1 package com.p6r.kmipserverlib;
5 import java.text.DateFormat;
6 import java.text.SimpleDateFormat;
8 import java.util.TimeZone;
10 import static org.junit.Assert.assertEquals;
26 System.out.println(
"@BeforeClass - oneTimeSetUp");
32 System.out.println(
"@AfterClass - oneTimeTearDown");
38 System.out.println(
"@Before - setUp");
44 System.out.println(
"@After - tearDown");
54 System.out.println(
"@Test - JNICall-Respnse6KMIP");
58 P6KMIPServerLib sl =
new P6KMIPServerLib();
61 sl.initializeLibrary(P6KMIPServerLib.FLAGS_NONE);
64 sl.startResponseMessage(1, KMIPConstants.FORMAT_TTLV, 5);
66 byte[] batchId1 = {0x01, 0x02, 0x03, 0x04};
67 byte[] fingerPrint = {0x11, 0x22, 0x33, 0x44, 0x55};
69 long timeStamp = System.currentTimeMillis();
70 DateFormat df =
new SimpleDateFormat(
"MM/dd/yyyy HH:mm:ss Z");
71 df.setTimeZone(TimeZone.getTimeZone(
"GMT"));
73 Date today =
new Date(timeStamp);
74 System.out.println(
"Unix Time stamp: " + timeStamp +
", date: " + df.format(today) +
"\n");
76 Attribute comment =
new Attribute(KMIPConstants.ATTRIB_COMMENTS, 0,
"attribute test case");
77 Attribute state =
new Attribute(KMIPConstants.ATTRIB_STATE, 0, KMIPConstants.STATE_ACTIVE);
78 Attribute keyAlg =
new Attribute(KMIPConstants.ATTRIB_CRYPTOALGORITHM, 0, KMIPConstants.ALG_AES);
79 Attribute fresh =
new Attribute(KMIPConstants.ATTRIB_FRESH, 0,
false);
80 Attribute cryptoLength =
new Attribute(KMIPConstants.ATTRIB_CRYPTOLENGTH, 0,
new Integer(128));
81 Attribute cryptoMask =
new Attribute(KMIPConstants.ATTRIB_CRYPTOUSAGEMASK, 0,
new Integer((KMIPConstants.USAGE_MASK_ENCRYPT | KMIPConstants.USAGE_MASK_DECRYPT)));
82 Attribute initialDate =
new Attribute(KMIPConstants.ATTRIB_INITIALDATE, 0,
new Long(timeStamp));
87 CryptograhicParameters keyParams =
new CryptograhicParameters( KMIPConstants.MODE_ECB, KMIPConstants.PAD_PKCS5, -1, KMIPConstants.ROLE_KEK, -1, KMIPConstants.ALG_AES,
false, -1, -1, -1, -1, -1, -1, -1, -1, -1, null, -1 );
88 Attribute keyCryptoParams =
new Attribute(0, keyParams);
92 VendorAttribute ca1 =
new VendorAttribute(
"y",
"ServerSpecific1",
true);
93 Attribute custom1 =
new Attribute(ca1);
94 VendorAttribute ca2 =
new VendorAttribute(
"x",
"clientSpecific1",
"a b c d e f");
95 Attribute custom2 =
new Attribute(ca2);
96 VendorAttribute ca3 =
new VendorAttribute(
"P6R",
"clientSpecific11", 55);
97 Attribute custom3 =
new Attribute(ca3);
98 VendorAttribute ca4 =
new VendorAttribute(
"y",
"fingerprint", fingerPrint);
99 Attribute custom4 =
new Attribute(ca4);
101 NameAttribute name =
new NameAttribute(
"Client-Defined-ID: 456", KMIPConstants.NAME_TEXTSTR);
102 Attribute name1 =
new Attribute(KMIPConstants.ATTRIB_NAME, 0, name);
103 NameAttribute altName =
new NameAttribute(
"192.10.3.25", KMIPConstants.ALTNAME_IPADDRESS);
104 Attribute name2 =
new Attribute(KMIPConstants.ATTRIB_ALTERNATIVENAME, 0, altName);
105 NameAttribute keyLoc =
new NameAttribute(
"http://abc.hsm.com/12345", KMIPConstants.KVLT_URI);
106 Attribute name3 =
new Attribute(KMIPConstants.ATTRIB_KEYVALUELOCATION, 0, keyLoc);
108 byte[] fakeDigest = { (byte)0xAA, (byte)0xBB, (byte)0xCC, (byte)0xDD, (byte)0xEE, (byte)0xFF, 0x00, (byte)0x99, (byte)0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11};
109 DigestAttribute da =
new DigestAttribute(KMIPConstants.HASH_SHA512, fakeDigest, KMIPConstants.KEYFORMAT_TRANSYMKEY);
110 Attribute digest1 =
new Attribute(0, da);
113 String[] alternativeNames =
new String[3];
114 alternativeNames[0] =
"frank@p6r.com";
115 alternativeNames[1] =
"192.34.5.689";
116 alternativeNames[2] =
"jni-example.p6r.com";
117 CertificateNameAttribute cn =
new CertificateNameAttribute(
"CN=Sample Cert, OU=R&D, O=Company Ltd., L=Dublin 4, S=Dublin, C=IE", alternativeNames);
118 Attribute certName1 =
new Attribute(KMIPConstants.ATTRIB_CERTIFICATEISSUER, cn);
121 byte[] X509DN_fake = { 0x25, 0x00, 0x00, 0x00, 0x34 };
122 byte[] alt1bytes = { 0x01, 0x02, 0x03, 0x00, 0x04 };
123 byte[] alt2bytes = { 0x00, 0x71, 0x52, 0x23, 0x14, 0x0F };
124 ByteArrayObject alt1 =
new ByteArrayObject( alt1bytes );
125 ByteArrayObject alt2 =
new ByteArrayObject( alt2bytes );
126 ByteArrayObject[] X509alternativeNames =
new ByteArrayObject[2];
127 X509alternativeNames[0] = alt1;
128 X509alternativeNames[1] = alt2;
129 X509CertificateNameAttribute x509CN =
new X509CertificateNameAttribute(X509DN_fake, X509alternativeNames);
130 Attribute x509CertName1 =
new Attribute(KMIPConstants.ATTRIB_X509CERTIFICATESUBJECT, x509CN);
132 RevocationReasonAttribute rr =
new RevocationReasonAttribute(
"Key exceeded its usage limits", KMIPConstants.REVOCATION_KEYCOMPROMISE);
133 Attribute revocation =
new Attribute(rr);
135 NameAttribute link =
new NameAttribute(
"UID-111-333-000", KMIPConstants.LINK_PRIVATEKEY);
136 Attribute privateLink =
new Attribute(KMIPConstants.ATTRIB_LINK, 0, link);
138 UsageLimitsAttribute ul =
new UsageLimitsAttribute(50000000, 2000000, KMIPConstants.USAGE_LIMITS_BYTE);
139 Attribute usageLimits =
new Attribute(ul);
141 ApplicationSpecificInfoAttribute as =
new ApplicationSpecificInfoAttribute(
"P6R",
"#12345678990000#");
142 Attribute appInfo =
new Attribute(1,as);
144 Attribute digitalSigAlg =
new Attribute(KMIPConstants.ATTRIB_DIGITALSIGALG, 0, KMIPConstants.SIG_ECDSASHA1);
147 Attribute certSubjectCN =
new Attribute(KMIPConstants.ATTRIB_CERTSUBJECT_CN, 0,
"www.example.com");
149 Attribute[] attributes =
new Attribute[23];
150 attributes[0] = comment;
151 attributes[1] = state;
152 attributes[2] = fresh;
153 attributes[3] = cryptoLength;
154 attributes[4] = initialDate;
155 attributes[5] = keyAlg;
156 attributes[6] = cryptoMask;
157 attributes[7] = custom1;
158 attributes[8] = custom2;
159 attributes[9] = custom3;
160 attributes[10] = custom4;
161 attributes[11] = keyCryptoParams;
162 attributes[12] = name1;
163 attributes[13] = name2;
164 attributes[14] = name3;
165 attributes[15] = digest1;
166 attributes[16] = x509CertName1;
167 attributes[17] = revocation;
168 attributes[18] = privateLink;
169 attributes[19] = usageLimits;
170 attributes[20] = appInfo;
171 attributes[21] = digitalSigAlg;
172 attributes[22] = certSubjectCN;
174 GetAttributesResponse ga =
new GetAttributesResponse(batchId1,
"1111-2222-3333-4444-5555", attributes);
177 byte[] responseBuffer = sl.endResponseMessage(0);
178 for (
int j = 0; j < responseBuffer.length; j++) {
179 System.out.print(responseBuffer[j]);
181 System.out.println(
"\n");
185 sl.startResponseMessage(1, KMIPConstants.FORMAT_MSGXML, 5);
189 byte[] responseBuffer2 = sl.endResponseMessage(0);
190 System.out.println(
new String(responseBuffer2));
191 System.out.println(
"\n");
195 sl.startResponseMessage(1, KMIPConstants.FORMAT_MSGJSON, 5);
199 byte[] responseBuffer3 = sl.endResponseMessage(0);
200 System.out.println(
new String(responseBuffer3));
201 System.out.println(
"\n");
207 sl.startResponseMessage(1, KMIPConstants.FORMAT_MSGXML, 5);
209 AddAttributeResponse aa =
new AddAttributeResponse(batchId1,
"UID-383837jjejej", state);
212 byte[] responseBuffer4 = sl.endResponseMessage(0);
213 System.out.println(
new String(responseBuffer4));
214 System.out.println(
"\n");
219 sl.startResponseMessage(1, KMIPConstants.FORMAT_MSGXML, 5);
221 Attribute
empty =
new Attribute();
222 AddAttributeResponse aab =
new AddAttributeResponse(batchId1,
"UID-ABDGDGDG-00033", empty);
223 sl.addBatchItem(aab);
225 byte[] responseBuffer5 = sl.endResponseMessage(0);
226 System.out.println(
new String(responseBuffer5));
227 System.out.println(
"\n");
231 }
catch (Exception e) {
233 System.out.println(e.toString());
A JUNIT test demonstrating how to parse an incoming KMIP request from a client.
static void oneTimeTearDown()
static void oneTimeSetUp()
void JNICall_Response6KMIP()
Test: Generate a message with multiple batch items using KMIP Version 2.0.
it may not contain all the symbols used by this software If you run into undefined symbol please let us know and we can provide you a build that will be compatible with your specific as well as not allowing the setting of crypto algorithm or length on the response This is now fixed Added some basic examples on how to use KSL in C Adding KMIP attribute support to parser and message generator This is just part of the KMIP additions In KMIP the way attributes are encoded are completely different from x protocol versions This update deals with the change mostly invisible from the application Also added new KMIP only attribute support Worked around a Linux linker bug that was not properly detecting dependencies and leaving out symbols as a result Added some basic examples on how to use KSL in C Adding KMIP support in the also supporting the Byte String extension Credential used by the Db2 KMIP client To finish off KMIP support Query Response JNI now supports the server returning an array of Validation Information Fixed an issue where the Cryptographic Parameters attribute always appeared to be in client requests of which it was defined as possible An additional field was added to the Crypto Params structure to indicate if the attribute was present or not The JNI was fixed not to create the corresponding Java object if the attribute was not present Message Extension fields are available to the user for Create KMIP operation The VendorExtension structure is just available in TTLV messages This will be added to all operations in the next release Application Specific Information attribute is not supported in the and the Offset field for ReKey and ReKeyPair is now set to if not provided by the client request message Crytographic and Cryptgraphic algorithm where not properly included in the Get response message for a wrapped key This has been fixed Issue with properly parsing KMIP XML and JSON message whenever an ISO8601 timestamp string was used Parse failed incorrectly Version Responses can now be empty