Developer's Guide
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
JniOAEPKmip.java
package com.p6r.kmip;
import org.junit.*;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotEquals;
import java.security.*;
import java.security.spec.*;
public class JniOAEPKmip {
private static final String _hostName = "kmiptest01.p6r.com";
@BeforeClass
public static void oneTimeSetUp() {
// NOOP
System.out.println("@BeforeClass - oneTimeSetUp");
}
@AfterClass
public static void oneTimeTearDown() {
// NOOP
System.out.println("@AfterClass - oneTimeTearDown");
}
@Before
public void setUp() {
// NOOP
System.out.println("@Before - setUp");
}
@After
public void tearDown() {
// NOOP
System.out.println("@After - tearDown");
}
@Test
public void JNICall_OAEPKMIP() {
System.out.println("@Test - JNICall-OAEPKMIP");
String pubUid = null;
String prvUid = null;
String[] attribute = null;
P6KMIPClient kc = new P6KMIPClient();
try {
kc.initializeLibrary(P6KMIPClient.FLAGS_NONE);
kc.open(_hostName, null);
// [A] Register a RSA public/private keys that we will use for OAEP encryption
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(2048);
KeyPair RSAkeyPair = kpg.genKeyPair();
PublicKey pubKey = RSAkeyPair.getPublic();
PrivateKey prvKey = RSAkeyPair.getPrivate();
byte[] publicKeyBytes = pubKey.getEncoded();
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicKeyBytes);
byte[] privateKeyBytes = prvKey.getEncoded();
PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
// -> public key is used for encryption
byte[] PSource = new byte[15];
PSource[0] = 0x4b;
PSource[1] = 0x69;
PSource[2] = 0x6c;
PSource[3] = 0x72;
PSource[4] = 0x6f;
PSource[5] = 0x79;
PSource[6] = 0x20;
PSource[7] = 0x77;
PSource[8] = 0x61;
PSource[9] = 0x73;
PSource[10] = 0x20;
PSource[11] = 0x68;
PSource[12] = 0x65;
PSource[13] = 0x72;
PSource[14] = 0x65;
CryptoParams cp = new CryptoParams();
cp.setPaddingMethod(KMIPConstants.PAD_OAEP);
cp.setHashAlgorithm(KMIPConstants.HASH_SHA384);
cp.setMaskGenerator(KMIPConstants.MASKGENERATOR_MGF1);
cp.setMaskGeneratorHashAlgorithm(KMIPConstants.HASH_SHA256);
cp.setCryptoAlgorithm(KMIPConstants.ALG_RSA);
cp.setPSource(PSource);
pubUid = kc.registerPublicKey(KMIPConstants.ALG_RSA, 2048, KMIPConstants.USAGE_MASK_ENCRYPT, cp, publicKeySpec.getEncoded());
System.out.println("UID of registered RSA public key for OAEP: " + pubUid);
assertNotEquals(pubUid, null);
prvUid = kc.registerPrivateKey(KMIPConstants.ALG_RSA, 2048, KMIPConstants.USAGE_MASK_DECRYPT, cp, privateKeySpec.getEncoded());
System.out.println("UID of registered RSA private key for OAEP: " + prvUid);
assertNotEquals(prvUid, null);
// -> key must be in the activate state to use it to derive another key
kc.activate(pubUid);
attribute = kc.getAttribute(pubUid, "State");
assertEquals(attribute[0], "Active");
System.out.println("UID of new RSA public activated key: " + pubUid + ", State = " + attribute[0]);
kc.activate(prvUid);
attribute = kc.getAttribute(prvUid, "State");
assertEquals(attribute[0], "Active");
System.out.println("UID of new RSA private activated key: " + prvUid + ", State = " + attribute[0]);
// [B] Now we use the above key to perform OAEP encryption
byte[] clearText = new byte[28];
clearText[0] = 0x66;
clearText[1] = 0x28;
clearText[2] = 0x19;
clearText[3] = 0x4e;
clearText[4] = 0x12;
clearText[5] = 0x07;
clearText[6] = 0x3d;
clearText[7] = (byte)0xb0;
clearText[8] = 0x3b;
clearText[9] = (byte)0xa9;
clearText[10] = 0x4c;
clearText[11] = (byte)0xda;
clearText[12] = (byte)0x9e;
clearText[13] = (byte)0xf9;
clearText[14] = 0x53;
clearText[15] = 0x23;
clearText[16] = (byte)0x97;
clearText[17] = (byte)0xd5;
clearText[18] = 0x0d;
clearText[19] = (byte)0xba;
clearText[20] = 0x79;
clearText[21] = (byte)0xb9;
clearText[22] = (byte)0x87;
clearText[23] = 0x00;
clearText[24] = 0x4a;
clearText[25] = (byte)0xfe;
clearText[26] = (byte)0xfe;
clearText[27] = 0x34;
// OAEP cannot be streamed
byte[] cipherText = kc.encrypt(pubUid, null, clearText, null);
System.out.println("\nEncrypted data using RSA OAEP and PSS [" + cipherText.length + "]");
for( int i=0; i < cipherText.length; i++ ) {
System.out.print(cipherText[i] + " ");
}
System.out.println("\n");
byte[] plainText = kc.decrypt(prvUid, null, cipherText, null);
System.out.println("Decrypted original data using RSA OAEP and PSS [" + plainText.length + "]");
for( int i=0; i < plainText.length; i++ ) {
System.out.print(plainText[i] + " ");
}
System.out.println("\n");
kc.revoke(pubUid, KMIPConstants.REVOCATION_CESSATION_OF_OPERATION, "Done with test OAEP RSA public key");
kc.destroy(pubUid);
kc.revoke(prvUid, KMIPConstants.REVOCATION_CESSATION_OF_OPERATION, "Done with test OAEP RSA private key");
kc.destroy(prvUid);
kc.close();
kc.freeLibrary();
} catch (Exception e) {
// -> we shoud not get here
System.out.println(e.toString());
assertEquals(0, 1);
}
}
}