diff options
author | Kenny Root <kroot@google.com> | 2013-02-04 17:22:14 -0800 |
---|---|---|
committer | Android Git Automerger <android-git-automerger@android.com> | 2013-02-04 17:22:14 -0800 |
commit | d230b1786f607042cc03d869a9420e4e5138fef1 (patch) | |
tree | d68e26f834144e5c403f07c2fbf3c59a8055663c | |
parent | 6206bd30be600c4932629b89e0014e47269d070b (diff) | |
parent | 9e807d4d159066fe5a81bbaafbc974d18aeca55f (diff) | |
download | frameworks_base-d230b1786f607042cc03d869a9420e4e5138fef1.zip frameworks_base-d230b1786f607042cc03d869a9420e4e5138fef1.tar.gz frameworks_base-d230b1786f607042cc03d869a9420e4e5138fef1.tar.bz2 |
am 9e807d4d: am 86416202: am c4a768c8: am 5a720bb9: Merge "AndroidKeyStore: add key wrapping test"
# Via Android Git Automerger (3) and others
* commit '9e807d4d159066fe5a81bbaafbc974d18aeca55f':
AndroidKeyStore: add key wrapping test
-rw-r--r-- | keystore/tests/src/android/security/AndroidKeyStoreTest.java | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/keystore/tests/src/android/security/AndroidKeyStoreTest.java b/keystore/tests/src/android/security/AndroidKeyStoreTest.java index 056e681..c376f3d 100644 --- a/keystore/tests/src/android/security/AndroidKeyStoreTest.java +++ b/keystore/tests/src/android/security/AndroidKeyStoreTest.java @@ -51,6 +51,9 @@ import java.util.HashSet; import java.util.Iterator; import java.util.Set; +import javax.crypto.Cipher; +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; import javax.security.auth.x500.X500Principal; public class AndroidKeyStoreTest extends AndroidTestCase { @@ -1545,4 +1548,49 @@ public class AndroidKeyStoreTest extends AndroidTestCase { } catch (UnsupportedOperationException success) { } } + + private void setupKey() throws Exception { + final String privateKeyAlias = Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1; + assertTrue(mAndroidKeyStore.generate(privateKeyAlias)); + + X509Certificate cert = generateCertificate(mAndroidKeyStore, TEST_ALIAS_1, TEST_SERIAL_1, + TEST_DN_1, NOW, NOW_PLUS_10_YEARS); + + assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, + cert.getEncoded())); + } + + public void testKeyStore_KeyOperations_Wrap_Success() throws Exception { + mKeyStore.load(null, null); + + setupKey(); + + // Test key usage + Entry e = mKeyStore.getEntry(TEST_ALIAS_1, null); + assertNotNull(e); + assertTrue(e instanceof PrivateKeyEntry); + + PrivateKeyEntry privEntry = (PrivateKeyEntry) e; + PrivateKey privKey = privEntry.getPrivateKey(); + assertNotNull(privKey); + + PublicKey pubKey = privEntry.getCertificate().getPublicKey(); + + Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding"); + c.init(Cipher.WRAP_MODE, pubKey); + + byte[] expectedKey = new byte[] { + 0x00, 0x05, (byte) 0xAA, (byte) 0x0A5, (byte) 0xFF, 0x55, 0x0A + }; + + SecretKey expectedSecret = new SecretKeySpec(expectedKey, "AES"); + + byte[] wrappedExpected = c.wrap(expectedSecret); + + c.init(Cipher.UNWRAP_MODE, privKey); + SecretKey actualSecret = (SecretKey) c.unwrap(wrappedExpected, "AES", Cipher.SECRET_KEY); + + assertEquals(Arrays.toString(expectedSecret.getEncoded()), + Arrays.toString(actualSecret.getEncoded())); + } } |