Ejemplo de exportación e importación mediante KEK.
package doxy.examples;
import com.dinamonetworks.Dinamo;
import br.com.trueaccess.TacException;
import br.com.trueaccess.TacNDJavaLib;
public class ExportImportKeyWithKek {
public static void main(String[] args) throws TacException {
String keyId = "aes256";
String importedKeyId = "aes256_imp";
String kekId = "rsa2048";
String ip = "127.0.0.1";
String user = "master";
String password = "12345678";
Dinamo api = new Dinamo();
api.openSession(ip, user, password, false);
api.createKey(keyId, TacNDJavaLib.ALG_AES_256, true);
api.createKey(kekId, TacNDJavaLib.ALG_RSA_2048, true);
byte[] kek = api.getUserKey(kekId);
api.setPadding(kek, TacNDJavaLib.D_OAEP_SHA2_256_PADDING);
byte[] exportedKey = api.exportKey(keyId, kek, TacNDJavaLib.WRAPPED_KEY_BLOB);
byte[] importedKey = null;
api.importKey(importedKeyId, kek, TacNDJavaLib.WRAPPED_KEY_BLOB,
TacNDJavaLib.ALG_AES_256, TacNDJavaLib.EXPORTABLE_KEY,
exportedKey, null);
api.deleteKey(keyId);
api.deleteKey(importedKeyId);
api.deleteKey(kekId);
api.closeSession();
}
}