use of java.security.KeyFactory in project android_frameworks_base by ParanoidAndroid.
the class AndroidKeyStoreTest method testKeyStore_SetKeyEntry_Replaced_Encrypted_Success.
public void testKeyStore_SetKeyEntry_Replaced_Encrypted_Success() throws Exception {
setupPassword();
mKeyStore.load(null, null);
final CertificateFactory f = CertificateFactory.getInstance("X.509");
final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1));
// Insert initial key
{
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
final Certificate[] chain = new Certificate[2];
chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1));
chain[1] = caCert;
mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, null, chain);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1);
}
// TODO make a separate key
// Replace key
{
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
final Certificate[] chain = new Certificate[2];
chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1));
chain[1] = caCert;
mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, null, chain);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1);
}
}
use of java.security.KeyFactory in project android_frameworks_base by ParanoidAndroid.
the class AndroidKeyStoreTest method testKeyStore_SetKeyEntry_ProtectedKey_Encrypted_Failure.
public void testKeyStore_SetKeyEntry_ProtectedKey_Encrypted_Failure() throws Exception {
setupPassword();
mKeyStore.load(null, null);
final CertificateFactory f = CertificateFactory.getInstance("X.509");
final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1));
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
final Certificate[] chain = new Certificate[2];
chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1));
chain[1] = caCert;
try {
mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, "foo".toCharArray(), chain);
fail("Should fail when a password is specified");
} catch (KeyStoreException success) {
}
}
use of java.security.KeyFactory in project android_frameworks_base by ParanoidAndroid.
the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Params_Unencrypted_Failure.
public void testKeyStore_SetEntry_PrivateKeyEntry_Params_Unencrypted_Failure() throws Exception {
mKeyStore.load(null, null);
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
final CertificateFactory f = CertificateFactory.getInstance("X.509");
final Certificate[] expectedChain = new Certificate[2];
expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1));
expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1));
PrivateKeyEntry entry = new PrivateKeyEntry(expectedKey, expectedChain);
try {
mKeyStore.setEntry(TEST_ALIAS_1, entry, new KeyStoreParameter.Builder(getContext()).setEncryptionRequired(true).build());
fail("Shouldn't be able to insert encrypted entry when KeyStore uninitialized");
} catch (KeyStoreException expected) {
}
assertNull(mKeyStore.getEntry(TEST_ALIAS_1, null));
}
use of java.security.KeyFactory in project android_frameworks_base by ParanoidAndroid.
the class AndroidKeyStoreTest method assertPrivateKeyEntryEquals.
@SuppressWarnings("unchecked")
private void assertPrivateKeyEntryEquals(PrivateKeyEntry keyEntry, byte[] key, byte[] cert, byte[] ca) throws Exception {
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(key));
CertificateFactory certFact = CertificateFactory.getInstance("X.509");
Certificate expectedCert = certFact.generateCertificate(new ByteArrayInputStream(cert));
final Collection<Certificate> expectedChain;
if (ca != null) {
expectedChain = (Collection<Certificate>) certFact.generateCertificates(new ByteArrayInputStream(ca));
} else {
expectedChain = null;
}
assertPrivateKeyEntryEquals(keyEntry, expectedKey, expectedCert, expectedChain);
}
use of java.security.KeyFactory in project android_frameworks_base by ParanoidAndroid.
the class AndroidKeyStoreTest method testKeyStore_GetKey_NoPassword_Unencrypted_Success.
public void testKeyStore_GetKey_NoPassword_Unencrypted_Success() throws Exception {
mKeyStore.load(null, null);
assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, FAKE_KEY_1, KeyStore.UID_SELF, KeyStore.FLAG_NONE));
assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1, KeyStore.UID_SELF, KeyStore.FLAG_NONE));
assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1, KeyStore.UID_SELF, KeyStore.FLAG_NONE));
Key key = mKeyStore.getKey(TEST_ALIAS_1, null);
assertNotNull("Key should exist", key);
assertTrue("Should be a RSAPrivateKey", key instanceof RSAPrivateKey);
RSAPrivateKey actualKey = (RSAPrivateKey) key;
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
assertEquals("Inserted key should be same as retrieved key", ((RSAPrivateKey) expectedKey).getModulus(), actualKey.getModulus());
}
Aggregations