125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry/* 225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry * Copyright (C) 2018 The Android Open Source Project 325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry * 425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry * Licensed under the Apache License, Version 2.0 (the "License"); 525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry * you may not use this file except in compliance with the License. 625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry * You may obtain a copy of the License at 725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry * 825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry * http://www.apache.org/licenses/LICENSE-2.0 925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry * 1025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry * Unless required by applicable law or agreed to in writing, software 1125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry * distributed under the License is distributed on an "AS IS" BASIS, 1225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry * See the License for the specific language governing permissions and 1425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry * limitations under the License. 1525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry */ 1625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 1725f5135551f2db2e979ee26353c72e303abf16e5Robert Berrypackage com.android.server.locksettings.recoverablekeystore.serialization; 1825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 1925f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport static com.google.common.truth.Truth.assertThat; 2025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 2125f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport android.security.keystore.recovery.KeyChainProtectionParams; 2225f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport android.security.keystore.recovery.KeyChainSnapshot; 2325f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport android.security.keystore.recovery.KeyDerivationParams; 2425f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport android.security.keystore.recovery.WrappedApplicationKey; 2525f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport android.support.test.InstrumentationRegistry; 2625f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport android.support.test.filters.SmallTest; 2725f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport android.support.test.runner.AndroidJUnit4; 2825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 2925f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport com.android.server.locksettings.recoverablekeystore.TestData; 3025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 3125f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport org.junit.Test; 3225f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport org.junit.runner.RunWith; 3325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 3425f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport java.io.ByteArrayInputStream; 3525f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport java.io.ByteArrayOutputStream; 3625f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport java.security.cert.CertPath; 3725f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport java.util.ArrayList; 3825f5135551f2db2e979ee26353c72e303abf16e5Robert Berryimport java.util.List; 3925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 4025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry@SmallTest 4125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry@RunWith(AndroidJUnit4.class) 4225f5135551f2db2e979ee26353c72e303abf16e5Robert Berrypublic class KeyChainSnapshotSerializerTest { 4325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final int COUNTER_ID = 2134; 4425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final int SNAPSHOT_VERSION = 125; 4525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final int MAX_ATTEMPTS = 21; 4625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final byte[] SERVER_PARAMS = new byte[] { 8, 2, 4 }; 4725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final byte[] KEY_BLOB = new byte[] { 124, 53, 53, 53 }; 4825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final CertPath CERT_PATH = TestData.CERT_PATH_1; 4925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final int SECRET_TYPE = KeyChainProtectionParams.TYPE_LOCKSCREEN; 5025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final int LOCK_SCREEN_UI = KeyChainProtectionParams.UI_FORMAT_PASSWORD; 5125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final byte[] SALT = new byte[] { 5, 4, 3, 2, 1 }; 5225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final int MEMORY_DIFFICULTY = 45; 5325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final int ALGORITHM = KeyDerivationParams.ALGORITHM_SCRYPT; 5425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final byte[] SECRET = new byte[] { 1, 2, 3, 4 }; 5525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 5625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final String TEST_KEY_1_ALIAS = "key1"; 5725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final byte[] TEST_KEY_1_BYTES = new byte[] { 66, 77, 88 }; 5825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 5925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final String TEST_KEY_2_ALIAS = "key2"; 6025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final byte[] TEST_KEY_2_BYTES = new byte[] { 99, 33, 11 }; 6125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 6225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final String TEST_KEY_3_ALIAS = "key3"; 6325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static final byte[] TEST_KEY_3_BYTES = new byte[] { 2, 8, 100 }; 6425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 6525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 6625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTrip_persistsCounterId() throws Exception { 6725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTrip().getCounterId()).isEqualTo(COUNTER_ID); 6825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 6925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 7025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 7125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTrip_persistsSnapshotVersion() throws Exception { 7225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTrip().getSnapshotVersion()).isEqualTo(SNAPSHOT_VERSION); 7325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 7425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 7525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 7625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTrip_persistsMaxAttempts() throws Exception { 7725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTrip().getMaxAttempts()).isEqualTo(MAX_ATTEMPTS); 7825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 7925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 8025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 8125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTrip_persistsRecoveryKey() throws Exception { 8225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTrip().getEncryptedRecoveryKeyBlob()).isEqualTo(KEY_BLOB); 8325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 8425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 8525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 8625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTrip_persistsServerParams() throws Exception { 8725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTrip().getServerParams()).isEqualTo(SERVER_PARAMS); 8825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 8925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 9025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 9125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTrip_persistsCertPath() throws Exception { 9225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTrip().getTrustedHardwareCertPath()).isEqualTo(CERT_PATH); 9325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 9425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 9525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 9625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTrip_persistsParamsList() throws Exception { 9725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTrip().getKeyChainProtectionParams()).hasSize(1); 9825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 9925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 10025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 10125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTripParams_persistsUserSecretType() throws Exception { 10225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTripParams().getUserSecretType()).isEqualTo(SECRET_TYPE); 10325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 10425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 10525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 10625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTripParams_persistsLockScreenUi() throws Exception { 10725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTripParams().getLockScreenUiFormat()).isEqualTo(LOCK_SCREEN_UI); 10825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 10925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 11025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 11125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTripParams_persistsSalt() throws Exception { 11225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTripParams().getKeyDerivationParams().getSalt()).isEqualTo(SALT); 11325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 11425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 11525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 11625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTripParams_persistsAlgorithm() throws Exception { 11725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTripParams().getKeyDerivationParams().getAlgorithm()).isEqualTo(ALGORITHM); 11825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 11925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 12025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 12125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTripParams_persistsMemoryDifficulty() throws Exception { 12225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTripParams().getKeyDerivationParams().getMemoryDifficulty()) 12325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry .isEqualTo(MEMORY_DIFFICULTY); 12425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 12525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 12625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 12725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTripParams_doesNotPersistSecret() throws Exception { 12825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTripParams().getSecret()).isEmpty(); 12925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 13025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 13125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 13225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTripKeys_hasCorrectLength() throws Exception { 13325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTripKeys()).hasSize(3); 13425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 13525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 13625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 13725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTripKeys_0_persistsAlias() throws Exception { 13825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTripKeys().get(0).getAlias()).isEqualTo(TEST_KEY_1_ALIAS); 13925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 14025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 14125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 14225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTripKeys_0_persistsKeyBytes() throws Exception { 14325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTripKeys().get(0).getEncryptedKeyMaterial()).isEqualTo(TEST_KEY_1_BYTES); 14425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 14525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 14625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 14725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTripKeys_1_persistsAlias() throws Exception { 14825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTripKeys().get(1).getAlias()).isEqualTo(TEST_KEY_2_ALIAS); 14925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 15025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 15125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 15225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTripKeys_1_persistsKeyBytes() throws Exception { 15325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTripKeys().get(1).getEncryptedKeyMaterial()).isEqualTo(TEST_KEY_2_BYTES); 15425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 15525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 15625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 15725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTripKeys_2_persistsAlias() throws Exception { 15825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTripKeys().get(2).getAlias()).isEqualTo(TEST_KEY_3_ALIAS); 15925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 16025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 16125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry @Test 16225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public void roundTripKeys_2_persistsKeyBytes() throws Exception { 16325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry assertThat(roundTripKeys().get(2).getEncryptedKeyMaterial()).isEqualTo(TEST_KEY_3_BYTES); 16425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 16525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 1665658837b464275b7ae87fec5529c7344bf21b733Robert Berry @Test 167745d2c98f9467f1befb7ec3a6c485333d4f1b437Dmitry Dementyev public void serialize_doesNotThrowForTestSnapshot() throws Exception { 1685658837b464275b7ae87fec5529c7344bf21b733Robert Berry KeyChainSnapshotSerializer.serialize( 169745d2c98f9467f1befb7ec3a6c485333d4f1b437Dmitry Dementyev createTestKeyChainSnapshot(), new ByteArrayOutputStream()); 1705658837b464275b7ae87fec5529c7344bf21b733Robert Berry } 1715658837b464275b7ae87fec5529c7344bf21b733Robert Berry 17225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static List<WrappedApplicationKey> roundTripKeys() throws Exception { 17325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry return roundTrip().getWrappedApplicationKeys(); 17425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 17525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 17625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static KeyChainProtectionParams roundTripParams() throws Exception { 17725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry return roundTrip().getKeyChainProtectionParams().get(0); 17825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 17925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 18025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry public static KeyChainSnapshot roundTrip() throws Exception { 18125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry KeyChainSnapshot snapshot = createTestKeyChainSnapshot(); 18225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(); 18325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry KeyChainSnapshotSerializer.serialize(snapshot, byteArrayOutputStream); 18425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry return KeyChainSnapshotDeserializer.deserialize( 18525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry new ByteArrayInputStream(byteArrayOutputStream.toByteArray())); 18625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 18725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 18825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static KeyChainSnapshot createTestKeyChainSnapshot() throws Exception { 1895658837b464275b7ae87fec5529c7344bf21b733Robert Berry return new KeyChainSnapshot.Builder() 1905658837b464275b7ae87fec5529c7344bf21b733Robert Berry .setCounterId(COUNTER_ID) 1915658837b464275b7ae87fec5529c7344bf21b733Robert Berry .setSnapshotVersion(SNAPSHOT_VERSION) 1925658837b464275b7ae87fec5529c7344bf21b733Robert Berry .setServerParams(SERVER_PARAMS) 1935658837b464275b7ae87fec5529c7344bf21b733Robert Berry .setMaxAttempts(MAX_ATTEMPTS) 1945658837b464275b7ae87fec5529c7344bf21b733Robert Berry .setEncryptedRecoveryKeyBlob(KEY_BLOB) 1955658837b464275b7ae87fec5529c7344bf21b733Robert Berry .setKeyChainProtectionParams(createKeyChainProtectionParamsList()) 1965658837b464275b7ae87fec5529c7344bf21b733Robert Berry .setWrappedApplicationKeys(createKeys()) 1975658837b464275b7ae87fec5529c7344bf21b733Robert Berry .setTrustedHardwareCertPath(CERT_PATH) 1985658837b464275b7ae87fec5529c7344bf21b733Robert Berry .build(); 1995658837b464275b7ae87fec5529c7344bf21b733Robert Berry } 2005658837b464275b7ae87fec5529c7344bf21b733Robert Berry 2015658837b464275b7ae87fec5529c7344bf21b733Robert Berry private static List<WrappedApplicationKey> createKeys() { 2025658837b464275b7ae87fec5529c7344bf21b733Robert Berry ArrayList<WrappedApplicationKey> keyList = new ArrayList<>(); 2035658837b464275b7ae87fec5529c7344bf21b733Robert Berry keyList.add(createKey(TEST_KEY_1_ALIAS, TEST_KEY_1_BYTES)); 2045658837b464275b7ae87fec5529c7344bf21b733Robert Berry keyList.add(createKey(TEST_KEY_2_ALIAS, TEST_KEY_2_BYTES)); 2055658837b464275b7ae87fec5529c7344bf21b733Robert Berry keyList.add(createKey(TEST_KEY_3_ALIAS, TEST_KEY_3_BYTES)); 2065658837b464275b7ae87fec5529c7344bf21b733Robert Berry return keyList; 2075658837b464275b7ae87fec5529c7344bf21b733Robert Berry } 2085658837b464275b7ae87fec5529c7344bf21b733Robert Berry 2095658837b464275b7ae87fec5529c7344bf21b733Robert Berry private static List<KeyChainProtectionParams> createKeyChainProtectionParamsList() { 21025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry KeyDerivationParams keyDerivationParams = 21125f5135551f2db2e979ee26353c72e303abf16e5Robert Berry KeyDerivationParams.createScryptParams(SALT, MEMORY_DIFFICULTY); 21225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry KeyChainProtectionParams keyChainProtectionParams = new KeyChainProtectionParams.Builder() 21325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry .setKeyDerivationParams(keyDerivationParams) 21425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry .setUserSecretType(SECRET_TYPE) 21525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry .setLockScreenUiFormat(LOCK_SCREEN_UI) 21625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry .setSecret(SECRET) 21725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry .build(); 21825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry ArrayList<KeyChainProtectionParams> keyChainProtectionParamsList = 21925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry new ArrayList<>(1); 22025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry keyChainProtectionParamsList.add(keyChainProtectionParams); 2215658837b464275b7ae87fec5529c7344bf21b733Robert Berry return keyChainProtectionParamsList; 22225f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 22325f5135551f2db2e979ee26353c72e303abf16e5Robert Berry 22425f5135551f2db2e979ee26353c72e303abf16e5Robert Berry private static WrappedApplicationKey createKey(String alias, byte[] bytes) { 22525f5135551f2db2e979ee26353c72e303abf16e5Robert Berry return new WrappedApplicationKey.Builder() 22625f5135551f2db2e979ee26353c72e303abf16e5Robert Berry .setAlias(alias) 22725f5135551f2db2e979ee26353c72e303abf16e5Robert Berry .setEncryptedKeyMaterial(bytes) 22825f5135551f2db2e979ee26353c72e303abf16e5Robert Berry .build(); 22925f5135551f2db2e979ee26353c72e303abf16e5Robert Berry } 23025f5135551f2db2e979ee26353c72e303abf16e5Robert Berry} 231