Examples with PrivateKeyEntry java.security.KeyStore.PrivateKeyEntry used on opensource projects

Example 11 with PrivateKeyEntry

use of java.security.KeyStore.PrivateKeyEntry in project android_frameworks_base by ResurrectionRemix.

the class AndroidKeyStoreTest method testKeyStore_SetKeyEntry_Replaced_Encrypted_Success.

public void testKeyStore_SetKeyEntry_Replaced_Encrypted_Success() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
    // Insert initial key
    {
        KeyFactory keyFact = KeyFactory.getInstance("RSA");
        PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
        final Certificate[] chain = new Certificate[2];
        chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
        chain[1] = caCert;
        mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, null, chain);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
        PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
        assertPrivateKeyEntryEquals(actual, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
    }
    // TODO make a separate key
    // Replace key
    {
        KeyFactory keyFact = KeyFactory.getInstance("RSA");
        PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
        final Certificate[] chain = new Certificate[2];
        chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
        chain[1] = caCert;
        mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, null, chain);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
        PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
        assertPrivateKeyEntryEquals(actual, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
    }
}

Example 12 with PrivateKeyEntry

use of java.security.KeyStore.PrivateKeyEntry in project android_frameworks_base by ResurrectionRemix.

the class AndroidKeyStoreTest method testKeyStore_GetEntry_RSA_NullParams_Unencrypted_Success.

public void testKeyStore_GetEntry_RSA_NullParams_Unencrypted_Success() throws Exception {
    mKeyStore.load(null, null);
    assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, FAKE_RSA_KEY_1, KeyStore.UID_SELF, KeyStore.FLAG_NONE));
    assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_RSA_USER_1, KeyStore.UID_SELF, KeyStore.FLAG_NONE));
    assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_RSA_CA_1, KeyStore.UID_SELF, KeyStore.FLAG_NONE));
    Entry entry = mKeyStore.getEntry(TEST_ALIAS_1, null);
    assertNotNull("Entry should exist", entry);
    assertTrue("Should be a PrivateKeyEntry", entry instanceof PrivateKeyEntry);
    PrivateKeyEntry keyEntry = (PrivateKeyEntry) entry;
    assertPrivateKeyEntryEquals(keyEntry, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
}

Example 13 with PrivateKeyEntry

use of java.security.KeyStore.PrivateKeyEntry in project android_frameworks_base by ResurrectionRemix.

the class AndroidKeyStoreSpi method engineSetEntry.

@Override
public void engineSetEntry(String alias, Entry entry, ProtectionParameter param) throws KeyStoreException {
    if (entry == null) {
        throw new KeyStoreException("entry == null");
    }
    Credentials.deleteAllTypesForAlias(mKeyStore, alias, mUid);
    if (entry instanceof java.security.KeyStore.TrustedCertificateEntry) {
        java.security.KeyStore.TrustedCertificateEntry trE = (java.security.KeyStore.TrustedCertificateEntry) entry;
        engineSetCertificateEntry(alias, trE.getTrustedCertificate());
        return;
    }
    if (entry instanceof PrivateKeyEntry) {
        PrivateKeyEntry prE = (PrivateKeyEntry) entry;
        setPrivateKeyEntry(alias, prE.getPrivateKey(), prE.getCertificateChain(), param);
    } else if (entry instanceof SecretKeyEntry) {
        SecretKeyEntry secE = (SecretKeyEntry) entry;
        setSecretKeyEntry(alias, secE.getSecretKey(), param);
    } else {
        throw new KeyStoreException("Entry must be a PrivateKeyEntry, SecretKeyEntry or TrustedCertificateEntry" + "; was " + entry);
    }
}

Example 14 with PrivateKeyEntry

use of java.security.KeyStore.PrivateKeyEntry in project android_frameworks_base by ResurrectionRemix.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_PrivateKeyEntry_Encrypted_Success.

public void testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_PrivateKeyEntry_Encrypted_Success() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    final KeyFactory keyFact = KeyFactory.getInstance("RSA");
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    // Start with PrivateKeyEntry
    {
        PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
        final Certificate[] expectedChain = new Certificate[2];
        expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
        expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
        PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
        mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
        PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
        assertPrivateKeyEntryEquals(actual, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
    }
    // TODO make entirely new test vector for the overwrite
    // Replace with PrivateKeyEntry
    {
        PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
        final Certificate[] expectedChain = new Certificate[2];
        expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
        expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
        PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
        mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
        PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
        assertPrivateKeyEntryEquals(actual, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
    }
}

Example 15 with PrivateKeyEntry

use of java.security.KeyStore.PrivateKeyEntry in project android_frameworks_base by ResurrectionRemix.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_CAEntry_Overwrites_PrivateKeyEntry_Encrypted_Success.

public void testKeyStore_SetEntry_CAEntry_Overwrites_PrivateKeyEntry_Encrypted_Success() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    // Start with TrustedCertificateEntry
    {
        final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
        TrustedCertificateEntry expectedCertEntry = new TrustedCertificateEntry(caCert);
        mKeyStore.setEntry(TEST_ALIAS_1, expectedCertEntry, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type TrustedCertificateEntry", actualEntry instanceof TrustedCertificateEntry);
        TrustedCertificateEntry actualCertEntry = (TrustedCertificateEntry) actualEntry;
        assertEquals("Stored and retrieved certificates should be the same", expectedCertEntry.getTrustedCertificate(), actualCertEntry.getTrustedCertificate());
    }
    // Replace with PrivateKeyEntry
    {
        KeyFactory keyFact = KeyFactory.getInstance("RSA");
        PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
        final Certificate[] expectedChain = new Certificate[2];
        expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
        expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
        PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain);
        mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
        PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry;
        assertPrivateKeyEntryEquals(actualPrivEntry, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
    }
}