use of java.security.KeyStore.PrivateKeyEntry in project platform_frameworks_base by android.
the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_EC_Unencrypted_Success.
public void testKeyStore_SetEntry_PrivateKeyEntry_EC_Unencrypted_Success() throws Exception {
mKeyStore.load(null, null);
KeyFactory keyFact = KeyFactory.getInstance("EC");
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_EC_KEY_1));
final CertificateFactory f = CertificateFactory.getInstance("X.509");
final Certificate[] expectedChain = new Certificate[2];
expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_EC_USER_1));
expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_EC_CA_1));
PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actual, "EC", FAKE_EC_KEY_1, FAKE_EC_USER_1, FAKE_EC_CA_1);
}
use of java.security.KeyStore.PrivateKeyEntry in project robovm by robovm.
the class TestKeyStore method privateKey.
/**
* Return the only private key in a keystore for the given
* algorithms. Throws IllegalStateException if there are are more
* or less than one.
*/
public static PrivateKeyEntry privateKey(KeyStore keyStore, char[] keyPassword, String keyAlgorithm, String signatureAlgorithm) {
try {
PrivateKeyEntry found = null;
PasswordProtection password = new PasswordProtection(keyPassword);
for (String alias : Collections.list(keyStore.aliases())) {
if (!keyStore.entryInstanceOf(alias, PrivateKeyEntry.class)) {
continue;
}
PrivateKeyEntry privateKey = (PrivateKeyEntry) keyStore.getEntry(alias, password);
if (!privateKey.getPrivateKey().getAlgorithm().equals(keyAlgorithm)) {
continue;
}
X509Certificate certificate = (X509Certificate) privateKey.getCertificate();
if (!certificate.getSigAlgName().contains(signatureAlgorithm)) {
continue;
}
if (found != null) {
throw new IllegalStateException("KeyStore has more than one private key for " + " keyAlgorithm: " + keyAlgorithm + " signatureAlgorithm: " + signatureAlgorithm + "\nfirst: " + found.getPrivateKey() + "\nsecond: " + privateKey.getPrivateKey());
}
found = privateKey;
}
if (found == null) {
throw new IllegalStateException("KeyStore contained no private key for " + " keyAlgorithm: " + keyAlgorithm + " signatureAlgorithm: " + signatureAlgorithm);
}
return found;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
use of java.security.KeyStore.PrivateKeyEntry in project robovm by robovm.
the class KeyStoreTest method testKeyStoreCreate.
public void testKeyStoreCreate() {
KeyStore keyStore = null;
try {
keyStore = KeyStore.getInstance(algorithmName);
} catch (KeyStoreException e) {
fail(e.getMessage());
}
try {
keyStore.load(null, "the secret password".toCharArray());
} catch (NoSuchAlgorithmException e) {
fail(e.getMessage());
} catch (CertificateException e) {
fail(e.getMessage());
} catch (IOException e) {
fail(e.getMessage());
}
CertificateFactory certificateFactory = null;
try {
certificateFactory = CertificateFactory.getInstance("X.509");
} catch (CertificateException e) {
fail(e.getMessage());
}
Certificate certificate = null;
try {
certificate = certificateFactory.generateCertificate(new ByteArrayInputStream(encodedCertificate.getBytes()));
} catch (CertificateException e) {
fail(e.getMessage());
}
KeyPairGenerator generator = null;
try {
generator = KeyPairGenerator.getInstance(certificate.getPublicKey().getAlgorithm());
} catch (NoSuchAlgorithmException e) {
fail(e.getMessage());
}
KeyPair keyPair = generator.generateKeyPair();
PrivateKeyEntry privateKeyEntry = new PrivateKeyEntry(keyPair.getPrivate(), new Certificate[] { certificate });
try {
keyStore.setEntry("aPrivateKey", privateKeyEntry, new PasswordProtection("the key password".toCharArray()));
} catch (KeyStoreException e) {
fail(e.getMessage());
}
try {
assertTrue(keyStore.containsAlias("aPrivateKey"));
} catch (KeyStoreException e) {
fail(e.getMessage());
}
try {
PrivateKeyEntry entry = (PrivateKeyEntry) keyStore.getEntry("aPrivateKey", new PasswordProtection("the key password".toCharArray()));
PrivateKey privateKey = entry.getPrivateKey();
assertEquals(keyPair.getPrivate(), privateKey);
} catch (NoSuchAlgorithmException e) {
fail(e.getMessage());
} catch (UnrecoverableEntryException e) {
fail(e.getMessage());
} catch (KeyStoreException e) {
fail(e.getMessage());
}
try {
ByteArrayOutputStream stream = new ByteArrayOutputStream();
keyStore.store(stream, "the keystore password".toCharArray());
assertTrue("keystore not written", stream.size() > 0);
} catch (KeyStoreException e) {
fail(e.getMessage());
} catch (NoSuchAlgorithmException e) {
fail(e.getMessage());
} catch (CertificateException e) {
fail(e.getMessage());
} catch (IOException e) {
fail(e.getMessage());
}
}
use of java.security.KeyStore.PrivateKeyEntry in project android_frameworks_base by DirtyUnicorns.
the class AndroidKeyStoreTest method testKeyStore_KeyOperations_Wrap_Encrypted_Success.
public void testKeyStore_KeyOperations_Wrap_Encrypted_Success() throws Exception {
setupPassword();
mKeyStore.load(null, null);
setupKey();
// Test key usage
Entry e = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull(e);
assertTrue(e instanceof PrivateKeyEntry);
PrivateKeyEntry privEntry = (PrivateKeyEntry) e;
PrivateKey privKey = privEntry.getPrivateKey();
assertNotNull(privKey);
PublicKey pubKey = privEntry.getCertificate().getPublicKey();
Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding");
c.init(Cipher.WRAP_MODE, pubKey);
byte[] expectedKey = new byte[] { 0x00, 0x05, (byte) 0xAA, (byte) 0x0A5, (byte) 0xFF, 0x55, 0x0A };
SecretKey expectedSecret = new SecretKeySpec(expectedKey, "AES");
byte[] wrappedExpected = c.wrap(expectedSecret);
c.init(Cipher.UNWRAP_MODE, privKey);
SecretKey actualSecret = (SecretKey) c.unwrap(wrappedExpected, "AES", Cipher.SECRET_KEY);
assertEquals(Arrays.toString(expectedSecret.getEncoded()), Arrays.toString(actualSecret.getEncoded()));
}
use of java.security.KeyStore.PrivateKeyEntry in project android_frameworks_base by DirtyUnicorns.
the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Params_Unencrypted_Failure.
public void testKeyStore_SetEntry_PrivateKeyEntry_Params_Unencrypted_Failure() throws Exception {
mKeyStore.load(null, null);
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
final CertificateFactory f = CertificateFactory.getInstance("X.509");
final Certificate[] expectedChain = new Certificate[2];
expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
PrivateKeyEntry entry = new PrivateKeyEntry(expectedKey, expectedChain);
try {
mKeyStore.setEntry(TEST_ALIAS_1, entry, new KeyStoreParameter.Builder(getContext()).setEncryptionRequired(true).build());
fail("Shouldn't be able to insert encrypted entry when KeyStore uninitialized");
} catch (KeyStoreException expected) {
}
assertNull(mKeyStore.getEntry(TEST_ALIAS_1, null));
}
Aggregations