use of java.security.KeyStore in project robovm by robovm.
the class NativeCryptoTest method initCerts.
/**
* Lazily create shared test certificates.
*/
private static synchronized void initCerts() {
if (SERVER_PRIVATE_KEY != null) {
return;
}
try {
PrivateKeyEntry serverPrivateKeyEntry = TestKeyStore.getServer().getPrivateKey("RSA", "RSA");
SERVER_PRIVATE_KEY = OpenSSLKey.fromPrivateKey(serverPrivateKeyEntry.getPrivateKey());
SERVER_CERTIFICATES = NativeCrypto.encodeCertificates(serverPrivateKeyEntry.getCertificateChain());
PrivateKeyEntry clientPrivateKeyEntry = TestKeyStore.getClientCertificate().getPrivateKey("RSA", "RSA");
CLIENT_PRIVATE_KEY = OpenSSLKey.fromPrivateKey(clientPrivateKeyEntry.getPrivateKey());
CLIENT_CERTIFICATES = NativeCrypto.encodeCertificates(clientPrivateKeyEntry.getCertificateChain());
KeyStore ks = TestKeyStore.getClient().keyStore;
String caCertAlias = ks.aliases().nextElement();
X509Certificate certificate = (X509Certificate) ks.getCertificate(caCertAlias);
X500Principal principal = certificate.getIssuerX500Principal();
CA_PRINCIPALS = new byte[][] { principal.getEncoded() };
initChannelIdKey();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
use of java.security.KeyStore in project robovm by robovm.
the class TrustManagerImplTest method trustManager.
private TrustManagerImpl trustManager(X509Certificate ca, String hostname, X509Certificate pin) throws Exception {
// build the cert pin manager
CertPinManager cm = certManager(hostname, pin);
// insert it into the trust manager
KeyStore keyStore = TestKeyStore.createKeyStore();
keyStore.setCertificateEntry("alias", ca);
return new TrustManagerImpl(keyStore, cm);
}
use of java.security.KeyStore in project robovm by robovm.
the class TrustManagerImplTest method trustManager.
private X509TrustManager trustManager(X509Certificate ca) throws Exception {
KeyStore keyStore = TestKeyStore.createKeyStore();
keyStore.setCertificateEntry("alias", ca);
String algorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);
tmf.init(keyStore);
return (X509TrustManager) tmf.getTrustManagers()[0];
}
use of java.security.KeyStore in project robovm by robovm.
the class KeyStoreTest method test_KeyStore_setKeyEntry_Key.
public void test_KeyStore_setKeyEntry_Key() throws Exception {
for (KeyStore keyStore : keyStores()) {
try {
keyStore.setKeyEntry(null, null, null, null);
fail(keyStore.getType());
} catch (KeyStoreException expected) {
}
}
for (KeyStore keyStore : keyStores()) {
keyStore.load(null, null);
if (isReadOnly(keyStore)) {
try {
keyStore.setKeyEntry(null, null, null, null);
fail(keyStore.getType());
} catch (UnsupportedOperationException expected) {
}
continue;
}
// test odd inputs
try {
keyStore.setKeyEntry(null, null, null, null);
fail(keyStore.getType());
} catch (Exception e) {
if (e.getClass() != NullPointerException.class && e.getClass() != KeyStoreException.class) {
throw e;
}
}
try {
keyStore.setKeyEntry(null, null, PASSWORD_KEY, null);
fail(keyStore.getType());
} catch (Exception e) {
if (e.getClass() != NullPointerException.class && e.getClass() != KeyStoreException.class) {
throw e;
}
}
try {
keyStore.setKeyEntry(ALIAS_PRIVATE, getPrivateKey().getPrivateKey(), PASSWORD_KEY, null);
fail(keyStore.getType());
} catch (Exception e) {
if (e.getClass() != IllegalArgumentException.class && e.getClass() != KeyStoreException.class) {
throw e;
}
}
}
for (KeyStore keyStore : keyStores()) {
clearKeyStore(keyStore);
// test case sensitive
if (isKeyPasswordSupported(keyStore)) {
assertNull(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
}
if (isNullPasswordAllowed(keyStore)) {
assertNull(keyStore.getKey(ALIAS_NO_PASSWORD_PRIVATE, null));
}
if (isReadOnly(keyStore)) {
try {
keyStore.setKeyEntry(ALIAS_SECRET, getSecretKey(), PASSWORD_KEY, null);
fail(keyStore.getType());
} catch (UnsupportedOperationException expected) {
}
continue;
}
if (isKeyPasswordSupported(keyStore)) {
setPrivateKey(keyStore);
assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
assertCertificateChain(keyStore.getCertificateChain(ALIAS_PRIVATE));
}
if (isNullPasswordAllowed(keyStore)) {
setPrivateKeyNoPassword(keyStore, ALIAS_NO_PASSWORD_PRIVATE, getPrivateKey());
assertPrivateKey(keyStore.getKey(ALIAS_NO_PASSWORD_PRIVATE, null));
assertCertificateChain(keyStore.getCertificateChain(ALIAS_NO_PASSWORD_PRIVATE));
}
if (isSecretKeyEnabled(keyStore)) {
assertNull(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
setSecretKey(keyStore);
assertSecretKey(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
} else {
try {
keyStore.setKeyEntry(ALIAS_SECRET, getSecretKey(), PASSWORD_KEY, null);
fail(keyStore.getType());
} catch (Exception e) {
if (e.getClass() != KeyStoreException.class && e.getClass() != NullPointerException.class) {
throw e;
}
}
}
}
for (KeyStore keyStore : keyStores()) {
populate(keyStore);
if (isReadOnly(keyStore)) {
assertNull(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
assertNull(keyStore.getKey(ALIAS_ALT_CASE_PRIVATE, PASSWORD_KEY));
assertNull(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
assertNull(keyStore.getKey(ALIAS_ALT_CASE_SECRET, PASSWORD_KEY));
} else if (isCaseSensitive(keyStore)) {
if (isKeyPasswordSupported(keyStore)) {
assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
assertNull(keyStore.getKey(ALIAS_ALT_CASE_PRIVATE, PASSWORD_KEY));
setPrivateKey(keyStore, ALIAS_ALT_CASE_PRIVATE, getPrivateKey2());
assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
assertPrivateKey2(keyStore.getKey(ALIAS_ALT_CASE_PRIVATE, PASSWORD_KEY));
}
if (isNullPasswordAllowed(keyStore)) {
assertPrivateKey(keyStore.getKey(ALIAS_NO_PASSWORD_PRIVATE, null));
assertNull(keyStore.getKey(ALIAS_ALT_CASE_NO_PASSWORD_PRIVATE, null));
setPrivateKeyNoPassword(keyStore, ALIAS_ALT_CASE_NO_PASSWORD_PRIVATE, getPrivateKey2());
assertPrivateKey(keyStore.getKey(ALIAS_NO_PASSWORD_PRIVATE, null));
assertPrivateKey2(keyStore.getKey(ALIAS_ALT_CASE_NO_PASSWORD_PRIVATE, null));
}
if (isSecretKeyEnabled(keyStore)) {
assertSecretKey(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
assertNull(keyStore.getKey(ALIAS_ALT_CASE_SECRET, PASSWORD_KEY));
setSecretKey(keyStore, ALIAS_ALT_CASE_SECRET, getSecretKey2());
assertSecretKey(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
assertSecretKey2(keyStore.getKey(ALIAS_ALT_CASE_SECRET, PASSWORD_KEY));
}
} else {
if (isKeyPasswordSupported(keyStore)) {
assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
assertPrivateKey(keyStore.getKey(ALIAS_ALT_CASE_PRIVATE, PASSWORD_KEY));
setPrivateKey(keyStore, ALIAS_ALT_CASE_PRIVATE, getPrivateKey2());
assertPrivateKey2(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
assertPrivateKey2(keyStore.getKey(ALIAS_ALT_CASE_PRIVATE, PASSWORD_KEY));
}
if (isNullPasswordAllowed(keyStore)) {
assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, null));
assertPrivateKey(keyStore.getKey(ALIAS_ALT_CASE_NO_PASSWORD_PRIVATE, null));
setPrivateKey(keyStore, ALIAS_ALT_CASE_NO_PASSWORD_PRIVATE, getPrivateKey2());
assertPrivateKey2(keyStore.getKey(ALIAS_PRIVATE, null));
assertPrivateKey2(keyStore.getKey(ALIAS_ALT_CASE_NO_PASSWORD_PRIVATE, null));
}
if (isSecretKeyEnabled(keyStore)) {
assertSecretKey(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
assertSecretKey(keyStore.getKey(ALIAS_ALT_CASE_SECRET, PASSWORD_KEY));
setSecretKey(keyStore, ALIAS_ALT_CASE_PRIVATE, getSecretKey2());
assertSecretKey(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
assertSecretKey(keyStore.getKey(ALIAS_ALT_CASE_SECRET, PASSWORD_KEY));
}
}
}
for (KeyStore keyStore : keyStores()) {
keyStore.load(null, null);
if (isReadOnly(keyStore)) {
try {
keyStore.setKeyEntry(ALIAS_PRIVATE, getPrivateKey().getPrivateKey(), null, getPrivateKey().getCertificateChain());
fail(keyStore.getType());
} catch (UnsupportedOperationException expected) {
}
continue;
}
// test with null passwords
if (isNullPasswordAllowed(keyStore) || isKeyPasswordIgnored(keyStore)) {
keyStore.setKeyEntry(ALIAS_PRIVATE, getPrivateKey().getPrivateKey(), null, getPrivateKey().getCertificateChain());
assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, null));
} else {
try {
keyStore.setKeyEntry(ALIAS_PRIVATE, getPrivateKey().getPrivateKey(), null, getPrivateKey().getCertificateChain());
fail(keyStore.getType());
} catch (Exception e) {
if (e.getClass() != UnrecoverableKeyException.class && e.getClass() != IllegalArgumentException.class && e.getClass() != KeyStoreException.class) {
throw e;
}
}
}
if (isSecretKeyEnabled(keyStore)) {
if (isNullPasswordAllowed(keyStore) || isKeyPasswordIgnored(keyStore)) {
keyStore.setKeyEntry(ALIAS_SECRET, getSecretKey(), null, null);
assertSecretKey(keyStore.getKey(ALIAS_SECRET, null));
} else {
try {
keyStore.setKeyEntry(ALIAS_SECRET, getSecretKey(), null, null);
fail(keyStore.getType());
} catch (Exception e) {
if (e.getClass() != UnrecoverableKeyException.class && e.getClass() != IllegalArgumentException.class && e.getClass() != KeyStoreException.class) {
throw e;
}
}
}
}
}
}
use of java.security.KeyStore in project robovm by robovm.
the class KeyStoreTest method test_KeyStore_size.
public void test_KeyStore_size() throws Exception {
for (KeyStore keyStore : keyStores()) {
try {
keyStore.aliases();
fail(keyStore.getType());
} catch (KeyStoreException expected) {
}
}
for (KeyStore keyStore : keyStores()) {
keyStore.load(null, null);
if (isPersistentStorage(keyStore)) {
assertTrue("Should successfully query size: " + keyStore.getType(), keyStore.size() >= 0);
} else if (hasDefaultContents(keyStore)) {
assertTrue("Should have non-empty store: " + keyStore.getType(), keyStore.size() > 0);
} else {
assertEquals("Should have empty store: " + keyStore.getType(), 0, keyStore.size());
}
}
for (KeyStore keyStore : keyStores()) {
populate(keyStore);
if (hasDefaultContents(keyStore)) {
assertTrue("Should have non-empty store: " + keyStore.getType(), keyStore.size() > 0);
continue;
}
int expected = 0;
if (isKeyPasswordSupported(keyStore)) {
expected++;
}
if (isNullPasswordAllowed(keyStore)) {
expected++;
}
if (isSecretKeyEnabled(keyStore)) {
expected++;
if (isNullPasswordAllowed(keyStore)) {
expected++;
}
}
if (isCertificateEnabled(keyStore)) {
expected++;
}
assertEquals(expected, keyStore.size());
}
}
Aggregations