use of java.security.KeyFactory in project platform_frameworks_base by android.
the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_PrivateKeyEntry_Encrypted_Success.
public void testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_PrivateKeyEntry_Encrypted_Success() throws Exception {
setupPassword();
mKeyStore.load(null, null);
final KeyFactory keyFact = KeyFactory.getInstance("RSA");
final CertificateFactory f = CertificateFactory.getInstance("X.509");
// Start with PrivateKeyEntry
{
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
final Certificate[] expectedChain = new Certificate[2];
expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actual, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
}
// TODO make entirely new test vector for the overwrite
// Replace with PrivateKeyEntry
{
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
final Certificate[] expectedChain = new Certificate[2];
expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actual, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
}
}
use of java.security.KeyFactory in project platform_frameworks_base by android.
the class AndroidKeyStoreTest method testKeyStore_SetKeyEntry_Replaced_Encrypted_Success.
public void testKeyStore_SetKeyEntry_Replaced_Encrypted_Success() throws Exception {
setupPassword();
mKeyStore.load(null, null);
final CertificateFactory f = CertificateFactory.getInstance("X.509");
final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
// Insert initial key
{
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
final Certificate[] chain = new Certificate[2];
chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
chain[1] = caCert;
mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, null, chain);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actual, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
}
// TODO make a separate key
// Replace key
{
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
final Certificate[] chain = new Certificate[2];
chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
chain[1] = caCert;
mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, null, chain);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actual, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
}
}
use of java.security.KeyFactory in project platform_frameworks_base by android.
the class AndroidKeyStoreTest method testKeyStore_SetKeyEntry_Encrypted_Success.
public void testKeyStore_SetKeyEntry_Encrypted_Success() throws Exception {
setupPassword();
mKeyStore.load(null, null);
final CertificateFactory f = CertificateFactory.getInstance("X.509");
final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
final Certificate[] chain = new Certificate[2];
chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
chain[1] = caCert;
mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, null, chain);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actual, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
}
use of java.security.KeyFactory in project platform_frameworks_base by android.
the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_ShortPrivateKeyEntry_Encrypted_Success.
public void testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_ShortPrivateKeyEntry_Encrypted_Success() throws Exception {
setupPassword();
mKeyStore.load(null, null);
final CertificateFactory f = CertificateFactory.getInstance("X.509");
final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
// Start with PrivateKeyEntry
{
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
final Certificate[] expectedChain = new Certificate[2];
expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
expectedChain[1] = caCert;
PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain);
mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actualPrivEntry, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
}
// Replace with PrivateKeyEntry that has no chain
{
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
final Certificate[] expectedChain = new Certificate[1];
expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain);
mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actualPrivEntry, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, null);
}
}
use of java.security.KeyFactory in project platform_frameworks_base by android.
the class PackageParser method parsePublicKey.
public static final PublicKey parsePublicKey(final String encodedPublicKey) {
if (encodedPublicKey == null) {
Slog.w(TAG, "Could not parse null public key");
return null;
}
EncodedKeySpec keySpec;
try {
final byte[] encoded = Base64.decode(encodedPublicKey, Base64.DEFAULT);
keySpec = new X509EncodedKeySpec(encoded);
} catch (IllegalArgumentException e) {
Slog.w(TAG, "Could not parse verifier public key; invalid Base64");
return null;
}
/* First try the key as an RSA key. */
try {
final KeyFactory keyFactory = KeyFactory.getInstance("RSA");
return keyFactory.generatePublic(keySpec);
} catch (NoSuchAlgorithmException e) {
Slog.wtf(TAG, "Could not parse public key: RSA KeyFactory not included in build");
} catch (InvalidKeySpecException e) {
// Not a RSA public key.
}
/* Now try it as a ECDSA key. */
try {
final KeyFactory keyFactory = KeyFactory.getInstance("EC");
return keyFactory.generatePublic(keySpec);
} catch (NoSuchAlgorithmException e) {
Slog.wtf(TAG, "Could not parse public key: EC KeyFactory not included in build");
} catch (InvalidKeySpecException e) {
// Not a ECDSA public key.
}
/* Now try it as a DSA key. */
try {
final KeyFactory keyFactory = KeyFactory.getInstance("DSA");
return keyFactory.generatePublic(keySpec);
} catch (NoSuchAlgorithmException e) {
Slog.wtf(TAG, "Could not parse public key: DSA KeyFactory not included in build");
} catch (InvalidKeySpecException e) {
// Not a DSA public key.
}
/* Not a supported key type */
return null;
}
Aggregations