Example 16 with PrivateKeyEntry
use of java.security.KeyStore.PrivateKeyEntry in project android_frameworks_base by ResurrectionRemix.
the class AndroidKeyStoreTest method testKeyStore_GetEntry_NullParams_Encrypted_Success.
public void testKeyStore_GetEntry_NullParams_Encrypted_Success() throws Exception {
setupPassword();
mKeyStore.load(null, null);
assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, FAKE_RSA_KEY_1, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED));
assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_RSA_USER_1, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED));
assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_RSA_CA_1, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED));
Entry entry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Entry should exist", entry);
assertTrue("Should be a PrivateKeyEntry", entry instanceof PrivateKeyEntry);
PrivateKeyEntry keyEntry = (PrivateKeyEntry) entry;
assertPrivateKeyEntryEquals(keyEntry, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
}
Also used :
TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
Entry(java.security.KeyStore.Entry)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
Example 17 with PrivateKeyEntry
use of java.security.KeyStore.PrivateKeyEntry in project Resurrection_packages_apps_Settings by ResurrectionRemix.
the class CertInstallerHelper method extractCertificate.
private void extractCertificate(String certFile, String password) {
InputStream in = null;
final byte[] raw;
java.security.KeyStore keystore = null;
try {
// Read .p12 file from SDCARD and extract with password
in = new FileInputStream(new File(Environment.getExternalStorageDirectory(), certFile));
raw = Streams.readFully(in);
keystore = java.security.KeyStore.getInstance("PKCS12");
PasswordProtection passwordProtection = new PasswordProtection(password.toCharArray());
keystore.load(new ByteArrayInputStream(raw), passwordProtection.getPassword());
// Install certificates and private keys
Enumeration<String> aliases = keystore.aliases();
if (!aliases.hasMoreElements()) {
Assert.fail("key store failed to put in keychain");
}
ArrayList<String> aliasesList = Collections.list(aliases);
// The keystore is initialized for each test case, there will
// be only one alias in the keystore
Assert.assertEquals(1, aliasesList.size());
String alias = aliasesList.get(0);
java.security.KeyStore.Entry entry = keystore.getEntry(alias, passwordProtection);
Log.d(TAG, "extracted alias = " + alias + ", entry=" + entry.getClass());
if (entry instanceof PrivateKeyEntry) {
Assert.assertTrue(installFrom((PrivateKeyEntry) entry));
}
} catch (IOException e) {
Assert.fail("Failed to read certficate: " + e);
} catch (KeyStoreException e) {
Log.e(TAG, "failed to extract certificate" + e);
} catch (NoSuchAlgorithmException e) {
Log.e(TAG, "failed to extract certificate" + e);
} catch (CertificateException e) {
Log.e(TAG, "failed to extract certificate" + e);
} catch (UnrecoverableEntryException e) {
Log.e(TAG, "failed to extract certificate" + e);
} finally {
if (in != null) {
try {
in.close();
} catch (IOException e) {
Log.e(TAG, "close FileInputStream error: " + e);
}
}
}
}
Also used :
ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream)
ByteArrayInputStream(java.io.ByteArrayInputStream)
FileInputStream(java.io.FileInputStream)
InputStream(java.io.InputStream)
CertificateException(java.security.cert.CertificateException)
DEROctetString(com.android.org.bouncycastle.asn1.DEROctetString)
IOException(java.io.IOException)
KeyStoreException(java.security.KeyStoreException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
KeyStore(android.security.KeyStore)
FileInputStream(java.io.FileInputStream)
ByteArrayInputStream(java.io.ByteArrayInputStream)
UnrecoverableEntryException(java.security.UnrecoverableEntryException)
File(java.io.File)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
PasswordProtection(java.security.KeyStore.PasswordProtection)
Example 18 with PrivateKeyEntry
use of java.security.KeyStore.PrivateKeyEntry in project nhin-d by DirectProject.
the class AbstractKeyStoreManagerCertificateStore method remove.
@Override
public void remove(X509Certificate cert) {
if (!(storeMgr instanceof MutableKeyStoreProtectionManager))
throw new IllegalStateException("The store manager is a MutableKeyStoreProtectionManager instance");
try {
String aliasToRemove = null;
for (String alias : storeMgr.getAllEntries().keySet()) {
final Entry entry = storeMgr.getEntry(alias);
if (entry instanceof PrivateKeyEntry) {
final PrivateKeyEntry privEntry = (PrivateKeyEntry) entry;
if (cert.equals(privEntry.getCertificate())) {
aliasToRemove = alias;
break;
}
}
}
if (aliasToRemove != null) {
final MutableKeyStoreProtectionManager mutMgr = (MutableKeyStoreProtectionManager) storeMgr;
mutMgr.clearEntry(aliasToRemove);
}
}///CLOVER:OFF
catch (Exception e) {
throw new NHINDException(AgentError.Unexpected, "Failed to remove key entry from PKCS11 store.", e);
}
///CLOVER:ON
}
Also used :
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
Entry(java.security.KeyStore.Entry)
MutableKeyStoreProtectionManager(org.nhindirect.common.crypto.MutableKeyStoreProtectionManager)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
NHINDException(org.nhindirect.stagent.NHINDException)
NHINDException(org.nhindirect.stagent.NHINDException)
Example 19 with PrivateKeyEntry
use of java.security.KeyStore.PrivateKeyEntry in project nhin-d by DirectProject.
the class AbstractKeyStoreManagerCertificateStore method getAllCertificates.
/**
* {@inheritDoc}
*/
@Override
public Collection<X509Certificate> getAllCertificates() {
final Collection<X509Certificate> retVal = new ArrayList<X509Certificate>();
try {
for (Map.Entry<String, Entry> entry : storeMgr.getAllEntries().entrySet()) {
if (entry.getValue() instanceof PrivateKeyEntry) {
final PrivateKeyEntry privEntry = (PrivateKeyEntry) entry.getValue();
retVal.add(X509CertificateEx.fromX509Certificate((X509Certificate) privEntry.getCertificate(), privEntry.getPrivateKey()));
}
}
return retVal;
}///CLOVER:OFF
catch (Exception e) {
throw new NHINDException(AgentError.Unexpected, "Failed to get key entries from PKCS11 store.", e);
}
///CLOVER:ON
}
Also used :
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
Entry(java.security.KeyStore.Entry)
ArrayList(java.util.ArrayList)
Map(java.util.Map)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
NHINDException(org.nhindirect.stagent.NHINDException)
X509Certificate(java.security.cert.X509Certificate)
NHINDException(org.nhindirect.stagent.NHINDException)
Example 20 with PrivateKeyEntry
use of java.security.KeyStore.PrivateKeyEntry in project nhin-d by DirectProject.
the class AbstractKeyStoreManagerCertificateStore method add.
@Override
public void add(X509Certificate cert) {
if (!(storeMgr instanceof MutableKeyStoreProtectionManager))
throw new IllegalStateException("The store manager is a MutableKeyStoreProtectionManager instance");
if (!(cert instanceof X509CertificateEx) || !((X509CertificateEx) cert).hasPrivateKey())
throw new IllegalArgumentException("PKCS11 certificates require a private key");
final X509CertificateEx exCert = (X509CertificateEx) cert;
// keys stores require aliases, and a given subject may include multiple certificates
// to avoid possible collisions, this will use the certificate thumbprint
final String alias = Thumbprint.toThumbprint(cert).toString();
final PrivateKeyEntry entry = new PrivateKeyEntry(exCert.getPrivateKey(), new Certificate[] { cert });
try {
((MutableKeyStoreProtectionManager) storeMgr).setEntry(alias, entry);
}///CLOVER:OFF
catch (Exception e) {
throw new NHINDException(AgentError.Unexpected, "Failed to add key entry into PKCS11 store.", e);
}
///CLOVER:ON
}
Also used :
X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx)
MutableKeyStoreProtectionManager(org.nhindirect.common.crypto.MutableKeyStoreProtectionManager)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
NHINDException(org.nhindirect.stagent.NHINDException)
NHINDException(org.nhindirect.stagent.NHINDException)
Aggregations
PrivateKeyEntry (java.security.KeyStore.PrivateKeyEntry)123
Entry (java.security.KeyStore.Entry)79
PrivateKey (java.security.PrivateKey)78
TrustedCertificateEntry (java.security.KeyStore.TrustedCertificateEntry)77
ByteArrayInputStream (java.io.ByteArrayInputStream)68
X509Certificate (java.security.cert.X509Certificate)67
Certificate (java.security.cert.Certificate)62
CertificateFactory (java.security.cert.CertificateFactory)61
KeyFactory (java.security.KeyFactory)59
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)59
KeyStoreException (java.security.KeyStoreException)30
IOException (java.io.IOException)18
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)18
KeyStore (java.security.KeyStore)17
CertificateException (java.security.cert.CertificateException)13
KeyStore (android.security.KeyStore)12
PasswordProtection (java.security.KeyStore.PasswordProtection)11
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)10
UnrecoverableEntryException (java.security.UnrecoverableEntryException)9
DEROctetString (com.android.org.bouncycastle.asn1.DEROctetString)8
