diff options
author | Kenny Root <kroot@google.com> | 2013-02-04 15:10:26 -0800 |
---|---|---|
committer | Android Git Automerger <android-git-automerger@android.com> | 2013-02-04 15:10:26 -0800 |
commit | c4a768c87e03a5e6d8b4435aaca6893546006321 (patch) | |
tree | 2f44135e4cb2b2980db138c9026be8563a86f4a5 | |
parent | 516fab2404f550aca03b3774bd5b279d4e69dd9f (diff) | |
parent | 5a720bb9b031d44e593d2054bda586ccc3752aa4 (diff) | |
download | frameworks_base-c4a768c87e03a5e6d8b4435aaca6893546006321.zip frameworks_base-c4a768c87e03a5e6d8b4435aaca6893546006321.tar.gz frameworks_base-c4a768c87e03a5e6d8b4435aaca6893546006321.tar.bz2 |
am 5a720bb9: Merge "AndroidKeyStore: add key wrapping test"
# Via Gerrit Code Review (1) and Kenny Root (1)
* commit '5a720bb9b031d44e593d2054bda586ccc3752aa4':
AndroidKeyStore: add key wrapping test
-rw-r--r-- | keystore/tests/src/android/security/AndroidKeyStoreTest.java | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/keystore/tests/src/android/security/AndroidKeyStoreTest.java b/keystore/tests/src/android/security/AndroidKeyStoreTest.java index 056e681..c376f3d 100644 --- a/keystore/tests/src/android/security/AndroidKeyStoreTest.java +++ b/keystore/tests/src/android/security/AndroidKeyStoreTest.java @@ -51,6 +51,9 @@ import java.util.HashSet; import java.util.Iterator; import java.util.Set; +import javax.crypto.Cipher; +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; import javax.security.auth.x500.X500Principal; public class AndroidKeyStoreTest extends AndroidTestCase { @@ -1545,4 +1548,49 @@ public class AndroidKeyStoreTest extends AndroidTestCase { } catch (UnsupportedOperationException success) { } } + + private void setupKey() throws Exception { + final String privateKeyAlias = Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1; + assertTrue(mAndroidKeyStore.generate(privateKeyAlias)); + + X509Certificate cert = generateCertificate(mAndroidKeyStore, TEST_ALIAS_1, TEST_SERIAL_1, + TEST_DN_1, NOW, NOW_PLUS_10_YEARS); + + assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, + cert.getEncoded())); + } + + public void testKeyStore_KeyOperations_Wrap_Success() throws Exception { + mKeyStore.load(null, null); + + setupKey(); + + // Test key usage + Entry e = mKeyStore.getEntry(TEST_ALIAS_1, null); + assertNotNull(e); + assertTrue(e instanceof PrivateKeyEntry); + + PrivateKeyEntry privEntry = (PrivateKeyEntry) e; + PrivateKey privKey = privEntry.getPrivateKey(); + assertNotNull(privKey); + + PublicKey pubKey = privEntry.getCertificate().getPublicKey(); + + Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding"); + c.init(Cipher.WRAP_MODE, pubKey); + + byte[] expectedKey = new byte[] { + 0x00, 0x05, (byte) 0xAA, (byte) 0x0A5, (byte) 0xFF, 0x55, 0x0A + }; + + SecretKey expectedSecret = new SecretKeySpec(expectedKey, "AES"); + + byte[] wrappedExpected = c.wrap(expectedSecret); + + c.init(Cipher.UNWRAP_MODE, privKey); + SecretKey actualSecret = (SecretKey) c.unwrap(wrappedExpected, "AES", Cipher.SECRET_KEY); + + assertEquals(Arrays.toString(expectedSecret.getEncoded()), + Arrays.toString(actualSecret.getEncoded())); + } } |