use of java.security.KeyFactory in project cas by apereo.
the class PublicKeyFactoryBean method createInstance.
@Override
protected PublicKey createInstance() throws Exception {
LOGGER.debug("Creating public key instance from [{}] using [{}]", this.resource.getFilename(), this.algorithm);
try (InputStream pubKey = this.resource.getInputStream()) {
final byte[] bytes = new byte[pubKey.available()];
pubKey.read(bytes);
final X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(bytes);
final KeyFactory factory = KeyFactory.getInstance(this.algorithm);
return factory.generatePublic(pubSpec);
}
}
use of java.security.KeyFactory in project android_frameworks_base by ParanoidAndroid.
the class PackageParser method parseVerifier.
private static VerifierInfo parseVerifier(Resources res, XmlPullParser parser, AttributeSet attrs, int flags, String[] outError) throws XmlPullParserException, IOException {
final TypedArray sa = res.obtainAttributes(attrs, com.android.internal.R.styleable.AndroidManifestPackageVerifier);
final String packageName = sa.getNonResourceString(com.android.internal.R.styleable.AndroidManifestPackageVerifier_name);
final String encodedPublicKey = sa.getNonResourceString(com.android.internal.R.styleable.AndroidManifestPackageVerifier_publicKey);
sa.recycle();
if (packageName == null || packageName.length() == 0) {
Slog.i(TAG, "verifier package name was null; skipping");
return null;
} else if (encodedPublicKey == null) {
Slog.i(TAG, "verifier " + packageName + " public key was null; skipping");
}
EncodedKeySpec keySpec;
try {
final byte[] encoded = Base64.decode(encodedPublicKey, Base64.DEFAULT);
keySpec = new X509EncodedKeySpec(encoded);
} catch (IllegalArgumentException e) {
Slog.i(TAG, "Could not parse verifier " + packageName + " public key; invalid Base64");
return null;
}
/* First try the key as an RSA key. */
try {
final KeyFactory keyFactory = KeyFactory.getInstance("RSA");
final PublicKey publicKey = keyFactory.generatePublic(keySpec);
return new VerifierInfo(packageName, publicKey);
} catch (NoSuchAlgorithmException e) {
Log.wtf(TAG, "Could not parse public key because RSA isn't included in build");
return null;
} catch (InvalidKeySpecException e) {
// Not a RSA public key.
}
/* Now try it as a DSA key. */
try {
final KeyFactory keyFactory = KeyFactory.getInstance("DSA");
final PublicKey publicKey = keyFactory.generatePublic(keySpec);
return new VerifierInfo(packageName, publicKey);
} catch (NoSuchAlgorithmException e) {
Log.wtf(TAG, "Could not parse public key because DSA isn't included in build");
return null;
} catch (InvalidKeySpecException e) {
// Not a DSA public key.
}
return null;
}
use of java.security.KeyFactory in project android_frameworks_base by ParanoidAndroid.
the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_PrivateKeyEntry_Encrypted_Success.
public void testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_PrivateKeyEntry_Encrypted_Success() throws Exception {
setupPassword();
mKeyStore.load(null, null);
final KeyFactory keyFact = KeyFactory.getInstance("RSA");
final CertificateFactory f = CertificateFactory.getInstance("X.509");
// Start with PrivateKeyEntry
{
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
final Certificate[] expectedChain = new Certificate[2];
expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1));
expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1));
PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1);
}
// TODO make entirely new test vector for the overwrite
// Replace with PrivateKeyEntry
{
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
final Certificate[] expectedChain = new Certificate[2];
expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1));
expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1));
PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1);
}
}
use of java.security.KeyFactory in project android_frameworks_base by ParanoidAndroid.
the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Encrypted_Success.
public void testKeyStore_SetEntry_PrivateKeyEntry_Encrypted_Success() throws Exception {
setupPassword();
mKeyStore.load(null, null);
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
final CertificateFactory f = CertificateFactory.getInstance("X.509");
final Certificate[] expectedChain = new Certificate[2];
expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1));
expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1));
PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1);
}
use of java.security.KeyFactory in project android_frameworks_base by ParanoidAndroid.
the class AndroidKeyStoreTest method testKeyStore_GetKey_NoPassword_Encrypted_Success.
public void testKeyStore_GetKey_NoPassword_Encrypted_Success() throws Exception {
setupPassword();
mKeyStore.load(null, null);
assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, FAKE_KEY_1, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED));
assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED));
assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED));
Key key = mKeyStore.getKey(TEST_ALIAS_1, null);
assertNotNull("Key should exist", key);
assertTrue("Should be a RSAPrivateKey", key instanceof RSAPrivateKey);
RSAPrivateKey actualKey = (RSAPrivateKey) key;
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
assertEquals("Inserted key should be same as retrieved key", ((RSAPrivateKey) expectedKey).getModulus(), actualKey.getModulus());
}
Aggregations