Skip to main content

Export Key

The Java_TEKey_ExportKey is used to export a key.


Code Samples

See the Java environment settings for details on setting the project environment.


Java_TEKey_ExportKey

The following example demonstrates the use of the Java_TEKey_ExportKey.  NOTE: Exporting a certificate user's key can only be done with an RSA Certificate User

/*****************************************************************************************
*
* Java_TEKey_ExportKey.java - NOTE: Only Use with RSA Certificate User
*
******************************************************************************************/

import com.eruces.teagent.TEAgentSSLMConnection;
import com.eruces.teagent.TEAgentException;
import java.io.FileInputStream;
import java.io.InputStream;
import java.io.FileNotFoundException;
import com.eruces.teagent.TEKey;
import com.eruces.teagent.TEAgentConnection;
import java.util.Vector;
import com.eruces.teadmin.Administration;
import com.eruces.teagent.TEAgentConnectionFactory;
import com.eruces.teagent.PAny;
import com.eruces.teconfig.AdminConfig;
import com.eruces.teconfig.REParameterInfo;
import com.eruces.teconfig.TEParameterInfo;
import com.eruces.teadmin.AdminException;
import com.eruces.teadmin.ACLEntry;
import com.eruces.teadmin.ACLInfo;
public class Java_TEKey_ExportKey {
private TEAgentConnection m_conn;
private Vector<TEKey.KeyPair> m_keyPairs;
private String [] m_hls;
private String m_strEncrypted1;
private String m_strEncrypted2;
private String m_strTTag1;
private String m_strTTag2;
private String m_strExportServer = "sampleserver";
private int m_nExportSystemId = 1912;
private int m_nPort = 8888;
private int m_nAdminPort = 8888;
private String m_strCertKeyFile2 = "C:\\Documents and Settings\\Administrator\\pkcs12_private_key2.pfx";
public void connect_native(String strServerName, int nPort, String strUsername, String strPasswd) throws TEAgentException
{
// Get a SSL connection instance
m_conn = TEAgentConnectionFactory.getInstance(TEAgentConnectionFactory.SECURE_USER_PASSWORD);
// Make connection
m_conn.open(strServerName, nPort, strUsername, strPasswd);
System.out.println("Connected to " + strServerName + " at " + nPort + " as " + strUsername);
}
public void connect_native_admin(String strServerName, int nPort, String strUsername, String strPasswd) throws TEAgentException
{
m_conn = TEAgentConnectionFactory.getInstance(TEAgentConnectionFactory.SECURE_USER_PASSWORD);
// Connect to server.
m_conn.open(strServerName, nPort, strUsername, strPasswd);
System.out.println("Connected to " + strServerName + " at " + nPort + " as " + strUsername);
}
public void connect_cert(String strServerName, int nPort, String strCertFile, String strPasswd) throws Exception
{
try {
// Get a connection for native user
TEAgentSSLMConnection sslmConn = new TEAgentSSLMConnection();
// Read pfx file
InputStream pfx = new FileInputStream(strCertFile);
// Make connection
sslmConn.open(strServerName, nPort, pfx, strPasswd);
m_conn = sslmConn;
System.out.println("Connected to " + strServerName + " at " + nPort + " as certificate user.");
}
catch(FileNotFoundException fnfex) {
throw new Exception(fnfex.getMessage());
}
}
public void disconnect() throws TEAgentException
{
// Close connection
m_conn.close();
System.out.println("Disconnected from server ");
}
/*
* Export a certificate user's own key with
* TeKey.exportKey(int ExportSystemId, int nCertPrincipalId, KeyPair keyPairs)
* Keys eported with system id and certificate principal id cannot be imported to a server.
*/
public void testExportKey1() throws TEAgentException, Exception {
// Encrypt something to generate keys
System.out.println();
System.out.println("Encrypt something to generate keys:");
connect_cert(m_strExportServer, m_nAdminPort, m_strCertKeyFile2, "password1A");
StringBuffer strbufTTag1 = new StringBuffer();
StringBuffer strbufTTag2 = new StringBuffer();
m_strEncrypted1 = Java_HelperFunctions.encryptSingle(m_conn, "Dummy data 1", strbufTTag1);
m_strEncrypted2 = Java_HelperFunctions.encryptSingle(m_conn, "Dummy data 2", strbufTTag2);
disconnect();
m_strTTag1 = strbufTTag1.toString();
m_strTTag2 = strbufTTag2.toString();
System.out.println("Keys were generated:");
System.out.println("m_strTTag1 = " + m_strTTag1);
System.out.println("m_strTTag2 = " + m_strTTag2);
// Prepare container
TEKey.KeyPair keyPair1 = new TEKey.KeyPair();
TEKey.KeyPair keyPair2 = new TEKey.KeyPair();
keyPair1.setHiddenLink(m_strTTag1);
keyPair2.setHiddenLink(m_strTTag2);
m_keyPairs = new Vector<TEKey.KeyPair>();
m_keyPairs.add(keyPair1);
m_keyPairs.add(keyPair2);
// Export keys
System.out.println();
System.out.println("Export keys:");
TEKey teKey = new TEKey();
connect_cert(m_strExportServer, m_nAdminPort, m_strCertKeyFile2, "password1A");
teKey.attachConnection(m_conn);
long nCertPrincipalId = m_conn.getLoginID();
teKey.exportKey(m_nExportSystemId, nCertPrincipalId, m_keyPairs);
teKey.detachConnection();
disconnect();
String exportedTTag1 = keyPair1.getHiddenLink();
String exportedKey1 = keyPair1.getKey();
String exportedTTag2 = keyPair2.getHiddenLink();
String exportedKey2 = keyPair2.getKey();
System.out.println("Keys were exported:");
System.out.println("exportedTTag1 = " + exportedTTag1);
System.out.println("exportedKey1 = " + exportedKey1);
System.out.println("exportedTTag2 = " + exportedTTag2);
System.out.println("exportedKey2 = " + exportedKey2);
}
/*
* Export a certificate user's own key with
* TeKey.exportKey(int ExportSystemId, int nCertPrincipalId, String[] hls, int type)
*/
public void testExportKey2(int type) throws TEAgentException, Exception {
// Encrypt something to generate keys
System.out.println();
System.out.println("Encrypt something to generate keys:");
connect_cert(m_strExportServer, m_nAdminPort, m_strCertKeyFile2, "password1A");
StringBuffer strbufTTag1 = new StringBuffer();
StringBuffer strbufTTag2 = new StringBuffer();
m_strEncrypted1 = Java_HelperFunctions.encryptSingle(m_conn, "Dummy data 1", strbufTTag1);
m_strEncrypted2 = Java_HelperFunctions.encryptSingle(m_conn, "Dummy data 2", strbufTTag2);
disconnect();
m_strTTag1 = strbufTTag1.toString();
m_strTTag2 = strbufTTag2.toString();
System.out.println("Keys were generated:");
System.out.println("m_strTTag1 = " + m_strTTag1);
System.out.println("m_strTTag2 = " + m_strTTag2);
// Prepare T-tags
m_hls = new String[2];
m_hls[0] = m_strTTag1;
m_hls[1] = m_strTTag2;
// Export keys
System.out.println();
System.out.println("Export keys:");
TEKey teKey = new TEKey();
connect_cert(m_strExportServer, m_nAdminPort, m_strCertKeyFile2, "password1A");
teKey.attachConnection(m_conn);
long nCertPrincipalId = m_conn.getLoginID();
System.out.println("nCertPrincipalId = " + nCertPrincipalId);
String strExportedKey = teKey.exportKey(m_nExportSystemId, nCertPrincipalId, m_hls, type);
teKey.detachConnection();
disconnect();
System.out.println("Keys were exported:");
System.out.println("exportedTTag1 = " + m_strTTag1);
System.out.println("exportedTTag2 = " + m_strTTag2);
System.out.println("Exported key = " + strExportedKey);
}
/*
* Export a native user's key to a certificate user with
* TeKey.exportKey(int ExportSystemId, int nCertPrincipalId, String[] hls, int type)
*/
public void testExportKey3(int type) throws TEAgentException, Exception {
// Get the certificate user's principal ID
System.out.println();
System.out.println("Get the certificate user's principal ID...");
connect_cert(m_strExportServer, m_nAdminPort, m_strCertKeyFile2, "password1A");
long nCertPrincipalId = m_conn.getLoginID();
System.out.println("nCertPrincipalId = " + nCertPrincipalId);
disconnect();
// Encrypt something to generate keys
System.out.println();
System.out.println("Encrypt something to generate keys:");
connect_native(m_strExportServer, m_nPort, "ls", "password1A");
StringBuffer strbufTTag1 = new StringBuffer();
StringBuffer strbufTTag2 = new StringBuffer();
m_strEncrypted1 = Java_HelperFunctions.encryptSingle(m_conn, "Dummy data 1", strbufTTag1);
m_strEncrypted2 = Java_HelperFunctions.encryptSingle(m_conn, "Dummy data 2", strbufTTag2);
disconnect();
m_strTTag1 = strbufTTag1.toString();
m_strTTag2 = strbufTTag2.toString();
System.out.println("Keys were generated:");
System.out.println("m_strTTag1 = " + m_strTTag1);
System.out.println("m_strTTag2 = " + m_strTTag2);
// Prepare T-tags
m_hls = new String[2];
m_hls[0] = m_strTTag1;
m_hls[1] = m_strTTag2;
// Export keys
System.out.println();
System.out.println("Export keys:");
TEKey teKey = new TEKey();
connect_native_admin(m_strExportServer, m_nAdminPort, "ls", "password1A");
// Add the certificate user to the ACL
addACLEntry(m_hls[0], nCertPrincipalId);
addACLEntry(m_hls[1], nCertPrincipalId);
teKey.attachConnection(m_conn);
String strExportedKey = teKey.exportKey(m_nExportSystemId, nCertPrincipalId, m_hls, type);
teKey.detachConnection();
disconnect();
System.out.println("Keys were exported:");
System.out.println("exportedTTag1 = " + m_strTTag1);
System.out.println("exportedTTag2 = " + m_strTTag2);
System.out.println("Exported key = " + strExportedKey);
}
public void addACLEntry(String strTTag, long nCertPrincipalId) throws TEAgentException, AdminException, Exception
{
Administration admin = new Administration();
admin.attachConnection(m_conn);
// User must be owner of the T-tag.
ACLInfo info = admin.getACL(strTTag);
if( info == null )
throw new Exception("ACL info not found !");
System.out.println("");
System.out.println("ACL info got:");
System.out.println(" " + info.toString());
ACLInfo info2 = new ACLInfo();
info2.setACLID( info.getACLID() );
ACLEntry ent2add = new ACLEntry( info2 );
ent2add.setPrincipalID(nCertPrincipalId);
ent2add.setFlag(ACLEntry.ACL_RIGHT_WRITE | ACLEntry.ACL_RIGHT_READ); // ACL right
ent2add.setMaxUsage(ACLEntry.USAGE_NO_LIMIT);
ent2add.setStartTime(0);
ent2add.setEndTime(0);
ent2add.setSystemID(admin.getSystemID());
ent2add.setUserRight(0); // Reserved
admin.updateACL(Administration.ADD_ACLENTRY, info2); // add ACL entry to ACL info.
System.out.println("ACL entry was added to ACL info");
// Get updated info
info = admin.getACL(strTTag);
if( info == null )
throw new Exception("ACL info not found !");
System.out.println("");
System.out.println("ACL info got:");
System.out.println(" " + info.toString());
admin.detachConnection();
}
public static void main(String[] args)
{
try
{
Java_TEKey_ExportKey java_test = new Java_TEKey_ExportKey();
java_test.testExportKey1();
int type = 2; // 1 - SMIME, can only export keys.
// 2 - XML, can export and import keys.
java_test.testExportKey2(type);
java_test.testExportKey3(type);
}
catch (TEAgentException te)
{
te.printStackTrace();
}
catch (Exception ex)
{
ex.printStackTrace();
}
}
}
/**************************************************************************************
Encrypt something to generate keys:
Connected to sampleserver at 8888 as certificate user.
Disconnected from server
Keys were generated:
m_strTTag1 = AAAHeLYYdj7b15vZoUNTTpTfg7CHPWfhKaddIYUS0hoMNnAkbPcPkQ==
m_strTTag2 = AAAHeKSYT0G4f60ik0ddkcWby26G6Z7cfWxJDVTHcLeHJiM43lFRqQ==

Export keys:
Connected to sampleserver at 8888 as certificate user.
Disconnected from server
Keys were exported:
exportedTTag1 = AAAHeLYYdj7b15vZoUNTTpTfg7CHPWfhKaddIYUS0hoMNnAkbPcPkQ==
exportedKey1 = Ef2Scl7RBF3zjNro5hFnF3yqfB57QwhwFVzwdbjJTyG0gjthE7b30jqr4dL/y0YvmVvUsJBAV7+7IUeCwDeE9i/GAUVm9bA7/CFzvwen7ij+U8vOvDXRN67RzEUmgOoI+se3A/WFx4hQGsYP23x3cEMoMQtNECeu/99x37zH95A=
exportedTTag2 = AAAHeKSYT0G4f60ik0ddkcWby26G6Z7cfWxJDVTHcLeHJiM43lFRqQ==
exportedKey2 = kNc8Fdr6iYr7Q9/senGQnNpFjndlI2FiGrNXGvC8gIPPaxZVZH7LtLeJSqTVuc5NlsAN/FqtoHvUXPs4PP1oYez9FnmHlUEmGc8UHVJF4XhuWQlRblPJQjplDwEtRcHF8G21uw4Uqvpb5p3S5NcCNNtkDkvruS5XWJq4bjbpEEQ=

Encrypt something to generate keys:
Connected to sampleserver at 8888 as certificate user.
Disconnected from server
Keys were generated:
m_strTTag1 = AAAHeHcb5kOoidFn6+NcW68mlfSl+i0qou2424pvtrAdSscIIcMnXA==
m_strTTag2 = AAAHeNpAd0ZyJEseZ+6wiMKkacTIr5CE2n27D4RX8c9/+sTqtd1HSg==

Export keys:
Connected to sampleserver at 8888 as certificate user.
nCertPrincipalId = 3002
Disconnected from server
Keys were exported:
exportedTTag1 = AAAHeHcb5kOoidFn6+NcW68mlfSl+i0qou2424pvtrAdSscIIcMnXA==
exportedTTag2 = AAAHeNpAd0ZyJEseZ+6wiMKkacTIr5CE2n27D4RX8c9/+sTqtd1HSg==
Exported key = <XMLKeyContainer><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<xenc:EncryptedKey Recipient="4+PznX7lVrI=" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<xenc:CipherData>
<xenc:CipherValue>hJIMjIQPhHLXKJ6qLic5sTE2k3sZWos+hVrcNeP4G5GOMeR/h67F2Mh9K5O/diCLaYRH5OCfOJrk
JjKbDySUe7CieutKrJx/1bcZoPsovsbUwnvdbQfJCxGJM2q8l8rGkFOm6qc7hgQuAam6cI4pDrRS
49lq4ehzq33xNfY36RQ=</xenc:CipherValue>
</xenc:CipherData>
<xenc:CarriedKeyName>AAAHeHcb5kOoidFn6+NcW68mlfSl+i0qou2424pvtrAdSscIIcMnXA==</xenc:CarriedKeyName>
</xenc:EncryptedKey>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>4vqmE46EnvYm7Pm7cwnZLlDg/3mF1vrQ</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<xenc:EncryptedKey Recipient="5UqpbGKKhI8=" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<xenc:CipherData>
<xenc:CipherValue>Bij+tUR9c+tq87ONPeStcFVe2hqHnsidX3rEC1KUFTd27AKQfbq4kuL9HNPfFl/+T0Ixl7LAaUPX
3Ov8wFiMa2LxASuoinAVaHQySXA7pZiAkKpE0bCb67GjdqN2JhK5lBPp259WejO9pgFqNpmVS/N/
Bk1VA+eECHIxhvDdpKU=</xenc:CipherValue>
</xenc:CipherData>
<xenc:CarriedKeyName>AAAHeNpAd0ZyJEseZ+6wiMKkacTIr5CE2n27D4RX8c9/+sTqtd1HSg==</xenc:CarriedKeyName>
</xenc:EncryptedKey>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>uTNXWYSfQRbgD64HkmOLLiofhboQ1Y3E</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData></XMLKeyContainer>

Get the certificate user's principal ID...
Connected to sampleserver at 8888 as certificate user.
nCertPrincipalId = 3002
Disconnected from server

Encrypt something to generate keys:
Connected to sampleserver at 8888 as ls
Disconnected from server
Keys were generated:
m_strTTag1 = AAAHePmLHUwyCl/g7Hwhg/zLt8JLpOOz4TDCrDch34vGrXFeEYnsAA==
m_strTTag2 = AAAHeChWDFW8DYmEhzSe+yA1OIVut7QsGOtTA83p+4gStfLYEncHcQ==

Export keys:
Connected to sampleserver at 8888 as ls

ACL info got:
ACLInfo:
<T-tag: AAAHePmLHUwyCl/g7Hwhg/zLt8JLpOOz4TDCrDch34vGrXFeEYnsAA== >
<Create Time: 1196351572 >
<ACLID: 22 >
<Number of ACLEntries: 1 >
ACLEntry:
<Principal ID: 3001 >
<Creation Time: 1196351572 >
<End Time: 0 >
<Start Time: 0 >
<Max Usage: -1 >
<ACL Right: 7 >
<ACLID: 22 >
<User Rights: 0 >

ACL entry was added to ACL info

ACL info got:
ACLInfo:
<T-Tag: AAAHePmLHUwyCl/g7Hwhg/zLt8JLpOOz4TDCrDch34vGrXFeEYnsAA== >
<Create Time: 1196351572 >
<ACLID: 22 >
<Number of ACLEntries: 2 >
ACLEntry:
<Principal ID: 3001 >
<Creation Time: 1196351572 >
<End Time: 0 >
<Start Time: 0 >
<Max Usage: -1 >
<ACL Right: 7 >
<ACLID: 22 >
<User Rights: 0 >
ACLEntry:
<Principal ID: 3002 >
<Creation Time: 1196351573 >
<End Time: 0 >
<Start Time: 0 >
<Max Usage: -1 >
<ACL Right: 3 >
<ACLID: 22 >
<User Rights: 0 >

ACL info got:
ACLInfo:
<T-Tag: AAAHeChWDFW8DYmEhzSe+yA1OIVut7QsGOtTA83p+4gStfLYEncHcQ== >
<Create Time: 1196351573 >
<ACLID: 23 >
<Number of ACLEntries: 1 >
ACLEntry:
<Principal ID: 3001 >
<Creation Time: 1196351573 >
<End Time: 0 >
<Start Time: 0 >
<Max Usage: -1 >
<ACL Right: 7 >
<ACLID: 23 >
<User Rights: 0 >

ACL entry was added to ACL info

ACL info got:
ACLInfo:
<T-Tag: AAAHeChWDFW8DYmEhzSe+yA1OIVut7QsGOtTA83p+4gStfLYEncHcQ== >
<Create Time: 1196351573 >
<ACLID: 23 >
<Number of ACLEntries: 2 >
ACLEntry:
<Principal ID: 3001 >
<Creation Time: 1196351573 >
<End Time: 0 >
<Start Time: 0 >
<Max Usage: -1 >
<ACL Right: 7 >
<ACLID: 23 >
<User Rights: 0 >
ACLEntry:
<Principal ID: 3002 >
<Creation Time: 1196351573 >
<End Time: 0 >
<Start Time: 0 >
<Max Usage: -1 >
<ACL Right: 3 >
<ACLID: 23 >
<User Rights: 0 >

Disconnected from server
Keys were exported:
exportedTTag1 = AAAHePmLHUwyCl/g7Hwhg/zLt8JLpOOz4TDCrDch34vGrXFeEYnsAA==
exportedTTag2 = AAAHeChWDFW8DYmEhzSe+yA1OIVut7QsGOtTA83p+4gStfLYEncHcQ==
Exported key = <XMLKeyContainer><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<xenc:EncryptedKey Recipient="foEGkpKPVjc=" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<xenc:CipherData>
<xenc:CipherValue>m0l4WbAZt0Wa8uxjkdjboNYqmpJVkuj/ly/LJxyf1bPEKDQtGHfuH7QtKUuYdtInKq7XcyHK8i4H
7xwnCUznb5gaPVSHtpA3aAbwt1zmvfABlc31muLd5n6DzeA40cXn5ZGdd+aCATXHL1IKrgrNplQC
my2IfgKk2dTm+Zz8vfU=</xenc:CipherValue>
</xenc:CipherData>
<xenc:CarriedKeyName>AAAHePmLHUwyCl/g7Hwhg/zLt8JLpOOz4TDCrDch34vGrXFeEYnsAA==</xenc:CarriedKeyName>
</xenc:EncryptedKey>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>MPLtfR10OJY4aE920UQYpewq1PbJxkTT</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<xenc:EncryptedKey Recipient="3OINyXMWQn4=" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<xenc:CipherData>
<xenc:CipherValue>kQygaqCaYnPlxj6ahCvthsEmuyayQabuwE2wAPWdaraA+GcYdA27/9+Xu/kxBfG+pTeERH6cqNiw
Ag/ahS+0IKpT6qXQgg/TkKSq3Tgbdr+4CdvBuBtGEWrRy4FTaAznhjO1jaQsJwcuO9wfAjeu8+3X
zBLiANYUi8JaddTTKx8=</xenc:CipherValue>
</xenc:CipherData>
<xenc:CarriedKeyName>AAAHeChWDFW8DYmEhzSe+yA1OIVut7QsGOtTA83p+4gStfLYEncHcQ==</xenc:CarriedKeyName>
</xenc:EncryptedKey>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>VGU+ZdgN1JgEIUUZ+7eKT0M2ySczLeu4</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData></XMLKeyContainer>
**************************************************************************************/