summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--keystore/tests/src/android/security/AndroidKeyStoreTest.java48
1 files changed, 48 insertions, 0 deletions
diff --git a/keystore/tests/src/android/security/AndroidKeyStoreTest.java b/keystore/tests/src/android/security/AndroidKeyStoreTest.java
index 056e681..c376f3d 100644
--- a/keystore/tests/src/android/security/AndroidKeyStoreTest.java
+++ b/keystore/tests/src/android/security/AndroidKeyStoreTest.java
@@ -51,6 +51,9 @@ import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
public class AndroidKeyStoreTest extends AndroidTestCase {
@@ -1545,4 +1548,49 @@ public class AndroidKeyStoreTest extends AndroidTestCase {
} catch (UnsupportedOperationException success) {
}
}
+
+ private void setupKey() throws Exception {
+ final String privateKeyAlias = Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1;
+ assertTrue(mAndroidKeyStore.generate(privateKeyAlias));
+
+ X509Certificate cert = generateCertificate(mAndroidKeyStore, TEST_ALIAS_1, TEST_SERIAL_1,
+ TEST_DN_1, NOW, NOW_PLUS_10_YEARS);
+
+ assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1,
+ cert.getEncoded()));
+ }
+
+ public void testKeyStore_KeyOperations_Wrap_Success() throws Exception {
+ mKeyStore.load(null, null);
+
+ setupKey();
+
+ // Test key usage
+ Entry e = mKeyStore.getEntry(TEST_ALIAS_1, null);
+ assertNotNull(e);
+ assertTrue(e instanceof PrivateKeyEntry);
+
+ PrivateKeyEntry privEntry = (PrivateKeyEntry) e;
+ PrivateKey privKey = privEntry.getPrivateKey();
+ assertNotNull(privKey);
+
+ PublicKey pubKey = privEntry.getCertificate().getPublicKey();
+
+ Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding");
+ c.init(Cipher.WRAP_MODE, pubKey);
+
+ byte[] expectedKey = new byte[] {
+ 0x00, 0x05, (byte) 0xAA, (byte) 0x0A5, (byte) 0xFF, 0x55, 0x0A
+ };
+
+ SecretKey expectedSecret = new SecretKeySpec(expectedKey, "AES");
+
+ byte[] wrappedExpected = c.wrap(expectedSecret);
+
+ c.init(Cipher.UNWRAP_MODE, privKey);
+ SecretKey actualSecret = (SecretKey) c.unwrap(wrappedExpected, "AES", Cipher.SECRET_KEY);
+
+ assertEquals(Arrays.toString(expectedSecret.getEncoded()),
+ Arrays.toString(actualSecret.getEncoded()));
+ }
}