Java examples
The example programs and source code described in this section are supplied on your Developer installation media.
Several of the utilities are not designed to be executed directly but are used by other programs.
For more information on these examples, see the in-line comments in the example source code and the Javadocs installed in your nfast
directory.
Extract and compile the Java examples
The Java example files are in subdirectories of the %NFAST_HOME%\java\examples
(Windows) or /opt/nfast/java/examples
(Linux) directory.
-
Extract the example files:
jar xf <path-to-examples-jar-file>
The JCE-related examples extract into the
com/ncipher/provider/examples
subtree. -
Compile the examples:
-
If using Java 8 or earlier (using "--class-path or -cp")
javac -cp <fully-qualified-path-to-JCE-provider-jar-file> *.java
For example:
javac -cp /opt/nfast/java/classes/nCipherKM.jar *.java javac -cp /opt/nfast/java/classes/nCipherKM.jar com/ncipher/provider/examples/*.java
-
If using Java 9 or later (using "--module-path or -p")
javac -p <fully-qualified-path-to-JCE-provider-jar-file> --add-modules ALL-MODULE-PATH *.java
For example:
javac -p /opt/nfast/java/classes --add-modules ALL-MODULE-PATH *.java javac -p /opt/nfast/java/classes --add-modules ALL-MODULE-PATH com/ncipher/provider/examples/*.java
-
Java key management example utilities
GenerateExport.java
This example utility generates an RSA Key and optionally exports the public key out of a module as plain text.
It demonstrates the creation of an OCS.
KMJavaFloodTest.java
This example utility demonstrates the use of the mergeKeyIDs
method in the Key
class.
This method merges all the loaded private keyid
s into a single keyid
that can be used in nCore API calls when load-sharing is required.
NFKMInfo.java
Displays information about the Security World.
This example Java utility is analogous to its C version except that NFKMInfo.java
does not return information on world/module generation.
NVRamRTCUtil.java
This is an example program to demonstrate interacting with the NVRAM and RTC. The program allows you to list all files in NVRAM, delete a file in NVRAM, delete all the files in NVRAM, display the current time in the RTC and to set the RTC to the system clock.
SimpleCrypt.java
This is a simple example that graphically encrypts and decrypts data with a Triple-DES (DES3) key from the Security World. Cipher Block Chaining mode (CBC) and initialization vectors are selected randomly. This information is prefixed to the cipher text.
SimpleCrypt.java
only works with module protected Triple-DES (DES3) keys.
SlotPoller.java
This example utility polls all the available slots.
You can determine whether the state of the slot has changed by calling getIC()
on the slot.
This method is more efficient than using update()
. The module serial number, slot number, and insertion count are displayed when a card is inserted or removed.
Java JCE/CSP example utilities
AsymmetricEncryptionExample.java
This example generates an RSA key pair and an X509 public key specification. It performs encryption and decryption of random plain text.
DK_ECDHKAExample.java
This example utility demonstrates:
-
Creation of two ECDH key pairs.
-
Key agreement using ECDHWITHSHA1KDF between two parties.
-
Encryption/Decryption using the shared secret key.
ECDHExample.java
This example utility demonstrates:
-
Creation of an ECDH key.
-
ECDH key agreement.
-
Encryption / decryption of a message using AES.
ECIESExample.java
This example utility demonstrates:
-
Creation of an ECDH key pair by the receiver.
-
Key wrapping by the sender using the agreed ECIES parameters and the public half of receiver’s ECDH key pair.
-
Key unwrapping by the receiver using the agreed ECIES parameters.
-
Encryption/Decryption using the shared secret key.
EdDSAExample.java
This example utility demonstrates how to generate and store key for use in Ed25519 and Ed25519ph operations.
The example generates an Ed25519 key pair, creates a KeyStore and stores both halves of the key pair.
This example may require sudo permissions on Linux machines.
|
JCEChanTest.java
This example measures the data rate achieved by different symmetric encryption and decryption operations.
You can use optional program arguments to change the cipher
, key
, data
, and provider
parameters.
JCEFloodTest.java
This example utility does performance testing for RSA, DSA, ECDSA and Ed25519 private key operations.
It demonstrates:
-
RSA/DSA/ECDSA/Ed25519 Key Pair generation.
-
RSA/DSA/ECDSA/EdDSA signing.
-
RSA encryption/decryption.
-
Use of the kmjava classes to load a key to use with the nCipherKM JCE provider.
-
Load-balancing using
kmjava
andKeyStore-loaded
keys.
JCESigTest.java
This example measures the data rate achieved by many threads simultaneously performing signing and verifying operations.
You can use optional program arguments to change the thread
, key
, data
, provider
, and sampling
parameters.
KeyLoadTimer.java
This example measures the time taken to get many keys from an nCipher.sworld
key store.
It also demonstrates how to create, load and store key stores, as well as how to set and get key entries.
This example may require sudo permissions on Linux machines.
|
KeyStorageExample.java
This example creates a new KeyStore containing an AES key. It performs load-balanced encryption and decryption of random plain text using a KeyStore loaded key.
This example may require sudo permissions on Linux machines.
|
NCipherLibraryInteropExample.java
This example loads an existing AES key from the Security World across all usable modules and performs load-balanced encryption and decryption of random plain text.
SignaturesExample.java
This example generates RSA, DSA, ECDSA and Ed25519 key pairs. For the associated mechanism of each key type, it performs signing and verification of random plain text.
SslClientExample.java
Before building this example, the user will need to edit SslClientExample.java
to insert an appropriate https
web site address in the two relevant places.
When run, this example connects to the user-specified secure web site over an encrypted SSL connection and dumps the index page to the console.
Before running this example, you must run PrepareSslExamples.java
. For more information, see Java JCE/CSP example utilities
SslServerExample.java
This example creates a simple SSL Web server instance on the local host that can be accessed with a Web browser.
Before running this example, you must run PrepareSslExamples.java
. For more information, see Java JCE/CSP example utilities
SymmetricEncryptionExample.java
This example generates symmetric keys and uses them to perform encryption and decryption of random plain text with different cipher modes and padding types.
SignatureTest.java
This example utility demonstrates:
-
generation of an RSA/DSA/ECDSA Key Pair
-
export of the
PublicKey
using X509 encoding -
signing some random data
-
decoding the
PublicKey
-
verification of the signature.
This example requires the Bouncy Castle security provider to be loaded and configured to run properly.
|
Java generic stub examples
The example utilities described in this section are directly analogous to their namesake C example utilities supplied with the nShield C generic stub. The Java incarnations are shipped as source code only. |
BlobInfo.java
This example utility displays information in a blob. It demonstrates how to determine information about the contents of a blob.
BlobInfo.java
is analogous to the C Generic Stub call NFast_ExamineBlob
.
Channel.java
This example utility is a function-based wrapper to symmetric bulk-encryption channels for use by EasyConnection.java
.
CrypTest.java
This example utility is a test program for some module algorithms. It demonstrates:
-
the use of
EasyConnection
-
symmetric cryptography and channels.
DesKat.java
This example utility is for DES known answer tests.
It demonstrates simple nCore key management usage.
Enquiry.java
This example utility displays enquiry information.
It demonstrates:
-
simple nCore usage
-
the
enquiry
command.
FloodTest.java
This example utility does performance testing for modexp code.
It demonstrates:
-
simple bignum usage
-
asynchronous command processing (
NFastApp_Wait
andNFastApp_Query
).
GenCert.java
This example utility generates a certificate.
It demonstrates the use of the BuildCmdCert
class.
InitUnit.java
This example utility initializes a module with a dummy HKNSO
(like the C initunit
utility).
NFEnum.java
This example utility is a helper class used by SigTest
. It is an example extension to jnfopt
for looking up an nCore Enumeration class.
It cannot be invoked by itself.
ReportVersion.java
This example utility reports the embedded version information from the current nfjava
component. ReportVersion.java
outputs the version of the nfjava
library found on the class path.
These examples are not intended to be invoked directly.
They are called by other programs.
The following two utilities, EasyConnection
and Channel
, form a Java analog of the nCore simple command functions as shipped to C developers in libexamples.a
. You can compare and contrast this example with the C example simplecmd.h
.
You cannot invoke EasyConnection
and Channel
directly; CrypTest
invokes them.
For more information, see the Javadoc documentation.
ScoreKeeper.java
This example utility is shared code used by SigTest
and FloodTest
and cannot be invoked on its own.
It has helper classes for output reporting by SigTest
and FloodTest
.
SigTest.java
This example utility does signature performance testing.
It demonstrates asynchronous command processing (NFastApp_Wait
and NFastApp_Query
).
Java is not a high-performance language.
On slow host systems or systems with multiple modules, it is very common to be limited by the CPU of the host machine.
As a result, this example often does not show the true performance capabilities of the module.
If you want to test module performance, as distinct from application performance, use the C version of SigTest instead.
|