13e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom/* 23e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom * Copyright (C) 2011 The Android Open Source Project 33e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom * 43e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom * Licensed under the Apache License, Version 2.0 (the "License"); 53e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom * you may not use this file except in compliance with the License. 63e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom * You may obtain a copy of the License at 73e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom * 83e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom * http://www.apache.org/licenses/LICENSE-2.0 93e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom * 103e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom * Unless required by applicable law or agreed to in writing, software 113e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom * distributed under the License is distributed on an "AS IS" BASIS, 123e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 133e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom * See the License for the specific language governing permissions and 143e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom * limitations under the License. 153e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom */ 163e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 173e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrompackage com.android.keychain.tests; 183e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 193e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport android.app.Service; 203e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport android.content.ComponentName; 213e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport android.content.Context; 223e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport android.content.Intent; 233e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport android.content.ServiceConnection; 243e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport android.os.IBinder; 253e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport android.security.Credentials; 263e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport android.security.IKeyChainService; 273e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport android.security.KeyStore; 283e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport android.util.Log; 293e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport com.android.keychain.tests.support.IKeyChainServiceTestSupport; 303e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport java.security.KeyStore.PrivateKeyEntry; 313e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport java.security.cert.Certificate; 323e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport java.util.Arrays; 333e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport junit.framework.Assert; 343e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstromimport libcore.java.security.TestKeyStore; 353e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 363e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrompublic class KeyChainServiceTest extends Service { 373e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 383e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom private static final String TAG = "KeyChainServiceTest"; 393e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 403e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom private final Object mSupportLock = new Object(); 413e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom private IKeyChainServiceTestSupport mSupport; 423e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom private boolean mIsBoundSupport; 433e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 443e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom private final Object mServiceLock = new Object(); 453e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom private IKeyChainService mService; 463e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom private boolean mIsBoundService; 473e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 483e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom private ServiceConnection mSupportConnection = new ServiceConnection() { 493e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom @Override public void onServiceConnected(ComponentName name, IBinder service) { 503e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom synchronized (mSupportLock) { 513e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom mSupport = IKeyChainServiceTestSupport.Stub.asInterface(service); 523e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom mSupportLock.notifyAll(); 533e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 543e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 553e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 563e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom @Override public void onServiceDisconnected(ComponentName name) { 573e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom synchronized (mSupportLock) { 583e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom mSupport = null; 593e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 603e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 613e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom }; 623e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 633e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom private ServiceConnection mServiceConnection = new ServiceConnection() { 643e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom @Override public void onServiceConnected(ComponentName name, IBinder service) { 653e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom synchronized (mServiceLock) { 663e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom mService = IKeyChainService.Stub.asInterface(service); 673e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom mServiceLock.notifyAll(); 683e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 693e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 703e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 713e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom @Override public void onServiceDisconnected(ComponentName name) { 723e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom synchronized (mServiceLock) { 733e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom mService = null; 743e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 753e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 763e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom }; 773e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 783e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom private void bindSupport() { 793e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom mIsBoundSupport = bindService(new Intent(IKeyChainServiceTestSupport.class.getName()), 803e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom mSupportConnection, 813e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom Context.BIND_AUTO_CREATE); 823e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 833e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 843e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom private void bindService() { 853e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom mIsBoundService = bindService(new Intent(IKeyChainService.class.getName()), 863e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom mServiceConnection, 873e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom Context.BIND_AUTO_CREATE); 883e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 893e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 903e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom private void unbindServices() { 913e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom if (mIsBoundSupport) { 923e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom unbindService(mSupportConnection); 933e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom mIsBoundSupport = false; 943e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 953e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom if (mIsBoundService) { 963e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom unbindService(mServiceConnection); 973e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom mIsBoundService = false; 983e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 993e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 1003e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 1013e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom @Override public IBinder onBind(Intent intent) { 1023e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom Log.d(TAG, "onBind"); 1033e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom return null; 1043e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 1053e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 1063e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom @Override public int onStartCommand(Intent intent, int flags, int startId) { 1073e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom Log.d(TAG, "onStartCommand"); 1083e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom new Thread(new Test(), TAG).start(); 1093e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom return START_STICKY; 1103e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 1113e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 1123e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom @Override public void onDestroy () { 1133e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom Log.d(TAG, "onDestroy"); 1143e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom unbindServices(); 1153e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 1163e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 1173e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom private final class Test extends Assert implements Runnable { 1183e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 1193e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom @Override public void run() { 1203e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom try { 1213e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom test_KeyChainService(); 1223e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } catch (RuntimeException e) { 1233e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom // rethrow RuntimeException without wrapping 1243e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom throw e; 1253e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } catch (Exception e) { 1263e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom throw new RuntimeException(e); 1273e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } finally { 1283e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom stopSelf(); 1293e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 1303e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 1313e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 1323e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom public void test_KeyChainService() throws Exception { 1333e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom Log.d(TAG, "test_KeyChainService uid=" + getApplicationInfo().uid); 1343e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 1353e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom Log.d(TAG, "test_KeyChainService bind support"); 1363e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom bindSupport(); 1373e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom assertTrue(mIsBoundSupport); 1383e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom synchronized (mSupportLock) { 1393e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom if (mSupport == null) { 1403e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom mSupportLock.wait(10 * 1000); 1413e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 1423e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 1433e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom assertNotNull(mSupport); 1443e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 145fb2e18e112f9fb9f0620c0c0ff06377f52fe39a4Fred Quintana Log.d(TAG, "test_KeyChainService setup keystore"); 1463e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom KeyStore keyStore = KeyStore.getInstance(); 1473e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom assertTrue(mSupport.keystoreReset()); 148e3b3390d3b1c96097c8e7cbd4c0eb51715677739Brian Carlstrom assertTrue(mSupport.keystorePassword("newpasswd")); 1493e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 1503e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom String intermediate = "-intermediate"; 1513e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom String root = "-root"; 1523e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 1533e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom String alias1 = "client"; 1543e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom String alias1Intermediate = alias1 + intermediate; 1553e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom String alias1Root = alias1 + root; 156e3b3390d3b1c96097c8e7cbd4c0eb51715677739Brian Carlstrom String alias1Pkey = (Credentials.USER_PRIVATE_KEY + alias1); 157e3b3390d3b1c96097c8e7cbd4c0eb51715677739Brian Carlstrom String alias1Cert = (Credentials.USER_CERTIFICATE + alias1); 158e3b3390d3b1c96097c8e7cbd4c0eb51715677739Brian Carlstrom String alias1ICert = (Credentials.CA_CERTIFICATE + alias1Intermediate); 159e3b3390d3b1c96097c8e7cbd4c0eb51715677739Brian Carlstrom String alias1RCert = (Credentials.CA_CERTIFICATE + alias1Root); 1603e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom PrivateKeyEntry pke1 = TestKeyStore.getClientCertificate().getPrivateKey("RSA", "RSA"); 1613e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom Certificate intermediate1 = pke1.getCertificateChain()[1]; 1623e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom Certificate root1 = TestKeyStore.getClientCertificate().getRootCertificate("RSA"); 1633e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 1643e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom final String alias2 = "server"; 1653e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom String alias2Intermediate = alias2 + intermediate; 1663e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom String alias2Root = alias2 + root; 167e3b3390d3b1c96097c8e7cbd4c0eb51715677739Brian Carlstrom String alias2Pkey = (Credentials.USER_PRIVATE_KEY + alias2); 168e3b3390d3b1c96097c8e7cbd4c0eb51715677739Brian Carlstrom String alias2Cert = (Credentials.USER_CERTIFICATE + alias2); 169e3b3390d3b1c96097c8e7cbd4c0eb51715677739Brian Carlstrom String alias2ICert = (Credentials.CA_CERTIFICATE + alias2Intermediate); 170e3b3390d3b1c96097c8e7cbd4c0eb51715677739Brian Carlstrom String alias2RCert = (Credentials.CA_CERTIFICATE + alias2Root); 1713e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom PrivateKeyEntry pke2 = TestKeyStore.getServer().getPrivateKey("RSA", "RSA"); 1723e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom Certificate intermediate2 = pke2.getCertificateChain()[1]; 1733e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom Certificate root2 = TestKeyStore.getServer().getRootCertificate("RSA"); 1743e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 1756f1f03bcae70792bbd8bc0aecb90c7b9c43b76b5Kenny Root assertTrue(mSupport.keystoreImportKey(alias1Pkey, 1766f1f03bcae70792bbd8bc0aecb90c7b9c43b76b5Kenny Root pke1.getPrivateKey().getEncoded())); 177cf8dab6d84729b567b9f373e8f5dec5a4f46b0b3Brian Carlstrom assertTrue(mSupport.keystorePut(alias1Cert, 178cf8dab6d84729b567b9f373e8f5dec5a4f46b0b3Brian Carlstrom Credentials.convertToPem(pke1.getCertificate()))); 179cf8dab6d84729b567b9f373e8f5dec5a4f46b0b3Brian Carlstrom assertTrue(mSupport.keystorePut(alias1ICert, 180cf8dab6d84729b567b9f373e8f5dec5a4f46b0b3Brian Carlstrom Credentials.convertToPem(intermediate1))); 181cf8dab6d84729b567b9f373e8f5dec5a4f46b0b3Brian Carlstrom assertTrue(mSupport.keystorePut(alias1RCert, 182cf8dab6d84729b567b9f373e8f5dec5a4f46b0b3Brian Carlstrom Credentials.convertToPem(root1))); 1836f1f03bcae70792bbd8bc0aecb90c7b9c43b76b5Kenny Root assertTrue(mSupport.keystoreImportKey(alias2Pkey, 1846f1f03bcae70792bbd8bc0aecb90c7b9c43b76b5Kenny Root pke2.getPrivateKey().getEncoded())); 185cf8dab6d84729b567b9f373e8f5dec5a4f46b0b3Brian Carlstrom assertTrue(mSupport.keystorePut(alias2Cert, 186cf8dab6d84729b567b9f373e8f5dec5a4f46b0b3Brian Carlstrom Credentials.convertToPem(pke2.getCertificate()))); 187cf8dab6d84729b567b9f373e8f5dec5a4f46b0b3Brian Carlstrom assertTrue(mSupport.keystorePut(alias2ICert, 188cf8dab6d84729b567b9f373e8f5dec5a4f46b0b3Brian Carlstrom Credentials.convertToPem(intermediate2))); 189cf8dab6d84729b567b9f373e8f5dec5a4f46b0b3Brian Carlstrom assertTrue(mSupport.keystorePut(alias2RCert, 190cf8dab6d84729b567b9f373e8f5dec5a4f46b0b3Brian Carlstrom Credentials.convertToPem(root2))); 1913e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 192e3b3390d3b1c96097c8e7cbd4c0eb51715677739Brian Carlstrom assertEquals(KeyStore.State.UNLOCKED, keyStore.state()); 1933e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 1943e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom Log.d(TAG, "test_KeyChainService bind service"); 1953e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom bindService(); 1963e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom assertTrue(mIsBoundService); 1973e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom synchronized (mServiceLock) { 1983e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom if (mService == null) { 1993e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom mServiceLock.wait(10 * 1000); 2003e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 2013e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 2023e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom assertNotNull(mService); 2033e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 204fb2e18e112f9fb9f0620c0c0ff06377f52fe39a4Fred Quintana mSupport.grantAppPermission(getApplicationInfo().uid, alias1); 2053e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom // don't grant alias2, so it can be done manually with KeyChainTestActivity 2069e606dfda36c1a23f36724b7d45f97d2942573eeBrian Carlstrom Log.d(TAG, "test_KeyChainService positive testing"); 2076f1f03bcae70792bbd8bc0aecb90c7b9c43b76b5Kenny Root assertNotNull("Requesting private key should succeed", 2086f1f03bcae70792bbd8bc0aecb90c7b9c43b76b5Kenny Root mService.requestPrivateKey(alias1)); 2093e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 210fb2e18e112f9fb9f0620c0c0ff06377f52fe39a4Fred Quintana byte[] certificate = mService.getCertificate(alias1); 2113e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom assertNotNull(certificate); 212cf8dab6d84729b567b9f373e8f5dec5a4f46b0b3Brian Carlstrom assertEquals(Arrays.toString(Credentials.convertToPem(pke1.getCertificate())), 2133e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom Arrays.toString(certificate)); 2143e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 2159e606dfda36c1a23f36724b7d45f97d2942573eeBrian Carlstrom Log.d(TAG, "test_KeyChainService negative testing"); 216fb2e18e112f9fb9f0620c0c0ff06377f52fe39a4Fred Quintana mSupport.revokeAppPermission(getApplicationInfo().uid, alias2); 2179e606dfda36c1a23f36724b7d45f97d2942573eeBrian Carlstrom try { 2186f1f03bcae70792bbd8bc0aecb90c7b9c43b76b5Kenny Root mService.requestPrivateKey(alias2); 2199e606dfda36c1a23f36724b7d45f97d2942573eeBrian Carlstrom fail(); 2209e606dfda36c1a23f36724b7d45f97d2942573eeBrian Carlstrom } catch (IllegalStateException expected) { 2219e606dfda36c1a23f36724b7d45f97d2942573eeBrian Carlstrom } 2229e606dfda36c1a23f36724b7d45f97d2942573eeBrian Carlstrom 2239e606dfda36c1a23f36724b7d45f97d2942573eeBrian Carlstrom try { 224fb2e18e112f9fb9f0620c0c0ff06377f52fe39a4Fred Quintana mService.getCertificate(alias2); 2259e606dfda36c1a23f36724b7d45f97d2942573eeBrian Carlstrom fail(); 2269e606dfda36c1a23f36724b7d45f97d2942573eeBrian Carlstrom } catch (IllegalStateException expected) { 2279e606dfda36c1a23f36724b7d45f97d2942573eeBrian Carlstrom } 2289e606dfda36c1a23f36724b7d45f97d2942573eeBrian Carlstrom 2293e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom Log.d(TAG, "test_KeyChainService unbind"); 2303e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom unbindServices(); 2313e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom assertFalse(mIsBoundSupport); 2323e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom assertFalse(mIsBoundService); 2333e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom 2343e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom Log.d(TAG, "test_KeyChainService end"); 2353e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 2363e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom } 2373e6251dedc92654476c70bdc413f24a4b31ce6a4Brian Carlstrom} 238