KeyStoreTest.java revision 55f7c2770faade3543bebd833124f2f15c0f7455
1f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang/* 2f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * Copyright (C) 2009 The Android Open Source Project 3f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * 4f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * Licensed under the Apache License, Version 2.0 (the "License"); 5f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * you may not use this file except in compliance with the License. 6f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * You may obtain a copy of the License at 7f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * 8f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * http://www.apache.org/licenses/LICENSE-2.0 9f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * 10f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * Unless required by applicable law or agreed to in writing, software 11f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * distributed under the License is distributed on an "AS IS" BASIS, 12f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * See the License for the specific language governing permissions and 14f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * limitations under the License. 15f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang */ 16f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 1796ad6cb080d0721a433d2bcb201f4a4582bf1cafKenny Rootpackage android.security; 18f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 19f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wangimport android.app.Activity; 208827c8173281fea21325d88922471851e31200c4Chad Brubakerimport android.os.Binder; 218827c8173281fea21325d88922471851e31200c4Chad Brubakerimport android.os.IBinder; 2278ad849163a7b01073b46fbd7d818392720005d1Kenny Rootimport android.os.Process; 238827c8173281fea21325d88922471851e31200c4Chad Brubakerimport android.os.ServiceManager; 24f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wangimport android.security.KeyStore; 258827c8173281fea21325d88922471851e31200c4Chad Brubakerimport android.security.keymaster.ExportResult; 268827c8173281fea21325d88922471851e31200c4Chad Brubakerimport android.security.keymaster.KeyCharacteristics; 278827c8173281fea21325d88922471851e31200c4Chad Brubakerimport android.security.keymaster.KeymasterArguments; 285e73c0eec2bc77222a5a87fb2a135d8303836411Chad Brubakerimport android.security.keymaster.KeymasterBlob; 298827c8173281fea21325d88922471851e31200c4Chad Brubakerimport android.security.keymaster.KeymasterDefs; 308827c8173281fea21325d88922471851e31200c4Chad Brubakerimport android.security.keymaster.OperationResult; 31f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wangimport android.test.ActivityUnitTestCase; 32473c712b19bad992ab4eafcd43175fdce77b913dKenny Rootimport android.test.AssertionFailedError; 338827c8173281fea21325d88922471851e31200c4Chad Brubakerimport android.test.MoreAsserts; 34f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wangimport android.test.suitebuilder.annotation.MediumTest; 35f64386fc26efeb245fd90fabaa47b8c8bf9b4613Kenny Rootimport com.android.org.conscrypt.NativeCrypto; 36d396a448b2e36e29598c954b64bfddef73f3fae0Elliott Hughesimport java.nio.charset.StandardCharsets; 375cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstromimport java.util.Arrays; 38473c712b19bad992ab4eafcd43175fdce77b913dKenny Rootimport java.util.Date; 395cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstromimport java.util.HashSet; 40003a55a6713fd4c1fe63ae5cdb478a11016f46b4Chad Brubakerimport java.security.spec.RSAKeyGenParameterSpec; 41f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 428827c8173281fea21325d88922471851e31200c4Chad Brubakerimport android.util.Log; 438827c8173281fea21325d88922471851e31200c4Chad Brubakerimport android.util.Base64; 448827c8173281fea21325d88922471851e31200c4Chad Brubaker 45f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang/** 46f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * Junit / Instrumentation test case for KeyStore class 47f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * 48f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * Running the test suite: 49f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang * 5096ad6cb080d0721a433d2bcb201f4a4582bf1cafKenny Root * runtest keystore-unit 5196ad6cb080d0721a433d2bcb201f4a4582bf1cafKenny Root * 5296ad6cb080d0721a433d2bcb201f4a4582bf1cafKenny Root * Or this individual test case: 5396ad6cb080d0721a433d2bcb201f4a4582bf1cafKenny Root * 5496ad6cb080d0721a433d2bcb201f4a4582bf1cafKenny Root * runtest --path frameworks/base/keystore/tests/src/android/security/KeyStoreTest.java 55f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang */ 56f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang@MediumTest 57f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wangpublic class KeyStoreTest extends ActivityUnitTestCase<Activity> { 58f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang private static final String TEST_PASSWD = "12345678"; 59f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang private static final String TEST_PASSWD2 = "87654321"; 605ea68db37fd5ad4e0ddc0745b4347e86f17f78dbBrian Carlstrom private static final String TEST_KEYNAME = "test-key"; 615ea68db37fd5ad4e0ddc0745b4347e86f17f78dbBrian Carlstrom private static final String TEST_KEYNAME1 = "test-key.1"; 622a5b147ec8fc1235af928042bdfb78170b18067bBrian Carlstrom private static final String TEST_KEYNAME2 = "test-key\02"; 63d396a448b2e36e29598c954b64bfddef73f3fae0Elliott Hughes private static final byte[] TEST_KEYVALUE = "test value".getBytes(StandardCharsets.UTF_8); 64f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 6534c47c855815d731e6deb55748ff690b0ec7b53fNick Kralevich // "Hello, World" in Chinese 665cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom private static final String TEST_I18N_KEY = "\u4F60\u597D, \u4E16\u754C"; 67d396a448b2e36e29598c954b64bfddef73f3fae0Elliott Hughes private static final byte[] TEST_I18N_VALUE = TEST_I18N_KEY.getBytes(StandardCharsets.UTF_8); 6834c47c855815d731e6deb55748ff690b0ec7b53fNick Kralevich 695423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root // Test vector data for signatures 70dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden private static final int RSA_KEY_SIZE = 1024; 71dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden private static final byte[] TEST_DATA = new byte[RSA_KEY_SIZE / 8]; 725ea68db37fd5ad4e0ddc0745b4347e86f17f78dbBrian Carlstrom static { 735ea68db37fd5ad4e0ddc0745b4347e86f17f78dbBrian Carlstrom for (int i = 0; i < TEST_DATA.length; i++) { 745ea68db37fd5ad4e0ddc0745b4347e86f17f78dbBrian Carlstrom TEST_DATA[i] = (byte) i; 755ea68db37fd5ad4e0ddc0745b4347e86f17f78dbBrian Carlstrom } 765ea68db37fd5ad4e0ddc0745b4347e86f17f78dbBrian Carlstrom } 775423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 78f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang private KeyStore mKeyStore = null; 79f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 80f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang public KeyStoreTest() { 81f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang super(Activity.class); 82f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang } 83f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 845423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root private static final byte[] PRIVKEY_BYTES = hexToBytes( 855423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "308204BE020100300D06092A864886F70D0101010500048204A8308204A4020100028201" + 865423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "0100E0473E8AB8F2284FEB9E742FF9748FA118ED98633C92F52AEB7A2EBE0D3BE60329BE" + 875423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "766AD10EB6A515D0D2CFD9BEA7930F0C306537899F7958CD3E85B01F8818524D312584A9" + 885423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "4B251E3625B54141EDBFEE198808E1BB97FC7CB49B9EAAAF68E9C98D7D0EDC53BBC0FA00" + 895423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "34356D6305FBBCC3C7001405386ABBC873CB0F3EF7425F3D33DF7B315AE036D2A0B66AFD" + 905423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "47503B169BF36E3B5162515B715FDA83DEAF2C58AEB9ABFB3097C3CC9DD9DBE5EF296C17" + 915423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "6139028E8A671E63056D45F40188D2C4133490845DE52C2534E9C6B2478C07BDAE928823" + 925423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "B62D066C7770F9F63F3DBA247F530844747BE7AAA85D853B8BD244ACEC3DE3C89AB46453" + 935423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "AB4D24C3AC6902030100010282010037784776A5F17698F5AC960DFB83A1B67564E648BD" + 945423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "0597CF8AB8087186F2669C27A9ECBDD480F0197A80D07309E6C6A96F925331E57F8B4AC6" + 955423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "F4D45EDA45A23269C09FC428C07A4E6EDF738A15DEC97FABD2F2BB47A14F20EA72FCFE4C" + 965423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "36E01ADA77BD137CD8D4DA10BB162E94A4662971F175F985FA188F056CB97EE2816F43AB" + 975423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "9D3747612486CDA8C16196C30818A995EC85D38467791267B3BF21F273710A6925862576" + 985423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "841C5B6712C12D4BD20A2F3299ADB7C135DA5E9515ABDA76E7CAF2A3BE80551D073B78BF" + 995423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "1162C48AD2B7F4743A0238EE4D252F7D5E7E6533CCAE64CCB39360075A2FD1E034EC3AE5" + 1005423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "CE9C408CCBF0E25E4114021687B3DD4754AE8102818100F541884BC3737B2922D4119EF4" + 1015423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "5E2DEE2CD4CBB75F45505A157AA5009F99C73A2DF0724AC46024306332EA898177634546" + 1025423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "5DC6DF1E0A6F140AFF3B7396E6A8994AC5DAA96873472FE37749D14EB3E075E629DBEB35" + 1035423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "83338A6F3649D0A2654A7A42FD9AB6BFA4AC4D481D390BB229B064BDC311CC1BE1B63189" + 1045423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "DA7C40CDECF2B102818100EA1A742DDB881CEDB7288C87E38D868DD7A409D15A43F445D5" + 1055423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "377A0B5731DDBFCA2DAF28A8E13CD5C0AFCEC3347D74A39E235A3CD9633F274DE2B94F92" + 1065423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "DF43833911D9E9F1CF58F27DE2E08FF45964C720D3EC2139DC7CAFC912953CDECB2F355A" + 1075423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "2E2C35A50FAD754CB3B23166424BA3B6E3112A2B898C38C5C15EDB238693390281805182" + 1085423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "8F1EC6FD996029901BAF1D7E337BA5F0AF27E984EAD895ACE62BD7DF4EE45A224089F2CC" + 1095423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "151AF3CD173FCE0474BCB04F386A2CDCC0E0036BA2419F54579262D47100BE931984A3EF" + 1105423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "A05BECF141574DC079B3A95C4A83E6C43F3214D6DF32D512DE198085E531E616B83FD7DD" + 1115423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "9D1F4E2607C3333D07C55D107D1D3893587102818100DB4FB50F50DE8EDB53FF34C80931" + 1125423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "88A0512867DA2CCA04897759E587C244010DAF8664D59E8083D16C164789301F67A9F078" + 1135423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "060D834A2ADBD367575B68A8A842C2B02A89B3F31FCCEC8A22FE395795C5C6C7422B4E5D" + 1145423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "74A1E9A8F30E7759B9FC2D639C1F15673E84E93A5EF1506F4315383C38D45CBD1B14048F" + 1155423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "4721DC82326102818100D8114593AF415FB612DBF1923710D54D07486205A76A3B431949" + 1165423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "68C0DFF1F11EF0F61A4A337D5FD3741BBC9640E447B8B6B6C47C3AC1204357D3B0C55BA9" + 1175423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "286BDA73F629296F5FA9146D8976357D3C751E75148696A40B74685C82CE30902D639D72" + 1185423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root "4FF24D5E2E9407EE34EDED2E3B4DF65AA9BCFEB6DF28D07BA6903F165768"); 1195423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 1208827c8173281fea21325d88922471851e31200c4Chad Brubaker private static final byte[] AES256_BYTES = hexToBytes( 1218827c8173281fea21325d88922471851e31200c4Chad Brubaker "0CC175B9C0F1B6A831C399E269772661CEC520EA51EA0A47E87295FA3245A605"); 1225423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 1235423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root private static byte[] hexToBytes(String s) { 1245423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root int len = s.length(); 1255423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root byte[] data = new byte[len / 2]; 1265423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root for (int i = 0; i < len; i += 2) { 1275423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) + Character.digit( 1285423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root s.charAt(i + 1), 16)); 1295423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 1305423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root return data; 1315423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 1325423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 133f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang @Override 134f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang protected void setUp() throws Exception { 135f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang mKeyStore = KeyStore.getInstance(); 1365cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom if (mKeyStore.state() != KeyStore.State.UNINITIALIZED) { 1375cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom mKeyStore.reset(); 1385cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom } 1395423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertEquals("KeyStore should be in an uninitialized state", 1405423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root KeyStore.State.UNINITIALIZED, mKeyStore.state()); 141f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang super.setUp(); 142f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang } 143f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 144f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang @Override 145f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang protected void tearDown() throws Exception { 146f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang mKeyStore.reset(); 147f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang super.tearDown(); 148f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang } 149f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 15078ad849163a7b01073b46fbd7d818392720005d1Kenny Root public void testState() throws Exception { 1515cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom assertEquals(KeyStore.State.UNINITIALIZED, mKeyStore.state()); 152f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang } 153f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 154f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang public void testPassword() throws Exception { 155f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang assertTrue(mKeyStore.password(TEST_PASSWD)); 1565cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom assertEquals(KeyStore.State.UNLOCKED, mKeyStore.state()); 157f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang } 158f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 159bef5e5aabcb6ab440829f4418d1cbc268564eee0Brian Carlstrom public void testGet() throws Exception { 160bef5e5aabcb6ab440829f4418d1cbc268564eee0Brian Carlstrom assertNull(mKeyStore.get(TEST_KEYNAME)); 161bef5e5aabcb6ab440829f4418d1cbc268564eee0Brian Carlstrom mKeyStore.password(TEST_PASSWD); 162bef5e5aabcb6ab440829f4418d1cbc268564eee0Brian Carlstrom assertNull(mKeyStore.get(TEST_KEYNAME)); 163b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertTrue(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, KeyStore.UID_SELF, 164b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 165bef5e5aabcb6ab440829f4418d1cbc268564eee0Brian Carlstrom assertTrue(Arrays.equals(TEST_KEYVALUE, mKeyStore.get(TEST_KEYNAME))); 166bef5e5aabcb6ab440829f4418d1cbc268564eee0Brian Carlstrom } 167bef5e5aabcb6ab440829f4418d1cbc268564eee0Brian Carlstrom 168f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang public void testPut() throws Exception { 169bef5e5aabcb6ab440829f4418d1cbc268564eee0Brian Carlstrom assertNull(mKeyStore.get(TEST_KEYNAME)); 170b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertFalse(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, KeyStore.UID_SELF, 171b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 172f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang assertFalse(mKeyStore.contains(TEST_KEYNAME)); 173f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang mKeyStore.password(TEST_PASSWD); 174b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertTrue(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, KeyStore.UID_SELF, 175b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 176bef5e5aabcb6ab440829f4418d1cbc268564eee0Brian Carlstrom assertTrue(Arrays.equals(TEST_KEYVALUE, mKeyStore.get(TEST_KEYNAME))); 177f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang } 178f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 17978ad849163a7b01073b46fbd7d818392720005d1Kenny Root public void testPut_grantedUid_Wifi() throws Exception { 18078ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 181b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertFalse(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.WIFI_UID, 182b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 18378ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 18478ad849163a7b01073b46fbd7d818392720005d1Kenny Root mKeyStore.password(TEST_PASSWD); 185b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertTrue(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.WIFI_UID, 186b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 18778ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 18878ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 18978ad849163a7b01073b46fbd7d818392720005d1Kenny Root 19078ad849163a7b01073b46fbd7d818392720005d1Kenny Root public void testPut_ungrantedUid_Bluetooth() throws Exception { 19178ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID)); 192b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertFalse(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.BLUETOOTH_UID, 193b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 19478ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID)); 19578ad849163a7b01073b46fbd7d818392720005d1Kenny Root mKeyStore.password(TEST_PASSWD); 196b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertFalse(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.BLUETOOTH_UID, 197b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 19878ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID)); 19978ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 20078ad849163a7b01073b46fbd7d818392720005d1Kenny Root 20134c47c855815d731e6deb55748ff690b0ec7b53fNick Kralevich public void testI18n() throws Exception { 202b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertFalse(mKeyStore.put(TEST_I18N_KEY, TEST_I18N_VALUE, KeyStore.UID_SELF, 203b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 2045cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom assertFalse(mKeyStore.contains(TEST_I18N_KEY)); 2055cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom mKeyStore.password(TEST_I18N_KEY); 206b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertTrue(mKeyStore.put(TEST_I18N_KEY, TEST_I18N_VALUE, KeyStore.UID_SELF, 207b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 2085cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom assertTrue(mKeyStore.contains(TEST_I18N_KEY)); 20934c47c855815d731e6deb55748ff690b0ec7b53fNick Kralevich } 21034c47c855815d731e6deb55748ff690b0ec7b53fNick Kralevich 211f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang public void testDelete() throws Exception { 2125ea68db37fd5ad4e0ddc0745b4347e86f17f78dbBrian Carlstrom assertFalse(mKeyStore.delete(TEST_KEYNAME)); 213f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang mKeyStore.password(TEST_PASSWD); 2145ea68db37fd5ad4e0ddc0745b4347e86f17f78dbBrian Carlstrom assertFalse(mKeyStore.delete(TEST_KEYNAME)); 215f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 216b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertTrue(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, KeyStore.UID_SELF, 217b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 218bef5e5aabcb6ab440829f4418d1cbc268564eee0Brian Carlstrom assertTrue(Arrays.equals(TEST_KEYVALUE, mKeyStore.get(TEST_KEYNAME))); 219f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang assertTrue(mKeyStore.delete(TEST_KEYNAME)); 220bef5e5aabcb6ab440829f4418d1cbc268564eee0Brian Carlstrom assertNull(mKeyStore.get(TEST_KEYNAME)); 221f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang } 222f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 22378ad849163a7b01073b46fbd7d818392720005d1Kenny Root public void testDelete_grantedUid_Wifi() throws Exception { 22478ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.delete(TEST_KEYNAME, Process.WIFI_UID)); 22578ad849163a7b01073b46fbd7d818392720005d1Kenny Root mKeyStore.password(TEST_PASSWD); 22678ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.delete(TEST_KEYNAME, Process.WIFI_UID)); 22778ad849163a7b01073b46fbd7d818392720005d1Kenny Root 228b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertTrue(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.WIFI_UID, 229b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 23078ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 23178ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.delete(TEST_KEYNAME, Process.WIFI_UID)); 23278ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 23378ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 23478ad849163a7b01073b46fbd7d818392720005d1Kenny Root 23578ad849163a7b01073b46fbd7d818392720005d1Kenny Root public void testDelete_ungrantedUid_Bluetooth() throws Exception { 23678ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.delete(TEST_KEYNAME, Process.BLUETOOTH_UID)); 23778ad849163a7b01073b46fbd7d818392720005d1Kenny Root mKeyStore.password(TEST_PASSWD); 23878ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.delete(TEST_KEYNAME, Process.BLUETOOTH_UID)); 23978ad849163a7b01073b46fbd7d818392720005d1Kenny Root 240b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertFalse(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.BLUETOOTH_UID, 241b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 24278ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID)); 24378ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.delete(TEST_KEYNAME, Process.BLUETOOTH_UID)); 24478ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID)); 24578ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 24678ad849163a7b01073b46fbd7d818392720005d1Kenny Root 247f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang public void testContains() throws Exception { 248f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang assertFalse(mKeyStore.contains(TEST_KEYNAME)); 249f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 25078ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.password(TEST_PASSWD)); 251f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang assertFalse(mKeyStore.contains(TEST_KEYNAME)); 252f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 253b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertTrue(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, KeyStore.UID_SELF, 254b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 255f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang assertTrue(mKeyStore.contains(TEST_KEYNAME)); 256f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang } 257f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 25878ad849163a7b01073b46fbd7d818392720005d1Kenny Root public void testContains_grantedUid_Wifi() throws Exception { 25978ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 26078ad849163a7b01073b46fbd7d818392720005d1Kenny Root 26178ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.password(TEST_PASSWD)); 26278ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 26378ad849163a7b01073b46fbd7d818392720005d1Kenny Root 264b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertTrue(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.WIFI_UID, 265b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 26678ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 26778ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 26878ad849163a7b01073b46fbd7d818392720005d1Kenny Root 26978ad849163a7b01073b46fbd7d818392720005d1Kenny Root public void testContains_grantedUid_Bluetooth() throws Exception { 27078ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID)); 27178ad849163a7b01073b46fbd7d818392720005d1Kenny Root 27278ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.password(TEST_PASSWD)); 27378ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID)); 27478ad849163a7b01073b46fbd7d818392720005d1Kenny Root 275b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertFalse(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.BLUETOOTH_UID, 276b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 27778ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID)); 27878ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 27978ad849163a7b01073b46fbd7d818392720005d1Kenny Root 280f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang public void testSaw() throws Exception { 2815cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom String[] emptyResult = mKeyStore.saw(TEST_KEYNAME); 2825cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom assertNotNull(emptyResult); 2835cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom assertEquals(0, emptyResult.length); 284f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 285f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang mKeyStore.password(TEST_PASSWD); 286b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root mKeyStore.put(TEST_KEYNAME1, TEST_KEYVALUE, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED); 287b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root mKeyStore.put(TEST_KEYNAME2, TEST_KEYVALUE, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED); 288f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 2895cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom String[] results = mKeyStore.saw(TEST_KEYNAME); 2905cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom assertEquals(new HashSet(Arrays.asList(TEST_KEYNAME1.substring(TEST_KEYNAME.length()), 2915cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom TEST_KEYNAME2.substring(TEST_KEYNAME.length()))), 2925cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom new HashSet(Arrays.asList(results))); 293f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang } 294f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 29578ad849163a7b01073b46fbd7d818392720005d1Kenny Root public void testSaw_ungrantedUid_Bluetooth() throws Exception { 29678ad849163a7b01073b46fbd7d818392720005d1Kenny Root String[] results1 = mKeyStore.saw(TEST_KEYNAME, Process.BLUETOOTH_UID); 29778ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertNull(results1); 29878ad849163a7b01073b46fbd7d818392720005d1Kenny Root 29978ad849163a7b01073b46fbd7d818392720005d1Kenny Root mKeyStore.password(TEST_PASSWD); 300b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root mKeyStore.put(TEST_KEYNAME1, TEST_KEYVALUE, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED); 301b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root mKeyStore.put(TEST_KEYNAME2, TEST_KEYVALUE, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED); 30278ad849163a7b01073b46fbd7d818392720005d1Kenny Root 30378ad849163a7b01073b46fbd7d818392720005d1Kenny Root String[] results2 = mKeyStore.saw(TEST_KEYNAME, Process.BLUETOOTH_UID); 30478ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertNull(results2); 30578ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 30678ad849163a7b01073b46fbd7d818392720005d1Kenny Root 30778ad849163a7b01073b46fbd7d818392720005d1Kenny Root public void testSaw_grantedUid_Wifi() throws Exception { 30878ad849163a7b01073b46fbd7d818392720005d1Kenny Root String[] results1 = mKeyStore.saw(TEST_KEYNAME, Process.WIFI_UID); 30978ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertNotNull(results1); 31078ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertEquals(0, results1.length); 31178ad849163a7b01073b46fbd7d818392720005d1Kenny Root 31278ad849163a7b01073b46fbd7d818392720005d1Kenny Root mKeyStore.password(TEST_PASSWD); 313b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root mKeyStore.put(TEST_KEYNAME1, TEST_KEYVALUE, Process.WIFI_UID, KeyStore.FLAG_ENCRYPTED); 314b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root mKeyStore.put(TEST_KEYNAME2, TEST_KEYVALUE, Process.WIFI_UID, KeyStore.FLAG_ENCRYPTED); 31578ad849163a7b01073b46fbd7d818392720005d1Kenny Root 31678ad849163a7b01073b46fbd7d818392720005d1Kenny Root String[] results2 = mKeyStore.saw(TEST_KEYNAME, Process.WIFI_UID); 31778ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertEquals(new HashSet(Arrays.asList(TEST_KEYNAME1.substring(TEST_KEYNAME.length()), 31878ad849163a7b01073b46fbd7d818392720005d1Kenny Root TEST_KEYNAME2.substring(TEST_KEYNAME.length()))), 31978ad849163a7b01073b46fbd7d818392720005d1Kenny Root new HashSet(Arrays.asList(results2))); 32078ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 32178ad849163a7b01073b46fbd7d818392720005d1Kenny Root 32278ad849163a7b01073b46fbd7d818392720005d1Kenny Root public void testSaw_grantedUid_Vpn() throws Exception { 32378ad849163a7b01073b46fbd7d818392720005d1Kenny Root String[] results1 = mKeyStore.saw(TEST_KEYNAME, Process.VPN_UID); 32478ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertNotNull(results1); 32578ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertEquals(0, results1.length); 32678ad849163a7b01073b46fbd7d818392720005d1Kenny Root 32778ad849163a7b01073b46fbd7d818392720005d1Kenny Root mKeyStore.password(TEST_PASSWD); 328b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root mKeyStore.put(TEST_KEYNAME1, TEST_KEYVALUE, Process.VPN_UID, KeyStore.FLAG_ENCRYPTED); 329b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root mKeyStore.put(TEST_KEYNAME2, TEST_KEYVALUE, Process.VPN_UID, KeyStore.FLAG_ENCRYPTED); 33078ad849163a7b01073b46fbd7d818392720005d1Kenny Root 33178ad849163a7b01073b46fbd7d818392720005d1Kenny Root String[] results2 = mKeyStore.saw(TEST_KEYNAME, Process.VPN_UID); 33278ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertEquals(new HashSet(Arrays.asList(TEST_KEYNAME1.substring(TEST_KEYNAME.length()), 33378ad849163a7b01073b46fbd7d818392720005d1Kenny Root TEST_KEYNAME2.substring(TEST_KEYNAME.length()))), 33478ad849163a7b01073b46fbd7d818392720005d1Kenny Root new HashSet(Arrays.asList(results2))); 33578ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 33678ad849163a7b01073b46fbd7d818392720005d1Kenny Root 337f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang public void testLock() throws Exception { 338f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang assertFalse(mKeyStore.lock()); 339f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 340f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang mKeyStore.password(TEST_PASSWD); 3415cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom assertEquals(KeyStore.State.UNLOCKED, mKeyStore.state()); 342f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 343f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang assertTrue(mKeyStore.lock()); 3445cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom assertEquals(KeyStore.State.LOCKED, mKeyStore.state()); 345f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang } 346f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 347f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang public void testUnlock() throws Exception { 348f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang mKeyStore.password(TEST_PASSWD); 3495cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom assertEquals(KeyStore.State.UNLOCKED, mKeyStore.state()); 350f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang mKeyStore.lock(); 351f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang 352f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang assertFalse(mKeyStore.unlock(TEST_PASSWD2)); 353f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang assertTrue(mKeyStore.unlock(TEST_PASSWD)); 354f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang } 3555cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom 3565cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom public void testIsEmpty() throws Exception { 3575cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom assertTrue(mKeyStore.isEmpty()); 3585cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom mKeyStore.password(TEST_PASSWD); 3595cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom assertTrue(mKeyStore.isEmpty()); 360b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED); 3615cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom assertFalse(mKeyStore.isEmpty()); 3625cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom mKeyStore.reset(); 3635cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom assertTrue(mKeyStore.isEmpty()); 3645cfee3fabb3482c6a6df1c8b6f21e843cf214527Brian Carlstrom } 3655423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 3665423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testGenerate_NotInitialized_Fail() throws Exception { 3675423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertFalse("Should fail when keystore is not initialized", 368f64386fc26efeb245fd90fabaa47b8c8bf9b4613Kenny Root mKeyStore.generate(TEST_KEYNAME, KeyStore.UID_SELF, NativeCrypto.EVP_PKEY_RSA, 369dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden RSA_KEY_SIZE, KeyStore.FLAG_ENCRYPTED, null)); 3705423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 3715423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 3725423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testGenerate_Locked_Fail() throws Exception { 3735423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.password(TEST_PASSWD); 3745423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.lock(); 375b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertFalse("Should fail when keystore is locked", 376f64386fc26efeb245fd90fabaa47b8c8bf9b4613Kenny Root mKeyStore.generate(TEST_KEYNAME, KeyStore.UID_SELF, NativeCrypto.EVP_PKEY_RSA, 377dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden RSA_KEY_SIZE, KeyStore.FLAG_ENCRYPTED, null)); 3785423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 3795423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 3805423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testGenerate_Success() throws Exception { 38178ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.password(TEST_PASSWD)); 3825423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 3835423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to generate key when unlocked", 384f64386fc26efeb245fd90fabaa47b8c8bf9b4613Kenny Root mKeyStore.generate(TEST_KEYNAME, KeyStore.UID_SELF, NativeCrypto.EVP_PKEY_RSA, 385dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden RSA_KEY_SIZE, KeyStore.FLAG_ENCRYPTED, null)); 38678ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME)); 38778ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 38878ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 38978ad849163a7b01073b46fbd7d818392720005d1Kenny Root 39078ad849163a7b01073b46fbd7d818392720005d1Kenny Root public void testGenerate_grantedUid_Wifi_Success() throws Exception { 39178ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.password(TEST_PASSWD)); 39278ad849163a7b01073b46fbd7d818392720005d1Kenny Root 39378ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue("Should be able to generate key when unlocked", 394f64386fc26efeb245fd90fabaa47b8c8bf9b4613Kenny Root mKeyStore.generate(TEST_KEYNAME, Process.WIFI_UID, NativeCrypto.EVP_PKEY_RSA, 395dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden RSA_KEY_SIZE, KeyStore.FLAG_ENCRYPTED, null)); 39678ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 39778ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME)); 39878ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 39978ad849163a7b01073b46fbd7d818392720005d1Kenny Root 40078ad849163a7b01073b46fbd7d818392720005d1Kenny Root public void testGenerate_ungrantedUid_Bluetooth_Failure() throws Exception { 40178ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.password(TEST_PASSWD)); 40278ad849163a7b01073b46fbd7d818392720005d1Kenny Root 403f64386fc26efeb245fd90fabaa47b8c8bf9b4613Kenny Root assertFalse(mKeyStore.generate(TEST_KEYNAME, Process.BLUETOOTH_UID, 404dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden NativeCrypto.EVP_PKEY_RSA, RSA_KEY_SIZE, KeyStore.FLAG_ENCRYPTED, null)); 40578ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID)); 40678ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 40778ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME)); 4085423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 4095423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 4105423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testImport_Success() throws Exception { 41178ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.password(TEST_PASSWD)); 4125423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 413b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertTrue("Should be able to import key when unlocked", mKeyStore.importKey(TEST_KEYNAME, 414b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root PRIVKEY_BYTES, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED)); 41578ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME)); 41678ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 41778ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 41878ad849163a7b01073b46fbd7d818392720005d1Kenny Root 41978ad849163a7b01073b46fbd7d818392720005d1Kenny Root public void testImport_grantedUid_Wifi_Success() throws Exception { 42078ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.password(TEST_PASSWD)); 42178ad849163a7b01073b46fbd7d818392720005d1Kenny Root 422b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertTrue("Should be able to import key when unlocked", mKeyStore.importKey(TEST_KEYNAME, 423b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root PRIVKEY_BYTES, Process.WIFI_UID, KeyStore.FLAG_ENCRYPTED)); 42478ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 42578ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME)); 42678ad849163a7b01073b46fbd7d818392720005d1Kenny Root } 42778ad849163a7b01073b46fbd7d818392720005d1Kenny Root 42878ad849163a7b01073b46fbd7d818392720005d1Kenny Root public void testImport_ungrantedUid_Bluetooth_Failure() throws Exception { 42978ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.password(TEST_PASSWD)); 43078ad849163a7b01073b46fbd7d818392720005d1Kenny Root 431b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertFalse(mKeyStore.importKey(TEST_KEYNAME, PRIVKEY_BYTES, Process.BLUETOOTH_UID, 432b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root KeyStore.FLAG_ENCRYPTED)); 43378ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID)); 43478ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 43578ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME)); 4365423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 4375423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 4385423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testImport_Failure_BadEncoding() throws Exception { 4395423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.password(TEST_PASSWD); 4405423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 441b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertFalse("Invalid DER-encoded key should not be imported", mKeyStore.importKey( 442b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root TEST_KEYNAME, TEST_DATA, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED)); 44378ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME)); 44478ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 4455423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 4465423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 4475423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testSign_Success() throws Exception { 4485423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.password(TEST_PASSWD); 4495423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 450f64386fc26efeb245fd90fabaa47b8c8bf9b4613Kenny Root assertTrue(mKeyStore.generate(TEST_KEYNAME, KeyStore.UID_SELF, NativeCrypto.EVP_PKEY_RSA, 451dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden RSA_KEY_SIZE, KeyStore.FLAG_ENCRYPTED, null)); 45278ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME)); 4535423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root final byte[] signature = mKeyStore.sign(TEST_KEYNAME, TEST_DATA); 4545423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 4555423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertNotNull("Signature should not be null", signature); 4565423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 4575423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 4585423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testVerify_Success() throws Exception { 4595423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.password(TEST_PASSWD); 4605423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 461f64386fc26efeb245fd90fabaa47b8c8bf9b4613Kenny Root assertTrue(mKeyStore.generate(TEST_KEYNAME, KeyStore.UID_SELF, NativeCrypto.EVP_PKEY_RSA, 462dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden RSA_KEY_SIZE, KeyStore.FLAG_ENCRYPTED, null)); 46378ad849163a7b01073b46fbd7d818392720005d1Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME)); 4645423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root final byte[] signature = mKeyStore.sign(TEST_KEYNAME, TEST_DATA); 4655423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 4665423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertNotNull("Signature should not be null", signature); 4675423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 4685423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Signature should verify with same data", 4695423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.verify(TEST_KEYNAME, TEST_DATA, signature)); 4705423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 4715423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 4725423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testSign_NotInitialized_Failure() throws Exception { 4735423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertNull("Should not be able to sign without first initializing the keystore", 4745423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.sign(TEST_KEYNAME, TEST_DATA)); 4755423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 4765423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 4775423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testSign_NotGenerated_Failure() throws Exception { 4785423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.password(TEST_PASSWD); 4795423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 4805423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertNull("Should not be able to sign without first generating keys", 4815423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.sign(TEST_KEYNAME, TEST_DATA)); 4825423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 4835423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 4845423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testGrant_Generated_Success() throws Exception { 4855423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Password should work for keystore", 4865423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.password(TEST_PASSWD)); 4875423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 4885423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to generate key for testcase", 489f64386fc26efeb245fd90fabaa47b8c8bf9b4613Kenny Root mKeyStore.generate(TEST_KEYNAME, KeyStore.UID_SELF, NativeCrypto.EVP_PKEY_RSA, 490dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden RSA_KEY_SIZE, KeyStore.FLAG_ENCRYPTED, null)); 4915423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 4925423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to grant key to other user", 4935423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.grant(TEST_KEYNAME, 0)); 4945423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 4955423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 4965423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testGrant_Imported_Success() throws Exception { 4975423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Password should work for keystore", mKeyStore.password(TEST_PASSWD)); 4985423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 499b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertTrue("Should be able to import key for testcase", mKeyStore.importKey(TEST_KEYNAME, 500b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root PRIVKEY_BYTES, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED)); 5015423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5025423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to grant key to other user", mKeyStore.grant(TEST_KEYNAME, 0)); 5035423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 5045423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5055423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testGrant_NoKey_Failure() throws Exception { 5065423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to unlock keystore for test", 5075423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.password(TEST_PASSWD)); 5085423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5095423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertFalse("Should not be able to grant without first initializing the keystore", 5105423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.grant(TEST_KEYNAME, 0)); 5115423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 5125423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5135423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testGrant_NotInitialized_Failure() throws Exception { 5145423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertFalse("Should not be able to grant without first initializing the keystore", 5155423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.grant(TEST_KEYNAME, 0)); 5165423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 5175423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5185423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testUngrant_Generated_Success() throws Exception { 5195423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Password should work for keystore", 5205423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.password(TEST_PASSWD)); 5215423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5225423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to generate key for testcase", 523f64386fc26efeb245fd90fabaa47b8c8bf9b4613Kenny Root mKeyStore.generate(TEST_KEYNAME, KeyStore.UID_SELF, NativeCrypto.EVP_PKEY_RSA, 524dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden RSA_KEY_SIZE, KeyStore.FLAG_ENCRYPTED, null)); 5255423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5265423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to grant key to other user", 5275423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.grant(TEST_KEYNAME, 0)); 5285423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5295423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to ungrant key to other user", 5305423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.ungrant(TEST_KEYNAME, 0)); 5315423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 5325423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5335423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testUngrant_Imported_Success() throws Exception { 5345423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Password should work for keystore", 5355423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.password(TEST_PASSWD)); 5365423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 537b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertTrue("Should be able to import key for testcase", mKeyStore.importKey(TEST_KEYNAME, 538b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root PRIVKEY_BYTES, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED)); 5395423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5405423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to grant key to other user", 5415423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.grant(TEST_KEYNAME, 0)); 5425423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5435423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to ungrant key to other user", 5445423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.ungrant(TEST_KEYNAME, 0)); 5455423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 5465423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5475423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testUngrant_NotInitialized_Failure() throws Exception { 5485423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertFalse("Should fail to ungrant key when keystore not initialized", 5495423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.ungrant(TEST_KEYNAME, 0)); 5505423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 5515423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5525423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testUngrant_NoGrant_Failure() throws Exception { 5535423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Password should work for keystore", 5545423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.password(TEST_PASSWD)); 5555423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5565423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to generate key for testcase", 557f64386fc26efeb245fd90fabaa47b8c8bf9b4613Kenny Root mKeyStore.generate(TEST_KEYNAME, KeyStore.UID_SELF, NativeCrypto.EVP_PKEY_RSA, 558dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden RSA_KEY_SIZE, KeyStore.FLAG_ENCRYPTED, null)); 5595423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5605423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertFalse("Should not be able to revoke not existent grant", 5615423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.ungrant(TEST_KEYNAME, 0)); 5625423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 5635423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5645423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testUngrant_DoubleUngrant_Failure() throws Exception { 5655423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Password should work for keystore", 5665423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.password(TEST_PASSWD)); 5675423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5685423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to generate key for testcase", 569f64386fc26efeb245fd90fabaa47b8c8bf9b4613Kenny Root mKeyStore.generate(TEST_KEYNAME, KeyStore.UID_SELF, NativeCrypto.EVP_PKEY_RSA, 570dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden RSA_KEY_SIZE, KeyStore.FLAG_ENCRYPTED, null)); 5715423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5725423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to grant key to other user", 5735423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.grant(TEST_KEYNAME, 0)); 5745423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5755423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to ungrant key to other user", 5765423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.ungrant(TEST_KEYNAME, 0)); 5775423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5785423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertFalse("Should fail to ungrant key to other user second time", 5795423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.ungrant(TEST_KEYNAME, 0)); 5805423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 5815423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5825423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root public void testUngrant_DoubleGrantUngrant_Failure() throws Exception { 5835423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Password should work for keystore", 5845423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.password(TEST_PASSWD)); 5855423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5865423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to generate key for testcase", 587f64386fc26efeb245fd90fabaa47b8c8bf9b4613Kenny Root mKeyStore.generate(TEST_KEYNAME, KeyStore.UID_SELF, NativeCrypto.EVP_PKEY_RSA, 588dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden RSA_KEY_SIZE, KeyStore.FLAG_ENCRYPTED, null)); 5895423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5905423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to grant key to other user", 5915423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.grant(TEST_KEYNAME, 0)); 5925423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5935423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to grant key to other user a second time", 5945423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.grant(TEST_KEYNAME, 0)); 5955423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5965423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertTrue("Should be able to ungrant key to other user", 5975423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.ungrant(TEST_KEYNAME, 0)); 5985423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root 5995423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root assertFalse("Should fail to ungrant key to other user second time", 6005423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root mKeyStore.ungrant(TEST_KEYNAME, 0)); 6015423e68d5dbe048ec6f042cce52a33f94184e9fbKenny Root } 602473c712b19bad992ab4eafcd43175fdce77b913dKenny Root 6035f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root public void testDuplicate_grantedUid_Wifi_Success() throws Exception { 604bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root assertTrue(mKeyStore.password(TEST_PASSWD)); 605bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root 606bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME)); 607bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root 608f64386fc26efeb245fd90fabaa47b8c8bf9b4613Kenny Root assertTrue(mKeyStore.generate(TEST_KEYNAME, KeyStore.UID_SELF, NativeCrypto.EVP_PKEY_RSA, 609dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden RSA_KEY_SIZE, KeyStore.FLAG_ENCRYPTED, null)); 610bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root 611bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME)); 612bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 613bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root 6145f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root // source doesn't exist 6155f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertFalse(mKeyStore.duplicate(TEST_KEYNAME1, -1, TEST_KEYNAME1, Process.WIFI_UID)); 6165f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME1, Process.WIFI_UID)); 617bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root 6185f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root // Copy from current UID to granted UID 6195f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertTrue(mKeyStore.duplicate(TEST_KEYNAME, -1, TEST_KEYNAME1, Process.WIFI_UID)); 6205f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME)); 6215f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME1)); 6225f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 6235f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME1, Process.WIFI_UID)); 6245f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertFalse(mKeyStore.duplicate(TEST_KEYNAME, -1, TEST_KEYNAME1, Process.WIFI_UID)); 6255f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root 6265f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root // Copy from granted UID to same granted UID 6275f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertTrue(mKeyStore.duplicate(TEST_KEYNAME1, Process.WIFI_UID, TEST_KEYNAME2, 6285f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root Process.WIFI_UID)); 6295f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID)); 6305f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME1, Process.WIFI_UID)); 6315f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME2, Process.WIFI_UID)); 6325f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertFalse(mKeyStore.duplicate(TEST_KEYNAME1, Process.WIFI_UID, TEST_KEYNAME2, 6335f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root Process.WIFI_UID)); 6345f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root 6355f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertTrue(mKeyStore.duplicate(TEST_KEYNAME, -1, TEST_KEYNAME2, -1)); 6365f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME)); 6375f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME1)); 6385f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME2)); 6395f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertFalse(mKeyStore.duplicate(TEST_KEYNAME, -1, TEST_KEYNAME2, -1)); 640bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root } 641bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root 6425f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root public void testDuplicate_ungrantedUid_Bluetooth_Failure() throws Exception { 643bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root assertTrue(mKeyStore.password(TEST_PASSWD)); 644bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root 645bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME)); 646bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root 647f64386fc26efeb245fd90fabaa47b8c8bf9b4613Kenny Root assertTrue(mKeyStore.generate(TEST_KEYNAME, KeyStore.UID_SELF, NativeCrypto.EVP_PKEY_RSA, 648dc8bc1160cd97ca113636ca2b4adda21e031b5bdShawn Willden RSA_KEY_SIZE, KeyStore.FLAG_ENCRYPTED, null)); 649bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root 650bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME)); 651bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID)); 652bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root 6535f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertFalse(mKeyStore.duplicate(TEST_KEYNAME, -1, TEST_KEYNAME2, Process.BLUETOOTH_UID)); 6545f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root assertFalse(mKeyStore.duplicate(TEST_KEYNAME, Process.BLUETOOTH_UID, TEST_KEYNAME2, 6555f1d965f7d7e1df50981ffed8faa11fbcc17ca22Kenny Root Process.BLUETOOTH_UID)); 656bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root 657bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root assertTrue(mKeyStore.contains(TEST_KEYNAME)); 658bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID)); 659bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root } 660bd79419ef84ae31f3765721b50aa413fa462d1d1Kenny Root 661473c712b19bad992ab4eafcd43175fdce77b913dKenny Root /** 662473c712b19bad992ab4eafcd43175fdce77b913dKenny Root * The amount of time to allow before and after expected time for variance 663473c712b19bad992ab4eafcd43175fdce77b913dKenny Root * in timing tests. 664473c712b19bad992ab4eafcd43175fdce77b913dKenny Root */ 665473c712b19bad992ab4eafcd43175fdce77b913dKenny Root private static final long SLOP_TIME_MILLIS = 15000L; 666473c712b19bad992ab4eafcd43175fdce77b913dKenny Root 667473c712b19bad992ab4eafcd43175fdce77b913dKenny Root public void testGetmtime_Success() throws Exception { 668473c712b19bad992ab4eafcd43175fdce77b913dKenny Root assertTrue("Password should work for keystore", 669473c712b19bad992ab4eafcd43175fdce77b913dKenny Root mKeyStore.password(TEST_PASSWD)); 670473c712b19bad992ab4eafcd43175fdce77b913dKenny Root 671b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertTrue("Should be able to import key when unlocked", mKeyStore.importKey(TEST_KEYNAME, 672b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root PRIVKEY_BYTES, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED)); 673473c712b19bad992ab4eafcd43175fdce77b913dKenny Root 674473c712b19bad992ab4eafcd43175fdce77b913dKenny Root long now = System.currentTimeMillis(); 675473c712b19bad992ab4eafcd43175fdce77b913dKenny Root long actual = mKeyStore.getmtime(TEST_KEYNAME); 676473c712b19bad992ab4eafcd43175fdce77b913dKenny Root 677473c712b19bad992ab4eafcd43175fdce77b913dKenny Root long expectedAfter = now - SLOP_TIME_MILLIS; 678473c712b19bad992ab4eafcd43175fdce77b913dKenny Root long expectedBefore = now + SLOP_TIME_MILLIS; 679473c712b19bad992ab4eafcd43175fdce77b913dKenny Root 680473c712b19bad992ab4eafcd43175fdce77b913dKenny Root assertLessThan("Time should be close to current time", expectedBefore, actual); 681473c712b19bad992ab4eafcd43175fdce77b913dKenny Root assertGreaterThan("Time should be close to current time", expectedAfter, actual); 682473c712b19bad992ab4eafcd43175fdce77b913dKenny Root } 683473c712b19bad992ab4eafcd43175fdce77b913dKenny Root 684473c712b19bad992ab4eafcd43175fdce77b913dKenny Root private static void assertLessThan(String explanation, long expectedBefore, long actual) { 685473c712b19bad992ab4eafcd43175fdce77b913dKenny Root if (actual >= expectedBefore) { 686473c712b19bad992ab4eafcd43175fdce77b913dKenny Root throw new AssertionFailedError(explanation + ": actual=" + actual 687473c712b19bad992ab4eafcd43175fdce77b913dKenny Root + ", expected before: " + expectedBefore); 688473c712b19bad992ab4eafcd43175fdce77b913dKenny Root } 689473c712b19bad992ab4eafcd43175fdce77b913dKenny Root } 690473c712b19bad992ab4eafcd43175fdce77b913dKenny Root 691473c712b19bad992ab4eafcd43175fdce77b913dKenny Root private static void assertGreaterThan(String explanation, long expectedAfter, long actual) { 692473c712b19bad992ab4eafcd43175fdce77b913dKenny Root if (actual <= expectedAfter) { 693473c712b19bad992ab4eafcd43175fdce77b913dKenny Root throw new AssertionFailedError(explanation + ": actual=" + actual 694473c712b19bad992ab4eafcd43175fdce77b913dKenny Root + ", expected after: " + expectedAfter); 695473c712b19bad992ab4eafcd43175fdce77b913dKenny Root } 696473c712b19bad992ab4eafcd43175fdce77b913dKenny Root } 697473c712b19bad992ab4eafcd43175fdce77b913dKenny Root 698473c712b19bad992ab4eafcd43175fdce77b913dKenny Root public void testGetmtime_NonExist_Failure() throws Exception { 699473c712b19bad992ab4eafcd43175fdce77b913dKenny Root assertTrue("Password should work for keystore", 700473c712b19bad992ab4eafcd43175fdce77b913dKenny Root mKeyStore.password(TEST_PASSWD)); 701473c712b19bad992ab4eafcd43175fdce77b913dKenny Root 702b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root assertTrue("Should be able to import key when unlocked", mKeyStore.importKey(TEST_KEYNAME, 703b2c0ff64d8ff92dab53e969a44fa12427d145952Kenny Root PRIVKEY_BYTES, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED)); 704473c712b19bad992ab4eafcd43175fdce77b913dKenny Root 705473c712b19bad992ab4eafcd43175fdce77b913dKenny Root assertEquals("-1 should be returned for non-existent key", 706473c712b19bad992ab4eafcd43175fdce77b913dKenny Root -1L, mKeyStore.getmtime(TEST_KEYNAME2)); 707473c712b19bad992ab4eafcd43175fdce77b913dKenny Root } 7088827c8173281fea21325d88922471851e31200c4Chad Brubaker 7098827c8173281fea21325d88922471851e31200c4Chad Brubaker private KeyCharacteristics generateRsaKey(String name) throws Exception { 7108827c8173281fea21325d88922471851e31200c4Chad Brubaker KeymasterArguments args = new KeymasterArguments(); 7118827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_ENCRYPT); 7128827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_DECRYPT); 7138827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_RSA); 7148827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_NONE); 715ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED); 7168827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, 2048); 7179f47709f8bef8f3d67e7e17e69aee2d73b4ff9edChad Brubaker args.addLong(KeymasterDefs.KM_TAG_RSA_PUBLIC_EXPONENT, 7189f47709f8bef8f3d67e7e17e69aee2d73b4ff9edChad Brubaker RSAKeyGenParameterSpec.F4.longValue()); 7198827c8173281fea21325d88922471851e31200c4Chad Brubaker 7208827c8173281fea21325d88922471851e31200c4Chad Brubaker KeyCharacteristics outCharacteristics = new KeyCharacteristics(); 721dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker int result = mKeyStore.generateKey(name, args, null, 0, outCharacteristics); 7228827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("generateRsaKey should succeed", KeyStore.NO_ERROR, result); 7238827c8173281fea21325d88922471851e31200c4Chad Brubaker return outCharacteristics; 7248827c8173281fea21325d88922471851e31200c4Chad Brubaker } 7258827c8173281fea21325d88922471851e31200c4Chad Brubaker 7268827c8173281fea21325d88922471851e31200c4Chad Brubaker public void testGenerateKey() throws Exception { 7278827c8173281fea21325d88922471851e31200c4Chad Brubaker generateRsaKey("test"); 7288827c8173281fea21325d88922471851e31200c4Chad Brubaker mKeyStore.delete("test"); 7298827c8173281fea21325d88922471851e31200c4Chad Brubaker } 730dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker 731dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker public void testGenerateRsaWithEntropy() throws Exception { 732dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker byte[] entropy = new byte[] {1,2,3,4,5}; 733dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker String name = "test"; 734dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker KeymasterArguments args = new KeymasterArguments(); 735dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_ENCRYPT); 736dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_DECRYPT); 737dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_RSA); 738dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_NONE); 739ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED); 740dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, 2048); 741dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker args.addLong(KeymasterDefs.KM_TAG_RSA_PUBLIC_EXPONENT, 742dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker RSAKeyGenParameterSpec.F4.longValue()); 743dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker 744dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker KeyCharacteristics outCharacteristics = new KeyCharacteristics(); 745dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker int result = mKeyStore.generateKey(name, args, entropy, 0, outCharacteristics); 746dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker assertEquals("generateKey should succeed", KeyStore.NO_ERROR, result); 747dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker } 748dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker 7498827c8173281fea21325d88922471851e31200c4Chad Brubaker public void testGenerateAndDelete() throws Exception { 7508827c8173281fea21325d88922471851e31200c4Chad Brubaker generateRsaKey("test"); 7518827c8173281fea21325d88922471851e31200c4Chad Brubaker assertTrue("delete should succeed", mKeyStore.delete("test")); 7528827c8173281fea21325d88922471851e31200c4Chad Brubaker } 7538827c8173281fea21325d88922471851e31200c4Chad Brubaker 7548827c8173281fea21325d88922471851e31200c4Chad Brubaker public void testGetKeyCharacteristicsSuccess() throws Exception { 7558827c8173281fea21325d88922471851e31200c4Chad Brubaker mKeyStore.password(TEST_PASSWD); 7568827c8173281fea21325d88922471851e31200c4Chad Brubaker String name = "test"; 7578827c8173281fea21325d88922471851e31200c4Chad Brubaker KeyCharacteristics gen = generateRsaKey(name); 7588827c8173281fea21325d88922471851e31200c4Chad Brubaker KeyCharacteristics call = new KeyCharacteristics(); 7598827c8173281fea21325d88922471851e31200c4Chad Brubaker int result = mKeyStore.getKeyCharacteristics(name, null, null, call); 7608827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("getKeyCharacteristics should succeed", KeyStore.NO_ERROR, result); 7618827c8173281fea21325d88922471851e31200c4Chad Brubaker mKeyStore.delete("test"); 7628827c8173281fea21325d88922471851e31200c4Chad Brubaker } 7638827c8173281fea21325d88922471851e31200c4Chad Brubaker 7648827c8173281fea21325d88922471851e31200c4Chad Brubaker public void testAppId() throws Exception { 7658827c8173281fea21325d88922471851e31200c4Chad Brubaker String name = "test"; 7665e73c0eec2bc77222a5a87fb2a135d8303836411Chad Brubaker byte[] id = new byte[] {0x01, 0x02, 0x03}; 7678827c8173281fea21325d88922471851e31200c4Chad Brubaker KeymasterArguments args = new KeymasterArguments(); 7688827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_ENCRYPT); 7698827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_DECRYPT); 7708827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_RSA); 7718827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_NONE); 7728827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, 2048); 7738827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_BLOCK_MODE, KeymasterDefs.KM_MODE_ECB); 774ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED); 7755e73c0eec2bc77222a5a87fb2a135d8303836411Chad Brubaker args.addBlob(KeymasterDefs.KM_TAG_APPLICATION_ID, id); 7769f47709f8bef8f3d67e7e17e69aee2d73b4ff9edChad Brubaker args.addLong(KeymasterDefs.KM_TAG_RSA_PUBLIC_EXPONENT, 7779f47709f8bef8f3d67e7e17e69aee2d73b4ff9edChad Brubaker RSAKeyGenParameterSpec.F4.longValue()); 7788827c8173281fea21325d88922471851e31200c4Chad Brubaker 7798827c8173281fea21325d88922471851e31200c4Chad Brubaker KeyCharacteristics outCharacteristics = new KeyCharacteristics(); 780dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker int result = mKeyStore.generateKey(name, args, null, 0, outCharacteristics); 7818827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("generateRsaKey should succeed", KeyStore.NO_ERROR, result); 7828827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("getKeyCharacteristics should fail without application ID", 7838827c8173281fea21325d88922471851e31200c4Chad Brubaker KeymasterDefs.KM_ERROR_INVALID_KEY_BLOB, 7848827c8173281fea21325d88922471851e31200c4Chad Brubaker mKeyStore.getKeyCharacteristics(name, null, null, outCharacteristics)); 7858827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("getKeyCharacteristics should succeed with application ID", 7868827c8173281fea21325d88922471851e31200c4Chad Brubaker KeyStore.NO_ERROR, 7875e73c0eec2bc77222a5a87fb2a135d8303836411Chad Brubaker mKeyStore.getKeyCharacteristics(name, new KeymasterBlob(id), null, 7888827c8173281fea21325d88922471851e31200c4Chad Brubaker outCharacteristics)); 7898827c8173281fea21325d88922471851e31200c4Chad Brubaker } 7908827c8173281fea21325d88922471851e31200c4Chad Brubaker 7918827c8173281fea21325d88922471851e31200c4Chad Brubaker 7928827c8173281fea21325d88922471851e31200c4Chad Brubaker public void testExportRsa() throws Exception { 7938827c8173281fea21325d88922471851e31200c4Chad Brubaker String name = "test"; 7948827c8173281fea21325d88922471851e31200c4Chad Brubaker generateRsaKey(name); 7958827c8173281fea21325d88922471851e31200c4Chad Brubaker ExportResult result = mKeyStore.exportKey(name, KeymasterDefs.KM_KEY_FORMAT_X509, null, 7968827c8173281fea21325d88922471851e31200c4Chad Brubaker null); 7978827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("Export success", KeyStore.NO_ERROR, result.resultCode); 7988827c8173281fea21325d88922471851e31200c4Chad Brubaker // TODO: Verify we have an RSA public key that's well formed. 7998827c8173281fea21325d88922471851e31200c4Chad Brubaker } 8008827c8173281fea21325d88922471851e31200c4Chad Brubaker 80155f7c2770faade3543bebd833124f2f15c0f7455Alex Klyubin public void testAesGcmEncryptSuccess() throws Exception { 8028827c8173281fea21325d88922471851e31200c4Chad Brubaker String name = "test"; 8038827c8173281fea21325d88922471851e31200c4Chad Brubaker KeymasterArguments args = new KeymasterArguments(); 8048827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_ENCRYPT); 8058827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_DECRYPT); 8068827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_AES); 8078827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_NONE); 8088827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, 256); 80955f7c2770faade3543bebd833124f2f15c0f7455Alex Klyubin args.addInt(KeymasterDefs.KM_TAG_BLOCK_MODE, KeymasterDefs.KM_MODE_GCM); 8108827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_CHUNK_LENGTH, 4096); 8118827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_MAC_LENGTH, 16); 812ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED); 8138827c8173281fea21325d88922471851e31200c4Chad Brubaker 8148827c8173281fea21325d88922471851e31200c4Chad Brubaker KeyCharacteristics outCharacteristics = new KeyCharacteristics(); 815dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker int rc = mKeyStore.generateKey(name, args, null, 0, outCharacteristics); 8168827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("Generate should succeed", KeyStore.NO_ERROR, rc); 8178827c8173281fea21325d88922471851e31200c4Chad Brubaker 8188827c8173281fea21325d88922471851e31200c4Chad Brubaker KeymasterArguments out = new KeymasterArguments(); 8198827c8173281fea21325d88922471851e31200c4Chad Brubaker args = new KeymasterArguments(); 8208827c8173281fea21325d88922471851e31200c4Chad Brubaker OperationResult result = mKeyStore.begin(name, KeymasterDefs.KM_PURPOSE_ENCRYPT, 821dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker true, args, null, out); 8228827c8173281fea21325d88922471851e31200c4Chad Brubaker IBinder token = result.token; 8238827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("Begin should succeed", KeyStore.NO_ERROR, result.resultCode); 8248827c8173281fea21325d88922471851e31200c4Chad Brubaker result = mKeyStore.update(token, null, new byte[] {0x01, 0x02, 0x03, 0x04}); 8258827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("Update should succeed", KeyStore.NO_ERROR, result.resultCode); 8268827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("Finish should succeed", KeyStore.NO_ERROR, 8278827c8173281fea21325d88922471851e31200c4Chad Brubaker mKeyStore.finish(token, null, null).resultCode); 8288827c8173281fea21325d88922471851e31200c4Chad Brubaker } 8298827c8173281fea21325d88922471851e31200c4Chad Brubaker 8308827c8173281fea21325d88922471851e31200c4Chad Brubaker public void testBadToken() throws Exception { 8318827c8173281fea21325d88922471851e31200c4Chad Brubaker IBinder token = new Binder(); 8328827c8173281fea21325d88922471851e31200c4Chad Brubaker OperationResult result = mKeyStore.update(token, null, new byte[] {0x01}); 8338827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("Update with invalid token should fail", 8348827c8173281fea21325d88922471851e31200c4Chad Brubaker KeymasterDefs.KM_ERROR_INVALID_OPERATION_HANDLE, result.resultCode); 8358827c8173281fea21325d88922471851e31200c4Chad Brubaker } 8368827c8173281fea21325d88922471851e31200c4Chad Brubaker 8378827c8173281fea21325d88922471851e31200c4Chad Brubaker private int importAesKey(String name, byte[] key, int size, int mode) { 8388827c8173281fea21325d88922471851e31200c4Chad Brubaker KeymasterArguments args = new KeymasterArguments(); 8398827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_ENCRYPT); 8408827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_DECRYPT); 8418827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_AES); 8428827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_NONE); 8438827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_BLOCK_MODE, mode); 8448827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, size); 845ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED); 8468827c8173281fea21325d88922471851e31200c4Chad Brubaker return mKeyStore.importKey(name, args, KeymasterDefs.KM_KEY_FORMAT_RAW, key, 0, 8478827c8173281fea21325d88922471851e31200c4Chad Brubaker new KeyCharacteristics()); 8488827c8173281fea21325d88922471851e31200c4Chad Brubaker } 8498827c8173281fea21325d88922471851e31200c4Chad Brubaker private byte[] doOperation(String name, int purpose, byte[] in, KeymasterArguments beginArgs) { 8508827c8173281fea21325d88922471851e31200c4Chad Brubaker KeymasterArguments out = new KeymasterArguments(); 8518827c8173281fea21325d88922471851e31200c4Chad Brubaker OperationResult result = mKeyStore.begin(name, purpose, 852dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker true, beginArgs, null, out); 8538827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("Begin should succeed", KeyStore.NO_ERROR, result.resultCode); 8548827c8173281fea21325d88922471851e31200c4Chad Brubaker IBinder token = result.token; 8558827c8173281fea21325d88922471851e31200c4Chad Brubaker result = mKeyStore.update(token, null, in); 8568827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("Update should succeed", KeyStore.NO_ERROR, result.resultCode); 8578827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("All data should be consumed", in.length, result.inputConsumed); 8588827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("Finish should succeed", KeyStore.NO_ERROR, 8598827c8173281fea21325d88922471851e31200c4Chad Brubaker mKeyStore.finish(token, null, null).resultCode); 8608827c8173281fea21325d88922471851e31200c4Chad Brubaker return result.output; 8618827c8173281fea21325d88922471851e31200c4Chad Brubaker } 8628827c8173281fea21325d88922471851e31200c4Chad Brubaker 8638827c8173281fea21325d88922471851e31200c4Chad Brubaker public void testImportAes() throws Exception { 8648827c8173281fea21325d88922471851e31200c4Chad Brubaker int result = importAesKey("aes", AES256_BYTES, 256, KeymasterDefs.KM_MODE_ECB); 8658827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("import should succeed", KeyStore.NO_ERROR, result); 8668827c8173281fea21325d88922471851e31200c4Chad Brubaker mKeyStore.delete("aes"); 8678827c8173281fea21325d88922471851e31200c4Chad Brubaker } 8688827c8173281fea21325d88922471851e31200c4Chad Brubaker 8698827c8173281fea21325d88922471851e31200c4Chad Brubaker public void testAes256Ecb() throws Exception { 8708827c8173281fea21325d88922471851e31200c4Chad Brubaker byte[] key = 8718827c8173281fea21325d88922471851e31200c4Chad Brubaker hexToBytes("603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4"); 8728827c8173281fea21325d88922471851e31200c4Chad Brubaker String name = "aes"; 8738827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals(KeyStore.NO_ERROR, importAesKey(name, key, 256, KeymasterDefs.KM_MODE_ECB)); 8748827c8173281fea21325d88922471851e31200c4Chad Brubaker byte[][] testVectors = new byte[][] { 8758827c8173281fea21325d88922471851e31200c4Chad Brubaker hexToBytes("6bc1bee22e409f96e93d7e117393172a"), 8768827c8173281fea21325d88922471851e31200c4Chad Brubaker hexToBytes("ae2d8a571e03ac9c9eb76fac45af8e51"), 8778827c8173281fea21325d88922471851e31200c4Chad Brubaker hexToBytes("30c81c46a35ce411e5fbc1191a0a52ef"), 8788827c8173281fea21325d88922471851e31200c4Chad Brubaker hexToBytes("f69f2445df4f9b17ad2b417be66c3710")}; 8798827c8173281fea21325d88922471851e31200c4Chad Brubaker byte[][] cipherVectors = new byte[][] { 8808827c8173281fea21325d88922471851e31200c4Chad Brubaker hexToBytes("f3eed1bdb5d2a03c064b5a7e3db181f8"), 8818827c8173281fea21325d88922471851e31200c4Chad Brubaker hexToBytes("591ccb10d410ed26dc5ba74a31362870"), 8828827c8173281fea21325d88922471851e31200c4Chad Brubaker hexToBytes("b6ed21b99ca6f4f9f153e7b1beafed1d"), 8838827c8173281fea21325d88922471851e31200c4Chad Brubaker hexToBytes("23304b7a39f9f3ff067d8d8f9e24ecc7")}; 8848827c8173281fea21325d88922471851e31200c4Chad Brubaker for (int i = 0; i < testVectors.length; i++) { 8858827c8173281fea21325d88922471851e31200c4Chad Brubaker byte[] cipherText = doOperation(name, KeymasterDefs.KM_PURPOSE_ENCRYPT, testVectors[i], 8868827c8173281fea21325d88922471851e31200c4Chad Brubaker new KeymasterArguments()); 8878827c8173281fea21325d88922471851e31200c4Chad Brubaker MoreAsserts.assertEquals(cipherVectors[i], cipherText); 8888827c8173281fea21325d88922471851e31200c4Chad Brubaker } 8898827c8173281fea21325d88922471851e31200c4Chad Brubaker for (int i = 0; i < testVectors.length; i++) { 8908827c8173281fea21325d88922471851e31200c4Chad Brubaker byte[] plainText = doOperation(name, KeymasterDefs.KM_PURPOSE_DECRYPT, 8918827c8173281fea21325d88922471851e31200c4Chad Brubaker cipherVectors[i], new KeymasterArguments()); 8928827c8173281fea21325d88922471851e31200c4Chad Brubaker MoreAsserts.assertEquals(testVectors[i], plainText); 8938827c8173281fea21325d88922471851e31200c4Chad Brubaker } 8948827c8173281fea21325d88922471851e31200c4Chad Brubaker } 8958827c8173281fea21325d88922471851e31200c4Chad Brubaker 8968827c8173281fea21325d88922471851e31200c4Chad Brubaker // This is a very implementation specific test and should be thrown out eventually, however it 8978827c8173281fea21325d88922471851e31200c4Chad Brubaker // is nice for now to test that keystore is properly pruning operations. 8988827c8173281fea21325d88922471851e31200c4Chad Brubaker public void testOperationPruning() throws Exception { 8998827c8173281fea21325d88922471851e31200c4Chad Brubaker String name = "test"; 9008827c8173281fea21325d88922471851e31200c4Chad Brubaker KeymasterArguments args = new KeymasterArguments(); 9018827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_ENCRYPT); 9028827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_DECRYPT); 9038827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_AES); 9048827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_NONE); 9058827c8173281fea21325d88922471851e31200c4Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, 256); 90655f7c2770faade3543bebd833124f2f15c0f7455Alex Klyubin args.addInt(KeymasterDefs.KM_TAG_BLOCK_MODE, KeymasterDefs.KM_MODE_CTR); 907ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED); 9088827c8173281fea21325d88922471851e31200c4Chad Brubaker 9098827c8173281fea21325d88922471851e31200c4Chad Brubaker KeyCharacteristics outCharacteristics = new KeyCharacteristics(); 910dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker int rc = mKeyStore.generateKey(name, args, null, 0, outCharacteristics); 9118827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("Generate should succeed", KeyStore.NO_ERROR, rc); 9128827c8173281fea21325d88922471851e31200c4Chad Brubaker 9138827c8173281fea21325d88922471851e31200c4Chad Brubaker KeymasterArguments out = new KeymasterArguments(); 9148827c8173281fea21325d88922471851e31200c4Chad Brubaker args = new KeymasterArguments(); 9158827c8173281fea21325d88922471851e31200c4Chad Brubaker OperationResult result = mKeyStore.begin(name, KeymasterDefs.KM_PURPOSE_ENCRYPT, 916dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker true, args, null, out); 9178827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("Begin should succeed", KeyStore.NO_ERROR, result.resultCode); 9188827c8173281fea21325d88922471851e31200c4Chad Brubaker IBinder first = result.token; 9198827c8173281fea21325d88922471851e31200c4Chad Brubaker // Implementation detail: softkeymaster supports 16 concurrent operations 9208827c8173281fea21325d88922471851e31200c4Chad Brubaker for (int i = 0; i < 16; i++) { 921dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker result = mKeyStore.begin(name, KeymasterDefs.KM_PURPOSE_ENCRYPT, true, args, null, 922dae79e540844741fc35c648efe8bbb00fc8ab781Chad Brubaker out); 9238827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("Begin should succeed", KeyStore.NO_ERROR, result.resultCode); 9248827c8173281fea21325d88922471851e31200c4Chad Brubaker } 9258827c8173281fea21325d88922471851e31200c4Chad Brubaker // At this point the first operation should be pruned. 9268827c8173281fea21325d88922471851e31200c4Chad Brubaker assertEquals("Operation should be pruned", KeymasterDefs.KM_ERROR_INVALID_OPERATION_HANDLE, 9278827c8173281fea21325d88922471851e31200c4Chad Brubaker mKeyStore.update(first, null, new byte[] {0x01}).resultCode); 9288827c8173281fea21325d88922471851e31200c4Chad Brubaker } 929ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker 930ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker public void testAuthNeeded() throws Exception { 931ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker String name = "test"; 932ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker KeymasterArguments args = new KeymasterArguments(); 933ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_ENCRYPT); 934ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_PURPOSE, KeymasterDefs.KM_PURPOSE_DECRYPT); 935ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_AES); 93655f7c2770faade3543bebd833124f2f15c0f7455Alex Klyubin args.addInt(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_PKCS7); 937ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, 256); 93855f7c2770faade3543bebd833124f2f15c0f7455Alex Klyubin args.addInt(KeymasterDefs.KM_TAG_BLOCK_MODE, KeymasterDefs.KM_MODE_ECB); 939ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker args.addInt(KeymasterDefs.KM_TAG_USER_AUTH_TYPE, 1); 940ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker 941ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker KeyCharacteristics outCharacteristics = new KeyCharacteristics(); 942ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker int rc = mKeyStore.generateKey(name, args, null, 0, outCharacteristics); 943ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker KeymasterArguments out = new KeymasterArguments(); 944ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker assertEquals("Generate should succeed", KeyStore.NO_ERROR, rc); 945ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker OperationResult result = mKeyStore.begin(name, KeymasterDefs.KM_PURPOSE_ENCRYPT, 946ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker true, args, null, out); 947ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker assertEquals("Begin should succeed", KeyStore.NO_ERROR, result.resultCode); 948ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker IBinder token = result.token; 949ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker result = mKeyStore.update(token, null, new byte[] {0x01, 0x02, 0x03, 0x04}); 950ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker assertEquals("Update should require authorization", 951ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker KeymasterDefs.KM_ERROR_KEY_USER_NOT_AUTHENTICATED, result.resultCode); 952ce7ad24b6337135fd7b6ed169bb5c517d044f041Chad Brubaker } 953f35e9663d7bdae523953185b4ad6b6f9e8e7d6caChung-yih Wang} 954