Examples with PrivateKeyEntry java.security.KeyStore.PrivateKeyEntry used on opensource projects

Search in sources :

Example 41 with PrivateKeyEntry

use of java.security.KeyStore.PrivateKeyEntry in project platform_frameworks_base by android.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_ShortPrivateKeyEntry_Encrypted_Success.

public void testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_ShortPrivateKeyEntry_Encrypted_Success() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
    // Start with PrivateKeyEntry
    {
        KeyFactory keyFact = KeyFactory.getInstance("RSA");
        PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
        final Certificate[] expectedChain = new Certificate[2];
        expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
        expectedChain[1] = caCert;
        PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain);
        mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
        PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry;
        assertPrivateKeyEntryEquals(actualPrivEntry, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
    }
    // Replace with PrivateKeyEntry that has no chain
    {
        KeyFactory keyFact = KeyFactory.getInstance("RSA");
        PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
        final Certificate[] expectedChain = new Certificate[1];
        expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
        PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain);
        mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
        PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry;
        assertPrivateKeyEntryEquals(actualPrivEntry, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, null);
    }
}
Also used : TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) Entry(java.security.KeyStore.Entry) PrivateKey(java.security.PrivateKey) ByteArrayInputStream(java.io.ByteArrayInputStream) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) CertificateFactory(java.security.cert.CertificateFactory) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) KeyFactory(java.security.KeyFactory) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 42 with PrivateKeyEntry

use of java.security.KeyStore.PrivateKeyEntry in project platform_frameworks_base by android.

the class AndroidKeyStoreSpi method engineSetEntry.

@Override
public void engineSetEntry(String alias, Entry entry, ProtectionParameter param) throws KeyStoreException {
    if (entry == null) {
        throw new KeyStoreException("entry == null");
    }
    Credentials.deleteAllTypesForAlias(mKeyStore, alias, mUid);
    if (entry instanceof java.security.KeyStore.TrustedCertificateEntry) {
        java.security.KeyStore.TrustedCertificateEntry trE = (java.security.KeyStore.TrustedCertificateEntry) entry;
        engineSetCertificateEntry(alias, trE.getTrustedCertificate());
        return;
    }
    if (entry instanceof PrivateKeyEntry) {
        PrivateKeyEntry prE = (PrivateKeyEntry) entry;
        setPrivateKeyEntry(alias, prE.getPrivateKey(), prE.getCertificateChain(), param);
    } else if (entry instanceof SecretKeyEntry) {
        SecretKeyEntry secE = (SecretKeyEntry) entry;
        setSecretKeyEntry(alias, secE.getSecretKey(), param);
    } else {
        throw new KeyStoreException("Entry must be a PrivateKeyEntry, SecretKeyEntry or TrustedCertificateEntry" + "; was " + entry);
    }
}
Also used : KeyStoreException(java.security.KeyStoreException) SecretKeyEntry(java.security.KeyStore.SecretKeyEntry) KeyStore(android.security.KeyStore) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)

Example 43 with PrivateKeyEntry

use of java.security.KeyStore.PrivateKeyEntry in project robovm by robovm.

the class NativeCryptoTest method initCerts.

/**
     * Lazily create shared test certificates.
     */
private static synchronized void initCerts() {
    if (SERVER_PRIVATE_KEY != null) {
        return;
    }
    try {
        PrivateKeyEntry serverPrivateKeyEntry = TestKeyStore.getServer().getPrivateKey("RSA", "RSA");
        SERVER_PRIVATE_KEY = OpenSSLKey.fromPrivateKey(serverPrivateKeyEntry.getPrivateKey());
        SERVER_CERTIFICATES = NativeCrypto.encodeCertificates(serverPrivateKeyEntry.getCertificateChain());
        PrivateKeyEntry clientPrivateKeyEntry = TestKeyStore.getClientCertificate().getPrivateKey("RSA", "RSA");
        CLIENT_PRIVATE_KEY = OpenSSLKey.fromPrivateKey(clientPrivateKeyEntry.getPrivateKey());
        CLIENT_CERTIFICATES = NativeCrypto.encodeCertificates(clientPrivateKeyEntry.getCertificateChain());
        KeyStore ks = TestKeyStore.getClient().keyStore;
        String caCertAlias = ks.aliases().nextElement();
        X509Certificate certificate = (X509Certificate) ks.getCertificate(caCertAlias);
        X500Principal principal = certificate.getIssuerX500Principal();
        CA_PRINCIPALS = new byte[][] { principal.getEncoded() };
        initChannelIdKey();
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}
Also used : X500Principal(javax.security.auth.x500.X500Principal) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) TestKeyStore(libcore.java.security.TestKeyStore) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) SocketTimeoutException(java.net.SocketTimeoutException) SSLProtocolException(javax.net.ssl.SSLProtocolException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) ExecutionException(java.util.concurrent.ExecutionException) SSLException(javax.net.ssl.SSLException)

Example 44 with PrivateKeyEntry

use of java.security.KeyStore.PrivateKeyEntry in project android_frameworks_base by crdroidandroid.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_PrivateKeyEntry_Encrypted_Success.

public void testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_PrivateKeyEntry_Encrypted_Success() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    final KeyFactory keyFact = KeyFactory.getInstance("RSA");
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    // Start with PrivateKeyEntry
    {
        PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
        final Certificate[] expectedChain = new Certificate[2];
        expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
        expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
        PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
        mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
        PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
        assertPrivateKeyEntryEquals(actual, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
    }
    // TODO make entirely new test vector for the overwrite
    // Replace with PrivateKeyEntry
    {
        PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
        final Certificate[] expectedChain = new Certificate[2];
        expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
        expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
        PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
        mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
        PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
        assertPrivateKeyEntryEquals(actual, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
    }
}
Also used : TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) Entry(java.security.KeyStore.Entry) PrivateKey(java.security.PrivateKey) ByteArrayInputStream(java.io.ByteArrayInputStream) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) CertificateFactory(java.security.cert.CertificateFactory) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) KeyFactory(java.security.KeyFactory)

Example 45 with PrivateKeyEntry

use of java.security.KeyStore.PrivateKeyEntry in project android_frameworks_base by crdroidandroid.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Params_Unencrypted_Failure.

public void testKeyStore_SetEntry_PrivateKeyEntry_Params_Unencrypted_Failure() throws Exception {
    mKeyStore.load(null, null);
    KeyFactory keyFact = KeyFactory.getInstance("RSA");
    PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    final Certificate[] expectedChain = new Certificate[2];
    expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
    expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
    PrivateKeyEntry entry = new PrivateKeyEntry(expectedKey, expectedChain);
    try {
        mKeyStore.setEntry(TEST_ALIAS_1, entry, new KeyStoreParameter.Builder(getContext()).setEncryptionRequired(true).build());
        fail("Shouldn't be able to insert encrypted entry when KeyStore uninitialized");
    } catch (KeyStoreException expected) {
    }
    assertNull(mKeyStore.getEntry(TEST_ALIAS_1, null));
}
Also used : KeyStoreParameter(android.security.KeyStoreParameter) PrivateKey(java.security.PrivateKey) ByteArrayInputStream(java.io.ByteArrayInputStream) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) KeyStoreException(java.security.KeyStoreException) CertificateFactory(java.security.cert.CertificateFactory) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) KeyFactory(java.security.KeyFactory) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Aggregations

PrivateKeyEntry (java.security.KeyStore.PrivateKeyEntry)123 Entry (java.security.KeyStore.Entry)79 PrivateKey (java.security.PrivateKey)78 TrustedCertificateEntry (java.security.KeyStore.TrustedCertificateEntry)77 ByteArrayInputStream (java.io.ByteArrayInputStream)68 X509Certificate (java.security.cert.X509Certificate)67 Certificate (java.security.cert.Certificate)62 CertificateFactory (java.security.cert.CertificateFactory)61 KeyFactory (java.security.KeyFactory)59 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)59 KeyStoreException (java.security.KeyStoreException)30 IOException (java.io.IOException)18 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)18 KeyStore (java.security.KeyStore)17 CertificateException (java.security.cert.CertificateException)13 KeyStore (android.security.KeyStore)12 PasswordProtection (java.security.KeyStore.PasswordProtection)11 RSAPrivateKey (java.security.interfaces.RSAPrivateKey)10 UnrecoverableEntryException (java.security.UnrecoverableEntryException)9 DEROctetString (com.android.org.bouncycastle.asn1.DEROctetString)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial