AndroidKeyStoreTest.java revision e29df16cb57b69995df597e8a6d95d986c1c43fc
1/* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package android.security; 18 19import android.test.AndroidTestCase; 20 21import java.io.ByteArrayInputStream; 22import java.io.ByteArrayOutputStream; 23import java.io.IOException; 24import java.io.OutputStream; 25import java.security.Key; 26import java.security.KeyFactory; 27import java.security.KeyStore.Entry; 28import java.security.KeyStore.PrivateKeyEntry; 29import java.security.KeyStore.TrustedCertificateEntry; 30import java.security.KeyStoreException; 31import java.security.NoSuchAlgorithmException; 32import java.security.PrivateKey; 33import java.security.cert.Certificate; 34import java.security.cert.CertificateException; 35import java.security.cert.CertificateFactory; 36import java.security.interfaces.RSAPrivateKey; 37import java.security.spec.InvalidKeySpecException; 38import java.security.spec.PKCS8EncodedKeySpec; 39import java.util.Arrays; 40import java.util.Collection; 41import java.util.Date; 42import java.util.Enumeration; 43import java.util.HashSet; 44import java.util.Iterator; 45import java.util.Set; 46 47public class AndroidKeyStoreTest extends AndroidTestCase { 48 private android.security.KeyStore mAndroidKeyStore; 49 50 private java.security.KeyStore mKeyStore; 51 52 private static final String TEST_ALIAS_1 = "test1"; 53 54 private static final String TEST_ALIAS_2 = "test2"; 55 56 private static final String TEST_ALIAS_3 = "test3"; 57 58 /* 59 * The keys and certificates below are generated with: 60 * 61 * openssl req -new -x509 -days 3650 -extensions v3_ca -keyout cakey.pem -out cacert.pem 62 * openssl req -newkey rsa:1024 -keyout userkey.pem -nodes -days 3650 -out userkey.req 63 * mkdir -p demoCA/newcerts 64 * touch demoCA/index.txt 65 * echo "01" > demoCA/serial 66 * openssl ca -out usercert.pem -in userkey.req -cert cacert.pem -keyfile cakey.pem -days 3650 67 */ 68 69 /** 70 * Generated from above and converted with: 71 * 72 * openssl x509 -outform d -in cacert.pem | xxd -i | sed 's/0x/(byte) 0x/g' 73 */ 74 private static final byte[] FAKE_CA_1 = { 75 (byte) 0x30, (byte) 0x82, (byte) 0x02, (byte) 0xce, (byte) 0x30, (byte) 0x82, 76 (byte) 0x02, (byte) 0x37, (byte) 0xa0, (byte) 0x03, (byte) 0x02, (byte) 0x01, 77 (byte) 0x02, (byte) 0x02, (byte) 0x09, (byte) 0x00, (byte) 0xe1, (byte) 0x6a, 78 (byte) 0xa2, (byte) 0xf4, (byte) 0x2e, (byte) 0x55, (byte) 0x48, (byte) 0x0a, 79 (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86, 80 (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, 81 (byte) 0x05, (byte) 0x05, (byte) 0x00, (byte) 0x30, (byte) 0x4f, (byte) 0x31, 82 (byte) 0x0b, (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, 83 (byte) 0x04, (byte) 0x06, (byte) 0x13, (byte) 0x02, (byte) 0x55, (byte) 0x53, 84 (byte) 0x31, (byte) 0x0b, (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, 85 (byte) 0x55, (byte) 0x04, (byte) 0x08, (byte) 0x13, (byte) 0x02, (byte) 0x43, 86 (byte) 0x41, (byte) 0x31, (byte) 0x16, (byte) 0x30, (byte) 0x14, (byte) 0x06, 87 (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x07, (byte) 0x13, (byte) 0x0d, 88 (byte) 0x4d, (byte) 0x6f, (byte) 0x75, (byte) 0x6e, (byte) 0x74, (byte) 0x61, 89 (byte) 0x69, (byte) 0x6e, (byte) 0x20, (byte) 0x56, (byte) 0x69, (byte) 0x65, 90 (byte) 0x77, (byte) 0x31, (byte) 0x1b, (byte) 0x30, (byte) 0x19, (byte) 0x06, 91 (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x0a, (byte) 0x13, (byte) 0x12, 92 (byte) 0x41, (byte) 0x6e, (byte) 0x64, (byte) 0x72, (byte) 0x6f, (byte) 0x69, 93 (byte) 0x64, (byte) 0x20, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, 94 (byte) 0x20, (byte) 0x43, (byte) 0x61, (byte) 0x73, (byte) 0x65, (byte) 0x73, 95 (byte) 0x30, (byte) 0x1e, (byte) 0x17, (byte) 0x0d, (byte) 0x31, (byte) 0x32, 96 (byte) 0x30, (byte) 0x38, (byte) 0x31, (byte) 0x34, (byte) 0x31, (byte) 0x36, 97 (byte) 0x35, (byte) 0x35, (byte) 0x34, (byte) 0x34, (byte) 0x5a, (byte) 0x17, 98 (byte) 0x0d, (byte) 0x32, (byte) 0x32, (byte) 0x30, (byte) 0x38, (byte) 0x31, 99 (byte) 0x32, (byte) 0x31, (byte) 0x36, (byte) 0x35, (byte) 0x35, (byte) 0x34, 100 (byte) 0x34, (byte) 0x5a, (byte) 0x30, (byte) 0x4f, (byte) 0x31, (byte) 0x0b, 101 (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, 102 (byte) 0x06, (byte) 0x13, (byte) 0x02, (byte) 0x55, (byte) 0x53, (byte) 0x31, 103 (byte) 0x0b, (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, 104 (byte) 0x04, (byte) 0x08, (byte) 0x13, (byte) 0x02, (byte) 0x43, (byte) 0x41, 105 (byte) 0x31, (byte) 0x16, (byte) 0x30, (byte) 0x14, (byte) 0x06, (byte) 0x03, 106 (byte) 0x55, (byte) 0x04, (byte) 0x07, (byte) 0x13, (byte) 0x0d, (byte) 0x4d, 107 (byte) 0x6f, (byte) 0x75, (byte) 0x6e, (byte) 0x74, (byte) 0x61, (byte) 0x69, 108 (byte) 0x6e, (byte) 0x20, (byte) 0x56, (byte) 0x69, (byte) 0x65, (byte) 0x77, 109 (byte) 0x31, (byte) 0x1b, (byte) 0x30, (byte) 0x19, (byte) 0x06, (byte) 0x03, 110 (byte) 0x55, (byte) 0x04, (byte) 0x0a, (byte) 0x13, (byte) 0x12, (byte) 0x41, 111 (byte) 0x6e, (byte) 0x64, (byte) 0x72, (byte) 0x6f, (byte) 0x69, (byte) 0x64, 112 (byte) 0x20, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x20, 113 (byte) 0x43, (byte) 0x61, (byte) 0x73, (byte) 0x65, (byte) 0x73, (byte) 0x30, 114 (byte) 0x81, (byte) 0x9f, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, 115 (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, 116 (byte) 0x01, (byte) 0x01, (byte) 0x01, (byte) 0x05, (byte) 0x00, (byte) 0x03, 117 (byte) 0x81, (byte) 0x8d, (byte) 0x00, (byte) 0x30, (byte) 0x81, (byte) 0x89, 118 (byte) 0x02, (byte) 0x81, (byte) 0x81, (byte) 0x00, (byte) 0xa3, (byte) 0x72, 119 (byte) 0xab, (byte) 0xd0, (byte) 0xe4, (byte) 0xad, (byte) 0x2f, (byte) 0xe7, 120 (byte) 0xe2, (byte) 0x79, (byte) 0x07, (byte) 0x36, (byte) 0x3d, (byte) 0x0c, 121 (byte) 0x8d, (byte) 0x42, (byte) 0x9a, (byte) 0x0a, (byte) 0x33, (byte) 0x64, 122 (byte) 0xb3, (byte) 0xcd, (byte) 0xb2, (byte) 0xd7, (byte) 0x3a, (byte) 0x42, 123 (byte) 0x06, (byte) 0x77, (byte) 0x45, (byte) 0x29, (byte) 0xe9, (byte) 0xcb, 124 (byte) 0xb7, (byte) 0x4a, (byte) 0xd6, (byte) 0xee, (byte) 0xad, (byte) 0x01, 125 (byte) 0x91, (byte) 0x9b, (byte) 0x0c, (byte) 0x59, (byte) 0xa1, (byte) 0x03, 126 (byte) 0xfa, (byte) 0xf0, (byte) 0x5a, (byte) 0x7c, (byte) 0x4f, (byte) 0xf7, 127 (byte) 0x8d, (byte) 0x36, (byte) 0x0f, (byte) 0x1f, (byte) 0x45, (byte) 0x7d, 128 (byte) 0x1b, (byte) 0x31, (byte) 0xa1, (byte) 0x35, (byte) 0x0b, (byte) 0x00, 129 (byte) 0xed, (byte) 0x7a, (byte) 0xb6, (byte) 0xc8, (byte) 0x4e, (byte) 0xa9, 130 (byte) 0x86, (byte) 0x4c, (byte) 0x7b, (byte) 0x99, (byte) 0x57, (byte) 0x41, 131 (byte) 0x12, (byte) 0xef, (byte) 0x6b, (byte) 0xbc, (byte) 0x3d, (byte) 0x60, 132 (byte) 0xf2, (byte) 0x99, (byte) 0x1a, (byte) 0xcd, (byte) 0xed, (byte) 0x56, 133 (byte) 0xa4, (byte) 0xe5, (byte) 0x36, (byte) 0x9f, (byte) 0x24, (byte) 0x1f, 134 (byte) 0xdc, (byte) 0x89, (byte) 0x40, (byte) 0xc8, (byte) 0x99, (byte) 0x92, 135 (byte) 0xab, (byte) 0x4a, (byte) 0xb5, (byte) 0x61, (byte) 0x45, (byte) 0x62, 136 (byte) 0xff, (byte) 0xa3, (byte) 0x45, (byte) 0x65, (byte) 0xaf, (byte) 0xf6, 137 (byte) 0x27, (byte) 0x30, (byte) 0x51, (byte) 0x0e, (byte) 0x0e, (byte) 0xeb, 138 (byte) 0x79, (byte) 0x0c, (byte) 0xbe, (byte) 0xb3, (byte) 0x0a, (byte) 0x6f, 139 (byte) 0x29, (byte) 0x06, (byte) 0xdc, (byte) 0x2f, (byte) 0x6b, (byte) 0x51, 140 (byte) 0x02, (byte) 0x03, (byte) 0x01, (byte) 0x00, (byte) 0x01, (byte) 0xa3, 141 (byte) 0x81, (byte) 0xb1, (byte) 0x30, (byte) 0x81, (byte) 0xae, (byte) 0x30, 142 (byte) 0x1d, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x0e, 143 (byte) 0x04, (byte) 0x16, (byte) 0x04, (byte) 0x14, (byte) 0x33, (byte) 0x05, 144 (byte) 0xee, (byte) 0xfe, (byte) 0x6f, (byte) 0x60, (byte) 0xc7, (byte) 0xf9, 145 (byte) 0xa9, (byte) 0xd2, (byte) 0x73, (byte) 0x5c, (byte) 0x8f, (byte) 0x6d, 146 (byte) 0xa2, (byte) 0x2f, (byte) 0x97, (byte) 0x8e, (byte) 0x5d, (byte) 0x51, 147 (byte) 0x30, (byte) 0x7f, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, 148 (byte) 0x23, (byte) 0x04, (byte) 0x78, (byte) 0x30, (byte) 0x76, (byte) 0x80, 149 (byte) 0x14, (byte) 0x33, (byte) 0x05, (byte) 0xee, (byte) 0xfe, (byte) 0x6f, 150 (byte) 0x60, (byte) 0xc7, (byte) 0xf9, (byte) 0xa9, (byte) 0xd2, (byte) 0x73, 151 (byte) 0x5c, (byte) 0x8f, (byte) 0x6d, (byte) 0xa2, (byte) 0x2f, (byte) 0x97, 152 (byte) 0x8e, (byte) 0x5d, (byte) 0x51, (byte) 0xa1, (byte) 0x53, (byte) 0xa4, 153 (byte) 0x51, (byte) 0x30, (byte) 0x4f, (byte) 0x31, (byte) 0x0b, (byte) 0x30, 154 (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x06, 155 (byte) 0x13, (byte) 0x02, (byte) 0x55, (byte) 0x53, (byte) 0x31, (byte) 0x0b, 156 (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, 157 (byte) 0x08, (byte) 0x13, (byte) 0x02, (byte) 0x43, (byte) 0x41, (byte) 0x31, 158 (byte) 0x16, (byte) 0x30, (byte) 0x14, (byte) 0x06, (byte) 0x03, (byte) 0x55, 159 (byte) 0x04, (byte) 0x07, (byte) 0x13, (byte) 0x0d, (byte) 0x4d, (byte) 0x6f, 160 (byte) 0x75, (byte) 0x6e, (byte) 0x74, (byte) 0x61, (byte) 0x69, (byte) 0x6e, 161 (byte) 0x20, (byte) 0x56, (byte) 0x69, (byte) 0x65, (byte) 0x77, (byte) 0x31, 162 (byte) 0x1b, (byte) 0x30, (byte) 0x19, (byte) 0x06, (byte) 0x03, (byte) 0x55, 163 (byte) 0x04, (byte) 0x0a, (byte) 0x13, (byte) 0x12, (byte) 0x41, (byte) 0x6e, 164 (byte) 0x64, (byte) 0x72, (byte) 0x6f, (byte) 0x69, (byte) 0x64, (byte) 0x20, 165 (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x20, (byte) 0x43, 166 (byte) 0x61, (byte) 0x73, (byte) 0x65, (byte) 0x73, (byte) 0x82, (byte) 0x09, 167 (byte) 0x00, (byte) 0xe1, (byte) 0x6a, (byte) 0xa2, (byte) 0xf4, (byte) 0x2e, 168 (byte) 0x55, (byte) 0x48, (byte) 0x0a, (byte) 0x30, (byte) 0x0c, (byte) 0x06, 169 (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x13, (byte) 0x04, (byte) 0x05, 170 (byte) 0x30, (byte) 0x03, (byte) 0x01, (byte) 0x01, (byte) 0xff, (byte) 0x30, 171 (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86, (byte) 0x48, 172 (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x05, 173 (byte) 0x05, (byte) 0x00, (byte) 0x03, (byte) 0x81, (byte) 0x81, (byte) 0x00, 174 (byte) 0x8c, (byte) 0x30, (byte) 0x42, (byte) 0xfa, (byte) 0xeb, (byte) 0x1a, 175 (byte) 0x26, (byte) 0xeb, (byte) 0xda, (byte) 0x56, (byte) 0x32, (byte) 0xf2, 176 (byte) 0x9d, (byte) 0xa5, (byte) 0x24, (byte) 0xd8, (byte) 0x3a, (byte) 0xda, 177 (byte) 0x30, (byte) 0xa6, (byte) 0x8b, (byte) 0x46, (byte) 0xfe, (byte) 0xfe, 178 (byte) 0xdb, (byte) 0xf1, (byte) 0xe6, (byte) 0xe1, (byte) 0x7c, (byte) 0x1b, 179 (byte) 0xe7, (byte) 0x77, (byte) 0x00, (byte) 0xa1, (byte) 0x1c, (byte) 0x19, 180 (byte) 0x17, (byte) 0x73, (byte) 0xb0, (byte) 0xf0, (byte) 0x9d, (byte) 0xf3, 181 (byte) 0x4f, (byte) 0xb6, (byte) 0xbc, (byte) 0xc7, (byte) 0x47, (byte) 0x85, 182 (byte) 0x2a, (byte) 0x4a, (byte) 0xa1, (byte) 0xa5, (byte) 0x58, (byte) 0xf5, 183 (byte) 0xc5, (byte) 0x1a, (byte) 0x51, (byte) 0xb1, (byte) 0x04, (byte) 0x80, 184 (byte) 0xee, (byte) 0x3a, (byte) 0xec, (byte) 0x2f, (byte) 0xe1, (byte) 0xfd, 185 (byte) 0x58, (byte) 0xeb, (byte) 0xed, (byte) 0x82, (byte) 0x9e, (byte) 0x38, 186 (byte) 0xa3, (byte) 0x24, (byte) 0x75, (byte) 0xf7, (byte) 0x3e, (byte) 0xc2, 187 (byte) 0xc5, (byte) 0x27, (byte) 0xeb, (byte) 0x6f, (byte) 0x7b, (byte) 0x50, 188 (byte) 0xda, (byte) 0x43, (byte) 0xdc, (byte) 0x3b, (byte) 0x0b, (byte) 0x6f, 189 (byte) 0x78, (byte) 0x8f, (byte) 0xb0, (byte) 0x66, (byte) 0xe1, (byte) 0x12, 190 (byte) 0x87, (byte) 0x5f, (byte) 0x97, (byte) 0x7b, (byte) 0xca, (byte) 0x14, 191 (byte) 0x79, (byte) 0xf7, (byte) 0xe8, (byte) 0x6c, (byte) 0x72, (byte) 0xdb, 192 (byte) 0x91, (byte) 0x65, (byte) 0x17, (byte) 0x54, (byte) 0xe0, (byte) 0x74, 193 (byte) 0x1d, (byte) 0xac, (byte) 0x47, (byte) 0x04, (byte) 0x12, (byte) 0xe0, 194 (byte) 0xc3, (byte) 0x66, (byte) 0x19, (byte) 0x05, (byte) 0x2e, (byte) 0x7e, 195 (byte) 0xf1, (byte) 0x61 196 }; 197 198 /** 199 * Generated from above and converted with: 200 * 201 * openssl pkcs8 -topk8 -outform d -in userkey.pem -nocrypt | xxd -i | sed 's/0x/(byte) 0x/g' 202 */ 203 private static final byte[] FAKE_KEY_1 = new byte[] { 204 (byte) 0x30, (byte) 0x82, (byte) 0x02, (byte) 0x78, (byte) 0x02, (byte) 0x01, 205 (byte) 0x00, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, 206 (byte) 0x86, (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, 207 (byte) 0x01, (byte) 0x01, (byte) 0x05, (byte) 0x00, (byte) 0x04, (byte) 0x82, 208 (byte) 0x02, (byte) 0x62, (byte) 0x30, (byte) 0x82, (byte) 0x02, (byte) 0x5e, 209 (byte) 0x02, (byte) 0x01, (byte) 0x00, (byte) 0x02, (byte) 0x81, (byte) 0x81, 210 (byte) 0x00, (byte) 0xce, (byte) 0x29, (byte) 0xeb, (byte) 0xf6, (byte) 0x5b, 211 (byte) 0x25, (byte) 0xdc, (byte) 0xa1, (byte) 0xa6, (byte) 0x2c, (byte) 0x66, 212 (byte) 0xcb, (byte) 0x20, (byte) 0x90, (byte) 0x27, (byte) 0x86, (byte) 0x8a, 213 (byte) 0x44, (byte) 0x71, (byte) 0x50, (byte) 0xda, (byte) 0xd3, (byte) 0x02, 214 (byte) 0x77, (byte) 0x55, (byte) 0xe9, (byte) 0xe8, (byte) 0x08, (byte) 0xf3, 215 (byte) 0x36, (byte) 0x9a, (byte) 0xae, (byte) 0xab, (byte) 0x04, (byte) 0x6d, 216 (byte) 0x00, (byte) 0x99, (byte) 0xbf, (byte) 0x7d, (byte) 0x0f, (byte) 0x67, 217 (byte) 0x8b, (byte) 0x1d, (byte) 0xd4, (byte) 0x2b, (byte) 0x7c, (byte) 0xcb, 218 (byte) 0xcd, (byte) 0x33, (byte) 0xc7, (byte) 0x84, (byte) 0x30, (byte) 0xe2, 219 (byte) 0x45, (byte) 0x21, (byte) 0xb3, (byte) 0x75, (byte) 0xf5, (byte) 0x79, 220 (byte) 0x02, (byte) 0xda, (byte) 0x50, (byte) 0xa3, (byte) 0x8b, (byte) 0xce, 221 (byte) 0xc3, (byte) 0x8e, (byte) 0x0f, (byte) 0x25, (byte) 0xeb, (byte) 0x08, 222 (byte) 0x2c, (byte) 0xdd, (byte) 0x1c, (byte) 0xcf, (byte) 0xff, (byte) 0x3b, 223 (byte) 0xde, (byte) 0xb6, (byte) 0xaa, (byte) 0x2a, (byte) 0xa9, (byte) 0xc4, 224 (byte) 0x8a, (byte) 0x24, (byte) 0x24, (byte) 0xe6, (byte) 0x29, (byte) 0x0d, 225 (byte) 0x98, (byte) 0x4c, (byte) 0x32, (byte) 0xa1, (byte) 0x7b, (byte) 0x23, 226 (byte) 0x2b, (byte) 0x42, (byte) 0x30, (byte) 0xee, (byte) 0x78, (byte) 0x08, 227 (byte) 0x47, (byte) 0xad, (byte) 0xf2, (byte) 0x96, (byte) 0xd5, (byte) 0xf1, 228 (byte) 0x62, (byte) 0x42, (byte) 0x2d, (byte) 0x35, (byte) 0x19, (byte) 0xb4, 229 (byte) 0x3c, (byte) 0xc9, (byte) 0xc3, (byte) 0x5f, (byte) 0x03, (byte) 0x16, 230 (byte) 0x3a, (byte) 0x23, (byte) 0xac, (byte) 0xcb, (byte) 0xce, (byte) 0x9e, 231 (byte) 0x51, (byte) 0x2e, (byte) 0x6d, (byte) 0x02, (byte) 0x03, (byte) 0x01, 232 (byte) 0x00, (byte) 0x01, (byte) 0x02, (byte) 0x81, (byte) 0x80, (byte) 0x16, 233 (byte) 0x59, (byte) 0xc3, (byte) 0x24, (byte) 0x1d, (byte) 0x33, (byte) 0x98, 234 (byte) 0x9c, (byte) 0xc9, (byte) 0xc8, (byte) 0x2c, (byte) 0x88, (byte) 0xbf, 235 (byte) 0x0a, (byte) 0x01, (byte) 0xce, (byte) 0xfb, (byte) 0x34, (byte) 0x7a, 236 (byte) 0x58, (byte) 0x7a, (byte) 0xb0, (byte) 0xbf, (byte) 0xa6, (byte) 0xb2, 237 (byte) 0x60, (byte) 0xbe, (byte) 0x70, (byte) 0x21, (byte) 0xf5, (byte) 0xfc, 238 (byte) 0x85, (byte) 0x0d, (byte) 0x33, (byte) 0x58, (byte) 0xa1, (byte) 0xe5, 239 (byte) 0x09, (byte) 0x36, (byte) 0x84, (byte) 0xb2, (byte) 0x04, (byte) 0x0a, 240 (byte) 0x02, (byte) 0xd3, (byte) 0x88, (byte) 0x1f, (byte) 0x0c, (byte) 0x2b, 241 (byte) 0x1d, (byte) 0xe9, (byte) 0x3d, (byte) 0xe7, (byte) 0x79, (byte) 0xf9, 242 (byte) 0x32, (byte) 0x5c, (byte) 0x8a, (byte) 0x75, (byte) 0x49, (byte) 0x12, 243 (byte) 0xe4, (byte) 0x05, (byte) 0x26, (byte) 0xd4, (byte) 0x2e, (byte) 0x9e, 244 (byte) 0x1f, (byte) 0xcc, (byte) 0x54, (byte) 0xad, (byte) 0x33, (byte) 0x8d, 245 (byte) 0x99, (byte) 0x00, (byte) 0xdc, (byte) 0xf5, (byte) 0xb4, (byte) 0xa2, 246 (byte) 0x2f, (byte) 0xba, (byte) 0xe5, (byte) 0x62, (byte) 0x30, (byte) 0x6d, 247 (byte) 0xe6, (byte) 0x3d, (byte) 0xeb, (byte) 0x24, (byte) 0xc2, (byte) 0xdc, 248 (byte) 0x5f, (byte) 0xb7, (byte) 0x16, (byte) 0x35, (byte) 0xa3, (byte) 0x98, 249 (byte) 0x98, (byte) 0xa8, (byte) 0xef, (byte) 0xe8, (byte) 0xc4, (byte) 0x96, 250 (byte) 0x6d, (byte) 0x38, (byte) 0xab, (byte) 0x26, (byte) 0x6d, (byte) 0x30, 251 (byte) 0xc2, (byte) 0xa0, (byte) 0x44, (byte) 0xe4, (byte) 0xff, (byte) 0x7e, 252 (byte) 0xbe, (byte) 0x7c, (byte) 0x33, (byte) 0xa5, (byte) 0x10, (byte) 0xad, 253 (byte) 0xd7, (byte) 0x1e, (byte) 0x13, (byte) 0x20, (byte) 0xb3, (byte) 0x1f, 254 (byte) 0x41, (byte) 0x02, (byte) 0x41, (byte) 0x00, (byte) 0xf1, (byte) 0x89, 255 (byte) 0x07, (byte) 0x0f, (byte) 0xe8, (byte) 0xcf, (byte) 0xab, (byte) 0x13, 256 (byte) 0x2a, (byte) 0x8f, (byte) 0x88, (byte) 0x80, (byte) 0x11, (byte) 0x9a, 257 (byte) 0x79, (byte) 0xb6, (byte) 0x59, (byte) 0x3a, (byte) 0x50, (byte) 0x6e, 258 (byte) 0x57, (byte) 0x37, (byte) 0xab, (byte) 0x2a, (byte) 0xd2, (byte) 0xaa, 259 (byte) 0xd9, (byte) 0x72, (byte) 0x73, (byte) 0xff, (byte) 0x8b, (byte) 0x47, 260 (byte) 0x76, (byte) 0xdd, (byte) 0xdc, (byte) 0xf5, (byte) 0x97, (byte) 0x44, 261 (byte) 0x3a, (byte) 0x78, (byte) 0xbe, (byte) 0x17, (byte) 0xb4, (byte) 0x22, 262 (byte) 0x6f, (byte) 0xe5, (byte) 0x23, (byte) 0x70, (byte) 0x1d, (byte) 0x10, 263 (byte) 0x5d, (byte) 0xba, (byte) 0x16, (byte) 0x81, (byte) 0xf1, (byte) 0x45, 264 (byte) 0xce, (byte) 0x30, (byte) 0xb4, (byte) 0xab, (byte) 0x80, (byte) 0xe4, 265 (byte) 0x98, (byte) 0x31, (byte) 0x02, (byte) 0x41, (byte) 0x00, (byte) 0xda, 266 (byte) 0x82, (byte) 0x9d, (byte) 0x3f, (byte) 0xca, (byte) 0x2f, (byte) 0xe1, 267 (byte) 0xd4, (byte) 0x86, (byte) 0x77, (byte) 0x48, (byte) 0xa6, (byte) 0xab, 268 (byte) 0xab, (byte) 0x1c, (byte) 0x42, (byte) 0x5c, (byte) 0xd5, (byte) 0xc7, 269 (byte) 0x46, (byte) 0x59, (byte) 0x91, (byte) 0x3f, (byte) 0xfc, (byte) 0xcc, 270 (byte) 0xec, (byte) 0xc2, (byte) 0x40, (byte) 0x12, (byte) 0x2c, (byte) 0x8d, 271 (byte) 0x1f, (byte) 0xa2, (byte) 0x18, (byte) 0x88, (byte) 0xee, (byte) 0x82, 272 (byte) 0x4a, (byte) 0x5a, (byte) 0x5e, (byte) 0x88, (byte) 0x20, (byte) 0xe3, 273 (byte) 0x7b, (byte) 0xe0, (byte) 0xd8, (byte) 0x3a, (byte) 0x52, (byte) 0x9a, 274 (byte) 0x26, (byte) 0x6a, (byte) 0x04, (byte) 0xec, (byte) 0xe8, (byte) 0xb9, 275 (byte) 0x48, (byte) 0x40, (byte) 0xe1, (byte) 0xe1, (byte) 0x83, (byte) 0xa6, 276 (byte) 0x67, (byte) 0xa6, (byte) 0xfd, (byte) 0x02, (byte) 0x41, (byte) 0x00, 277 (byte) 0x89, (byte) 0x72, (byte) 0x3e, (byte) 0xb0, (byte) 0x90, (byte) 0xfd, 278 (byte) 0x4c, (byte) 0x0e, (byte) 0xd6, (byte) 0x13, (byte) 0x63, (byte) 0xcb, 279 (byte) 0xed, (byte) 0x38, (byte) 0x88, (byte) 0xb6, (byte) 0x79, (byte) 0xc4, 280 (byte) 0x33, (byte) 0x6c, (byte) 0xf6, (byte) 0xf8, (byte) 0xd8, (byte) 0xd0, 281 (byte) 0xbf, (byte) 0x9d, (byte) 0x35, (byte) 0xac, (byte) 0x69, (byte) 0xd2, 282 (byte) 0x2b, (byte) 0xc1, (byte) 0xf9, (byte) 0x24, (byte) 0x7b, (byte) 0xce, 283 (byte) 0xcd, (byte) 0xcb, (byte) 0xa7, (byte) 0xb2, (byte) 0x7a, (byte) 0x0a, 284 (byte) 0x27, (byte) 0x19, (byte) 0xc9, (byte) 0xaf, (byte) 0x0d, (byte) 0x21, 285 (byte) 0x89, (byte) 0x88, (byte) 0x7c, (byte) 0xad, (byte) 0x9e, (byte) 0x8d, 286 (byte) 0x47, (byte) 0x6d, (byte) 0x3f, (byte) 0xce, (byte) 0x7b, (byte) 0xa1, 287 (byte) 0x74, (byte) 0xf1, (byte) 0xa0, (byte) 0xa1, (byte) 0x02, (byte) 0x41, 288 (byte) 0x00, (byte) 0xd9, (byte) 0xa8, (byte) 0xf5, (byte) 0xfe, (byte) 0xce, 289 (byte) 0xe6, (byte) 0x77, (byte) 0x6b, (byte) 0xfe, (byte) 0x2d, (byte) 0xe0, 290 (byte) 0x1e, (byte) 0xb6, (byte) 0x2e, (byte) 0x12, (byte) 0x4e, (byte) 0x40, 291 (byte) 0xaf, (byte) 0x6a, (byte) 0x7b, (byte) 0x37, (byte) 0x49, (byte) 0x2a, 292 (byte) 0x96, (byte) 0x25, (byte) 0x83, (byte) 0x49, (byte) 0xd4, (byte) 0x0c, 293 (byte) 0xc6, (byte) 0x78, (byte) 0x25, (byte) 0x24, (byte) 0x90, (byte) 0x90, 294 (byte) 0x06, (byte) 0x15, (byte) 0x9e, (byte) 0xfe, (byte) 0xf9, (byte) 0xdf, 295 (byte) 0x5b, (byte) 0xf3, (byte) 0x7e, (byte) 0x38, (byte) 0x70, (byte) 0xeb, 296 (byte) 0x57, (byte) 0xd0, (byte) 0xd9, (byte) 0xa7, (byte) 0x0e, (byte) 0x14, 297 (byte) 0xf7, (byte) 0x95, (byte) 0x68, (byte) 0xd5, (byte) 0xc8, (byte) 0xab, 298 (byte) 0x9d, (byte) 0x3a, (byte) 0x2b, (byte) 0x51, (byte) 0xf9, (byte) 0x02, 299 (byte) 0x41, (byte) 0x00, (byte) 0x96, (byte) 0xdf, (byte) 0xe9, (byte) 0x67, 300 (byte) 0x6c, (byte) 0xdc, (byte) 0x90, (byte) 0x14, (byte) 0xb4, (byte) 0x1d, 301 (byte) 0x22, (byte) 0x33, (byte) 0x4a, (byte) 0x31, (byte) 0xc1, (byte) 0x9d, 302 (byte) 0x2e, (byte) 0xff, (byte) 0x9a, (byte) 0x2a, (byte) 0x95, (byte) 0x4b, 303 (byte) 0x27, (byte) 0x74, (byte) 0xcb, (byte) 0x21, (byte) 0xc3, (byte) 0xd2, 304 (byte) 0x0b, (byte) 0xb2, (byte) 0x46, (byte) 0x87, (byte) 0xf8, (byte) 0x28, 305 (byte) 0x01, (byte) 0x8b, (byte) 0xd8, (byte) 0xb9, (byte) 0x4b, (byte) 0xcd, 306 (byte) 0x9a, (byte) 0x96, (byte) 0x41, (byte) 0x0e, (byte) 0x36, (byte) 0x6d, 307 (byte) 0x40, (byte) 0x42, (byte) 0xbc, (byte) 0xd9, (byte) 0xd3, (byte) 0x7b, 308 (byte) 0xbc, (byte) 0xa7, (byte) 0x92, (byte) 0x90, (byte) 0xdd, (byte) 0xa1, 309 (byte) 0x9c, (byte) 0xce, (byte) 0xa1, (byte) 0x87, (byte) 0x11, (byte) 0x51 310 }; 311 312 /** 313 * Generated from above and converted with: 314 * 315 * openssl x509 -outform d -in usercert.pem | xxd -i | sed 's/0x/(byte) 0x/g' 316 */ 317 private static final byte[] FAKE_USER_1 = new byte[] { 318 (byte) 0x30, (byte) 0x82, (byte) 0x02, (byte) 0x95, (byte) 0x30, (byte) 0x82, 319 (byte) 0x01, (byte) 0xfe, (byte) 0xa0, (byte) 0x03, (byte) 0x02, (byte) 0x01, 320 (byte) 0x02, (byte) 0x02, (byte) 0x01, (byte) 0x01, (byte) 0x30, (byte) 0x0d, 321 (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0x86, 322 (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x05, (byte) 0x05, 323 (byte) 0x00, (byte) 0x30, (byte) 0x4f, (byte) 0x31, (byte) 0x0b, (byte) 0x30, 324 (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x06, 325 (byte) 0x13, (byte) 0x02, (byte) 0x55, (byte) 0x53, (byte) 0x31, (byte) 0x0b, 326 (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, 327 (byte) 0x08, (byte) 0x13, (byte) 0x02, (byte) 0x43, (byte) 0x41, (byte) 0x31, 328 (byte) 0x16, (byte) 0x30, (byte) 0x14, (byte) 0x06, (byte) 0x03, (byte) 0x55, 329 (byte) 0x04, (byte) 0x07, (byte) 0x13, (byte) 0x0d, (byte) 0x4d, (byte) 0x6f, 330 (byte) 0x75, (byte) 0x6e, (byte) 0x74, (byte) 0x61, (byte) 0x69, (byte) 0x6e, 331 (byte) 0x20, (byte) 0x56, (byte) 0x69, (byte) 0x65, (byte) 0x77, (byte) 0x31, 332 (byte) 0x1b, (byte) 0x30, (byte) 0x19, (byte) 0x06, (byte) 0x03, (byte) 0x55, 333 (byte) 0x04, (byte) 0x0a, (byte) 0x13, (byte) 0x12, (byte) 0x41, (byte) 0x6e, 334 (byte) 0x64, (byte) 0x72, (byte) 0x6f, (byte) 0x69, (byte) 0x64, (byte) 0x20, 335 (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x20, (byte) 0x43, 336 (byte) 0x61, (byte) 0x73, (byte) 0x65, (byte) 0x73, (byte) 0x30, (byte) 0x1e, 337 (byte) 0x17, (byte) 0x0d, (byte) 0x31, (byte) 0x32, (byte) 0x30, (byte) 0x38, 338 (byte) 0x31, (byte) 0x34, (byte) 0x32, (byte) 0x33, (byte) 0x32, (byte) 0x35, 339 (byte) 0x34, (byte) 0x38, (byte) 0x5a, (byte) 0x17, (byte) 0x0d, (byte) 0x32, 340 (byte) 0x32, (byte) 0x30, (byte) 0x38, (byte) 0x31, (byte) 0x32, (byte) 0x32, 341 (byte) 0x33, (byte) 0x32, (byte) 0x35, (byte) 0x34, (byte) 0x38, (byte) 0x5a, 342 (byte) 0x30, (byte) 0x55, (byte) 0x31, (byte) 0x0b, (byte) 0x30, (byte) 0x09, 343 (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x06, (byte) 0x13, 344 (byte) 0x02, (byte) 0x55, (byte) 0x53, (byte) 0x31, (byte) 0x0b, (byte) 0x30, 345 (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x08, 346 (byte) 0x13, (byte) 0x02, (byte) 0x43, (byte) 0x41, (byte) 0x31, (byte) 0x1b, 347 (byte) 0x30, (byte) 0x19, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, 348 (byte) 0x0a, (byte) 0x13, (byte) 0x12, (byte) 0x41, (byte) 0x6e, (byte) 0x64, 349 (byte) 0x72, (byte) 0x6f, (byte) 0x69, (byte) 0x64, (byte) 0x20, (byte) 0x54, 350 (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x20, (byte) 0x43, (byte) 0x61, 351 (byte) 0x73, (byte) 0x65, (byte) 0x73, (byte) 0x31, (byte) 0x1c, (byte) 0x30, 352 (byte) 0x1a, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x03, 353 (byte) 0x13, (byte) 0x13, (byte) 0x73, (byte) 0x65, (byte) 0x72, (byte) 0x76, 354 (byte) 0x65, (byte) 0x72, (byte) 0x31, (byte) 0x2e, (byte) 0x65, (byte) 0x78, 355 (byte) 0x61, (byte) 0x6d, (byte) 0x70, (byte) 0x6c, (byte) 0x65, (byte) 0x2e, 356 (byte) 0x63, (byte) 0x6f, (byte) 0x6d, (byte) 0x30, (byte) 0x81, (byte) 0x9f, 357 (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86, 358 (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, 359 (byte) 0x01, (byte) 0x05, (byte) 0x00, (byte) 0x03, (byte) 0x81, (byte) 0x8d, 360 (byte) 0x00, (byte) 0x30, (byte) 0x81, (byte) 0x89, (byte) 0x02, (byte) 0x81, 361 (byte) 0x81, (byte) 0x00, (byte) 0xce, (byte) 0x29, (byte) 0xeb, (byte) 0xf6, 362 (byte) 0x5b, (byte) 0x25, (byte) 0xdc, (byte) 0xa1, (byte) 0xa6, (byte) 0x2c, 363 (byte) 0x66, (byte) 0xcb, (byte) 0x20, (byte) 0x90, (byte) 0x27, (byte) 0x86, 364 (byte) 0x8a, (byte) 0x44, (byte) 0x71, (byte) 0x50, (byte) 0xda, (byte) 0xd3, 365 (byte) 0x02, (byte) 0x77, (byte) 0x55, (byte) 0xe9, (byte) 0xe8, (byte) 0x08, 366 (byte) 0xf3, (byte) 0x36, (byte) 0x9a, (byte) 0xae, (byte) 0xab, (byte) 0x04, 367 (byte) 0x6d, (byte) 0x00, (byte) 0x99, (byte) 0xbf, (byte) 0x7d, (byte) 0x0f, 368 (byte) 0x67, (byte) 0x8b, (byte) 0x1d, (byte) 0xd4, (byte) 0x2b, (byte) 0x7c, 369 (byte) 0xcb, (byte) 0xcd, (byte) 0x33, (byte) 0xc7, (byte) 0x84, (byte) 0x30, 370 (byte) 0xe2, (byte) 0x45, (byte) 0x21, (byte) 0xb3, (byte) 0x75, (byte) 0xf5, 371 (byte) 0x79, (byte) 0x02, (byte) 0xda, (byte) 0x50, (byte) 0xa3, (byte) 0x8b, 372 (byte) 0xce, (byte) 0xc3, (byte) 0x8e, (byte) 0x0f, (byte) 0x25, (byte) 0xeb, 373 (byte) 0x08, (byte) 0x2c, (byte) 0xdd, (byte) 0x1c, (byte) 0xcf, (byte) 0xff, 374 (byte) 0x3b, (byte) 0xde, (byte) 0xb6, (byte) 0xaa, (byte) 0x2a, (byte) 0xa9, 375 (byte) 0xc4, (byte) 0x8a, (byte) 0x24, (byte) 0x24, (byte) 0xe6, (byte) 0x29, 376 (byte) 0x0d, (byte) 0x98, (byte) 0x4c, (byte) 0x32, (byte) 0xa1, (byte) 0x7b, 377 (byte) 0x23, (byte) 0x2b, (byte) 0x42, (byte) 0x30, (byte) 0xee, (byte) 0x78, 378 (byte) 0x08, (byte) 0x47, (byte) 0xad, (byte) 0xf2, (byte) 0x96, (byte) 0xd5, 379 (byte) 0xf1, (byte) 0x62, (byte) 0x42, (byte) 0x2d, (byte) 0x35, (byte) 0x19, 380 (byte) 0xb4, (byte) 0x3c, (byte) 0xc9, (byte) 0xc3, (byte) 0x5f, (byte) 0x03, 381 (byte) 0x16, (byte) 0x3a, (byte) 0x23, (byte) 0xac, (byte) 0xcb, (byte) 0xce, 382 (byte) 0x9e, (byte) 0x51, (byte) 0x2e, (byte) 0x6d, (byte) 0x02, (byte) 0x03, 383 (byte) 0x01, (byte) 0x00, (byte) 0x01, (byte) 0xa3, (byte) 0x7b, (byte) 0x30, 384 (byte) 0x79, (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, 385 (byte) 0x1d, (byte) 0x13, (byte) 0x04, (byte) 0x02, (byte) 0x30, (byte) 0x00, 386 (byte) 0x30, (byte) 0x2c, (byte) 0x06, (byte) 0x09, (byte) 0x60, (byte) 0x86, 387 (byte) 0x48, (byte) 0x01, (byte) 0x86, (byte) 0xf8, (byte) 0x42, (byte) 0x01, 388 (byte) 0x0d, (byte) 0x04, (byte) 0x1f, (byte) 0x16, (byte) 0x1d, (byte) 0x4f, 389 (byte) 0x70, (byte) 0x65, (byte) 0x6e, (byte) 0x53, (byte) 0x53, (byte) 0x4c, 390 (byte) 0x20, (byte) 0x47, (byte) 0x65, (byte) 0x6e, (byte) 0x65, (byte) 0x72, 391 (byte) 0x61, (byte) 0x74, (byte) 0x65, (byte) 0x64, (byte) 0x20, (byte) 0x43, 392 (byte) 0x65, (byte) 0x72, (byte) 0x74, (byte) 0x69, (byte) 0x66, (byte) 0x69, 393 (byte) 0x63, (byte) 0x61, (byte) 0x74, (byte) 0x65, (byte) 0x30, (byte) 0x1d, 394 (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x0e, (byte) 0x04, 395 (byte) 0x16, (byte) 0x04, (byte) 0x14, (byte) 0x32, (byte) 0xa1, (byte) 0x1e, 396 (byte) 0x6b, (byte) 0x69, (byte) 0x04, (byte) 0xfe, (byte) 0xb3, (byte) 0xcd, 397 (byte) 0xf8, (byte) 0xbb, (byte) 0x14, (byte) 0xcd, (byte) 0xff, (byte) 0xd4, 398 (byte) 0x16, (byte) 0xc3, (byte) 0xab, (byte) 0x44, (byte) 0x2f, (byte) 0x30, 399 (byte) 0x1f, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x23, 400 (byte) 0x04, (byte) 0x18, (byte) 0x30, (byte) 0x16, (byte) 0x80, (byte) 0x14, 401 (byte) 0x33, (byte) 0x05, (byte) 0xee, (byte) 0xfe, (byte) 0x6f, (byte) 0x60, 402 (byte) 0xc7, (byte) 0xf9, (byte) 0xa9, (byte) 0xd2, (byte) 0x73, (byte) 0x5c, 403 (byte) 0x8f, (byte) 0x6d, (byte) 0xa2, (byte) 0x2f, (byte) 0x97, (byte) 0x8e, 404 (byte) 0x5d, (byte) 0x51, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, 405 (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, 406 (byte) 0x01, (byte) 0x01, (byte) 0x05, (byte) 0x05, (byte) 0x00, (byte) 0x03, 407 (byte) 0x81, (byte) 0x81, (byte) 0x00, (byte) 0x46, (byte) 0x42, (byte) 0xef, 408 (byte) 0x56, (byte) 0x89, (byte) 0x78, (byte) 0x90, (byte) 0x38, (byte) 0x24, 409 (byte) 0x9f, (byte) 0x8c, (byte) 0x7a, (byte) 0xce, (byte) 0x7a, (byte) 0xa5, 410 (byte) 0xb5, (byte) 0x1e, (byte) 0x74, (byte) 0x96, (byte) 0x34, (byte) 0x49, 411 (byte) 0x8b, (byte) 0xed, (byte) 0x44, (byte) 0xb3, (byte) 0xc9, (byte) 0x05, 412 (byte) 0xd7, (byte) 0x48, (byte) 0x55, (byte) 0x52, (byte) 0x59, (byte) 0x15, 413 (byte) 0x0b, (byte) 0xaa, (byte) 0x16, (byte) 0x86, (byte) 0xd2, (byte) 0x8e, 414 (byte) 0x16, (byte) 0x99, (byte) 0xe8, (byte) 0x5f, (byte) 0x11, (byte) 0x71, 415 (byte) 0x42, (byte) 0x55, (byte) 0xd1, (byte) 0xc4, (byte) 0x6f, (byte) 0x2e, 416 (byte) 0xa9, (byte) 0x64, (byte) 0x6f, (byte) 0xd8, (byte) 0xfd, (byte) 0x43, 417 (byte) 0x13, (byte) 0x24, (byte) 0xaa, (byte) 0x67, (byte) 0xe6, (byte) 0xf5, 418 (byte) 0xca, (byte) 0x80, (byte) 0x5e, (byte) 0x3a, (byte) 0x3e, (byte) 0xcc, 419 (byte) 0x4f, (byte) 0xba, (byte) 0x87, (byte) 0xe6, (byte) 0xae, (byte) 0xbf, 420 (byte) 0x8f, (byte) 0xd5, (byte) 0x28, (byte) 0x38, (byte) 0x58, (byte) 0x30, 421 (byte) 0x24, (byte) 0xf6, (byte) 0x53, (byte) 0x5b, (byte) 0x41, (byte) 0x53, 422 (byte) 0xe6, (byte) 0x45, (byte) 0xbc, (byte) 0xbe, (byte) 0xe6, (byte) 0xbb, 423 (byte) 0x5d, (byte) 0xd8, (byte) 0xa7, (byte) 0xf9, (byte) 0x64, (byte) 0x99, 424 (byte) 0x04, (byte) 0x43, (byte) 0x75, (byte) 0xd7, (byte) 0x2d, (byte) 0x32, 425 (byte) 0x0a, (byte) 0x94, (byte) 0xaf, (byte) 0x06, (byte) 0x34, (byte) 0xae, 426 (byte) 0x46, (byte) 0xbd, (byte) 0xda, (byte) 0x00, (byte) 0x0e, (byte) 0x25, 427 (byte) 0xc2, (byte) 0xf7, (byte) 0xc9, (byte) 0xc3, (byte) 0x65, (byte) 0xd2, 428 (byte) 0x08, (byte) 0x41, (byte) 0x0a, (byte) 0xf3, (byte) 0x72 429 }; 430 431 /** 432 * The amount of time to allow before and after expected time for variance 433 * in timing tests. 434 */ 435 private static final long SLOP_TIME_MILLIS = 15000L; 436 437 @Override 438 protected void setUp() throws Exception { 439 mAndroidKeyStore = android.security.KeyStore.getInstance(); 440 441 assertTrue(mAndroidKeyStore.reset()); 442 443 assertEquals(android.security.KeyStore.State.UNINITIALIZED, mAndroidKeyStore.state()); 444 445 assertTrue(mAndroidKeyStore.password("1111")); 446 447 assertEquals(android.security.KeyStore.State.UNLOCKED, mAndroidKeyStore.state()); 448 449 assertEquals(0, mAndroidKeyStore.saw("").length); 450 451 mKeyStore = java.security.KeyStore.getInstance(AndroidKeyStore.NAME); 452 } 453 454 private void assertAliases(final String[] expectedAliases) throws KeyStoreException { 455 final Enumeration<String> aliases = mKeyStore.aliases(); 456 int count = 0; 457 458 final Set<String> expectedSet = new HashSet<String>(); 459 expectedSet.addAll(Arrays.asList(expectedAliases)); 460 461 while (aliases.hasMoreElements()) { 462 count++; 463 final String alias = aliases.nextElement(); 464 assertTrue("The alias should be in the expected set", expectedSet.contains(alias)); 465 expectedSet.remove(alias); 466 } 467 assertTrue("The expected set and actual set should be exactly equal", expectedSet.isEmpty()); 468 assertEquals("There should be the correct number of keystore entries", 469 expectedAliases.length, count); 470 } 471 472 public void testKeyStore_Aliases_Success() throws Exception { 473 mKeyStore.load(null, null); 474 475 assertAliases(new String[] {}); 476 477 assertTrue(mAndroidKeyStore.generate(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1)); 478 479 assertAliases(new String[] { TEST_ALIAS_1 }); 480 481 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_2, FAKE_CA_1)); 482 483 assertAliases(new String[] { TEST_ALIAS_1, TEST_ALIAS_2 }); 484 } 485 486 public void testKeyStore_Aliases_NotInitialized_Failure() throws Exception { 487 try { 488 mKeyStore.aliases(); 489 fail("KeyStore should throw exception when not initialized"); 490 } catch (KeyStoreException success) { 491 } 492 } 493 494 public void testKeyStore_ContainsAliases_PrivateAndCA_Success() throws Exception { 495 mKeyStore.load(null, null); 496 497 assertAliases(new String[] {}); 498 499 assertTrue(mAndroidKeyStore.generate(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1)); 500 501 assertTrue("Should contain generated private key", mKeyStore.containsAlias(TEST_ALIAS_1)); 502 503 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_2, FAKE_CA_1)); 504 505 assertTrue("Should contain added CA certificate", mKeyStore.containsAlias(TEST_ALIAS_2)); 506 507 assertFalse("Should not contain unadded certificate alias", 508 mKeyStore.containsAlias(TEST_ALIAS_3)); 509 } 510 511 public void testKeyStore_ContainsAliases_CAOnly_Success() throws Exception { 512 mKeyStore.load(null, null); 513 514 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_2, FAKE_CA_1)); 515 516 assertTrue("Should contain added CA certificate", mKeyStore.containsAlias(TEST_ALIAS_2)); 517 } 518 519 public void testKeyStore_ContainsAliases_NonExistent_Failure() throws Exception { 520 mKeyStore.load(null, null); 521 522 assertFalse("Should contain added CA certificate", mKeyStore.containsAlias(TEST_ALIAS_1)); 523 } 524 525 public void testKeyStore_DeleteEntry_Success() throws Exception { 526 mKeyStore.load(null, null); 527 528 // TEST_ALIAS_1 529 assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 530 FAKE_KEY_1)); 531 assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 532 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 533 534 // TEST_ALIAS_2 535 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_2, FAKE_CA_1)); 536 537 // TEST_ALIAS_3 538 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_3, FAKE_CA_1)); 539 540 assertAliases(new String[] { TEST_ALIAS_1, TEST_ALIAS_2, TEST_ALIAS_3 }); 541 542 mKeyStore.deleteEntry(TEST_ALIAS_1); 543 544 assertAliases(new String[] { TEST_ALIAS_2, TEST_ALIAS_3 }); 545 546 mKeyStore.deleteEntry(TEST_ALIAS_3); 547 548 assertAliases(new String[] { TEST_ALIAS_2 }); 549 550 mKeyStore.deleteEntry(TEST_ALIAS_2); 551 552 assertAliases(new String[] { }); 553 } 554 555 public void testKeyStore_DeleteEntry_EmptyStore_Failure() throws Exception { 556 mKeyStore.load(null, null); 557 558 try { 559 mKeyStore.deleteEntry(TEST_ALIAS_1); 560 fail("Should throw KeyStoreException with non-existent alias"); 561 } catch (KeyStoreException success) { 562 } 563 } 564 565 public void testKeyStore_DeleteEntry_NonExistent_Failure() throws Exception { 566 mKeyStore.load(null, null); 567 568 // TEST_ALIAS_1 569 assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 570 FAKE_KEY_1)); 571 assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 572 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 573 574 try { 575 mKeyStore.deleteEntry(TEST_ALIAS_2); 576 fail("Should throw KeyStoreException with non-existent alias"); 577 } catch (KeyStoreException success) { 578 } 579 } 580 581 public void testKeyStore_GetCertificate_Single_Success() throws Exception { 582 mKeyStore.load(null, null); 583 584 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 585 586 assertAliases(new String[] { TEST_ALIAS_1 }); 587 588 assertNull("Certificate should not exist in keystore", 589 mKeyStore.getCertificate(TEST_ALIAS_2)); 590 591 Certificate retrieved = mKeyStore.getCertificate(TEST_ALIAS_1); 592 593 assertNotNull("Retrieved certificate should not be null", retrieved); 594 595 CertificateFactory f = CertificateFactory.getInstance("X.509"); 596 Certificate actual = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 597 598 assertEquals("Actual and retrieved certificates should be the same", actual, retrieved); 599 } 600 601 public void testKeyStore_GetCertificate_NonExist_Failure() throws Exception { 602 mKeyStore.load(null, null); 603 604 assertNull("Certificate should not exist in keystore", 605 mKeyStore.getCertificate(TEST_ALIAS_1)); 606 } 607 608 public void testKeyStore_GetCertificateAlias_CAEntry_Success() throws Exception { 609 mKeyStore.load(null, null); 610 611 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 612 613 CertificateFactory f = CertificateFactory.getInstance("X.509"); 614 Certificate actual = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 615 616 assertEquals("Stored certificate alias should be found", TEST_ALIAS_1, 617 mKeyStore.getCertificateAlias(actual)); 618 } 619 620 public void testKeyStore_GetCertificateAlias_PrivateKeyEntry_Success() throws Exception { 621 mKeyStore.load(null, null); 622 623 assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 624 FAKE_KEY_1)); 625 assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 626 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 627 628 CertificateFactory f = CertificateFactory.getInstance("X.509"); 629 Certificate actual = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 630 631 assertEquals("Stored certificate alias should be found", TEST_ALIAS_1, 632 mKeyStore.getCertificateAlias(actual)); 633 } 634 635 public void testKeyStore_GetCertificateAlias_CAEntry_WithPrivateKeyUsingCA_Success() 636 throws Exception { 637 mKeyStore.load(null, null); 638 639 // Insert TrustedCertificateEntry with CA name 640 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_2, FAKE_CA_1)); 641 642 // Insert PrivateKeyEntry that uses the same CA 643 assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 644 FAKE_KEY_1)); 645 assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 646 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 647 648 CertificateFactory f = CertificateFactory.getInstance("X.509"); 649 Certificate actual = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 650 651 assertEquals("Stored certificate alias should be found", TEST_ALIAS_2, 652 mKeyStore.getCertificateAlias(actual)); 653 } 654 655 public void testKeyStore_GetCertificateAlias_NonExist_Empty_Failure() throws Exception { 656 mKeyStore.load(null, null); 657 658 CertificateFactory f = CertificateFactory.getInstance("X.509"); 659 Certificate actual = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 660 661 assertNull("Stored certificate alias should not be found", 662 mKeyStore.getCertificateAlias(actual)); 663 } 664 665 public void testKeyStore_GetCertificateAlias_NonExist_Failure() throws Exception { 666 mKeyStore.load(null, null); 667 668 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 669 670 CertificateFactory f = CertificateFactory.getInstance("X.509"); 671 Certificate userCert = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 672 673 assertNull("Stored certificate alias should be found", 674 mKeyStore.getCertificateAlias(userCert)); 675 } 676 677 public void testKeyStore_GetCertificateChain_SingleLength_Success() throws Exception { 678 mKeyStore.load(null, null); 679 680 assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 681 FAKE_KEY_1)); 682 assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 683 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 684 685 CertificateFactory cf = CertificateFactory.getInstance("X.509"); 686 Certificate[] expected = new Certificate[2]; 687 expected[0] = cf.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 688 expected[1] = cf.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 689 690 Certificate[] actual = mKeyStore.getCertificateChain(TEST_ALIAS_1); 691 692 assertNotNull("Returned certificate chain should not be null", actual); 693 assertEquals("Returned certificate chain should be correct size", expected.length, 694 actual.length); 695 assertEquals("First certificate should be user certificate", expected[0], actual[0]); 696 assertEquals("Second certificate should be CA certificate", expected[1], actual[1]); 697 698 // Negative test when keystore is populated. 699 assertNull("Stored certificate alias should not be found", 700 mKeyStore.getCertificateChain(TEST_ALIAS_2)); 701 } 702 703 public void testKeyStore_GetCertificateChain_NonExist_Failure() throws Exception { 704 mKeyStore.load(null, null); 705 706 assertNull("Stored certificate alias should not be found", 707 mKeyStore.getCertificateChain(TEST_ALIAS_1)); 708 } 709 710 public void testKeyStore_GetCreationDate_PrivateKeyEntry_Success() throws Exception { 711 mKeyStore.load(null, null); 712 713 assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 714 FAKE_KEY_1)); 715 assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 716 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 717 718 Date now = new Date(); 719 Date actual = mKeyStore.getCreationDate(TEST_ALIAS_1); 720 721 Date expectedAfter = new Date(now.getTime() - SLOP_TIME_MILLIS); 722 Date expectedBefore = new Date(now.getTime() + SLOP_TIME_MILLIS); 723 724 assertTrue("Time should be close to current time", actual.before(expectedBefore)); 725 assertTrue("Time should be close to current time", actual.after(expectedAfter)); 726 } 727 728 public void testKeyStore_GetCreationDate_CAEntry_Success() throws Exception { 729 mKeyStore.load(null, null); 730 731 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 732 733 Date now = new Date(); 734 Date actual = mKeyStore.getCreationDate(TEST_ALIAS_1); 735 assertNotNull("Certificate should be found", actual); 736 737 Date expectedAfter = new Date(now.getTime() - SLOP_TIME_MILLIS); 738 Date expectedBefore = new Date(now.getTime() + SLOP_TIME_MILLIS); 739 740 assertTrue("Time should be close to current time", actual.before(expectedBefore)); 741 assertTrue("Time should be close to current time", actual.after(expectedAfter)); 742 } 743 744 public void testKeyStore_GetEntry_NullParams_Success() throws Exception { 745 mKeyStore.load(null, null); 746 747 assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 748 FAKE_KEY_1)); 749 assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 750 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 751 752 Entry entry = mKeyStore.getEntry(TEST_ALIAS_1, null); 753 assertNotNull("Entry should exist", entry); 754 755 assertTrue("Should be a PrivateKeyEntry", entry instanceof PrivateKeyEntry); 756 757 PrivateKeyEntry keyEntry = (PrivateKeyEntry) entry; 758 759 assertPrivateKeyEntryEquals(keyEntry, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 760 } 761 762 private void assertPrivateKeyEntryEquals(PrivateKeyEntry keyEntry, byte[] key, byte[] cert, 763 byte[] ca) throws Exception { 764 KeyFactory keyFact = KeyFactory.getInstance("RSA"); 765 PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(key)); 766 767 assertEquals("Returned PrivateKey should be what we inserted", expectedKey, 768 keyEntry.getPrivateKey()); 769 770 CertificateFactory certFact = CertificateFactory.getInstance("X.509"); 771 Certificate expectedCert = certFact.generateCertificate(new ByteArrayInputStream(cert)); 772 773 assertEquals("Returned Certificate should be what we inserted", expectedCert, 774 keyEntry.getCertificate()); 775 776 Certificate[] actualChain = keyEntry.getCertificateChain(); 777 778 assertEquals("First certificate in chain should be user cert", expectedCert, actualChain[0]); 779 780 if (ca == null) { 781 assertEquals("Certificate chain should not include CAs", 1, actualChain.length); 782 } else { 783 @SuppressWarnings("unchecked") 784 Collection<Certificate> expectedChain = (Collection<Certificate>) certFact 785 .generateCertificates(new ByteArrayInputStream(ca)); 786 787 int i = 1; 788 final Iterator<Certificate> it = expectedChain.iterator(); 789 while (it.hasNext()) { 790 assertEquals("CA chain certificate should equal what we put in", it.next(), 791 actualChain[i++]); 792 } 793 } 794 } 795 796 public void testKeyStore_GetEntry_Nonexistent_NullParams_Failure() throws Exception { 797 mKeyStore.load(null, null); 798 799 assertNull("A non-existent entry should return null", 800 mKeyStore.getEntry(TEST_ALIAS_1, null)); 801 } 802 803 public void testKeyStore_GetKey_NoPassword_Success() throws Exception { 804 mKeyStore.load(null, null); 805 806 assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 807 FAKE_KEY_1)); 808 assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 809 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 810 811 Key key = mKeyStore.getKey(TEST_ALIAS_1, null); 812 assertNotNull("Key should exist", key); 813 814 assertTrue("Should be a RSAPrivateKey", key instanceof RSAPrivateKey); 815 816 RSAPrivateKey actualKey = (RSAPrivateKey) key; 817 818 KeyFactory keyFact = KeyFactory.getInstance("RSA"); 819 PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 820 821 assertEquals("Inserted key should be same as retrieved key", actualKey, expectedKey); 822 } 823 824 public void testKeyStore_GetKey_Certificate_Failure() throws Exception { 825 mKeyStore.load(null, null); 826 827 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 828 829 assertNull("Certificate entries should return null", mKeyStore.getKey(TEST_ALIAS_1, null)); 830 } 831 832 public void testKeyStore_GetKey_NonExistent_Failure() throws Exception { 833 mKeyStore.load(null, null); 834 835 assertNull("A non-existent entry should return null", mKeyStore.getKey(TEST_ALIAS_1, null)); 836 } 837 838 public void testKeyStore_GetProvider_Success() throws Exception { 839 assertEquals(AndroidKeyStoreProvider.PROVIDER_NAME, mKeyStore.getProvider().getName()); 840 } 841 842 public void testKeyStore_GetType_Success() throws Exception { 843 assertEquals(AndroidKeyStore.NAME, mKeyStore.getType()); 844 } 845 846 public void testKeyStore_IsCertificateEntry_CA_Success() throws Exception { 847 mKeyStore.load(null, null); 848 849 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 850 851 assertTrue("Should return true for CA certificate", 852 mKeyStore.isCertificateEntry(TEST_ALIAS_1)); 853 } 854 855 public void testKeyStore_IsCertificateEntry_PrivateKey_Failure() throws Exception { 856 mKeyStore.load(null, null); 857 858 assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 859 FAKE_KEY_1)); 860 assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 861 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 862 863 assertFalse("Should return false for PrivateKeyEntry", 864 mKeyStore.isCertificateEntry(TEST_ALIAS_1)); 865 } 866 867 public void testKeyStore_IsCertificateEntry_NonExist_Failure() throws Exception { 868 mKeyStore.load(null, null); 869 870 assertFalse("Should return false for non-existent entry", 871 mKeyStore.isCertificateEntry(TEST_ALIAS_1)); 872 } 873 874 public void testKeyStore_IsKeyEntry_PrivateKey_Success() throws Exception { 875 mKeyStore.load(null, null); 876 877 assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 878 FAKE_KEY_1)); 879 assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 880 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 881 882 assertTrue("Should return true for PrivateKeyEntry", mKeyStore.isKeyEntry(TEST_ALIAS_1)); 883 } 884 885 public void testKeyStore_IsKeyEntry_CA_Failure() throws Exception { 886 mKeyStore.load(null, null); 887 888 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 889 890 assertFalse("Should return false for CA certificate", mKeyStore.isKeyEntry(TEST_ALIAS_1)); 891 } 892 893 public void testKeyStore_IsKeyEntry_NonExist_Failure() throws Exception { 894 mKeyStore.load(null, null); 895 896 assertFalse("Should return false for non-existent entry", 897 mKeyStore.isKeyEntry(TEST_ALIAS_1)); 898 } 899 900 public void testKeyStore_SetCertificate_CA_Success() throws Exception { 901 final CertificateFactory f = CertificateFactory.getInstance("X.509"); 902 final Certificate actual = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 903 904 mKeyStore.load(null, null); 905 906 mKeyStore.setCertificateEntry(TEST_ALIAS_1, actual); 907 assertAliases(new String[] { TEST_ALIAS_1 }); 908 909 Certificate retrieved = mKeyStore.getCertificate(TEST_ALIAS_1); 910 911 assertEquals("Retrieved certificate should be the same as the one inserted", actual, 912 retrieved); 913 } 914 915 public void testKeyStore_SetCertificate_CAExists_Overwrite_Success() throws Exception { 916 mKeyStore.load(null, null); 917 918 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 919 920 assertAliases(new String[] { TEST_ALIAS_1 }); 921 922 final CertificateFactory f = CertificateFactory.getInstance("X.509"); 923 final Certificate cert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 924 925 // TODO have separate FAKE_CA for second test 926 mKeyStore.setCertificateEntry(TEST_ALIAS_1, cert); 927 928 assertAliases(new String[] { TEST_ALIAS_1 }); 929 } 930 931 public void testKeyStore_SetCertificate_PrivateKeyExists_Failure() throws Exception { 932 mKeyStore.load(null, null); 933 934 assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, 935 FAKE_KEY_1)); 936 assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_USER_1)); 937 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 938 939 assertAliases(new String[] { TEST_ALIAS_1 }); 940 941 final CertificateFactory f = CertificateFactory.getInstance("X.509"); 942 final Certificate cert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 943 944 try { 945 mKeyStore.setCertificateEntry(TEST_ALIAS_1, cert); 946 fail("Should throw when trying to overwrite a PrivateKey entry with a Certificate"); 947 } catch (KeyStoreException success) { 948 } 949 } 950 951 public void testKeyStore_SetEntry_PrivateKeyEntry_Success() throws Exception { 952 mKeyStore.load(null, null); 953 954 KeyFactory keyFact = KeyFactory.getInstance("RSA"); 955 PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 956 957 final CertificateFactory f = CertificateFactory.getInstance("X.509"); 958 959 final Certificate[] expectedChain = new Certificate[2]; 960 expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 961 expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 962 963 PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain); 964 965 mKeyStore.setEntry(TEST_ALIAS_1, expected, null); 966 967 Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 968 assertNotNull("Retrieved entry should exist", actualEntry); 969 970 assertTrue("Retrieved entry should be of type PrivateKeyEntry", 971 actualEntry instanceof PrivateKeyEntry); 972 973 PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry; 974 975 assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 976 } 977 978 public void testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_PrivateKeyEntry_Success() 979 throws Exception { 980 mKeyStore.load(null, null); 981 982 final KeyFactory keyFact = KeyFactory.getInstance("RSA"); 983 final CertificateFactory f = CertificateFactory.getInstance("X.509"); 984 985 // Start with PrivateKeyEntry 986 { 987 PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 988 989 final Certificate[] expectedChain = new Certificate[2]; 990 expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 991 expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 992 993 PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain); 994 995 mKeyStore.setEntry(TEST_ALIAS_1, expected, null); 996 997 Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 998 assertNotNull("Retrieved entry should exist", actualEntry); 999 1000 assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1001 actualEntry instanceof PrivateKeyEntry); 1002 1003 PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry; 1004 1005 assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1006 } 1007 1008 // TODO make entirely new test vector for the overwrite 1009 // Replace with PrivateKeyEntry 1010 { 1011 PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1012 1013 final Certificate[] expectedChain = new Certificate[2]; 1014 expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1015 expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1016 1017 PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain); 1018 1019 mKeyStore.setEntry(TEST_ALIAS_1, expected, null); 1020 1021 Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1022 assertNotNull("Retrieved entry should exist", actualEntry); 1023 1024 assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1025 actualEntry instanceof PrivateKeyEntry); 1026 1027 PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry; 1028 1029 assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1030 } 1031 } 1032 1033 public void testKeyStore_SetEntry_CAEntry_Overwrites_PrivateKeyEntry_Success() throws Exception { 1034 mKeyStore.load(null, null); 1035 1036 final CertificateFactory f = CertificateFactory.getInstance("X.509"); 1037 1038 // Start with TrustedCertificateEntry 1039 { 1040 final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1041 1042 TrustedCertificateEntry expectedCertEntry = new TrustedCertificateEntry(caCert); 1043 mKeyStore.setEntry(TEST_ALIAS_1, expectedCertEntry, null); 1044 1045 Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1046 assertNotNull("Retrieved entry should exist", actualEntry); 1047 assertTrue("Retrieved entry should be of type TrustedCertificateEntry", 1048 actualEntry instanceof TrustedCertificateEntry); 1049 TrustedCertificateEntry actualCertEntry = (TrustedCertificateEntry) actualEntry; 1050 assertEquals("Stored and retrieved certificates should be the same", 1051 expectedCertEntry.getTrustedCertificate(), 1052 actualCertEntry.getTrustedCertificate()); 1053 } 1054 1055 // Replace with PrivateKeyEntry 1056 { 1057 KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1058 PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1059 final Certificate[] expectedChain = new Certificate[2]; 1060 expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1061 expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1062 1063 PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain); 1064 1065 mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null); 1066 1067 Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1068 assertNotNull("Retrieved entry should exist", actualEntry); 1069 assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1070 actualEntry instanceof PrivateKeyEntry); 1071 1072 PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry; 1073 assertPrivateKeyEntryEquals(actualPrivEntry, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1074 } 1075 } 1076 1077 public void testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_CAEntry_Success() throws Exception { 1078 mKeyStore.load(null, null); 1079 1080 final CertificateFactory f = CertificateFactory.getInstance("X.509"); 1081 1082 final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1083 1084 // Start with PrivateKeyEntry 1085 { 1086 KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1087 PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1088 final Certificate[] expectedChain = new Certificate[2]; 1089 expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1090 expectedChain[1] = caCert; 1091 1092 PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain); 1093 1094 mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null); 1095 1096 Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1097 assertNotNull("Retrieved entry should exist", actualEntry); 1098 assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1099 actualEntry instanceof PrivateKeyEntry); 1100 1101 PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry; 1102 assertPrivateKeyEntryEquals(actualPrivEntry, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1103 } 1104 1105 // Replace with TrustedCertificateEntry 1106 { 1107 TrustedCertificateEntry expectedCertEntry = new TrustedCertificateEntry(caCert); 1108 mKeyStore.setEntry(TEST_ALIAS_1, expectedCertEntry, null); 1109 1110 Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1111 assertNotNull("Retrieved entry should exist", actualEntry); 1112 assertTrue("Retrieved entry should be of type TrustedCertificateEntry", 1113 actualEntry instanceof TrustedCertificateEntry); 1114 TrustedCertificateEntry actualCertEntry = (TrustedCertificateEntry) actualEntry; 1115 assertEquals("Stored and retrieved certificates should be the same", 1116 expectedCertEntry.getTrustedCertificate(), 1117 actualCertEntry.getTrustedCertificate()); 1118 } 1119 } 1120 1121 public void testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_ShortPrivateKeyEntry_Success() 1122 throws Exception { 1123 mKeyStore.load(null, null); 1124 1125 final CertificateFactory f = CertificateFactory.getInstance("X.509"); 1126 1127 final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1128 1129 // Start with PrivateKeyEntry 1130 { 1131 KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1132 PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1133 final Certificate[] expectedChain = new Certificate[2]; 1134 expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1135 expectedChain[1] = caCert; 1136 1137 PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain); 1138 1139 mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null); 1140 1141 Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1142 assertNotNull("Retrieved entry should exist", actualEntry); 1143 assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1144 actualEntry instanceof PrivateKeyEntry); 1145 1146 PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry; 1147 assertPrivateKeyEntryEquals(actualPrivEntry, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1148 } 1149 1150 // Replace with PrivateKeyEntry that has no chain 1151 { 1152 KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1153 PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1154 final Certificate[] expectedChain = new Certificate[1]; 1155 expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1156 1157 PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain); 1158 1159 mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null); 1160 1161 Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1162 assertNotNull("Retrieved entry should exist", actualEntry); 1163 assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1164 actualEntry instanceof PrivateKeyEntry); 1165 1166 PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry; 1167 assertPrivateKeyEntryEquals(actualPrivEntry, FAKE_KEY_1, FAKE_USER_1, null); 1168 } 1169 } 1170 1171 public void testKeyStore_SetEntry_CAEntry_Overwrites_CAEntry_Success() throws Exception { 1172 mKeyStore.load(null, null); 1173 1174 final CertificateFactory f = CertificateFactory.getInstance("X.509"); 1175 1176 // Insert TrustedCertificateEntry 1177 { 1178 final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1179 1180 TrustedCertificateEntry expectedCertEntry = new TrustedCertificateEntry(caCert); 1181 mKeyStore.setEntry(TEST_ALIAS_1, expectedCertEntry, null); 1182 1183 Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1184 assertNotNull("Retrieved entry should exist", actualEntry); 1185 assertTrue("Retrieved entry should be of type TrustedCertificateEntry", 1186 actualEntry instanceof TrustedCertificateEntry); 1187 TrustedCertificateEntry actualCertEntry = (TrustedCertificateEntry) actualEntry; 1188 assertEquals("Stored and retrieved certificates should be the same", 1189 expectedCertEntry.getTrustedCertificate(), 1190 actualCertEntry.getTrustedCertificate()); 1191 } 1192 1193 // Replace with TrustedCertificateEntry of USER 1194 { 1195 final Certificate userCert = f 1196 .generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1197 1198 TrustedCertificateEntry expectedUserEntry = new TrustedCertificateEntry(userCert); 1199 mKeyStore.setEntry(TEST_ALIAS_1, expectedUserEntry, null); 1200 1201 Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1202 assertNotNull("Retrieved entry should exist", actualEntry); 1203 assertTrue("Retrieved entry should be of type TrustedCertificateEntry", 1204 actualEntry instanceof TrustedCertificateEntry); 1205 TrustedCertificateEntry actualUserEntry = (TrustedCertificateEntry) actualEntry; 1206 assertEquals("Stored and retrieved certificates should be the same", 1207 expectedUserEntry.getTrustedCertificate(), 1208 actualUserEntry.getTrustedCertificate()); 1209 } 1210 } 1211 1212 public void testKeyStore_SetKeyEntry_ProtectedKey_Failure() throws Exception { 1213 mKeyStore.load(null, null); 1214 1215 final CertificateFactory f = CertificateFactory.getInstance("X.509"); 1216 1217 final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1218 1219 KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1220 PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1221 final Certificate[] chain = new Certificate[2]; 1222 chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1223 chain[1] = caCert; 1224 1225 try { 1226 mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, "foo".toCharArray(), chain); 1227 fail("Should fail when a password is specified"); 1228 } catch (KeyStoreException success) { 1229 } 1230 } 1231 1232 public void testKeyStore_SetKeyEntry_Success() throws Exception { 1233 mKeyStore.load(null, null); 1234 1235 final CertificateFactory f = CertificateFactory.getInstance("X.509"); 1236 1237 final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1238 1239 KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1240 PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1241 final Certificate[] chain = new Certificate[2]; 1242 chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1243 chain[1] = caCert; 1244 1245 mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, null, chain); 1246 1247 Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1248 assertNotNull("Retrieved entry should exist", actualEntry); 1249 1250 assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1251 actualEntry instanceof PrivateKeyEntry); 1252 1253 PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry; 1254 1255 assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1256 } 1257 1258 public void testKeyStore_SetKeyEntry_Replaced_Success() throws Exception { 1259 mKeyStore.load(null, null); 1260 1261 final CertificateFactory f = CertificateFactory.getInstance("X.509"); 1262 1263 final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1)); 1264 1265 // Insert initial key 1266 { 1267 KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1268 PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1269 final Certificate[] chain = new Certificate[2]; 1270 chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1271 chain[1] = caCert; 1272 1273 mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, null, chain); 1274 1275 Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1276 assertNotNull("Retrieved entry should exist", actualEntry); 1277 1278 assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1279 actualEntry instanceof PrivateKeyEntry); 1280 1281 PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry; 1282 1283 assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1284 } 1285 1286 // TODO make a separate key 1287 // Replace key 1288 { 1289 KeyFactory keyFact = KeyFactory.getInstance("RSA"); 1290 PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1)); 1291 final Certificate[] chain = new Certificate[2]; 1292 chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1)); 1293 chain[1] = caCert; 1294 1295 mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, null, chain); 1296 1297 Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null); 1298 assertNotNull("Retrieved entry should exist", actualEntry); 1299 1300 assertTrue("Retrieved entry should be of type PrivateKeyEntry", 1301 actualEntry instanceof PrivateKeyEntry); 1302 1303 PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry; 1304 1305 assertPrivateKeyEntryEquals(actual, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1); 1306 } 1307 } 1308 1309 public void testKeyStore_Size_Success() throws Exception { 1310 mKeyStore.load(null, null); 1311 1312 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_CA_1)); 1313 1314 assertEquals("The keystore size should match expected", 1, mKeyStore.size()); 1315 assertAliases(new String[] { TEST_ALIAS_1 }); 1316 1317 assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_2, FAKE_CA_1)); 1318 1319 assertEquals("The keystore size should match expected", 2, mKeyStore.size()); 1320 assertAliases(new String[] { TEST_ALIAS_1, TEST_ALIAS_2 }); 1321 1322 assertTrue(mAndroidKeyStore.generate(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_3)); 1323 1324 assertEquals("The keystore size should match expected", 3, mKeyStore.size()); 1325 assertAliases(new String[] { TEST_ALIAS_1, TEST_ALIAS_2, TEST_ALIAS_3 }); 1326 1327 assertTrue(mAndroidKeyStore.delete(Credentials.CA_CERTIFICATE + TEST_ALIAS_1)); 1328 1329 assertEquals("The keystore size should match expected", 2, mKeyStore.size()); 1330 assertAliases(new String[] { TEST_ALIAS_2, TEST_ALIAS_3 }); 1331 1332 assertTrue(mAndroidKeyStore.delKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_3)); 1333 1334 assertEquals("The keystore size should match expected", 1, mKeyStore.size()); 1335 assertAliases(new String[] { TEST_ALIAS_2 }); 1336 } 1337 1338 public void testKeyStore_Store_LoadStoreParam_Failure() throws Exception { 1339 mKeyStore.load(null, null); 1340 1341 try { 1342 mKeyStore.store(null); 1343 fail("Should throw UnsupportedOperationException when trying to store"); 1344 } catch (UnsupportedOperationException success) { 1345 } 1346 } 1347 1348 public void testKeyStore_Load_InputStreamSupplied_Failure() throws Exception { 1349 byte[] buf = "FAKE KEYSTORE".getBytes(); 1350 ByteArrayInputStream is = new ByteArrayInputStream(buf); 1351 1352 try { 1353 mKeyStore.load(is, null); 1354 fail("Should throw IllegalArgumentException when InputStream is supplied"); 1355 } catch (IllegalArgumentException success) { 1356 } 1357 } 1358 1359 public void testKeyStore_Load_PasswordSupplied_Failure() throws Exception { 1360 try { 1361 mKeyStore.load(null, "password".toCharArray()); 1362 fail("Should throw IllegalArgumentException when password is supplied"); 1363 } catch (IllegalArgumentException success) { 1364 } 1365 } 1366 1367 public void testKeyStore_Store_OutputStream_Failure() throws Exception { 1368 mKeyStore.load(null, null); 1369 1370 OutputStream sink = new ByteArrayOutputStream(); 1371 try { 1372 mKeyStore.store(sink, null); 1373 fail("Should throw UnsupportedOperationException when trying to store"); 1374 } catch (UnsupportedOperationException success) { 1375 } 1376 1377 try { 1378 mKeyStore.store(sink, "blah".toCharArray()); 1379 fail("Should throw UnsupportedOperationException when trying to store"); 1380 } catch (UnsupportedOperationException success) { 1381 } 1382 } 1383} 1384