Search in sources :

Example 1 with KeyFactory

use of java.security.KeyFactory in project cas by apereo.

the class PublicKeyFactoryBean method createInstance.

@Override
protected PublicKey createInstance() throws Exception {
    LOGGER.debug("Creating public key instance from [{}] using [{}]", this.resource.getFilename(), this.algorithm);
    try (InputStream pubKey = this.resource.getInputStream()) {
        final byte[] bytes = new byte[pubKey.available()];
        pubKey.read(bytes);
        final X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(bytes);
        final KeyFactory factory = KeyFactory.getInstance(this.algorithm);
        return factory.generatePublic(pubSpec);
    }
}
Also used : InputStream(java.io.InputStream) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) KeyFactory(java.security.KeyFactory)

Example 2 with KeyFactory

use of java.security.KeyFactory in project android_frameworks_base by ParanoidAndroid.

the class PackageParser method parseVerifier.

private static VerifierInfo parseVerifier(Resources res, XmlPullParser parser, AttributeSet attrs, int flags, String[] outError) throws XmlPullParserException, IOException {
    final TypedArray sa = res.obtainAttributes(attrs, com.android.internal.R.styleable.AndroidManifestPackageVerifier);
    final String packageName = sa.getNonResourceString(com.android.internal.R.styleable.AndroidManifestPackageVerifier_name);
    final String encodedPublicKey = sa.getNonResourceString(com.android.internal.R.styleable.AndroidManifestPackageVerifier_publicKey);
    sa.recycle();
    if (packageName == null || packageName.length() == 0) {
        Slog.i(TAG, "verifier package name was null; skipping");
        return null;
    } else if (encodedPublicKey == null) {
        Slog.i(TAG, "verifier " + packageName + " public key was null; skipping");
    }
    EncodedKeySpec keySpec;
    try {
        final byte[] encoded = Base64.decode(encodedPublicKey, Base64.DEFAULT);
        keySpec = new X509EncodedKeySpec(encoded);
    } catch (IllegalArgumentException e) {
        Slog.i(TAG, "Could not parse verifier " + packageName + " public key; invalid Base64");
        return null;
    }
    /* First try the key as an RSA key. */
    try {
        final KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        final PublicKey publicKey = keyFactory.generatePublic(keySpec);
        return new VerifierInfo(packageName, publicKey);
    } catch (NoSuchAlgorithmException e) {
        Log.wtf(TAG, "Could not parse public key because RSA isn't included in build");
        return null;
    } catch (InvalidKeySpecException e) {
    // Not a RSA public key.
    }
    /* Now try it as a DSA key. */
    try {
        final KeyFactory keyFactory = KeyFactory.getInstance("DSA");
        final PublicKey publicKey = keyFactory.generatePublic(keySpec);
        return new VerifierInfo(packageName, publicKey);
    } catch (NoSuchAlgorithmException e) {
        Log.wtf(TAG, "Could not parse public key because DSA isn't included in build");
        return null;
    } catch (InvalidKeySpecException e) {
    // Not a DSA public key.
    }
    return null;
}
Also used : PublicKey(java.security.PublicKey) TypedArray(android.content.res.TypedArray) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) KeyFactory(java.security.KeyFactory) EncodedKeySpec(java.security.spec.EncodedKeySpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec)

Example 3 with KeyFactory

use of java.security.KeyFactory in project android_frameworks_base by ParanoidAndroid.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_PrivateKeyEntry_Encrypted_Success.

public void testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_PrivateKeyEntry_Encrypted_Success() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    final KeyFactory keyFact = KeyFactory.getInstance("RSA");
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    // Start with PrivateKeyEntry
    {
        PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
        final Certificate[] expectedChain = new Certificate[2];
        expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1));
        expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1));
        PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
        mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
        PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
        assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1);
    }
    // TODO make entirely new test vector for the overwrite
    // Replace with PrivateKeyEntry
    {
        PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
        final Certificate[] expectedChain = new Certificate[2];
        expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1));
        expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1));
        PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
        mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
        PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
        assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1);
    }
}
Also used : TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) Entry(java.security.KeyStore.Entry) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) PrivateKey(java.security.PrivateKey) ByteArrayInputStream(java.io.ByteArrayInputStream) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) CertificateFactory(java.security.cert.CertificateFactory) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) KeyFactory(java.security.KeyFactory)

Example 4 with KeyFactory

use of java.security.KeyFactory in project android_frameworks_base by ParanoidAndroid.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Encrypted_Success.

public void testKeyStore_SetEntry_PrivateKeyEntry_Encrypted_Success() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    KeyFactory keyFact = KeyFactory.getInstance("RSA");
    PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    final Certificate[] expectedChain = new Certificate[2];
    expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1));
    expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1));
    PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
    mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
    Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
    assertNotNull("Retrieved entry should exist", actualEntry);
    assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
    PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
    assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1);
}
Also used : TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) Entry(java.security.KeyStore.Entry) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) PrivateKey(java.security.PrivateKey) ByteArrayInputStream(java.io.ByteArrayInputStream) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) CertificateFactory(java.security.cert.CertificateFactory) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) KeyFactory(java.security.KeyFactory) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 5 with KeyFactory

use of java.security.KeyFactory in project android_frameworks_base by ParanoidAndroid.

the class AndroidKeyStoreTest method testKeyStore_GetKey_NoPassword_Encrypted_Success.

public void testKeyStore_GetKey_NoPassword_Encrypted_Success() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, FAKE_KEY_1, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED));
    assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED));
    assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED));
    Key key = mKeyStore.getKey(TEST_ALIAS_1, null);
    assertNotNull("Key should exist", key);
    assertTrue("Should be a RSAPrivateKey", key instanceof RSAPrivateKey);
    RSAPrivateKey actualKey = (RSAPrivateKey) key;
    KeyFactory keyFact = KeyFactory.getInstance("RSA");
    PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
    assertEquals("Inserted key should be same as retrieved key", ((RSAPrivateKey) expectedKey).getModulus(), actualKey.getModulus());
}
Also used : RSAPrivateKey(java.security.interfaces.RSAPrivateKey) PrivateKey(java.security.PrivateKey) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) PublicKey(java.security.PublicKey) Key(java.security.Key) PrivateKey(java.security.PrivateKey) SecretKey(javax.crypto.SecretKey) KeyFactory(java.security.KeyFactory)

Aggregations

KeyFactory (java.security.KeyFactory)407 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)180 PrivateKey (java.security.PrivateKey)177 PublicKey (java.security.PublicKey)120 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)114 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)113 CertificateFactory (java.security.cert.CertificateFactory)103 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)99 ByteArrayInputStream (java.io.ByteArrayInputStream)93 Certificate (java.security.cert.Certificate)89 X509Certificate (java.security.cert.X509Certificate)87 RSAPublicKeySpec (java.security.spec.RSAPublicKeySpec)60 PrivateKeyEntry (java.security.KeyStore.PrivateKeyEntry)59 Entry (java.security.KeyStore.Entry)53 TrustedCertificateEntry (java.security.KeyStore.TrustedCertificateEntry)53 IOException (java.io.IOException)47 BigInteger (java.math.BigInteger)45 RSAPrivateKey (java.security.interfaces.RSAPrivateKey)43 RSAPublicKey (java.security.interfaces.RSAPublicKey)43 Signature (java.security.Signature)40