use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.
the class ByokSample method wrapKeyFromKS.
private static byte[] wrapKeyFromKS(String username, String password, String aesKeyName, String wrappingKeyName, String wrappingAlgo, byte[] publicKey, String cloudName, String hash256Path) throws Exception {
String pemString = null;
if (publicKey != null) {
PemObject pemObject = new PemObject("RSA PUBLIC KEY", publicKey);
StringWriter stringWriter = new StringWriter();
PemWriter pemWriter = new PemWriter(stringWriter);
pemWriter.writeObject(pemObject);
pemWriter.close();
pemString = stringWriter.toString();
}
NAESession session = null;
try {
// create nae session
session = NAESession.getSession(username, password.toCharArray());
NAESecretKey secretKey = NAEKey.getSecretKey(aesKeyName, session);
if (isKeyNameValid(secretKey))
validateKeySize(secretKey, 256);
else {
createAES256Key(aesKeyName, session);
secretKey = NAEKey.getSecretKey(aesKeyName, session);
}
// Need not import if publicKey is null
if (publicKey != null) {
// key import spec
NAEParameterSpec rsaParamSpec = new NAEParameterSpec(wrappingKeyName, true, true, session, null);
// import the rsa public key
NAEPublicKey.importKey(pemString.getBytes("UTF-8"), "RSA", rsaParamSpec);
}
// get key handle to the imported RSA key
NAEPublicKey pubRSAKey = NAEKey.getPublicKey(wrappingKeyName, session);
// spec for key to be wrapped
NAEParameterSpec aesSpec = new NAEParameterSpec(aesKeyName, true, true, 256, session);
// setting padding format to wrap a key
aesSpec.setWrapPaddingFormat("PKCS1.5".equals(wrappingAlgo.toUpperCase()) ? WrapFormatPadding.DEFAULT : WrapFormatPadding.valueOf(wrappingAlgo.toUpperCase()));
// Init a JCE Cipher in WRAP_MODE to do the key wrapping.
Cipher cipher = Cipher.getInstance("RSA", "IngrianProvider");
cipher.init(Cipher.WRAP_MODE, pubRSAKey, aesSpec);
byte[] wrappedByte = cipher.wrap(secretKey);
// write hash
if (cloudName.equalsIgnoreCase("salesforce")) {
writeHashToTheFile(cloudName, secretKey.getKeyData(), hash256Path);
}
return wrappedByte;
} finally {
if (session != null)
session.closeSession();
}
}
use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.
the class SelfSignedCertificateUtility method main.
public static void main(String[] args) {
String userName = null;
String password = null;
String file = null;
String key = null;
String certPass = null;
for (int i = 0; i < args.length; i++) {
if ("-user".equals(args[i]))
userName = args[i + 1].trim();
else if ("-password".equals(args[i]))
password = args[i + 1].trim();
else if ("-key".equals(args[i]))
key = args[i + 1].trim();
else if ("-file".equals(args[i]))
file = args[i + 1].trim();
else if ("-certPass".equals(args[i]))
certPass = args[i + 1].trim();
}
if (key == null || file == null)
usage();
try {
Map<String, String> certificateProperties = readPropertiesFrom(file);
if (certPass != null)
certificateProperties.put("CertPassword", certPass);
validateProperties(certificateProperties);
NAESession session = null;
PrivateKey privateKey = null;
PublicKey publicKey = null;
try {
if (userName != null && password != null)
session = NAESession.getSession(userName, password.toCharArray());
NAEPrivateKey private1 = NAEKey.getPrivateKey(key, session);
NAEPublicKey public1 = NAEKey.getPublicKey(key, session);
privateKey = getPrivateKey(private1, certificateProperties.get("Algorithm"));
publicKey = getPublicKey(public1, certificateProperties.get("Algorithm"));
} finally {
if (session != null)
session.closeSession();
}
X509Certificate cert = generateCertificate(publicKey, privateKey, certificateProperties);
storeCertificateInPFX(privateKey, cert, certificateProperties);
System.out.println("certificate is stored successfully at " + certificateProperties.get("Destination"));
} catch (Exception e) {
e.printStackTrace();
}
}
use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.
the class CMSSignSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 4) {
System.err.println("Usage: java CMSSignSample user password keyname caName");
System.exit(-1);
}
String username = args[0];
String password = args[1];
String keyName = args[2];
String caName = args[3];
// data to sign
byte[] data = "dataToSign".getBytes();
// add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
// get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
NAESession session = null;
try {
// create NAE Session: pass in Key Manager user name and password
session = NAESession.getSession(username, password.toCharArray());
// Create Signature object
Signature sig = Signature.getInstance("SHA1withRSA", "IngrianProvider");
SignVerifySpec signVerifySpec = new SignVerifySpec(new Format("cms/detached/smime/enveloped"), new CertList(caName));
sig.setParameter((AlgorithmParameterSpec) signVerifySpec);
// Sign data
// Get private key
NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
// Initialize Signature object for signing
sig.initSign(privKey);
sig.update(data);
byte[] signature = sig.sign();
// Verify signature
// Get public key
NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
// Initialize Signature object for signature verification
sig.initVerify(pubKey);
sig.update(data);
if (sig.verify(signature))
System.out.println("Signature verified.");
else
System.out.println("Signature verification failed.");
// close NAE session
session.closeSession();
} catch (Exception e) {
e.printStackTrace();
} finally {
if (session != null)
session.closeSession();
}
}
use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.
the class FileEncryptionDecryptionSampleUsingRSA method main.
public static void main(String[] args) throws Exception {
if (args.length != 6) {
System.err.println("Usage: java FileEncryptionDecryptionSampleUsingRSA userName password asymKeyName fileToEncrypt encryptedFile decryptedFile");
System.exit(-1);
}
String userName = args[0];
String password = args[1];
String asymKeyName = args[2];
String fileToEncrypt = args[3];
String encryptedFile = args[4];
String decryptedFile = args[5];
// Add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
NAESession session = null;
try {
// Creates NAE Session and pass in NAE userName and password
session = NAESession.getSession(userName, password.toCharArray());
// Creates NAEPublicKey object
NAEPublicKey asymPubKey = NAEKey.getPublicKey(asymKeyName, session);
// Get NAESecureRandom object
NAESecureRandom rng = new NAESecureRandom(session);
performEncryption(fileToEncrypt, encryptedFile, asymPubKey, rng);
// Creates NAEPrivateKey object
NAEPrivateKey asymPrivKey = NAEKey.getPrivateKey(asymKeyName, session);
performDecryption(encryptedFile, decryptedFile, asymPrivKey);
} catch (Exception e) {
System.err.println("The Cause is " + e.getMessage() + ".");
throw e;
} finally {
if (session != null) {
// Close NAESession
session.closeSession();
}
}
}
use of com.ingrian.security.nae.NAEPublicKey in project CipherTrust_Application_Protection by thalescpl-io.
the class ECCSignSample method main.
public static void main(String[] args) throws Exception {
if (args.length != 3) {
System.err.println("Usage: java ECCSignSample user password keyname");
System.exit(-1);
}
String userName = args[0];
String password = args[1];
String keyName = args[2];
// Add Ingrian provider to the list of JCE providers
Security.addProvider(new IngrianProvider());
// Get the list of all registered JCE providers
Provider[] providers = Security.getProviders();
for (int i = 0; i < providers.length; i++) System.out.println(providers[i].getInfo());
// Data to sign
String dataForSignature = "testdata for ECC Sign Test";
String signAlgo = "SHA256withECDSA";
NAESession session = null;
try {
// Creates NAESession: pass in NAE user and password
session = NAESession.getSession(userName, password.toCharArray());
// Creates a signature object for sign operation
Signature sig = Signature.getInstance(signAlgo, "IngrianProvider");
// Sign data
// Creates NAEPrivateKey object
NAEPrivateKey privKey = NAEKey.getPrivateKey(keyName, session);
// Initializes the signature object for signing
sig.initSign(privKey);
sig.update(dataForSignature.getBytes());
byte[] signature = sig.sign();
System.out.println("ECCKey Sign Operation: SUCCESS");
// Creates a signature object for signVerify operation
Signature sigVer = Signature.getInstance(signAlgo, "IngrianProvider");
// Verify signature
// Get NAEPublicKey
NAEPublicKey pubKey = NAEKey.getPublicKey(keyName, session);
// Initializes Signature object for signature verification
sigVer.initVerify(pubKey);
sigVer.update(dataForSignature.getBytes());
if (!sigVer.verify(signature)) {
System.out.println("Signature Verification: FAILED");
} else {
System.out.println("Signature Verification: SUCCESS");
}
} catch (Exception e) {
e.printStackTrace();
throw e;
} finally {
if (session != null)
// Close NAESession
session.closeSession();
}
}
Aggregations