRSAKey = NAEKey.getPublicKey(wrappingKeyName, session);
// spec for key to be wrapped
NAEParameterSpec aesSpec = new NAEParameterSpec(aesKeyName, true, true, 256, session);
// setting padding format to wrap a key
aesSpec.setWrapPaddingFormat("PKCS1.5".equals(wrappingAlgo.toUpperCase()) ? WrapFormatPadding.DEFAULT : WrapFormatPadding.valueOf(wrappingAlgo.toUpperCase()));
// Init a JCE Cipher in WRAP_MODE to do the key wrapping.
Cipher cipher = Cipher.getInstance("RSA", "IngrianProvider");
cipher.init(Cipher.WRAP_MODE, pubRSAKey, aesSpec);
byte[] wrappedByte = cipher.wrap(secretKey);
// write hash
if (cloudName.equalsIgnoreCase("salesforce")) {
writeHashToTheFile(cloudName, secretKey.getKeyData(), hash256Path);
}
return wrappedByte;
} finally {
if (session != null)
session.closeSession();
}
}
Also used :
PemObject(org.bouncycastle.util.io.pem.PemObject)
NAEParameterSpec(com.ingrian.security.nae.NAEParameterSpec)
StringWriter(java.io.StringWriter)
PemWriter(org.bouncycastle.util.io.pem.PemWriter)
NAESecretKey(com.ingrian.security.nae.NAESecretKey)
NAEPublicKey(com.ingrian.security.nae.NAEPublicKey)
Cipher(javax.crypto.Cipher)
NAESession(com.ingrian.security.nae.NAESession)
Example 12 with NAEPublicKey
use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.
the class SelfSignedCertificateUtility method main.
public static void main(String[] args) {
String userName = null;
String password = null;
String file = null;
String key = null;
String certPass = null;
for (int i = 0; i < args.length; i++) {
if ("-user".equals(args[i]))
userName = args[i + 1].trim();
else if ("-password".equals(args[i]))
password = args[i + 1].trim();
else if ("-key".equals(args[i]))
key = args[i + 1].trim();
else if ("-file".equals(args[i]))
file = args[i + 1].trim();
else if ("-certPass".equals(args[i]))
certPass = args[i + 1].trim();
}
if (key == null || file == null)
usage();
try {
Map<String, String> certificateProperties = readPropertiesFrom(file);
if (certPass != null)
certificateProperties.put("CertPassword", certPass);
validateProperties(certificateProperties);
NAESession session = null;
PrivateKey privateKey = null;
PublicKey publicKey = null;
try {
if (userName != null && password != null)
session = NAESession.getSession(userName, password.toCharArray());
NAEPrivateKey private1 = NAEKey.getPrivateKey(key, session);
NAEPublicKey public1 = NAEKey.getPublicKey(key, session);
privateKey = getPrivateKey(private1, certificateProperties.get("Algorithm"));
publicKey = getPublicKey(public1, certificateProperties.get("Algorithm"));
} finally {
if (session != null)
session.closeSession();
}
X509Certificate cert = generateCertificate(publicKey, privateKey, certificateProperties);
storeCertificateInPFX(privateKey, cert, certificateProperties);
System.out.println("certificate is stored successfully at " + certificateProperties.get("Destination"));
} catch (Exception e) {
e.printStackTrace();
}
}
Also used :
NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey)
PrivateKey(java.security.PrivateKey)
NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey)
NAEPublicKey(com.ingrian.security.nae.NAEPublicKey)
PublicKey(java.security.PublicKey)
NAEPublicKey(com.ingrian.security.nae.NAEPublicKey)
NAESession(com.ingrian.security.nae.NAESession)
X509Certificate(java.security.cert.X509Certificate)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
NAEException(com.ingrian.security.nae.NAEException)
IOException(java.io.IOException)
Example 13 with NAEPublicKey
use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.
the class CMSSignSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 4) {
System.err.println("Usage: java CMSSignSample user password keyname caName");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
String caName = args[3];
// data to sign
byte[] data = "dataToSign".getBytes();
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
// get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
NAESession session = null;
try {
// create NAE Session: pass in Key Manager user name and password
session = NAESession.getSession(username, password.toCharArray());
// Create Signature object
Signature sig = Signature.getInstance("SHA1withRSA", "IngrianProvider");
SignVerifySpec signVerifySpec = new SignVerifySpec(new Format("cms/detached/smime/enveloped"), new CertList(caName));
sig.setParameter((AlgorithmParameterSpec) signVerifySpec);
// Sign data
// Get private key
NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
// Initialize Signature object for signing
sig.initSign(privKey);
sig.update(data);
byte[] signature = sig.sign();
// Verify signature
// Get public key
NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
// Initialize Signature object for signature verification
sig.initVerify(pubKey);
sig.update(data);
if (sig.verify(signature))
System.out.println("Signature verified.");
else
System.out.println("Signature verification failed.");
// close NAE session
session.closeSession();
} catch (Exception e) {
e.printStackTrace();
} finally {
if (session != null)
session.closeSession();
}
}
Also used :
NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey)
NAEPublicKey(com.ingrian.security.nae.NAEPublicKey)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
Provider(java.security.Provider)
CertList(com.ingrian.security.nae.CertList)
SignVerifySpec(com.ingrian.security.nae.SignVerifySpec)
Format(com.ingrian.security.nae.Format)
Signature(java.security.Signature)
NAESession(com.ingrian.security.nae.NAESession)
Example 14 with NAEPublicKey
use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.
the class FileEncryptionDecryptionSampleUsingRSA method main.
public static void main(String[] args) throws Exception {
if (args.length != 6) {
System.err.println("Usage: java FileEncryptionDecryptionSampleUsingRSA userName password asymKeyName fileToEncrypt encryptedFile decryptedFile");
System.exit(-1);
}
String userName = args[0];
String password = args[1];
String asymKeyName = args[2];
String fileToEncrypt = args[3];
String encryptedFile = args[4];
String decryptedFile = args[5];
// Add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
NAESession session = null;
try {
// Creates NAE Session and pass in NAE userName and password
session = NAESession.getSession(userName, password.toCharArray());
// Creates NAEPublicKey object
NAEPublicKey asymPubKey = NAEKey.getPublicKey(asymKeyName, session);
// Get NAESecureRandom object
NAESecureRandom rng = new NAESecureRandom(session);
performEncryption(fileToEncrypt, encryptedFile, asymPubKey, rng);
// Creates NAEPrivateKey object
NAEPrivateKey asymPrivKey = NAEKey.getPrivateKey(asymKeyName, session);
performDecryption(encryptedFile, decryptedFile, asymPrivKey);
} catch (Exception e) {
System.err.println("The Cause is " + e.getMessage() + ".");
throw e;
} finally {
if (session != null) {
// Close NAESession
session.closeSession();
}
}
}
Also used :
NAESecureRandom(com.ingrian.security.nae.NAESecureRandom)
NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey)
NAEPublicKey(com.ingrian.security.nae.NAEPublicKey)
NAESession(com.ingrian.security.nae.NAESession)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
Example 15 with NAEPublicKey
use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.
the class ECCSignSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 3) {
System.err.println("Usage: java ECCSignSample user password keyname");
System.exit(-1);
}
String userName = args[0];
String password = args[1];
String keyName = args[2];
// Add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
// Get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
// Data to sign
String dataForSignature = "testdata for ECC Sign Test";
String signAlgo = "SHA256withECDSA";
NAESession session = null;
try {
// Creates NAESession: pass in NAE user and password
session = NAESession.getSession(userName, password.toCharArray());
// Creates a signature object for sign operation
Signature sig = Signature.getInstance(signAlgo, "IngrianProvider");
// Sign data
// Creates NAEPrivateKey object
NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
// Initializes the signature object for signing
sig.initSign(privKey);
sig.update(dataForSignature.getBytes());
byte[] signature = sig.sign();
System.out.println("ECCKey Sign Operation: SUCCESS");
// Creates a signature object for signVerify operation
Signature sigVer = Signature.getInstance(signAlgo, "IngrianProvider");
// Verify signature
// Get NAEPublicKey
NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
// Initializes Signature object for signature verification
sigVer.initVerify(pubKey);
sigVer.update(dataForSignature.getBytes());
if (!sigVer.verify(signature)) {
System.out.println("Signature Verification: FAILED");
} else {
System.out.println("Signature Verification: SUCCESS");
}
} catch (Exception e) {
e.printStackTrace();
throw e;
} finally {
if (session != null)
// Close NAESession
session.closeSession();
}
}
Also used :
NAEPrivateKey(com.ingrian.security.nae.NAEPrivateKey)
Signature(java.security.Signature)
NAEPublicKey(com.ingrian.security.nae.NAEPublicKey)
NAESession(com.ingrian.security.nae.NAESession)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
IngrianProvider(com.ingrian.security.nae.IngrianProvider)
Provider(java.security.Provider)
Aggregations
NAEPublicKey (com.ingrian.security.nae.NAEPublicKey)19
NAEPrivateKey (com.ingrian.security.nae.NAEPrivateKey)18
IngrianProvider (com.ingrian.security.nae.IngrianProvider)17
NAESession (com.ingrian.security.nae.NAESession)10
KMIPSession (com.ingrian.security.nae.KMIPSession)9
NAEClientCertificate (com.ingrian.security.nae.NAEClientCertificate)9
KMIPAttributes (com.ingrian.security.nae.KMIPAttributes)8
NAEKey (com.ingrian.security.nae.NAEKey)7
Provider (java.security.Provider)7
KMIPSecretData (com.ingrian.security.nae.KMIPSecretData)6
NAEException (com.ingrian.security.nae.NAEException)6
NAEParameterSpec (com.ingrian.security.nae.NAEParameterSpec)6
NAESecretKey (com.ingrian.security.nae.NAESecretKey)6
KeyPair (java.security.KeyPair)5
PrivateKey (java.security.PrivateKey)5
PublicKey (java.security.PublicKey)4
KeyPairGenerator (java.security.KeyPairGenerator)3
Signature (java.security.Signature)3
Cipher (javax.crypto.Cipher)3
NAECertificate (com.ingrian.security.nae.NAECertificate)2
