skc/2017.1/jni_example3_ex_kmip_3_java.html

package com.p6r.kmip;


import org.junit.*;

import static org.junit.Assert.assertEquals;

import static org.junit.Assert.assertNotEquals;


public class JniActivateKmip {


    private static final String _hostName = "kmiptest01.p6r.com";


    @BeforeClass

    public static void oneTimeSetUp() {

        // NOOP

        System.out.println("@BeforeClass - oneTimeSetUp");

    }


    @AfterClass

    public static void oneTimeTearDown() {

        // NOOP

        System.out.println("@AfterClass - oneTimeTearDown");

    }


    @Before

    public void setUp() {

        // NOOP

        System.out.println("@Before - setUp");

    }


    @After

    public void tearDown() {

        // NOOP

        System.out.println("@After - tearDown");

    }


    @Test

    public void JNICall_ActivateKMIP() {

        System.out.println("@Test - JNICall-ActivateKMIP");


        String uid1 = null;

        String uid2 = null;

        String[] attribute = null;

        P6KMIPClient kc = new P6KMIPClient();


        try {

            kc.initializeLibrary(P6KMIPClient.FLAGS_NONE);

            kc.open(_hostName, null);


            // -> create and activate two symmetric keys

            uid1 = kc.createSymmetricKey(KMIPConstants.ALG_AES, 128, (KMIPConstants.USAGE_MASK_ENCRYPT | KMIPConstants.USAGE_MASK_DECRYPT));

            kc.activate(uid1);

            System.out.println("UID of new AES activated key 1: " + uid1);


            uid2 = kc.createSymmetricKey(KMIPConstants.ALG_AES, 128, (KMIPConstants.USAGE_MASK_ENCRYPT | KMIPConstants.USAGE_MASK_DECRYPT));

            attribute = kc.getAttribute(uid2, "State");

            assertEquals(attribute[0], "Pre-Active");

            System.out.println("UID of new AES pre-activated key 2: " + uid2 + ", State = " + attribute[0]);


            kc.activate(uid2);

            attribute = kc.getAttribute(uid2, "State");

            assertEquals(attribute[0], "Active");

            System.out.println("UID of new AES activated key 2: " + uid2 + ", State = " + attribute[0]);


            // -> this should fail because you cannot destroy an active key

            try {

                kc.destroy(uid1);

            } catch (Exception e) {

                System.out.println(e.toString());

                // -> should internally set a timestamp with the revoke

                kc.revoke(uid1, KMIPConstants.REVOCATION_KEYCOMPROMISE, "Security Breach detected");

                kc.destroy(uid1);

            }


            // -> proper sequence of steps to get rid of an activated key

            kc.revoke(uid2, KMIPConstants.REVOCATION_CESSATION_OF_OPERATION, "Computer decomissioned");

            kc.destroy(uid2);


            kc.close();

            kc.freeLibrary();


        } catch (Exception e) {

            // -> we shoud not get here

            System.out.println(e.toString());

            assertEquals(0, 1);

        }

    }

}