Example 31 with PrivateKeyEntry
use of java.security.KeyStore.PrivateKeyEntry in project robovm by robovm.
the class KeyManagerFactoryTest method test_X509KeyManager_alias.
private void test_X509KeyManager_alias(X509KeyManager km, String alias, String keyType, boolean many, boolean empty) throws Exception {
if (empty || (!many && (keyType == null || keyType.isEmpty()))) {
assertNull(keyType, alias);
assertNull(keyType, km.getCertificateChain(alias));
assertNull(keyType, km.getPrivateKey(alias));
return;
}
assertNotNull(keyType, alias);
X509Certificate[] certificateChain = km.getCertificateChain(alias);
PrivateKey privateKey = km.getPrivateKey(alias);
String keyAlgName;
String sigAlgName;
if (keyType == null) {
keyAlgName = privateKey.getAlgorithm();
sigAlgName = keyAlgName;
} else {
// potentially handle EC_EC or EC_RSA
keyAlgName = TestKeyStore.keyAlgorithm(keyType);
sigAlgName = TestKeyStore.signatureAlgorithm(keyType);
X509Certificate certificate = certificateChain[0];
assertEquals(keyType, keyAlgName, certificate.getPublicKey().getAlgorithm());
assertEquals(keyType, keyAlgName, privateKey.getAlgorithm());
// skip this for EC which could return EC_RSA case instead of EC_EC
if (!keyType.equals("EC")) {
String expectedSigAlgName = sigAlgName.toUpperCase();
String actualSigAlgName = certificate.getSigAlgName().toUpperCase();
String expected = actualSigAlgName + " contains " + expectedSigAlgName;
assertTrue(expected, actualSigAlgName.contains(expectedSigAlgName));
}
}
PrivateKeyEntry privateKeyEntry = getTestKeyStore().getPrivateKey(keyAlgName, sigAlgName);
if (!"EC".equals(keyAlgName)) {
assertEquals(keyType, Arrays.<Certificate>asList(privateKeyEntry.getCertificateChain()), Arrays.<Certificate>asList(certificateChain));
assertEquals(keyType, privateKeyEntry.getPrivateKey(), privateKey);
}
}
Also used :
PrivateKey(java.security.PrivateKey)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
X509Certificate(java.security.cert.X509Certificate)
Example 32 with PrivateKeyEntry
use of java.security.KeyStore.PrivateKeyEntry in project platform_frameworks_base by android.
the class AndroidKeyStoreTest method testKeyStore_GetEntry_NullParams_Encrypted_Success.
public void testKeyStore_GetEntry_NullParams_Encrypted_Success() throws Exception {
setupPassword();
mKeyStore.load(null, null);
assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, FAKE_RSA_KEY_1, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED));
assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_RSA_USER_1, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED));
assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_RSA_CA_1, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED));
Entry entry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Entry should exist", entry);
assertTrue("Should be a PrivateKeyEntry", entry instanceof PrivateKeyEntry);
PrivateKeyEntry keyEntry = (PrivateKeyEntry) entry;
assertPrivateKeyEntryEquals(keyEntry, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
}
Also used :
TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
Entry(java.security.KeyStore.Entry)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
Example 33 with PrivateKeyEntry
use of java.security.KeyStore.PrivateKeyEntry in project platform_frameworks_base by android.
the class AndroidKeyStoreTest method testKeyStore_KeyOperations_Wrap_Encrypted_Success.
public void testKeyStore_KeyOperations_Wrap_Encrypted_Success() throws Exception {
setupPassword();
mKeyStore.load(null, null);
setupKey();
// Test key usage
Entry e = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull(e);
assertTrue(e instanceof PrivateKeyEntry);
PrivateKeyEntry privEntry = (PrivateKeyEntry) e;
PrivateKey privKey = privEntry.getPrivateKey();
assertNotNull(privKey);
PublicKey pubKey = privEntry.getCertificate().getPublicKey();
Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding");
c.init(Cipher.WRAP_MODE, pubKey);
byte[] expectedKey = new byte[] { 0x00, 0x05, (byte) 0xAA, (byte) 0x0A5, (byte) 0xFF, 0x55, 0x0A };
SecretKey expectedSecret = new SecretKeySpec(expectedKey, "AES");
byte[] wrappedExpected = c.wrap(expectedSecret);
c.init(Cipher.UNWRAP_MODE, privKey);
SecretKey actualSecret = (SecretKey) c.unwrap(wrappedExpected, "AES", Cipher.SECRET_KEY);
assertEquals(Arrays.toString(expectedSecret.getEncoded()), Arrays.toString(actualSecret.getEncoded()));
}
Also used :
TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
Entry(java.security.KeyStore.Entry)
SecretKey(javax.crypto.SecretKey)
PrivateKey(java.security.PrivateKey)
PublicKey(java.security.PublicKey)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
Cipher(javax.crypto.Cipher)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
Example 34 with PrivateKeyEntry
use of java.security.KeyStore.PrivateKeyEntry in project platform_frameworks_base by android.
the class AndroidKeyStoreTest method testKeyStore_GetEntry_EC_NullParams_Unencrypted_Success.
public void testKeyStore_GetEntry_EC_NullParams_Unencrypted_Success() throws Exception {
mKeyStore.load(null, null);
assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, FAKE_EC_KEY_1, KeyStore.UID_SELF, KeyStore.FLAG_NONE));
assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_EC_USER_1, KeyStore.UID_SELF, KeyStore.FLAG_NONE));
assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_EC_CA_1, KeyStore.UID_SELF, KeyStore.FLAG_NONE));
Entry entry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Entry should exist", entry);
assertTrue("Should be a PrivateKeyEntry", entry instanceof PrivateKeyEntry);
PrivateKeyEntry keyEntry = (PrivateKeyEntry) entry;
assertPrivateKeyEntryEquals(keyEntry, "EC", FAKE_EC_KEY_1, FAKE_EC_USER_1, FAKE_EC_CA_1);
}
Also used :
TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
Entry(java.security.KeyStore.Entry)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
Example 35 with PrivateKeyEntry
use of java.security.KeyStore.PrivateKeyEntry in project platform_frameworks_base by android.
the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_RSA_Unencrypted_Success.
public void testKeyStore_SetEntry_PrivateKeyEntry_RSA_Unencrypted_Success() throws Exception {
mKeyStore.load(null, null);
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
final CertificateFactory f = CertificateFactory.getInstance("X.509");
final Certificate[] expectedChain = new Certificate[2];
expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actual, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
}
Also used :
TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
Entry(java.security.KeyStore.Entry)
PrivateKey(java.security.PrivateKey)
ByteArrayInputStream(java.io.ByteArrayInputStream)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
CertificateFactory(java.security.cert.CertificateFactory)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
KeyFactory(java.security.KeyFactory)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Aggregations
PrivateKeyEntry (java.security.KeyStore.PrivateKeyEntry)123
Entry (java.security.KeyStore.Entry)79
PrivateKey (java.security.PrivateKey)78
TrustedCertificateEntry (java.security.KeyStore.TrustedCertificateEntry)77
ByteArrayInputStream (java.io.ByteArrayInputStream)68
X509Certificate (java.security.cert.X509Certificate)67
Certificate (java.security.cert.Certificate)62
CertificateFactory (java.security.cert.CertificateFactory)61
KeyFactory (java.security.KeyFactory)59
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)59
KeyStoreException (java.security.KeyStoreException)30
IOException (java.io.IOException)18
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)18
KeyStore (java.security.KeyStore)17
CertificateException (java.security.cert.CertificateException)13
KeyStore (android.security.KeyStore)12
PasswordProtection (java.security.KeyStore.PasswordProtection)11
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)10
UnrecoverableEntryException (java.security.UnrecoverableEntryException)9
DEROctetString (com.android.org.bouncycastle.asn1.DEROctetString)8
