1e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root/* 2e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * Copyright (C) 2012 The Android Open Source Project 3e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * 4e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * Licensed under the Apache License, Version 2.0 (the "License"); 5e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * you may not use this file except in compliance with the License. 6e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * You may obtain a copy of the License at 7e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * 8e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * http://www.apache.org/licenses/LICENSE-2.0 9e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * 10e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * Unless required by applicable law or agreed to in writing, software 11e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * distributed under the License is distributed on an "AS IS" BASIS, 12e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * See the License for the specific language governing permissions and 14e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * limitations under the License. 15e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root */ 16e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 17e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootpackage android.security; 18e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 19802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Rootimport com.android.org.bouncycastle.x509.X509V3CertificateGenerator; 20802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 21802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Rootimport org.apache.harmony.xnet.provider.jsse.OpenSSLEngine; 22802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 23e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport android.test.AndroidTestCase; 24e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 25e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.io.ByteArrayInputStream; 26e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.io.ByteArrayOutputStream; 27e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.io.OutputStream; 28802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Rootimport java.math.BigInteger; 29802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Rootimport java.security.InvalidKeyException; 30e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.security.Key; 31e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.security.KeyFactory; 32e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.security.KeyStore.Entry; 33e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.security.KeyStore.PrivateKeyEntry; 34e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.security.KeyStore.TrustedCertificateEntry; 35e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.security.KeyStoreException; 36e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.security.NoSuchAlgorithmException; 37e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.security.PrivateKey; 38802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Rootimport java.security.PublicKey; 39e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.security.cert.Certificate; 40e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.security.cert.CertificateFactory; 41802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Rootimport java.security.cert.X509Certificate; 42e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.security.interfaces.RSAPrivateKey; 43e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.security.spec.InvalidKeySpecException; 44e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.security.spec.PKCS8EncodedKeySpec; 45802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Rootimport java.security.spec.X509EncodedKeySpec; 46e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.util.Arrays; 47e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.util.Collection; 48e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.util.Date; 49e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.util.Enumeration; 50e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.util.HashSet; 51e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.util.Iterator; 52e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootimport java.util.Set; 53e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 54802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Rootimport javax.security.auth.x500.X500Principal; 55802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 56e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Rootpublic class AndroidKeyStoreTest extends AndroidTestCase { 57e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root private android.security.KeyStore mAndroidKeyStore; 58e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 59e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root private java.security.KeyStore mKeyStore; 60e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 61e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root private static final String TEST_ALIAS_1 = "test1"; 62e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 63e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root private static final String TEST_ALIAS_2 = "test2"; 64e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 65e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root private static final String TEST_ALIAS_3 = "test3"; 66e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 67802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root private static final X500Principal TEST_DN_1 = new X500Principal("CN=test1"); 68802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 69802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root private static final X500Principal TEST_DN_2 = new X500Principal("CN=test2"); 70802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 71802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root private static final BigInteger TEST_SERIAL_1 = BigInteger.ONE; 72802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 73802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root private static final BigInteger TEST_SERIAL_2 = BigInteger.valueOf(2L); 74802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 75802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root private static final long NOW_MILLIS = System.currentTimeMillis(); 76802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 77802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root /* We have to round this off because X509v3 doesn't store milliseconds. */ 78802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root private static final Date NOW = new Date(NOW_MILLIS - (NOW_MILLIS % 1000L)); 79802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 80802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root @SuppressWarnings("deprecation") 81802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root private static final Date NOW_PLUS_10_YEARS = new Date(NOW.getYear() + 10, 0, 1); 82802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 83e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root /* 84e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * The keys and certificates below are generated with: 85e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * 86e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * openssl req -new -x509 -days 3650 -extensions v3_ca -keyout cakey.pem -out cacert.pem 87e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * openssl req -newkey rsa:1024 -keyout userkey.pem -nodes -days 3650 -out userkey.req 88e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * mkdir -p demoCA/newcerts 89e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * touch demoCA/index.txt 90e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * echo "01" > demoCA/serial 91e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * openssl ca -out usercert.pem -in userkey.req -cert cacert.pem -keyfile cakey.pem -days 3650 92e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root */ 93e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 94e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root /** 95e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * Generated from above and converted with: 96e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * 97e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * openssl x509 -outform d -in cacert.pem | xxd -i | sed 's/0x/(byte) 0x/g' 98e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root */ 99e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root private static final byte[] FAKE_CA_1 = { 100e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0x82, (byte) 0x02, (byte) 0xce, (byte) 0x30, (byte) 0x82, 101e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x02, (byte) 0x37, (byte) 0xa0, (byte) 0x03, (byte) 0x02, (byte) 0x01, 102e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x02, (byte) 0x02, (byte) 0x09, (byte) 0x00, (byte) 0xe1, (byte) 0x6a, 103e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xa2, (byte) 0xf4, (byte) 0x2e, (byte) 0x55, (byte) 0x48, (byte) 0x0a, 104e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86, 105e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, 106e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x05, (byte) 0x05, (byte) 0x00, (byte) 0x30, (byte) 0x4f, (byte) 0x31, 107e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x0b, (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, 108e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x04, (byte) 0x06, (byte) 0x13, (byte) 0x02, (byte) 0x55, (byte) 0x53, 109e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x31, (byte) 0x0b, (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, 110e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x55, (byte) 0x04, (byte) 0x08, (byte) 0x13, (byte) 0x02, (byte) 0x43, 111e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x41, (byte) 0x31, (byte) 0x16, (byte) 0x30, (byte) 0x14, (byte) 0x06, 112e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x07, (byte) 0x13, (byte) 0x0d, 113e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x4d, (byte) 0x6f, (byte) 0x75, (byte) 0x6e, (byte) 0x74, (byte) 0x61, 114e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x69, (byte) 0x6e, (byte) 0x20, (byte) 0x56, (byte) 0x69, (byte) 0x65, 115e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x77, (byte) 0x31, (byte) 0x1b, (byte) 0x30, (byte) 0x19, (byte) 0x06, 116e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x0a, (byte) 0x13, (byte) 0x12, 117e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x41, (byte) 0x6e, (byte) 0x64, (byte) 0x72, (byte) 0x6f, (byte) 0x69, 118e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x64, (byte) 0x20, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, 119e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x20, (byte) 0x43, (byte) 0x61, (byte) 0x73, (byte) 0x65, (byte) 0x73, 120e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0x1e, (byte) 0x17, (byte) 0x0d, (byte) 0x31, (byte) 0x32, 121e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0x38, (byte) 0x31, (byte) 0x34, (byte) 0x31, (byte) 0x36, 122e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x35, (byte) 0x35, (byte) 0x34, (byte) 0x34, (byte) 0x5a, (byte) 0x17, 123e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x0d, (byte) 0x32, (byte) 0x32, (byte) 0x30, (byte) 0x38, (byte) 0x31, 124e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x32, (byte) 0x31, (byte) 0x36, (byte) 0x35, (byte) 0x35, (byte) 0x34, 125e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x34, (byte) 0x5a, (byte) 0x30, (byte) 0x4f, (byte) 0x31, (byte) 0x0b, 126e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, 127e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x06, (byte) 0x13, (byte) 0x02, (byte) 0x55, (byte) 0x53, (byte) 0x31, 128e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x0b, (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, 129e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x04, (byte) 0x08, (byte) 0x13, (byte) 0x02, (byte) 0x43, (byte) 0x41, 130e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x31, (byte) 0x16, (byte) 0x30, (byte) 0x14, (byte) 0x06, (byte) 0x03, 131e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x55, (byte) 0x04, (byte) 0x07, (byte) 0x13, (byte) 0x0d, (byte) 0x4d, 132e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x6f, (byte) 0x75, (byte) 0x6e, (byte) 0x74, (byte) 0x61, (byte) 0x69, 133e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x6e, (byte) 0x20, (byte) 0x56, (byte) 0x69, (byte) 0x65, (byte) 0x77, 134e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x31, (byte) 0x1b, (byte) 0x30, (byte) 0x19, (byte) 0x06, (byte) 0x03, 135e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x55, (byte) 0x04, (byte) 0x0a, (byte) 0x13, (byte) 0x12, (byte) 0x41, 136e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x6e, (byte) 0x64, (byte) 0x72, (byte) 0x6f, (byte) 0x69, (byte) 0x64, 137e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x20, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x20, 138e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x43, (byte) 0x61, (byte) 0x73, (byte) 0x65, (byte) 0x73, (byte) 0x30, 139e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x81, (byte) 0x9f, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, 140e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, 141e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x01, (byte) 0x01, (byte) 0x01, (byte) 0x05, (byte) 0x00, (byte) 0x03, 142e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x81, (byte) 0x8d, (byte) 0x00, (byte) 0x30, (byte) 0x81, (byte) 0x89, 143e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x02, (byte) 0x81, (byte) 0x81, (byte) 0x00, (byte) 0xa3, (byte) 0x72, 144e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xab, (byte) 0xd0, (byte) 0xe4, (byte) 0xad, (byte) 0x2f, (byte) 0xe7, 145e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xe2, (byte) 0x79, (byte) 0x07, (byte) 0x36, (byte) 0x3d, (byte) 0x0c, 146e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x8d, (byte) 0x42, (byte) 0x9a, (byte) 0x0a, (byte) 0x33, (byte) 0x64, 147e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xb3, (byte) 0xcd, (byte) 0xb2, (byte) 0xd7, (byte) 0x3a, (byte) 0x42, 148e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x06, (byte) 0x77, (byte) 0x45, (byte) 0x29, (byte) 0xe9, (byte) 0xcb, 149e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xb7, (byte) 0x4a, (byte) 0xd6, (byte) 0xee, (byte) 0xad, (byte) 0x01, 150e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x91, (byte) 0x9b, (byte) 0x0c, (byte) 0x59, (byte) 0xa1, (byte) 0x03, 151e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xfa, (byte) 0xf0, (byte) 0x5a, (byte) 0x7c, (byte) 0x4f, (byte) 0xf7, 152e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x8d, (byte) 0x36, (byte) 0x0f, (byte) 0x1f, (byte) 0x45, (byte) 0x7d, 153e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x1b, (byte) 0x31, (byte) 0xa1, (byte) 0x35, (byte) 0x0b, (byte) 0x00, 154e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xed, (byte) 0x7a, (byte) 0xb6, (byte) 0xc8, (byte) 0x4e, (byte) 0xa9, 155e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x86, (byte) 0x4c, (byte) 0x7b, (byte) 0x99, (byte) 0x57, (byte) 0x41, 156e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x12, (byte) 0xef, (byte) 0x6b, (byte) 0xbc, (byte) 0x3d, (byte) 0x60, 157e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xf2, (byte) 0x99, (byte) 0x1a, (byte) 0xcd, (byte) 0xed, (byte) 0x56, 158e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xa4, (byte) 0xe5, (byte) 0x36, (byte) 0x9f, (byte) 0x24, (byte) 0x1f, 159e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xdc, (byte) 0x89, (byte) 0x40, (byte) 0xc8, (byte) 0x99, (byte) 0x92, 160e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xab, (byte) 0x4a, (byte) 0xb5, (byte) 0x61, (byte) 0x45, (byte) 0x62, 161e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xff, (byte) 0xa3, (byte) 0x45, (byte) 0x65, (byte) 0xaf, (byte) 0xf6, 162e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x27, (byte) 0x30, (byte) 0x51, (byte) 0x0e, (byte) 0x0e, (byte) 0xeb, 163e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x79, (byte) 0x0c, (byte) 0xbe, (byte) 0xb3, (byte) 0x0a, (byte) 0x6f, 164e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x29, (byte) 0x06, (byte) 0xdc, (byte) 0x2f, (byte) 0x6b, (byte) 0x51, 165e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x02, (byte) 0x03, (byte) 0x01, (byte) 0x00, (byte) 0x01, (byte) 0xa3, 166e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x81, (byte) 0xb1, (byte) 0x30, (byte) 0x81, (byte) 0xae, (byte) 0x30, 167e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x1d, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x0e, 168e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x04, (byte) 0x16, (byte) 0x04, (byte) 0x14, (byte) 0x33, (byte) 0x05, 169e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xee, (byte) 0xfe, (byte) 0x6f, (byte) 0x60, (byte) 0xc7, (byte) 0xf9, 170e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xa9, (byte) 0xd2, (byte) 0x73, (byte) 0x5c, (byte) 0x8f, (byte) 0x6d, 171e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xa2, (byte) 0x2f, (byte) 0x97, (byte) 0x8e, (byte) 0x5d, (byte) 0x51, 172e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0x7f, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, 173e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x23, (byte) 0x04, (byte) 0x78, (byte) 0x30, (byte) 0x76, (byte) 0x80, 174e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x14, (byte) 0x33, (byte) 0x05, (byte) 0xee, (byte) 0xfe, (byte) 0x6f, 175e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x60, (byte) 0xc7, (byte) 0xf9, (byte) 0xa9, (byte) 0xd2, (byte) 0x73, 176e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x5c, (byte) 0x8f, (byte) 0x6d, (byte) 0xa2, (byte) 0x2f, (byte) 0x97, 177e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x8e, (byte) 0x5d, (byte) 0x51, (byte) 0xa1, (byte) 0x53, (byte) 0xa4, 178e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x51, (byte) 0x30, (byte) 0x4f, (byte) 0x31, (byte) 0x0b, (byte) 0x30, 179e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x06, 180e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x13, (byte) 0x02, (byte) 0x55, (byte) 0x53, (byte) 0x31, (byte) 0x0b, 181e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, 182e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x08, (byte) 0x13, (byte) 0x02, (byte) 0x43, (byte) 0x41, (byte) 0x31, 183e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x16, (byte) 0x30, (byte) 0x14, (byte) 0x06, (byte) 0x03, (byte) 0x55, 184e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x04, (byte) 0x07, (byte) 0x13, (byte) 0x0d, (byte) 0x4d, (byte) 0x6f, 185e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x75, (byte) 0x6e, (byte) 0x74, (byte) 0x61, (byte) 0x69, (byte) 0x6e, 186e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x20, (byte) 0x56, (byte) 0x69, (byte) 0x65, (byte) 0x77, (byte) 0x31, 187e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x1b, (byte) 0x30, (byte) 0x19, (byte) 0x06, (byte) 0x03, (byte) 0x55, 188e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x04, (byte) 0x0a, (byte) 0x13, (byte) 0x12, (byte) 0x41, (byte) 0x6e, 189e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x64, (byte) 0x72, (byte) 0x6f, (byte) 0x69, (byte) 0x64, (byte) 0x20, 190e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x20, (byte) 0x43, 191e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x61, (byte) 0x73, (byte) 0x65, (byte) 0x73, (byte) 0x82, (byte) 0x09, 192e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x00, (byte) 0xe1, (byte) 0x6a, (byte) 0xa2, (byte) 0xf4, (byte) 0x2e, 193e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x55, (byte) 0x48, (byte) 0x0a, (byte) 0x30, (byte) 0x0c, (byte) 0x06, 194e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x13, (byte) 0x04, (byte) 0x05, 195e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0x03, (byte) 0x01, (byte) 0x01, (byte) 0xff, (byte) 0x30, 196e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86, (byte) 0x48, 197e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x05, 198e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x05, (byte) 0x00, (byte) 0x03, (byte) 0x81, (byte) 0x81, (byte) 0x00, 199e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x8c, (byte) 0x30, (byte) 0x42, (byte) 0xfa, (byte) 0xeb, (byte) 0x1a, 200e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x26, (byte) 0xeb, (byte) 0xda, (byte) 0x56, (byte) 0x32, (byte) 0xf2, 201e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x9d, (byte) 0xa5, (byte) 0x24, (byte) 0xd8, (byte) 0x3a, (byte) 0xda, 202e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0xa6, (byte) 0x8b, (byte) 0x46, (byte) 0xfe, (byte) 0xfe, 203e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xdb, (byte) 0xf1, (byte) 0xe6, (byte) 0xe1, (byte) 0x7c, (byte) 0x1b, 204e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xe7, (byte) 0x77, (byte) 0x00, (byte) 0xa1, (byte) 0x1c, (byte) 0x19, 205e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x17, (byte) 0x73, (byte) 0xb0, (byte) 0xf0, (byte) 0x9d, (byte) 0xf3, 206e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x4f, (byte) 0xb6, (byte) 0xbc, (byte) 0xc7, (byte) 0x47, (byte) 0x85, 207e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x2a, (byte) 0x4a, (byte) 0xa1, (byte) 0xa5, (byte) 0x58, (byte) 0xf5, 208e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xc5, (byte) 0x1a, (byte) 0x51, (byte) 0xb1, (byte) 0x04, (byte) 0x80, 209e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xee, (byte) 0x3a, (byte) 0xec, (byte) 0x2f, (byte) 0xe1, (byte) 0xfd, 210e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x58, (byte) 0xeb, (byte) 0xed, (byte) 0x82, (byte) 0x9e, (byte) 0x38, 211e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xa3, (byte) 0x24, (byte) 0x75, (byte) 0xf7, (byte) 0x3e, (byte) 0xc2, 212e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xc5, (byte) 0x27, (byte) 0xeb, (byte) 0x6f, (byte) 0x7b, (byte) 0x50, 213e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xda, (byte) 0x43, (byte) 0xdc, (byte) 0x3b, (byte) 0x0b, (byte) 0x6f, 214e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x78, (byte) 0x8f, (byte) 0xb0, (byte) 0x66, (byte) 0xe1, (byte) 0x12, 215e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x87, (byte) 0x5f, (byte) 0x97, (byte) 0x7b, (byte) 0xca, (byte) 0x14, 216e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x79, (byte) 0xf7, (byte) 0xe8, (byte) 0x6c, (byte) 0x72, (byte) 0xdb, 217e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x91, (byte) 0x65, (byte) 0x17, (byte) 0x54, (byte) 0xe0, (byte) 0x74, 218e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x1d, (byte) 0xac, (byte) 0x47, (byte) 0x04, (byte) 0x12, (byte) 0xe0, 219e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xc3, (byte) 0x66, (byte) 0x19, (byte) 0x05, (byte) 0x2e, (byte) 0x7e, 220e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xf1, (byte) 0x61 221e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root }; 222e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 223e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root /** 224e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * Generated from above and converted with: 225e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * 226e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * openssl pkcs8 -topk8 -outform d -in userkey.pem -nocrypt | xxd -i | sed 's/0x/(byte) 0x/g' 227e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root */ 228e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root private static final byte[] FAKE_KEY_1 = new byte[] { 229e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0x82, (byte) 0x02, (byte) 0x78, (byte) 0x02, (byte) 0x01, 230e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x00, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, 231e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x86, (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, 232e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x01, (byte) 0x01, (byte) 0x05, (byte) 0x00, (byte) 0x04, (byte) 0x82, 233e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x02, (byte) 0x62, (byte) 0x30, (byte) 0x82, (byte) 0x02, (byte) 0x5e, 234e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x02, (byte) 0x01, (byte) 0x00, (byte) 0x02, (byte) 0x81, (byte) 0x81, 235e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x00, (byte) 0xce, (byte) 0x29, (byte) 0xeb, (byte) 0xf6, (byte) 0x5b, 236e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x25, (byte) 0xdc, (byte) 0xa1, (byte) 0xa6, (byte) 0x2c, (byte) 0x66, 237e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xcb, (byte) 0x20, (byte) 0x90, (byte) 0x27, (byte) 0x86, (byte) 0x8a, 238e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x44, (byte) 0x71, (byte) 0x50, (byte) 0xda, (byte) 0xd3, (byte) 0x02, 239e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x77, (byte) 0x55, (byte) 0xe9, (byte) 0xe8, (byte) 0x08, (byte) 0xf3, 240e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x36, (byte) 0x9a, (byte) 0xae, (byte) 0xab, (byte) 0x04, (byte) 0x6d, 241e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x00, (byte) 0x99, (byte) 0xbf, (byte) 0x7d, (byte) 0x0f, (byte) 0x67, 242e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x8b, (byte) 0x1d, (byte) 0xd4, (byte) 0x2b, (byte) 0x7c, (byte) 0xcb, 243e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xcd, (byte) 0x33, (byte) 0xc7, (byte) 0x84, (byte) 0x30, (byte) 0xe2, 244e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x45, (byte) 0x21, (byte) 0xb3, (byte) 0x75, (byte) 0xf5, (byte) 0x79, 245e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x02, (byte) 0xda, (byte) 0x50, (byte) 0xa3, (byte) 0x8b, (byte) 0xce, 246e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xc3, (byte) 0x8e, (byte) 0x0f, (byte) 0x25, (byte) 0xeb, (byte) 0x08, 247e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x2c, (byte) 0xdd, (byte) 0x1c, (byte) 0xcf, (byte) 0xff, (byte) 0x3b, 248e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xde, (byte) 0xb6, (byte) 0xaa, (byte) 0x2a, (byte) 0xa9, (byte) 0xc4, 249e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x8a, (byte) 0x24, (byte) 0x24, (byte) 0xe6, (byte) 0x29, (byte) 0x0d, 250e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x98, (byte) 0x4c, (byte) 0x32, (byte) 0xa1, (byte) 0x7b, (byte) 0x23, 251e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x2b, (byte) 0x42, (byte) 0x30, (byte) 0xee, (byte) 0x78, (byte) 0x08, 252e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x47, (byte) 0xad, (byte) 0xf2, (byte) 0x96, (byte) 0xd5, (byte) 0xf1, 253e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x62, (byte) 0x42, (byte) 0x2d, (byte) 0x35, (byte) 0x19, (byte) 0xb4, 254e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x3c, (byte) 0xc9, (byte) 0xc3, (byte) 0x5f, (byte) 0x03, (byte) 0x16, 255e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x3a, (byte) 0x23, (byte) 0xac, (byte) 0xcb, (byte) 0xce, (byte) 0x9e, 256e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x51, (byte) 0x2e, (byte) 0x6d, (byte) 0x02, (byte) 0x03, (byte) 0x01, 257e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x00, (byte) 0x01, (byte) 0x02, (byte) 0x81, (byte) 0x80, (byte) 0x16, 258e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x59, (byte) 0xc3, (byte) 0x24, (byte) 0x1d, (byte) 0x33, (byte) 0x98, 259e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x9c, (byte) 0xc9, (byte) 0xc8, (byte) 0x2c, (byte) 0x88, (byte) 0xbf, 260e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x0a, (byte) 0x01, (byte) 0xce, (byte) 0xfb, (byte) 0x34, (byte) 0x7a, 261e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x58, (byte) 0x7a, (byte) 0xb0, (byte) 0xbf, (byte) 0xa6, (byte) 0xb2, 262e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x60, (byte) 0xbe, (byte) 0x70, (byte) 0x21, (byte) 0xf5, (byte) 0xfc, 263e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x85, (byte) 0x0d, (byte) 0x33, (byte) 0x58, (byte) 0xa1, (byte) 0xe5, 264e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x09, (byte) 0x36, (byte) 0x84, (byte) 0xb2, (byte) 0x04, (byte) 0x0a, 265e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x02, (byte) 0xd3, (byte) 0x88, (byte) 0x1f, (byte) 0x0c, (byte) 0x2b, 266e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x1d, (byte) 0xe9, (byte) 0x3d, (byte) 0xe7, (byte) 0x79, (byte) 0xf9, 267e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x32, (byte) 0x5c, (byte) 0x8a, (byte) 0x75, (byte) 0x49, (byte) 0x12, 268e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xe4, (byte) 0x05, (byte) 0x26, (byte) 0xd4, (byte) 0x2e, (byte) 0x9e, 269e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x1f, (byte) 0xcc, (byte) 0x54, (byte) 0xad, (byte) 0x33, (byte) 0x8d, 270e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x99, (byte) 0x00, (byte) 0xdc, (byte) 0xf5, (byte) 0xb4, (byte) 0xa2, 271e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x2f, (byte) 0xba, (byte) 0xe5, (byte) 0x62, (byte) 0x30, (byte) 0x6d, 272e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xe6, (byte) 0x3d, (byte) 0xeb, (byte) 0x24, (byte) 0xc2, (byte) 0xdc, 273e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x5f, (byte) 0xb7, (byte) 0x16, (byte) 0x35, (byte) 0xa3, (byte) 0x98, 274e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x98, (byte) 0xa8, (byte) 0xef, (byte) 0xe8, (byte) 0xc4, (byte) 0x96, 275e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x6d, (byte) 0x38, (byte) 0xab, (byte) 0x26, (byte) 0x6d, (byte) 0x30, 276e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xc2, (byte) 0xa0, (byte) 0x44, (byte) 0xe4, (byte) 0xff, (byte) 0x7e, 277e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xbe, (byte) 0x7c, (byte) 0x33, (byte) 0xa5, (byte) 0x10, (byte) 0xad, 278e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xd7, (byte) 0x1e, (byte) 0x13, (byte) 0x20, (byte) 0xb3, (byte) 0x1f, 279e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x41, (byte) 0x02, (byte) 0x41, (byte) 0x00, (byte) 0xf1, (byte) 0x89, 280e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x07, (byte) 0x0f, (byte) 0xe8, (byte) 0xcf, (byte) 0xab, (byte) 0x13, 281e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x2a, (byte) 0x8f, (byte) 0x88, (byte) 0x80, (byte) 0x11, (byte) 0x9a, 282e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x79, (byte) 0xb6, (byte) 0x59, (byte) 0x3a, (byte) 0x50, (byte) 0x6e, 283e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x57, (byte) 0x37, (byte) 0xab, (byte) 0x2a, (byte) 0xd2, (byte) 0xaa, 284e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xd9, (byte) 0x72, (byte) 0x73, (byte) 0xff, (byte) 0x8b, (byte) 0x47, 285e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x76, (byte) 0xdd, (byte) 0xdc, (byte) 0xf5, (byte) 0x97, (byte) 0x44, 286e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x3a, (byte) 0x78, (byte) 0xbe, (byte) 0x17, (byte) 0xb4, (byte) 0x22, 287e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x6f, (byte) 0xe5, (byte) 0x23, (byte) 0x70, (byte) 0x1d, (byte) 0x10, 288e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x5d, (byte) 0xba, (byte) 0x16, (byte) 0x81, (byte) 0xf1, (byte) 0x45, 289e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xce, (byte) 0x30, (byte) 0xb4, (byte) 0xab, (byte) 0x80, (byte) 0xe4, 290e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x98, (byte) 0x31, (byte) 0x02, (byte) 0x41, (byte) 0x00, (byte) 0xda, 291e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x82, (byte) 0x9d, (byte) 0x3f, (byte) 0xca, (byte) 0x2f, (byte) 0xe1, 292e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xd4, (byte) 0x86, (byte) 0x77, (byte) 0x48, (byte) 0xa6, (byte) 0xab, 293e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xab, (byte) 0x1c, (byte) 0x42, (byte) 0x5c, (byte) 0xd5, (byte) 0xc7, 294e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x46, (byte) 0x59, (byte) 0x91, (byte) 0x3f, (byte) 0xfc, (byte) 0xcc, 295e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xec, (byte) 0xc2, (byte) 0x40, (byte) 0x12, (byte) 0x2c, (byte) 0x8d, 296e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x1f, (byte) 0xa2, (byte) 0x18, (byte) 0x88, (byte) 0xee, (byte) 0x82, 297e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x4a, (byte) 0x5a, (byte) 0x5e, (byte) 0x88, (byte) 0x20, (byte) 0xe3, 298e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x7b, (byte) 0xe0, (byte) 0xd8, (byte) 0x3a, (byte) 0x52, (byte) 0x9a, 299e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x26, (byte) 0x6a, (byte) 0x04, (byte) 0xec, (byte) 0xe8, (byte) 0xb9, 300e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x48, (byte) 0x40, (byte) 0xe1, (byte) 0xe1, (byte) 0x83, (byte) 0xa6, 301e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x67, (byte) 0xa6, (byte) 0xfd, (byte) 0x02, (byte) 0x41, (byte) 0x00, 302e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x89, (byte) 0x72, (byte) 0x3e, (byte) 0xb0, (byte) 0x90, (byte) 0xfd, 303e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x4c, (byte) 0x0e, (byte) 0xd6, (byte) 0x13, (byte) 0x63, (byte) 0xcb, 304e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xed, (byte) 0x38, (byte) 0x88, (byte) 0xb6, (byte) 0x79, (byte) 0xc4, 305e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x33, (byte) 0x6c, (byte) 0xf6, (byte) 0xf8, (byte) 0xd8, (byte) 0xd0, 306e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xbf, (byte) 0x9d, (byte) 0x35, (byte) 0xac, (byte) 0x69, (byte) 0xd2, 307e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x2b, (byte) 0xc1, (byte) 0xf9, (byte) 0x24, (byte) 0x7b, (byte) 0xce, 308e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xcd, (byte) 0xcb, (byte) 0xa7, (byte) 0xb2, (byte) 0x7a, (byte) 0x0a, 309e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x27, (byte) 0x19, (byte) 0xc9, (byte) 0xaf, (byte) 0x0d, (byte) 0x21, 310e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x89, (byte) 0x88, (byte) 0x7c, (byte) 0xad, (byte) 0x9e, (byte) 0x8d, 311e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x47, (byte) 0x6d, (byte) 0x3f, (byte) 0xce, (byte) 0x7b, (byte) 0xa1, 312e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x74, (byte) 0xf1, (byte) 0xa0, (byte) 0xa1, (byte) 0x02, (byte) 0x41, 313e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x00, (byte) 0xd9, (byte) 0xa8, (byte) 0xf5, (byte) 0xfe, (byte) 0xce, 314e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xe6, (byte) 0x77, (byte) 0x6b, (byte) 0xfe, (byte) 0x2d, (byte) 0xe0, 315e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x1e, (byte) 0xb6, (byte) 0x2e, (byte) 0x12, (byte) 0x4e, (byte) 0x40, 316e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xaf, (byte) 0x6a, (byte) 0x7b, (byte) 0x37, (byte) 0x49, (byte) 0x2a, 317e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x96, (byte) 0x25, (byte) 0x83, (byte) 0x49, (byte) 0xd4, (byte) 0x0c, 318e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xc6, (byte) 0x78, (byte) 0x25, (byte) 0x24, (byte) 0x90, (byte) 0x90, 319e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x06, (byte) 0x15, (byte) 0x9e, (byte) 0xfe, (byte) 0xf9, (byte) 0xdf, 320e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x5b, (byte) 0xf3, (byte) 0x7e, (byte) 0x38, (byte) 0x70, (byte) 0xeb, 321e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x57, (byte) 0xd0, (byte) 0xd9, (byte) 0xa7, (byte) 0x0e, (byte) 0x14, 322e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xf7, (byte) 0x95, (byte) 0x68, (byte) 0xd5, (byte) 0xc8, (byte) 0xab, 323e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x9d, (byte) 0x3a, (byte) 0x2b, (byte) 0x51, (byte) 0xf9, (byte) 0x02, 324e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x41, (byte) 0x00, (byte) 0x96, (byte) 0xdf, (byte) 0xe9, (byte) 0x67, 325e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x6c, (byte) 0xdc, (byte) 0x90, (byte) 0x14, (byte) 0xb4, (byte) 0x1d, 326e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x22, (byte) 0x33, (byte) 0x4a, (byte) 0x31, (byte) 0xc1, (byte) 0x9d, 327e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x2e, (byte) 0xff, (byte) 0x9a, (byte) 0x2a, (byte) 0x95, (byte) 0x4b, 328e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x27, (byte) 0x74, (byte) 0xcb, (byte) 0x21, (byte) 0xc3, (byte) 0xd2, 329e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x0b, (byte) 0xb2, (byte) 0x46, (byte) 0x87, (byte) 0xf8, (byte) 0x28, 330e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x01, (byte) 0x8b, (byte) 0xd8, (byte) 0xb9, (byte) 0x4b, (byte) 0xcd, 331e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x9a, (byte) 0x96, (byte) 0x41, (byte) 0x0e, (byte) 0x36, (byte) 0x6d, 332e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x40, (byte) 0x42, (byte) 0xbc, (byte) 0xd9, (byte) 0xd3, (byte) 0x7b, 333e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xbc, (byte) 0xa7, (byte) 0x92, (byte) 0x90, (byte) 0xdd, (byte) 0xa1, 334e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x9c, (byte) 0xce, (byte) 0xa1, (byte) 0x87, (byte) 0x11, (byte) 0x51 335e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root }; 336e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 337e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root /** 338e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * Generated from above and converted with: 339e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * 340e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * openssl x509 -outform d -in usercert.pem | xxd -i | sed 's/0x/(byte) 0x/g' 341e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root */ 342e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root private static final byte[] FAKE_USER_1 = new byte[] { 343e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0x82, (byte) 0x02, (byte) 0x95, (byte) 0x30, (byte) 0x82, 344e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x01, (byte) 0xfe, (byte) 0xa0, (byte) 0x03, (byte) 0x02, (byte) 0x01, 345e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x02, (byte) 0x02, (byte) 0x01, (byte) 0x01, (byte) 0x30, (byte) 0x0d, 346e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0x86, 347e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x05, (byte) 0x05, 348e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x00, (byte) 0x30, (byte) 0x4f, (byte) 0x31, (byte) 0x0b, (byte) 0x30, 349e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x06, 350e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x13, (byte) 0x02, (byte) 0x55, (byte) 0x53, (byte) 0x31, (byte) 0x0b, 351e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, 352e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x08, (byte) 0x13, (byte) 0x02, (byte) 0x43, (byte) 0x41, (byte) 0x31, 353e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x16, (byte) 0x30, (byte) 0x14, (byte) 0x06, (byte) 0x03, (byte) 0x55, 354e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x04, (byte) 0x07, (byte) 0x13, (byte) 0x0d, (byte) 0x4d, (byte) 0x6f, 355e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x75, (byte) 0x6e, (byte) 0x74, (byte) 0x61, (byte) 0x69, (byte) 0x6e, 356e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x20, (byte) 0x56, (byte) 0x69, (byte) 0x65, (byte) 0x77, (byte) 0x31, 357e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x1b, (byte) 0x30, (byte) 0x19, (byte) 0x06, (byte) 0x03, (byte) 0x55, 358e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x04, (byte) 0x0a, (byte) 0x13, (byte) 0x12, (byte) 0x41, (byte) 0x6e, 359e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x64, (byte) 0x72, (byte) 0x6f, (byte) 0x69, (byte) 0x64, (byte) 0x20, 360e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x20, (byte) 0x43, 361e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x61, (byte) 0x73, (byte) 0x65, (byte) 0x73, (byte) 0x30, (byte) 0x1e, 362e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x17, (byte) 0x0d, (byte) 0x31, (byte) 0x32, (byte) 0x30, (byte) 0x38, 363e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x31, (byte) 0x34, (byte) 0x32, (byte) 0x33, (byte) 0x32, (byte) 0x35, 364e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x34, (byte) 0x38, (byte) 0x5a, (byte) 0x17, (byte) 0x0d, (byte) 0x32, 365e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x32, (byte) 0x30, (byte) 0x38, (byte) 0x31, (byte) 0x32, (byte) 0x32, 366e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x33, (byte) 0x32, (byte) 0x35, (byte) 0x34, (byte) 0x38, (byte) 0x5a, 367e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0x55, (byte) 0x31, (byte) 0x0b, (byte) 0x30, (byte) 0x09, 368e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x06, (byte) 0x13, 369e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x02, (byte) 0x55, (byte) 0x53, (byte) 0x31, (byte) 0x0b, (byte) 0x30, 370e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x08, 371e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x13, (byte) 0x02, (byte) 0x43, (byte) 0x41, (byte) 0x31, (byte) 0x1b, 372e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0x19, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, 373e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x0a, (byte) 0x13, (byte) 0x12, (byte) 0x41, (byte) 0x6e, (byte) 0x64, 374e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x72, (byte) 0x6f, (byte) 0x69, (byte) 0x64, (byte) 0x20, (byte) 0x54, 375e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x20, (byte) 0x43, (byte) 0x61, 376e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x73, (byte) 0x65, (byte) 0x73, (byte) 0x31, (byte) 0x1c, (byte) 0x30, 377e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x1a, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x03, 378e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x13, (byte) 0x13, (byte) 0x73, (byte) 0x65, (byte) 0x72, (byte) 0x76, 379e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x65, (byte) 0x72, (byte) 0x31, (byte) 0x2e, (byte) 0x65, (byte) 0x78, 380e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x61, (byte) 0x6d, (byte) 0x70, (byte) 0x6c, (byte) 0x65, (byte) 0x2e, 381e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x63, (byte) 0x6f, (byte) 0x6d, (byte) 0x30, (byte) 0x81, (byte) 0x9f, 382e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86, 383e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, 384e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x01, (byte) 0x05, (byte) 0x00, (byte) 0x03, (byte) 0x81, (byte) 0x8d, 385e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x00, (byte) 0x30, (byte) 0x81, (byte) 0x89, (byte) 0x02, (byte) 0x81, 386e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x81, (byte) 0x00, (byte) 0xce, (byte) 0x29, (byte) 0xeb, (byte) 0xf6, 387e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x5b, (byte) 0x25, (byte) 0xdc, (byte) 0xa1, (byte) 0xa6, (byte) 0x2c, 388e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x66, (byte) 0xcb, (byte) 0x20, (byte) 0x90, (byte) 0x27, (byte) 0x86, 389e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x8a, (byte) 0x44, (byte) 0x71, (byte) 0x50, (byte) 0xda, (byte) 0xd3, 390e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x02, (byte) 0x77, (byte) 0x55, (byte) 0xe9, (byte) 0xe8, (byte) 0x08, 391e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xf3, (byte) 0x36, (byte) 0x9a, (byte) 0xae, (byte) 0xab, (byte) 0x04, 392e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x6d, (byte) 0x00, (byte) 0x99, (byte) 0xbf, (byte) 0x7d, (byte) 0x0f, 393e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x67, (byte) 0x8b, (byte) 0x1d, (byte) 0xd4, (byte) 0x2b, (byte) 0x7c, 394e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xcb, (byte) 0xcd, (byte) 0x33, (byte) 0xc7, (byte) 0x84, (byte) 0x30, 395e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xe2, (byte) 0x45, (byte) 0x21, (byte) 0xb3, (byte) 0x75, (byte) 0xf5, 396e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x79, (byte) 0x02, (byte) 0xda, (byte) 0x50, (byte) 0xa3, (byte) 0x8b, 397e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xce, (byte) 0xc3, (byte) 0x8e, (byte) 0x0f, (byte) 0x25, (byte) 0xeb, 398e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x08, (byte) 0x2c, (byte) 0xdd, (byte) 0x1c, (byte) 0xcf, (byte) 0xff, 399e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x3b, (byte) 0xde, (byte) 0xb6, (byte) 0xaa, (byte) 0x2a, (byte) 0xa9, 400e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xc4, (byte) 0x8a, (byte) 0x24, (byte) 0x24, (byte) 0xe6, (byte) 0x29, 401e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x0d, (byte) 0x98, (byte) 0x4c, (byte) 0x32, (byte) 0xa1, (byte) 0x7b, 402e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x23, (byte) 0x2b, (byte) 0x42, (byte) 0x30, (byte) 0xee, (byte) 0x78, 403e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x08, (byte) 0x47, (byte) 0xad, (byte) 0xf2, (byte) 0x96, (byte) 0xd5, 404e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xf1, (byte) 0x62, (byte) 0x42, (byte) 0x2d, (byte) 0x35, (byte) 0x19, 405e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xb4, (byte) 0x3c, (byte) 0xc9, (byte) 0xc3, (byte) 0x5f, (byte) 0x03, 406e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x16, (byte) 0x3a, (byte) 0x23, (byte) 0xac, (byte) 0xcb, (byte) 0xce, 407e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x9e, (byte) 0x51, (byte) 0x2e, (byte) 0x6d, (byte) 0x02, (byte) 0x03, 408e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x01, (byte) 0x00, (byte) 0x01, (byte) 0xa3, (byte) 0x7b, (byte) 0x30, 409e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x79, (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, 410e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x1d, (byte) 0x13, (byte) 0x04, (byte) 0x02, (byte) 0x30, (byte) 0x00, 411e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x30, (byte) 0x2c, (byte) 0x06, (byte) 0x09, (byte) 0x60, (byte) 0x86, 412e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x48, (byte) 0x01, (byte) 0x86, (byte) 0xf8, (byte) 0x42, (byte) 0x01, 413e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x0d, (byte) 0x04, (byte) 0x1f, (byte) 0x16, (byte) 0x1d, (byte) 0x4f, 414e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x70, (byte) 0x65, (byte) 0x6e, (byte) 0x53, (byte) 0x53, (byte) 0x4c, 415e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x20, (byte) 0x47, (byte) 0x65, (byte) 0x6e, (byte) 0x65, (byte) 0x72, 416e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x61, (byte) 0x74, (byte) 0x65, (byte) 0x64, (byte) 0x20, (byte) 0x43, 417e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x65, (byte) 0x72, (byte) 0x74, (byte) 0x69, (byte) 0x66, (byte) 0x69, 418e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x63, (byte) 0x61, (byte) 0x74, (byte) 0x65, (byte) 0x30, (byte) 0x1d, 419e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x0e, (byte) 0x04, 420e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x16, (byte) 0x04, (byte) 0x14, (byte) 0x32, (byte) 0xa1, (byte) 0x1e, 421e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x6b, (byte) 0x69, (byte) 0x04, (byte) 0xfe, (byte) 0xb3, (byte) 0xcd, 422e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xf8, (byte) 0xbb, (byte) 0x14, (byte) 0xcd, (byte) 0xff, (byte) 0xd4, 423e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x16, (byte) 0xc3, (byte) 0xab, (byte) 0x44, (byte) 0x2f, (byte) 0x30, 424e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x1f, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x23, 425e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x04, (byte) 0x18, (byte) 0x30, (byte) 0x16, (byte) 0x80, (byte) 0x14, 426e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x33, (byte) 0x05, (byte) 0xee, (byte) 0xfe, (byte) 0x6f, (byte) 0x60, 427e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xc7, (byte) 0xf9, (byte) 0xa9, (byte) 0xd2, (byte) 0x73, (byte) 0x5c, 428e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x8f, (byte) 0x6d, (byte) 0xa2, (byte) 0x2f, (byte) 0x97, (byte) 0x8e, 429e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x5d, (byte) 0x51, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, 430e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, 431e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x01, (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x00, (byte) 0x03, 432e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x81, (byte) 0x81, (byte) 0x00, (byte) 0x46, (byte) 0x42, (byte) 0xef, 433e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x56, (byte) 0x89, (byte) 0x78, (byte) 0x90, (byte) 0x38, (byte) 0x24, 434e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x9f, (byte) 0x8c, (byte) 0x7a, (byte) 0xce, (byte) 0x7a, (byte) 0xa5, 435e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xb5, (byte) 0x1e, (byte) 0x74, (byte) 0x96, (byte) 0x34, (byte) 0x49, 436e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x8b, (byte) 0xed, (byte) 0x44, (byte) 0xb3, (byte) 0xc9, (byte) 0x05, 437e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xd7, (byte) 0x48, (byte) 0x55, (byte) 0x52, (byte) 0x59, (byte) 0x15, 438e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x0b, (byte) 0xaa, (byte) 0x16, (byte) 0x86, (byte) 0xd2, (byte) 0x8e, 439e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x16, (byte) 0x99, (byte) 0xe8, (byte) 0x5f, (byte) 0x11, (byte) 0x71, 440e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x42, (byte) 0x55, (byte) 0xd1, (byte) 0xc4, (byte) 0x6f, (byte) 0x2e, 441e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xa9, (byte) 0x64, (byte) 0x6f, (byte) 0xd8, (byte) 0xfd, (byte) 0x43, 442e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x13, (byte) 0x24, (byte) 0xaa, (byte) 0x67, (byte) 0xe6, (byte) 0xf5, 443e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xca, (byte) 0x80, (byte) 0x5e, (byte) 0x3a, (byte) 0x3e, (byte) 0xcc, 444e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x4f, (byte) 0xba, (byte) 0x87, (byte) 0xe6, (byte) 0xae, (byte) 0xbf, 445e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x8f, (byte) 0xd5, (byte) 0x28, (byte) 0x38, (byte) 0x58, (byte) 0x30, 446e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x24, (byte) 0xf6, (byte) 0x53, (byte) 0x5b, (byte) 0x41, (byte) 0x53, 447e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xe6, (byte) 0x45, (byte) 0xbc, (byte) 0xbe, (byte) 0xe6, (byte) 0xbb, 448e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x5d, (byte) 0xd8, (byte) 0xa7, (byte) 0xf9, (byte) 0x64, (byte) 0x99, 449e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x04, (byte) 0x43, (byte) 0x75, (byte) 0xd7, (byte) 0x2d, (byte) 0x32, 450e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x0a, (byte) 0x94, (byte) 0xaf, (byte) 0x06, (byte) 0x34, (byte) 0xae, 451e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x46, (byte) 0xbd, (byte) 0xda, (byte) 0x00, (byte) 0x0e, (byte) 0x25, 452e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0xc2, (byte) 0xf7, (byte) 0xc9, (byte) 0xc3, (byte) 0x65, (byte) 0xd2, 453e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root (byte) 0x08, (byte) 0x41, (byte) 0x0a, (byte) 0xf3, (byte) 0x72 454e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root }; 455e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 456e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root /** 457e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * The amount of time to allow before and after expected time for variance 458e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root * in timing tests. 459e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root */ 460e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root private static final long SLOP_TIME_MILLIS = 15000L; 461e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 462e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root @Override 463e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root protected void setUp() throws Exception { 464e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mAndroidKeyStore = android.security.KeyStore.getInstance(); 465e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 466e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.reset()); 467e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 468e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals(android.security.KeyStore.State.UNINITIALIZED, mAndroidKeyStore.state()); 469e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 470e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.password("1111")); 471e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 472e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals(android.security.KeyStore.State.UNLOCKED, mAndroidKeyStore.state()); 473e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 474e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals(0, mAndroidKeyStore.saw("").length); 475e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 476e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore = java.security.KeyStore.getInstance(AndroidKeyStore.NAME); 477e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 478e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 479e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root private void assertAliases(final String[] expectedAliases) throws KeyStoreException { 480e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Enumeration<String> aliases = mKeyStore.aliases(); 481e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root int count = 0; 482e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 483e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Set<String> expectedSet = new HashSet<String>(); 484e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedSet.addAll(Arrays.asList(expectedAliases)); 485e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 486e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root while (aliases.hasMoreElements()) { 487e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root count++; 488e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final String alias = aliases.nextElement(); 489e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("The alias should be in the expected set", expectedSet.contains(alias)); 490e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedSet.remove(alias); 491e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 492e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("The expected set and actual set should be exactly equal", expectedSet.isEmpty()); 493e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("There should be the correct number of keystore entries", 494e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedAliases.length, count); 495e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 496e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 497e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_Aliases_Success() throws Exception { 498e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 499e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 500e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] {}); 501e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 502e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.generate(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1)); 503e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 504e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { TEST_ALIAS_1 }); 505e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 506e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_2, FAKE_CA_1)); 507e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 508e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { TEST_ALIAS_1, TEST_ALIAS_2 }); 509e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 510e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 511e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_Aliases_NotInitialized_Failure() throws Exception { 512e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root try { 513e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.aliases(); 514e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root fail("KeyStore should throw exception when not initialized"); 515e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } catch (KeyStoreException success) { 516e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 517e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 518e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 519e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_ContainsAliases_PrivateAndCA_Success() throws Exception { 520e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 521e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 522e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] {}); 523e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 524e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.generate(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1)); 525e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 526e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Should contain generated private key", mKeyStore.containsAlias(TEST_ALIAS_1)); 527e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 528e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_2, FAKE_CA_1)); 529e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 530e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Should contain added CA certificate", mKeyStore.containsAlias(TEST_ALIAS_2)); 531e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 532e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertFalse("Should not contain unadded certificate alias", 533e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.containsAlias(TEST_ALIAS_3)); 534e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 535e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 536e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_ContainsAliases_CAOnly_Success() throws Exception { 537e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 538e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 539e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_2, FAKE_CA_1)); 540e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 541e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Should contain added CA certificate", mKeyStore.containsAlias(TEST_ALIAS_2)); 542e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 543e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 544e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_ContainsAliases_NonExistent_Failure() throws Exception { 545e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 546e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 547e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertFalse("Should contain added CA certificate", mKeyStore.containsAlias(TEST_ALIAS_1)); 548e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 549e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 550e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_DeleteEntry_Success() throws Exception { 551e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 552e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 553e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // TEST_ALIAS_1 554e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 555e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root FAKE_KEY_1)); 556e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 557e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 558e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 559e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // TEST_ALIAS_2 560e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_2, FAKE_CA_1)); 561e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 562e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // TEST_ALIAS_3 563e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_3, FAKE_CA_1)); 564e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 565e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { TEST_ALIAS_1, TEST_ALIAS_2, TEST_ALIAS_3 }); 566e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 567e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.deleteEntry(TEST_ALIAS_1); 568e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 569e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { TEST_ALIAS_2, TEST_ALIAS_3 }); 570e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 571e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.deleteEntry(TEST_ALIAS_3); 572e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 573e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { TEST_ALIAS_2 }); 574e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 575e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.deleteEntry(TEST_ALIAS_2); 576e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 577e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { }); 578e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 579e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 580e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_DeleteEntry_EmptyStore_Failure() throws Exception { 581e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 582e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 583e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root try { 584e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.deleteEntry(TEST_ALIAS_1); 585e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root fail("Should throw KeyStoreException with non-existent alias"); 586e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } catch (KeyStoreException success) { 587e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 588e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 589e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 590e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_DeleteEntry_NonExistent_Failure() throws Exception { 591e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 592e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 593e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // TEST_ALIAS_1 594e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 595e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root FAKE_KEY_1)); 596e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 597e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 598e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 599e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root try { 600e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.deleteEntry(TEST_ALIAS_2); 601e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root fail("Should throw KeyStoreException with non-existent alias"); 602e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } catch (KeyStoreException success) { 603e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 604e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 605e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 606e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetCertificate_Single_Success() throws Exception { 607e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 608e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 609e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 610e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 611e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { TEST_ALIAS_1 }); 612e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 613e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNull("Certificate should not exist in keystore", 614e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.getCertificate(TEST_ALIAS_2)); 615e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 616e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Certificate retrieved = mKeyStore.getCertificate(TEST_ALIAS_1); 617e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 618e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Retrieved certificate should not be null", retrieved); 619e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 620e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root CertificateFactory f = CertificateFactory.getInstance("X.509"); 621e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Certificate actual = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 622e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 623e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("Actual and retrieved certificates should be the same", actual, retrieved); 624e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 625e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 626e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetCertificate_NonExist_Failure() throws Exception { 627e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 628e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 629e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNull("Certificate should not exist in keystore", 630e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.getCertificate(TEST_ALIAS_1)); 631e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 632e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 633e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetCertificateAlias_CAEntry_Success() throws Exception { 634e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 635e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 636e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 637e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 638e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root CertificateFactory f = CertificateFactory.getInstance("X.509"); 639e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Certificate actual = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 640e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 641e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("Stored certificate alias should be found", TEST_ALIAS_1, 642e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.getCertificateAlias(actual)); 643e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 644e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 645e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetCertificateAlias_PrivateKeyEntry_Success() throws Exception { 646e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 647e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 648e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 649e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root FAKE_KEY_1)); 650e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 651e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 652e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 653e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root CertificateFactory f = CertificateFactory.getInstance("X.509"); 654e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Certificate actual = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 655e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 656e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("Stored certificate alias should be found", TEST_ALIAS_1, 657e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.getCertificateAlias(actual)); 658e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 659e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 660e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetCertificateAlias_CAEntry_WithPrivateKeyUsingCA_Success() 661e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root throws Exception { 662e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 663e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 664e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // Insert TrustedCertificateEntry with CA name 665e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_2, FAKE_CA_1)); 666e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 667e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // Insert PrivateKeyEntry that uses the same CA 668e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 669e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root FAKE_KEY_1)); 670e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 671e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 672e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 673e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root CertificateFactory f = CertificateFactory.getInstance("X.509"); 674e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Certificate actual = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 675e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 676e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("Stored certificate alias should be found", TEST_ALIAS_2, 677e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.getCertificateAlias(actual)); 678e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 679e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 680e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetCertificateAlias_NonExist_Empty_Failure() throws Exception { 681e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 682e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 683e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root CertificateFactory f = CertificateFactory.getInstance("X.509"); 684e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Certificate actual = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 685e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 686e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNull("Stored certificate alias should not be found", 687e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.getCertificateAlias(actual)); 688e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 689e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 690e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetCertificateAlias_NonExist_Failure() throws Exception { 691e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 692e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 693e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 694e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 695e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root CertificateFactory f = CertificateFactory.getInstance("X.509"); 696e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Certificate userCert = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 697e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 698e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNull("Stored certificate alias should be found", 699e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.getCertificateAlias(userCert)); 700e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 701e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 702e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetCertificateChain_SingleLength_Success() throws Exception { 703e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 704e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 705e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 706e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root FAKE_KEY_1)); 707e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 708e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 709e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 710e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root CertificateFactory cf = CertificateFactory.getInstance("X.509"); 711e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Certificate[] expected = new Certificate[2]; 712e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expected[0] = cf.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 713e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expected[1] = cf.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 714e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 715e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Certificate[] actual = mKeyStore.getCertificateChain(TEST_ALIAS_1); 716e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 717e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Returned certificate chain should not be null", actual); 718e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("Returned certificate chain should be correct size", expected.length, 719e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actual.length); 720e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("First certificate should be user certificate", expected[0], actual[0]); 721e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("Second certificate should be CA certificate", expected[1], actual[1]); 722e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 723e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // Negative test when keystore is populated. 724e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNull("Stored certificate alias should not be found", 725e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.getCertificateChain(TEST_ALIAS_2)); 726e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 727e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 728e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetCertificateChain_NonExist_Failure() throws Exception { 729e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 730e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 731e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNull("Stored certificate alias should not be found", 732e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.getCertificateChain(TEST_ALIAS_1)); 733e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 734e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 735e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetCreationDate_PrivateKeyEntry_Success() throws Exception { 736e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 737e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 738e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 739e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root FAKE_KEY_1)); 740e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 741e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 742e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 743e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Date now = new Date(); 744e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Date actual = mKeyStore.getCreationDate(TEST_ALIAS_1); 745e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 746e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Date expectedAfter = new Date(now.getTime() - SLOP_TIME_MILLIS); 747e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Date expectedBefore = new Date(now.getTime() + SLOP_TIME_MILLIS); 748e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 749e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Time should be close to current time", actual.before(expectedBefore)); 750e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Time should be close to current time", actual.after(expectedAfter)); 751e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 752e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 753e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetCreationDate_CAEntry_Success() throws Exception { 754e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 755e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 756e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 757e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 758e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Date now = new Date(); 759e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Date actual = mKeyStore.getCreationDate(TEST_ALIAS_1); 760e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Certificate should be found", actual); 761e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 762e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Date expectedAfter = new Date(now.getTime() - SLOP_TIME_MILLIS); 763e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Date expectedBefore = new Date(now.getTime() + SLOP_TIME_MILLIS); 764e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 765e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Time should be close to current time", actual.before(expectedBefore)); 766e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Time should be close to current time", actual.after(expectedAfter)); 767e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 768e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 769e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetEntry_NullParams_Success() throws Exception { 770e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 771e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 772e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 773e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root FAKE_KEY_1)); 774e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 775e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 776e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 777e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Entry entry = mKeyStore.getEntry(TEST_ALIAS_1, null); 778e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Entry should exist", entry); 779e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 780e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Should be a PrivateKeyEntry", entry instanceof PrivateKeyEntry); 781e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 782e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry keyEntry = (PrivateKeyEntry) entry; 783e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 784e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertPrivateKeyEntryEquals(keyEntry, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 785e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 786e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 787802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root @SuppressWarnings("unchecked") 788e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root private void assertPrivateKeyEntryEquals(PrivateKeyEntry keyEntry, byte[] key, byte[] cert, 789e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root byte[] ca) throws Exception { 790e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root KeyFactory keyFact = KeyFactory.getInstance("RSA"); 791e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(key)); 792e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 793e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root CertificateFactory certFact = CertificateFactory.getInstance("X.509"); 794e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Certificate expectedCert = certFact.generateCertificate(new ByteArrayInputStream(cert)); 795e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 796802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root final Collection<Certificate> expectedChain; 797802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root if (ca != null) { 798802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root expectedChain = (Collection<Certificate>) certFact 799802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root .generateCertificates(new ByteArrayInputStream(ca)); 800802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } else { 801802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root expectedChain = null; 802802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } 803802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 804802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root assertPrivateKeyEntryEquals(keyEntry, expectedKey, expectedCert, expectedChain); 805802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } 806802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 807802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root private void assertPrivateKeyEntryEquals(PrivateKeyEntry keyEntry, PrivateKey expectedKey, 808802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root Certificate expectedCert, Collection<Certificate> expectedChain) throws Exception { 809802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root assertEquals("Returned PrivateKey should be what we inserted", expectedKey, 810802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root keyEntry.getPrivateKey()); 811802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 812e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("Returned Certificate should be what we inserted", expectedCert, 813e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root keyEntry.getCertificate()); 814e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 815e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Certificate[] actualChain = keyEntry.getCertificateChain(); 816e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 817e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("First certificate in chain should be user cert", expectedCert, actualChain[0]); 818e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 819802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root if (expectedChain == null) { 820e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("Certificate chain should not include CAs", 1, actualChain.length); 821e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } else { 822e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root int i = 1; 823e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Iterator<Certificate> it = expectedChain.iterator(); 824e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root while (it.hasNext()) { 825e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("CA chain certificate should equal what we put in", it.next(), 826e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualChain[i++]); 827e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 828e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 829e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 830e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 831e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetEntry_Nonexistent_NullParams_Failure() throws Exception { 832e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 833e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 834e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNull("A non-existent entry should return null", 835e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.getEntry(TEST_ALIAS_1, null)); 836e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 837e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 838e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetKey_NoPassword_Success() throws Exception { 839e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 840e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 841e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 842e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root FAKE_KEY_1)); 843e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 844e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 845e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 846e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Key key = mKeyStore.getKey(TEST_ALIAS_1, null); 847e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Key should exist", key); 848e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 849e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Should be a RSAPrivateKey", key instanceof RSAPrivateKey); 850e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 851e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root RSAPrivateKey actualKey = (RSAPrivateKey) key; 852e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 853e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root KeyFactory keyFact = KeyFactory.getInstance("RSA"); 854e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 855e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 856e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("Inserted key should be same as retrieved key", actualKey, expectedKey); 857e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 858e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 859e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetKey_Certificate_Failure() throws Exception { 860e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 861e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 862e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 863e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 864e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNull("Certificate entries should return null", mKeyStore.getKey(TEST_ALIAS_1, null)); 865e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 866e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 867e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetKey_NonExistent_Failure() throws Exception { 868e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 869e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 870e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNull("A non-existent entry should return null", mKeyStore.getKey(TEST_ALIAS_1, null)); 871e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 872e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 873e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetProvider_Success() throws Exception { 874e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals(AndroidKeyStoreProvider.PROVIDER_NAME, mKeyStore.getProvider().getName()); 875e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 876e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 877e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_GetType_Success() throws Exception { 878e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals(AndroidKeyStore.NAME, mKeyStore.getType()); 879e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 880e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 881e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_IsCertificateEntry_CA_Success() throws Exception { 882e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 883e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 884e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 885e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 886e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Should return true for CA certificate", 887e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.isCertificateEntry(TEST_ALIAS_1)); 888e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 889e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 890e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_IsCertificateEntry_PrivateKey_Failure() throws Exception { 891e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 892e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 893e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 894e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root FAKE_KEY_1)); 895e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 896e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 897e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 898e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertFalse("Should return false for PrivateKeyEntry", 899e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.isCertificateEntry(TEST_ALIAS_1)); 900e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 901e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 902e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_IsCertificateEntry_NonExist_Failure() throws Exception { 903e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 904e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 905e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertFalse("Should return false for non-existent entry", 906e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.isCertificateEntry(TEST_ALIAS_1)); 907e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 908e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 909e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_IsKeyEntry_PrivateKey_Success() throws Exception { 910e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 911e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 912e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 913e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root FAKE_KEY_1)); 914e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 915e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 916e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 917e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Should return true for PrivateKeyEntry", mKeyStore.isKeyEntry(TEST_ALIAS_1)); 918e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 919e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 920e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_IsKeyEntry_CA_Failure() throws Exception { 921e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 922e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 923e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 924e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 925e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertFalse("Should return false for CA certificate", mKeyStore.isKeyEntry(TEST_ALIAS_1)); 926e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 927e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 928e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_IsKeyEntry_NonExist_Failure() throws Exception { 929e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 930e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 931e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertFalse("Should return false for non-existent entry", 932e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.isKeyEntry(TEST_ALIAS_1)); 933e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 934e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 935e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_SetCertificate_CA_Success() throws Exception { 936e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final CertificateFactory f = CertificateFactory.getInstance("X.509"); 937e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate actual = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 938e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 939e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 940e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 941e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setCertificateEntry(TEST_ALIAS_1, actual); 942e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { TEST_ALIAS_1 }); 943e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 944e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Certificate retrieved = mKeyStore.getCertificate(TEST_ALIAS_1); 945e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 946e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("Retrieved certificate should be the same as the one inserted", actual, 947e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root retrieved); 948e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 949e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 950e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_SetCertificate_CAExists_Overwrite_Success() throws Exception { 951e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 952e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 953e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 954e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 955e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { TEST_ALIAS_1 }); 956e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 957e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final CertificateFactory f = CertificateFactory.getInstance("X.509"); 958e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate cert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 959e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 960e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // TODO have separate FAKE_CA for second test 961e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setCertificateEntry(TEST_ALIAS_1, cert); 962e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 963e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { TEST_ALIAS_1 }); 964e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 965e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 966e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_SetCertificate_PrivateKeyExists_Failure() throws Exception { 967e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 968e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 969e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 970e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root FAKE_KEY_1)); 971e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 972e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 973e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 974e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { TEST_ALIAS_1 }); 975e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 976e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final CertificateFactory f = CertificateFactory.getInstance("X.509"); 977e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate cert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 978e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 979e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root try { 980e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setCertificateEntry(TEST_ALIAS_1, cert); 981e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root fail("Should throw when trying to overwrite a PrivateKey entry with a Certificate"); 982e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } catch (KeyStoreException success) { 983e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 984e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 985e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 986e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_SetEntry_PrivateKeyEntry_Success() throws Exception { 987e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 988e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 989e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root KeyFactory keyFact = KeyFactory.getInstance("RSA"); 990e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 991e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 992e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final CertificateFactory f = CertificateFactory.getInstance("X.509"); 993e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 994e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate[] expectedChain = new Certificate[2]; 995e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 996e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 997e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 998e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain); 999e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1000e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setEntry(TEST_ALIAS_1, expected, null); 1001e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1002e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1003e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Retrieved entry should exist", actualEntry); 1004e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1005e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1006e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualEntry instanceof PrivateKeyEntry); 1007e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1008e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry; 1009e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1010e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1011e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1012e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1013e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_PrivateKeyEntry_Success() 1014e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root throws Exception { 1015e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 1016e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1017e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1018e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final CertificateFactory f = CertificateFactory.getInstance("X.509"); 1019e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1020e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // Start with PrivateKeyEntry 1021e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root { 1022e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1023e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1024e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate[] expectedChain = new Certificate[2]; 1025e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1026e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1027e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1028e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain); 1029e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1030e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setEntry(TEST_ALIAS_1, expected, null); 1031e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1032e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1033e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Retrieved entry should exist", actualEntry); 1034e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1035e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1036e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualEntry instanceof PrivateKeyEntry); 1037e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1038e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry; 1039e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1040e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1041e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1042e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1043e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // TODO make entirely new test vector for the overwrite 1044e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // Replace with PrivateKeyEntry 1045e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root { 1046e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1047e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1048e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate[] expectedChain = new Certificate[2]; 1049e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1050e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1051e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1052e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain); 1053e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1054e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setEntry(TEST_ALIAS_1, expected, null); 1055e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1056e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1057e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Retrieved entry should exist", actualEntry); 1058e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1059e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1060e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualEntry instanceof PrivateKeyEntry); 1061e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1062e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry; 1063e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1064e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1065e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1066e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1067e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1068e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_SetEntry_CAEntry_Overwrites_PrivateKeyEntry_Success() throws Exception { 1069e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 1070e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1071e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final CertificateFactory f = CertificateFactory.getInstance("X.509"); 1072e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1073e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // Start with TrustedCertificateEntry 1074e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root { 1075e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1076e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1077e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root TrustedCertificateEntry expectedCertEntry = new TrustedCertificateEntry(caCert); 1078e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setEntry(TEST_ALIAS_1, expectedCertEntry, null); 1079e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1080e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1081e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Retrieved entry should exist", actualEntry); 1082e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Retrieved entry should be of type TrustedCertificateEntry", 1083e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualEntry instanceof TrustedCertificateEntry); 1084e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root TrustedCertificateEntry actualCertEntry = (TrustedCertificateEntry) actualEntry; 1085e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("Stored and retrieved certificates should be the same", 1086e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedCertEntry.getTrustedCertificate(), 1087e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualCertEntry.getTrustedCertificate()); 1088e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1089e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1090e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // Replace with PrivateKeyEntry 1091e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root { 1092e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1093e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1094e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate[] expectedChain = new Certificate[2]; 1095e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1096e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1097e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1098e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain); 1099e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1100e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null); 1101e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1102e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1103e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Retrieved entry should exist", actualEntry); 1104e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1105e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualEntry instanceof PrivateKeyEntry); 1106e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1107e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry; 1108e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertPrivateKeyEntryEquals(actualPrivEntry, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1109e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1110e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1111e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1112e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_CAEntry_Success() throws Exception { 1113e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 1114e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1115e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final CertificateFactory f = CertificateFactory.getInstance("X.509"); 1116e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1117e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1118e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1119e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // Start with PrivateKeyEntry 1120e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root { 1121e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1122e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1123e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate[] expectedChain = new Certificate[2]; 1124e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1125e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedChain[1] = caCert; 1126e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1127e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain); 1128e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1129e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null); 1130e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1131e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1132e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Retrieved entry should exist", actualEntry); 1133e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1134e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualEntry instanceof PrivateKeyEntry); 1135e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1136e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry; 1137e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertPrivateKeyEntryEquals(actualPrivEntry, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1138e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1139e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1140e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // Replace with TrustedCertificateEntry 1141e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root { 1142e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root TrustedCertificateEntry expectedCertEntry = new TrustedCertificateEntry(caCert); 1143e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setEntry(TEST_ALIAS_1, expectedCertEntry, null); 1144e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1145e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1146e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Retrieved entry should exist", actualEntry); 1147e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Retrieved entry should be of type TrustedCertificateEntry", 1148e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualEntry instanceof TrustedCertificateEntry); 1149e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root TrustedCertificateEntry actualCertEntry = (TrustedCertificateEntry) actualEntry; 1150e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("Stored and retrieved certificates should be the same", 1151e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedCertEntry.getTrustedCertificate(), 1152e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualCertEntry.getTrustedCertificate()); 1153e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1154e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1155e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1156e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_ShortPrivateKeyEntry_Success() 1157e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root throws Exception { 1158e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 1159e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1160e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final CertificateFactory f = CertificateFactory.getInstance("X.509"); 1161e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1162e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1163e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1164e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // Start with PrivateKeyEntry 1165e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root { 1166e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1167e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1168e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate[] expectedChain = new Certificate[2]; 1169e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1170e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedChain[1] = caCert; 1171e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1172e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain); 1173e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1174e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null); 1175e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1176e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1177e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Retrieved entry should exist", actualEntry); 1178e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1179e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualEntry instanceof PrivateKeyEntry); 1180e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1181e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry; 1182e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertPrivateKeyEntryEquals(actualPrivEntry, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1183e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1184e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1185e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // Replace with PrivateKeyEntry that has no chain 1186e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root { 1187e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1188e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1189e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate[] expectedChain = new Certificate[1]; 1190e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1191e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1192e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain); 1193e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1194e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null); 1195e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1196e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1197e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Retrieved entry should exist", actualEntry); 1198e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1199e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualEntry instanceof PrivateKeyEntry); 1200e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1201e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry; 1202e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertPrivateKeyEntryEquals(actualPrivEntry, FAKE_KEY_1, FAKE_USER_1, null); 1203e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1204e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1205e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1206e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_SetEntry_CAEntry_Overwrites_CAEntry_Success() throws Exception { 1207e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 1208e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1209e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final CertificateFactory f = CertificateFactory.getInstance("X.509"); 1210e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1211e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // Insert TrustedCertificateEntry 1212e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root { 1213e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1214e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1215e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root TrustedCertificateEntry expectedCertEntry = new TrustedCertificateEntry(caCert); 1216e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setEntry(TEST_ALIAS_1, expectedCertEntry, null); 1217e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1218e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1219e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Retrieved entry should exist", actualEntry); 1220e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Retrieved entry should be of type TrustedCertificateEntry", 1221e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualEntry instanceof TrustedCertificateEntry); 1222e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root TrustedCertificateEntry actualCertEntry = (TrustedCertificateEntry) actualEntry; 1223e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("Stored and retrieved certificates should be the same", 1224e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedCertEntry.getTrustedCertificate(), 1225e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualCertEntry.getTrustedCertificate()); 1226e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1227e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1228e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // Replace with TrustedCertificateEntry of USER 1229e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root { 1230e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate userCert = f 1231e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root .generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1232e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1233e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root TrustedCertificateEntry expectedUserEntry = new TrustedCertificateEntry(userCert); 1234e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setEntry(TEST_ALIAS_1, expectedUserEntry, null); 1235e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1236e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1237e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Retrieved entry should exist", actualEntry); 1238e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Retrieved entry should be of type TrustedCertificateEntry", 1239e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualEntry instanceof TrustedCertificateEntry); 1240e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root TrustedCertificateEntry actualUserEntry = (TrustedCertificateEntry) actualEntry; 1241e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("Stored and retrieved certificates should be the same", 1242e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root expectedUserEntry.getTrustedCertificate(), 1243e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualUserEntry.getTrustedCertificate()); 1244e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1245e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1246e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1247e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_SetKeyEntry_ProtectedKey_Failure() throws Exception { 1248e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 1249e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1250e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final CertificateFactory f = CertificateFactory.getInstance("X.509"); 1251e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1252e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1253e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1254e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1255e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1256e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate[] chain = new Certificate[2]; 1257e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1258e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root chain[1] = caCert; 1259e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1260e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root try { 1261e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, "foo".toCharArray(), chain); 1262e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root fail("Should fail when a password is specified"); 1263e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } catch (KeyStoreException success) { 1264e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1265e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1266e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1267e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_SetKeyEntry_Success() throws Exception { 1268e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 1269e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1270e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final CertificateFactory f = CertificateFactory.getInstance("X.509"); 1271e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1272e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1273e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1274e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1275e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1276e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate[] chain = new Certificate[2]; 1277e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1278e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root chain[1] = caCert; 1279e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1280e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, null, chain); 1281e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1282e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1283e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Retrieved entry should exist", actualEntry); 1284e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1285e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1286e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualEntry instanceof PrivateKeyEntry); 1287e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1288e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry; 1289e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1290e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1291e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1292e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1293e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_SetKeyEntry_Replaced_Success() throws Exception { 1294e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 1295e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1296e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final CertificateFactory f = CertificateFactory.getInstance("X.509"); 1297e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1298e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1299e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1300e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // Insert initial key 1301e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root { 1302e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1303e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1304e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate[] chain = new Certificate[2]; 1305e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1306e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root chain[1] = caCert; 1307e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1308e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, null, chain); 1309e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1310e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1311e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Retrieved entry should exist", actualEntry); 1312e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1313e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1314e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualEntry instanceof PrivateKeyEntry); 1315e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1316e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry; 1317e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1318e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1319e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1320e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1321e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // TODO make a separate key 1322e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root // Replace key 1323e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root { 1324e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1325e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1326e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root final Certificate[] chain = new Certificate[2]; 1327e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1328e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root chain[1] = caCert; 1329e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1330e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, null, chain); 1331e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1332e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1333e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertNotNull("Retrieved entry should exist", actualEntry); 1334e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1335e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1336e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root actualEntry instanceof PrivateKeyEntry); 1337e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1338e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry; 1339e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1340e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1341e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1342e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1343e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1344802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root @SuppressWarnings("deprecation") 1345802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root private static X509Certificate generateCertificate(android.security.KeyStore keyStore, 1346802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root String alias, BigInteger serialNumber, X500Principal subjectDN, Date notBefore, 1347802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root Date notAfter) throws Exception { 1348802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root final String privateKeyAlias = Credentials.USER_PRIVATE_KEY + alias; 1349802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1350802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root final PrivateKey privKey; 1351802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root final OpenSSLEngine engine = OpenSSLEngine.getInstance("keystore"); 1352802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root try { 1353802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root privKey = engine.getPrivateKeyById(privateKeyAlias); 1354802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } catch (InvalidKeyException e) { 1355802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root throw new RuntimeException("Can't get key", e); 1356802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } 1357802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1358802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root final byte[] pubKeyBytes = keyStore.getPubkey(privateKeyAlias); 1359802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1360802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root final PublicKey pubKey; 1361802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root try { 1362802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root final KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1363802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root pubKey = keyFact.generatePublic(new X509EncodedKeySpec(pubKeyBytes)); 1364802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } catch (NoSuchAlgorithmException e) { 1365802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root throw new IllegalStateException("Can't instantiate RSA key generator", e); 1366802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } catch (InvalidKeySpecException e) { 1367802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root throw new IllegalStateException("keystore returned invalid key encoding", e); 1368802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } 1369802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1370802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root final X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); 1371802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root certGen.setPublicKey(pubKey); 1372802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root certGen.setSerialNumber(serialNumber); 1373802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root certGen.setSubjectDN(subjectDN); 1374802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root certGen.setIssuerDN(subjectDN); 1375802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root certGen.setNotBefore(notBefore); 1376802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root certGen.setNotAfter(notAfter); 1377802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root certGen.setSignatureAlgorithm("sha1WithRSA"); 1378802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1379802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root final X509Certificate cert = certGen.generate(privKey); 1380802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1381802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root return cert; 1382802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } 1383802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1384802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root public void testKeyStore_SetKeyEntry_ReplacedChain_Success() throws Exception { 1385802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root mKeyStore.load(null, null); 1386802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1387802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root // Create key #1 1388802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root { 1389802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root final String privateKeyAlias = Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1; 1390802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root assertTrue(mAndroidKeyStore.generate(privateKeyAlias)); 1391802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1392802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root Key key = mKeyStore.getKey(TEST_ALIAS_1, null); 1393802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1394802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root assertTrue(key instanceof PrivateKey); 1395802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1396802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root PrivateKey expectedKey = (PrivateKey) key; 1397802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1398802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root X509Certificate expectedCert = generateCertificate(mAndroidKeyStore, TEST_ALIAS_1, 1399802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root TEST_SERIAL_1, TEST_DN_1, NOW, NOW_PLUS_10_YEARS); 1400802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1401802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, 1402802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root expectedCert.getEncoded())); 1403802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1404802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root Entry entry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1405802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1406802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root assertTrue(entry instanceof PrivateKeyEntry); 1407802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1408802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root PrivateKeyEntry keyEntry = (PrivateKeyEntry) entry; 1409802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1410802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root assertPrivateKeyEntryEquals(keyEntry, expectedKey, expectedCert, null); 1411802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } 1412802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1413802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root // Replace key #1 with new chain 1414802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root { 1415802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root Key key = mKeyStore.getKey(TEST_ALIAS_1, null); 1416802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1417802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root assertTrue(key instanceof PrivateKey); 1418802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1419802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root PrivateKey expectedKey = (PrivateKey) key; 1420802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1421802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root X509Certificate expectedCert = generateCertificate(mAndroidKeyStore, TEST_ALIAS_1, 1422802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root TEST_SERIAL_2, TEST_DN_2, NOW, NOW_PLUS_10_YEARS); 1423802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1424802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root mKeyStore.setKeyEntry(TEST_ALIAS_1, expectedKey, null, 1425802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root new Certificate[] { expectedCert }); 1426802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1427802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root Entry entry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1428802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1429802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root assertTrue(entry instanceof PrivateKeyEntry); 1430802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1431802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root PrivateKeyEntry keyEntry = (PrivateKeyEntry) entry; 1432802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1433802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root assertPrivateKeyEntryEquals(keyEntry, expectedKey, expectedCert, null); 1434802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } 1435802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } 1436802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1437802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root public void testKeyStore_SetKeyEntry_ReplacedChain_DifferentPrivateKey_Failure() 1438802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root throws Exception { 1439802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root mKeyStore.load(null, null); 1440802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1441802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root // Create key #1 1442802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root { 1443802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root final String privateKeyAlias = Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1; 1444802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root assertTrue(mAndroidKeyStore.generate(privateKeyAlias)); 1445802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1446802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root X509Certificate cert = generateCertificate(mAndroidKeyStore, TEST_ALIAS_1, 1447802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root TEST_SERIAL_1, TEST_DN_1, NOW, NOW_PLUS_10_YEARS); 1448802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1449802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, 1450802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root cert.getEncoded())); 1451802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } 1452802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1453802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root // Create key #2 1454802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root { 1455802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root final String privateKeyAlias = Credentials.USER_PRIVATE_KEY + TEST_ALIAS_2; 1456802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root assertTrue(mAndroidKeyStore.generate(privateKeyAlias)); 1457802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1458802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root X509Certificate cert = generateCertificate(mAndroidKeyStore, TEST_ALIAS_2, 1459802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root TEST_SERIAL_2, TEST_DN_2, NOW, NOW_PLUS_10_YEARS); 1460802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1461802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_2, 1462802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root cert.getEncoded())); 1463802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } 1464802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1465802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root // Replace key #1 with key #2 1466802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root { 1467802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root Key key1 = mKeyStore.getKey(TEST_ALIAS_2, null); 1468802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1469802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root X509Certificate cert = generateCertificate(mAndroidKeyStore, TEST_ALIAS_2, 1470802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root TEST_SERIAL_2, TEST_DN_2, NOW, NOW_PLUS_10_YEARS); 1471802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1472802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root try { 1473802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root mKeyStore.setKeyEntry(TEST_ALIAS_1, key1, null, new Certificate[] { cert }); 1474802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root fail("Should not allow setting of KeyEntry with wrong PrivaetKey"); 1475802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } catch (KeyStoreException success) { 1476802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } 1477802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } 1478802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root } 1479802768dd86c4e8a933dbfbac2e9f1a1daa5f93faKenny Root 1480e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_Size_Success() throws Exception { 1481e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 1482e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1483e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 1484e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1485e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("The keystore size should match expected", 1, mKeyStore.size()); 1486e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { TEST_ALIAS_1 }); 1487e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1488e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_2, FAKE_CA_1)); 1489e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1490e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("The keystore size should match expected", 2, mKeyStore.size()); 1491e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { TEST_ALIAS_1, TEST_ALIAS_2 }); 1492e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1493e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.generate(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_3)); 1494e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1495e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("The keystore size should match expected", 3, mKeyStore.size()); 1496e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { TEST_ALIAS_1, TEST_ALIAS_2, TEST_ALIAS_3 }); 1497e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1498e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.delete(Credentials.CA_CERTIFICATE + TEST_ALIAS_1)); 1499e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1500e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("The keystore size should match expected", 2, mKeyStore.size()); 1501e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { TEST_ALIAS_2, TEST_ALIAS_3 }); 1502e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1503e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertTrue(mAndroidKeyStore.delKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_3)); 1504e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1505e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertEquals("The keystore size should match expected", 1, mKeyStore.size()); 1506e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root assertAliases(new String[] { TEST_ALIAS_2 }); 1507e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1508e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1509e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_Store_LoadStoreParam_Failure() throws Exception { 1510e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 1511e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1512e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root try { 1513e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.store(null); 1514e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root fail("Should throw UnsupportedOperationException when trying to store"); 1515e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } catch (UnsupportedOperationException success) { 1516e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1517e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1518e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1519e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_Load_InputStreamSupplied_Failure() throws Exception { 1520e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root byte[] buf = "FAKE KEYSTORE".getBytes(); 1521e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root ByteArrayInputStream is = new ByteArrayInputStream(buf); 1522e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1523e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root try { 1524e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(is, null); 1525e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root fail("Should throw IllegalArgumentException when InputStream is supplied"); 1526e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } catch (IllegalArgumentException success) { 1527e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1528e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1529e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1530e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_Load_PasswordSupplied_Failure() throws Exception { 1531e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root try { 1532e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, "password".toCharArray()); 1533e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root fail("Should throw IllegalArgumentException when password is supplied"); 1534e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } catch (IllegalArgumentException success) { 1535e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1536e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1537e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1538e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root public void testKeyStore_Store_OutputStream_Failure() throws Exception { 1539e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.load(null, null); 1540e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1541e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root OutputStream sink = new ByteArrayOutputStream(); 1542e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root try { 1543e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.store(sink, null); 1544e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root fail("Should throw UnsupportedOperationException when trying to store"); 1545e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } catch (UnsupportedOperationException success) { 1546e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1547e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root 1548e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root try { 1549e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root mKeyStore.store(sink, "blah".toCharArray()); 1550e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root fail("Should throw UnsupportedOperationException when trying to store"); 1551e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } catch (UnsupportedOperationException success) { 1552e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1553e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root } 1554e29df16cb57b69995df597e8a6d95d986c1c43fcKenny Root} 1555