Examples with PrivateKey java.security.PrivateKey used on opensource projects

Example 11 with PrivateKey

use of java.security.PrivateKey in project android_frameworks_base by ParanoidAndroid.

the class AndroidKeyStoreTest method testKeyStore_KeyOperations_Wrap_Encrypted_Success.

public void testKeyStore_KeyOperations_Wrap_Encrypted_Success() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    setupKey();
    // Test key usage
    Entry e = mKeyStore.getEntry(TEST_ALIAS_1, null);
    assertNotNull(e);
    assertTrue(e instanceof PrivateKeyEntry);
    PrivateKeyEntry privEntry = (PrivateKeyEntry) e;
    PrivateKey privKey = privEntry.getPrivateKey();
    assertNotNull(privKey);
    PublicKey pubKey = privEntry.getCertificate().getPublicKey();
    Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding");
    c.init(Cipher.WRAP_MODE, pubKey);
    byte[] expectedKey = new byte[] { 0x00, 0x05, (byte) 0xAA, (byte) 0x0A5, (byte) 0xFF, 0x55, 0x0A };
    SecretKey expectedSecret = new SecretKeySpec(expectedKey, "AES");
    byte[] wrappedExpected = c.wrap(expectedSecret);
    c.init(Cipher.UNWRAP_MODE, privKey);
    SecretKey actualSecret = (SecretKey) c.unwrap(wrappedExpected, "AES", Cipher.SECRET_KEY);
    assertEquals(Arrays.toString(expectedSecret.getEncoded()), Arrays.toString(actualSecret.getEncoded()));
}

Example 12 with PrivateKey

use of java.security.PrivateKey in project android_frameworks_base by ParanoidAndroid.

the class AndroidKeyStoreTest method testKeyStore_SetKeyEntry_ProtectedKey_Encrypted_Failure.

public void testKeyStore_SetKeyEntry_ProtectedKey_Encrypted_Failure() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1));
    KeyFactory keyFact = KeyFactory.getInstance("RSA");
    PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
    final Certificate[] chain = new Certificate[2];
    chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1));
    chain[1] = caCert;
    try {
        mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, "foo".toCharArray(), chain);
        fail("Should fail when a password is specified");
    } catch (KeyStoreException success) {
    }
}

Example 13 with PrivateKey

use of java.security.PrivateKey in project android_frameworks_base by ParanoidAndroid.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Params_Unencrypted_Failure.

public void testKeyStore_SetEntry_PrivateKeyEntry_Params_Unencrypted_Failure() throws Exception {
    mKeyStore.load(null, null);
    KeyFactory keyFact = KeyFactory.getInstance("RSA");
    PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    final Certificate[] expectedChain = new Certificate[2];
    expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1));
    expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1));
    PrivateKeyEntry entry = new PrivateKeyEntry(expectedKey, expectedChain);
    try {
        mKeyStore.setEntry(TEST_ALIAS_1, entry, new KeyStoreParameter.Builder(getContext()).setEncryptionRequired(true).build());
        fail("Shouldn't be able to insert encrypted entry when KeyStore uninitialized");
    } catch (KeyStoreException expected) {
    }
    assertNull(mKeyStore.getEntry(TEST_ALIAS_1, null));
}

Example 14 with PrivateKey

use of java.security.PrivateKey in project android_frameworks_base by ParanoidAndroid.

the class AndroidKeyStoreTest method assertPrivateKeyEntryEquals.

@SuppressWarnings("unchecked")
private void assertPrivateKeyEntryEquals(PrivateKeyEntry keyEntry, byte[] key, byte[] cert, byte[] ca) throws Exception {
    KeyFactory keyFact = KeyFactory.getInstance("RSA");
    PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(key));
    CertificateFactory certFact = CertificateFactory.getInstance("X.509");
    Certificate expectedCert = certFact.generateCertificate(new ByteArrayInputStream(cert));
    final Collection<Certificate> expectedChain;
    if (ca != null) {
        expectedChain = (Collection<Certificate>) certFact.generateCertificates(new ByteArrayInputStream(ca));
    } else {
        expectedChain = null;
    }
    assertPrivateKeyEntryEquals(keyEntry, expectedKey, expectedCert, expectedChain);
}

Example 15 with PrivateKey

use of java.security.PrivateKey in project android_frameworks_base by ParanoidAndroid.

the class AndroidKeyStoreTest method testKeyStore_GetKey_NoPassword_Unencrypted_Success.

public void testKeyStore_GetKey_NoPassword_Unencrypted_Success() throws Exception {
    mKeyStore.load(null, null);
    assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, FAKE_KEY_1, KeyStore.UID_SELF, KeyStore.FLAG_NONE));
    assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1, KeyStore.UID_SELF, KeyStore.FLAG_NONE));
    assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1, KeyStore.UID_SELF, KeyStore.FLAG_NONE));
    Key key = mKeyStore.getKey(TEST_ALIAS_1, null);
    assertNotNull("Key should exist", key);
    assertTrue("Should be a RSAPrivateKey", key instanceof RSAPrivateKey);
    RSAPrivateKey actualKey = (RSAPrivateKey) key;
    KeyFactory keyFact = KeyFactory.getInstance("RSA");
    PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
    assertEquals("Inserted key should be same as retrieved key", ((RSAPrivateKey) expectedKey).getModulus(), actualKey.getModulus());
}