Ejemplo de recuperación de un identificador de clave sin confirmación de atributos. Genera un manejador de clave sin acceder al HSM.
package doxy.examples;
import java.util.Arrays;
import com.dinamonetworks.Dinamo;
import br.com.trueaccess.TacException;
import br.com.trueaccess.TacNDJavaLib;
public class GetUserKeyOffline {
static String ipHSM = "127.0.0.1";
static String usr = "master";
static String pass = "12345678";
static String keyName = "aes_key";
static int keyAlgId = TacNDJavaLib.ALG_AES_256;
public static void main(String[] args) throws TacException {
Dinamo api = new Dinamo();
System.out.println("--> Login HSM and create AES and RSA key");
api.openSession(ipHSM, usr, pass);
api.deleteKeyIfExists(keyName);
System.out.println("--> Create key");
api.createKey(keyName, keyAlgId, TacNDJavaLib.EXPORTABLE_KEY);
System.out.println("--> Get user key offline");
byte[] keyHandle = api.getUserKeyOffline(keyName, keyAlgId, false, true);
TacNDJavaLib hsm = new TacNDJavaLib();
System.out.println("--> Export key");
int jnaNativeReturn[] = new int[1];
byte[] keyMaterial = hsm.J_DExportKey(keyHandle, null, TacNDJavaLib.PLAINTEXTKEY_BLOB, 0, jnaNativeReturn);
System.out.println(Arrays.toString(keyMaterial));
System.out.println("--> Delete key");
api.deleteKey(keyName);
api.closeSession();
System.out.println("The process ended successfully");
}
}
