Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

am bda3e26f: am 42457027: Merge changes I65f7a915,I32098dc0

Browse Source 
* commit 'bda3e26f6f8ed0653e28b0375ba0a7f54f698e86':
  KeyStore: add "migrate" command
  KeyStore: add API to uid versions
This commit is contained in:
Kenny Root
2013-03-20 16:08:08 -07:00
committed by Android Git Automerger
parent 3be79f328a bda3e26f6f
commit dfdacaf2c5
5 changed files with 297 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
core/java/android/security/IKeystoreService.java
View File

@@ -148,6 +148,10 @@ public interface IKeystoreService extends IInterface {
for (int i = 0; i < size; i++) { for (int i = 0; i < size; i++) {
_result[i] = _reply.readString(); _result[i] = _reply.readString();
} }
int _ret = _reply.readInt();
if (_ret != 1) {
return null;
}
} finally { } finally {
_reply.recycle(); _reply.recycle();
_data.recycle(); _data.recycle();
@@ -401,6 +405,25 @@ public interface IKeystoreService extends IInterface {
} }
return _result; return _result;
} }
@Override
public int migrate(String name, int targetUid) throws RemoteException {
Parcel _data = Parcel.obtain();
Parcel _reply = Parcel.obtain();
int _result;
try {
_data.writeInterfaceToken(DESCRIPTOR);
_data.writeString(name);
_data.writeInt(targetUid);
mRemote.transact(Stub.TRANSACTION_migrate, _data, _reply, 0);
_reply.readException();
_result = _reply.readInt();
} finally {
_reply.recycle();
_data.recycle();
}
return _result;
}
} }
private static final String DESCRIPTOR = "android.security.keystore"; private static final String DESCRIPTOR = "android.security.keystore";
@@ -425,6 +448,7 @@ public interface IKeystoreService extends IInterface {
static final int TRANSACTION_grant = IBinder.FIRST_CALL_TRANSACTION + 17; static final int TRANSACTION_grant = IBinder.FIRST_CALL_TRANSACTION + 17;
static final int TRANSACTION_ungrant = IBinder.FIRST_CALL_TRANSACTION + 18; static final int TRANSACTION_ungrant = IBinder.FIRST_CALL_TRANSACTION + 18;
static final int TRANSACTION_getmtime = IBinder.FIRST_CALL_TRANSACTION + 19; static final int TRANSACTION_getmtime = IBinder.FIRST_CALL_TRANSACTION + 19;
static final int TRANSACTION_migrate = IBinder.FIRST_CALL_TRANSACTION + 20;
/** /**
* Cast an IBinder object into an IKeystoreService interface, generating * Cast an IBinder object into an IKeystoreService interface, generating
@@ -509,4 +533,6 @@ public interface IKeystoreService extends IInterface {
public int ungrant(String name, int granteeUid) throws RemoteException; public int ungrant(String name, int granteeUid) throws RemoteException;
public long getmtime(String name) throws RemoteException; public long getmtime(String name) throws RemoteException;
public int migrate(String name, int targetUid) throws RemoteException;
} }

45
keystore/java/android/security/AndroidKeyStore.java
View File

@@ -453,17 +453,19 @@ public class AndroidKeyStore extends KeyStoreSpi {
* convention. * convention.
*/ */
final String[] certAliases = mKeyStore.saw(Credentials.USER_CERTIFICATE); final String[] certAliases = mKeyStore.saw(Credentials.USER_CERTIFICATE);
for (String alias : certAliases) { if (certAliases != null) {
final byte[] certBytes = mKeyStore.get(Credentials.USER_CERTIFICATE + alias); for (String alias : certAliases) {
if (certBytes == null) { final byte[] certBytes = mKeyStore.get(Credentials.USER_CERTIFICATE + alias);
continue; if (certBytes == null) {
} continue;
}
final Certificate c = toCertificate(certBytes); final Certificate c = toCertificate(certBytes);
nonCaEntries.add(alias); nonCaEntries.add(alias);
if (cert.equals(c)) { if (cert.equals(c)) {
return alias; return alias;
}
} }
} }
@@ -472,19 +474,22 @@ public class AndroidKeyStore extends KeyStoreSpi {
* PrivateKeyEntry we looked at above. * PrivateKeyEntry we looked at above.
*/ */
final String[] caAliases = mKeyStore.saw(Credentials.CA_CERTIFICATE); final String[] caAliases = mKeyStore.saw(Credentials.CA_CERTIFICATE);
for (String alias : caAliases) { if (certAliases != null) {
if (nonCaEntries.contains(alias)) { for (String alias : caAliases) {
continue; if (nonCaEntries.contains(alias)) {
} continue;
}
final byte[] certBytes = mKeyStore.get(Credentials.CA_CERTIFICATE + alias); final byte[] certBytes = mKeyStore.get(Credentials.CA_CERTIFICATE + alias);
if (certBytes == null) { if (certBytes == null) {
continue; continue;
} }
final Certificate c = toCertificate(mKeyStore.get(Credentials.CA_CERTIFICATE + alias)); final Certificate c =
if (cert.equals(c)) { toCertificate(mKeyStore.get(Credentials.CA_CERTIFICATE + alias));
return alias; if (cert.equals(c)) {
return alias;
}
} }
} }

79
keystore/java/android/security/KeyStore.java
View File

@@ -87,9 +87,22 @@ public class KeyStore {
} }
} }
public boolean put(String key, byte[] value) { public boolean put(String key, byte[] value, int uid) {
try { try {
return mBinder.insert(key, value, -1) == NO_ERROR; return mBinder.insert(key, value, uid) == NO_ERROR;
} catch (RemoteException e) {
Log.w(TAG, "Cannot connect to keystore", e);
return false;
}
}
public boolean put(String key, byte[] value) {
return put(key, value, -1);
}
public boolean delete(String key, int uid) {
try {
return mBinder.del(key, uid) == NO_ERROR;
} catch (RemoteException e) { } catch (RemoteException e) {
Log.w(TAG, "Cannot connect to keystore", e); Log.w(TAG, "Cannot connect to keystore", e);
return false; return false;
@@ -97,8 +110,12 @@ public class KeyStore {
} }
public boolean delete(String key) { public boolean delete(String key) {
return delete(key, -1);
}
public boolean contains(String key, int uid) {
try { try {
return mBinder.del(key, -1) == NO_ERROR; return mBinder.exist(key, uid) == NO_ERROR;
} catch (RemoteException e) { } catch (RemoteException e) {
Log.w(TAG, "Cannot connect to keystore", e); Log.w(TAG, "Cannot connect to keystore", e);
return false; return false;
@@ -106,23 +123,22 @@ public class KeyStore {
} }
public boolean contains(String key) { public boolean contains(String key) {
try { return contains(key, -1);
return mBinder.exist(key, -1) == NO_ERROR;
} catch (RemoteException e) {
Log.w(TAG, "Cannot connect to keystore", e);
return false;
}
} }
public String[] saw(String prefix) { public String[] saw(String prefix, int uid) {
try { try {
return mBinder.saw(prefix, -1); return mBinder.saw(prefix, uid);
} catch (RemoteException e) { } catch (RemoteException e) {
Log.w(TAG, "Cannot connect to keystore", e); Log.w(TAG, "Cannot connect to keystore", e);
return null; return null;
} }
} }
public String[] saw(String prefix) {
return saw(prefix, -1);
}
public boolean reset() { public boolean reset() {
try { try {
return mBinder.reset() == NO_ERROR; return mBinder.reset() == NO_ERROR;
@@ -169,9 +185,22 @@ public class KeyStore {
} }
} }
public boolean generate(String key) { public boolean generate(String key, int uid) {
try { try {
return mBinder.generate(key, -1) == NO_ERROR; return mBinder.generate(key, uid) == NO_ERROR;
} catch (RemoteException e) {
Log.w(TAG, "Cannot connect to keystore", e);
return false;
}
}
public boolean generate(String key) {
return generate(key, -1);
}
public boolean importKey(String keyName, byte[] key, int uid) {
try {
return mBinder.import_key(keyName, key, uid) == NO_ERROR;
} catch (RemoteException e) { } catch (RemoteException e) {
Log.w(TAG, "Cannot connect to keystore", e); Log.w(TAG, "Cannot connect to keystore", e);
return false; return false;
@@ -179,12 +208,7 @@ public class KeyStore {
} }
public boolean importKey(String keyName, byte[] key) { public boolean importKey(String keyName, byte[] key) {
try { return importKey(keyName, key, -1);
return mBinder.import_key(keyName, key, -1) == NO_ERROR;
} catch (RemoteException e) {
Log.w(TAG, "Cannot connect to keystore", e);
return false;
}
} }
public byte[] getPubkey(String key) { public byte[] getPubkey(String key) {
@@ -196,15 +220,19 @@ public class KeyStore {
} }
} }
public boolean delKey(String key) { public boolean delKey(String key, int uid) {
try { try {
return mBinder.del_key(key, -1) == NO_ERROR; return mBinder.del_key(key, uid) == NO_ERROR;
} catch (RemoteException e) { } catch (RemoteException e) {
Log.w(TAG, "Cannot connect to keystore", e); Log.w(TAG, "Cannot connect to keystore", e);
return false; return false;
} }
} }
public boolean delKey(String key) {
return delKey(key, -1);
}
public byte[] sign(String key, byte[] data) { public byte[] sign(String key, byte[] data) {
try { try {
return mBinder.sign(key, data); return mBinder.sign(key, data);
@@ -259,6 +287,15 @@ public class KeyStore {
} }
} }
public boolean migrate(String key, int uid) {
try {
return mBinder.migrate(key, uid) == NO_ERROR;
} catch (RemoteException e) {
Log.w(TAG, "Cannot connect to keystore", e);
return false;
}
}
public int getLastError() { public int getLastError() {
return mError; return mError;
} }

4
keystore/tests/src/android/security/AndroidKeyPairGeneratorTest.java
View File

@@ -67,7 +67,9 @@ public class AndroidKeyPairGeneratorTest extends AndroidTestCase {
assertTrue(mAndroidKeyStore.password("1111")); assertTrue(mAndroidKeyStore.password("1111"));
assertTrue(mAndroidKeyStore.isUnlocked()); assertTrue(mAndroidKeyStore.isUnlocked());
assertEquals(0, mAndroidKeyStore.saw("").length); String[] aliases = mAndroidKeyStore.saw("");
assertNotNull(aliases);
assertEquals(0, aliases.length);
mGenerator = java.security.KeyPairGenerator.getInstance(AndroidKeyPairGenerator.NAME); mGenerator = java.security.KeyPairGenerator.getInstance(AndroidKeyPairGenerator.NAME);
} }

191
keystore/tests/src/android/security/KeyStoreTest.java
View File

@@ -17,6 +17,7 @@
package android.security; package android.security;
import android.app.Activity; import android.app.Activity;
import android.os.Process;
import android.security.KeyStore; import android.security.KeyStore;
import android.test.ActivityUnitTestCase; import android.test.ActivityUnitTestCase;
import android.test.AssertionFailedError; import android.test.AssertionFailedError;
@@ -128,7 +129,7 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> {
super.tearDown(); super.tearDown();
} }
public void teststate() throws Exception { public void testState() throws Exception {
assertEquals(KeyStore.State.UNINITIALIZED, mKeyStore.state()); assertEquals(KeyStore.State.UNINITIALIZED, mKeyStore.state());
} }
@@ -154,6 +155,24 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> {
assertTrue(Arrays.equals(TEST_KEYVALUE, mKeyStore.get(TEST_KEYNAME))); assertTrue(Arrays.equals(TEST_KEYVALUE, mKeyStore.get(TEST_KEYNAME)));
} }
public void testPut_grantedUid_Wifi() throws Exception {
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
assertFalse(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.WIFI_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
mKeyStore.password(TEST_PASSWD);
assertTrue(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.WIFI_UID));
assertTrue(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
}
public void testPut_ungrantedUid_Bluetooth() throws Exception {
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID));
assertFalse(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.BLUETOOTH_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID));
mKeyStore.password(TEST_PASSWD);
assertFalse(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.BLUETOOTH_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID));
}
public void testI18n() throws Exception { public void testI18n() throws Exception {
assertFalse(mKeyStore.put(TEST_I18N_KEY, TEST_I18N_VALUE)); assertFalse(mKeyStore.put(TEST_I18N_KEY, TEST_I18N_VALUE));
assertFalse(mKeyStore.contains(TEST_I18N_KEY)); assertFalse(mKeyStore.contains(TEST_I18N_KEY));
@@ -167,22 +186,64 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> {
mKeyStore.password(TEST_PASSWD); mKeyStore.password(TEST_PASSWD);
assertFalse(mKeyStore.delete(TEST_KEYNAME)); assertFalse(mKeyStore.delete(TEST_KEYNAME));
mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE); assertTrue(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE));
assertTrue(Arrays.equals(TEST_KEYVALUE, mKeyStore.get(TEST_KEYNAME))); assertTrue(Arrays.equals(TEST_KEYVALUE, mKeyStore.get(TEST_KEYNAME)));
assertTrue(mKeyStore.delete(TEST_KEYNAME)); assertTrue(mKeyStore.delete(TEST_KEYNAME));
assertNull(mKeyStore.get(TEST_KEYNAME)); assertNull(mKeyStore.get(TEST_KEYNAME));
} }
public void testDelete_grantedUid_Wifi() throws Exception {
assertFalse(mKeyStore.delete(TEST_KEYNAME, Process.WIFI_UID));
mKeyStore.password(TEST_PASSWD);
assertFalse(mKeyStore.delete(TEST_KEYNAME, Process.WIFI_UID));
assertTrue(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.WIFI_UID));
assertTrue(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
assertTrue(mKeyStore.delete(TEST_KEYNAME, Process.WIFI_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
}
public void testDelete_ungrantedUid_Bluetooth() throws Exception {
assertFalse(mKeyStore.delete(TEST_KEYNAME, Process.BLUETOOTH_UID));
mKeyStore.password(TEST_PASSWD);
assertFalse(mKeyStore.delete(TEST_KEYNAME, Process.BLUETOOTH_UID));
assertFalse(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.BLUETOOTH_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID));
assertFalse(mKeyStore.delete(TEST_KEYNAME, Process.BLUETOOTH_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID));
}
public void testContains() throws Exception { public void testContains() throws Exception {
assertFalse(mKeyStore.contains(TEST_KEYNAME)); assertFalse(mKeyStore.contains(TEST_KEYNAME));
mKeyStore.password(TEST_PASSWD); assertTrue(mKeyStore.password(TEST_PASSWD));
assertFalse(mKeyStore.contains(TEST_KEYNAME)); assertFalse(mKeyStore.contains(TEST_KEYNAME));
mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE); assertTrue(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE));
assertTrue(mKeyStore.contains(TEST_KEYNAME)); assertTrue(mKeyStore.contains(TEST_KEYNAME));
} }
public void testContains_grantedUid_Wifi() throws Exception {
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
assertTrue(mKeyStore.password(TEST_PASSWD));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
assertTrue(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.WIFI_UID));
assertTrue(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
}
public void testContains_grantedUid_Bluetooth() throws Exception {
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID));
assertTrue(mKeyStore.password(TEST_PASSWD));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID));
assertFalse(mKeyStore.put(TEST_KEYNAME, TEST_KEYVALUE, Process.BLUETOOTH_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID));
}
public void testSaw() throws Exception { public void testSaw() throws Exception {
String[] emptyResult = mKeyStore.saw(TEST_KEYNAME); String[] emptyResult = mKeyStore.saw(TEST_KEYNAME);
assertNotNull(emptyResult); assertNotNull(emptyResult);
@@ -198,6 +259,48 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> {
new HashSet(Arrays.asList(results))); new HashSet(Arrays.asList(results)));
} }
public void testSaw_ungrantedUid_Bluetooth() throws Exception {
String[] results1 = mKeyStore.saw(TEST_KEYNAME, Process.BLUETOOTH_UID);
assertNull(results1);
mKeyStore.password(TEST_PASSWD);
mKeyStore.put(TEST_KEYNAME1, TEST_KEYVALUE);
mKeyStore.put(TEST_KEYNAME2, TEST_KEYVALUE);
String[] results2 = mKeyStore.saw(TEST_KEYNAME, Process.BLUETOOTH_UID);
assertNull(results2);
}
public void testSaw_grantedUid_Wifi() throws Exception {
String[] results1 = mKeyStore.saw(TEST_KEYNAME, Process.WIFI_UID);
assertNotNull(results1);
assertEquals(0, results1.length);
mKeyStore.password(TEST_PASSWD);
mKeyStore.put(TEST_KEYNAME1, TEST_KEYVALUE, Process.WIFI_UID);
mKeyStore.put(TEST_KEYNAME2, TEST_KEYVALUE, Process.WIFI_UID);
String[] results2 = mKeyStore.saw(TEST_KEYNAME, Process.WIFI_UID);
assertEquals(new HashSet(Arrays.asList(TEST_KEYNAME1.substring(TEST_KEYNAME.length()),
TEST_KEYNAME2.substring(TEST_KEYNAME.length()))),
new HashSet(Arrays.asList(results2)));
}
public void testSaw_grantedUid_Vpn() throws Exception {
String[] results1 = mKeyStore.saw(TEST_KEYNAME, Process.VPN_UID);
assertNotNull(results1);
assertEquals(0, results1.length);
mKeyStore.password(TEST_PASSWD);
mKeyStore.put(TEST_KEYNAME1, TEST_KEYVALUE, Process.VPN_UID);
mKeyStore.put(TEST_KEYNAME2, TEST_KEYVALUE, Process.VPN_UID);
String[] results2 = mKeyStore.saw(TEST_KEYNAME, Process.VPN_UID);
assertEquals(new HashSet(Arrays.asList(TEST_KEYNAME1.substring(TEST_KEYNAME.length()),
TEST_KEYNAME2.substring(TEST_KEYNAME.length()))),
new HashSet(Arrays.asList(results2)));
}
public void testLock() throws Exception { public void testLock() throws Exception {
assertFalse(mKeyStore.lock()); assertFalse(mKeyStore.lock());
@@ -239,17 +342,57 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> {
} }
public void testGenerate_Success() throws Exception { public void testGenerate_Success() throws Exception {
mKeyStore.password(TEST_PASSWD); assertTrue(mKeyStore.password(TEST_PASSWD));
assertTrue("Should be able to generate key when unlocked", assertTrue("Should be able to generate key when unlocked",
mKeyStore.generate(TEST_KEYNAME)); mKeyStore.generate(TEST_KEYNAME));
assertTrue(mKeyStore.contains(TEST_KEYNAME));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
}
public void testGenerate_grantedUid_Wifi_Success() throws Exception {
assertTrue(mKeyStore.password(TEST_PASSWD));
assertTrue("Should be able to generate key when unlocked",
mKeyStore.generate(TEST_KEYNAME, Process.WIFI_UID));
assertTrue(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME));
}
public void testGenerate_ungrantedUid_Bluetooth_Failure() throws Exception {
assertTrue(mKeyStore.password(TEST_PASSWD));
assertFalse(mKeyStore.generate(TEST_KEYNAME, Process.BLUETOOTH_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME));
} }
public void testImport_Success() throws Exception { public void testImport_Success() throws Exception {
mKeyStore.password(TEST_PASSWD); assertTrue(mKeyStore.password(TEST_PASSWD));
assertTrue("Should be able to import key when unlocked", assertTrue("Should be able to import key when unlocked",
mKeyStore.importKey(TEST_KEYNAME, PRIVKEY_BYTES)); mKeyStore.importKey(TEST_KEYNAME, PRIVKEY_BYTES));
assertTrue(mKeyStore.contains(TEST_KEYNAME));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
}
public void testImport_grantedUid_Wifi_Success() throws Exception {
assertTrue(mKeyStore.password(TEST_PASSWD));
assertTrue("Should be able to import key when unlocked",
mKeyStore.importKey(TEST_KEYNAME, PRIVKEY_BYTES, Process.WIFI_UID));
assertTrue(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME));
}
public void testImport_ungrantedUid_Bluetooth_Failure() throws Exception {
assertTrue(mKeyStore.password(TEST_PASSWD));
assertFalse(mKeyStore.importKey(TEST_KEYNAME, PRIVKEY_BYTES, Process.BLUETOOTH_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME));
} }
public void testImport_Failure_BadEncoding() throws Exception { public void testImport_Failure_BadEncoding() throws Exception {
@@ -257,12 +400,15 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> {
assertFalse("Invalid DER-encoded key should not be imported", assertFalse("Invalid DER-encoded key should not be imported",
mKeyStore.importKey(TEST_KEYNAME, TEST_DATA)); mKeyStore.importKey(TEST_KEYNAME, TEST_DATA));
assertFalse(mKeyStore.contains(TEST_KEYNAME));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
} }
public void testSign_Success() throws Exception { public void testSign_Success() throws Exception {
mKeyStore.password(TEST_PASSWD); mKeyStore.password(TEST_PASSWD);
assertTrue(mKeyStore.generate(TEST_KEYNAME)); assertTrue(mKeyStore.generate(TEST_KEYNAME));
assertTrue(mKeyStore.contains(TEST_KEYNAME));
final byte[] signature = mKeyStore.sign(TEST_KEYNAME, TEST_DATA); final byte[] signature = mKeyStore.sign(TEST_KEYNAME, TEST_DATA);
assertNotNull("Signature should not be null", signature); assertNotNull("Signature should not be null", signature);
@@ -272,6 +418,7 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> {
mKeyStore.password(TEST_PASSWD); mKeyStore.password(TEST_PASSWD);
assertTrue(mKeyStore.generate(TEST_KEYNAME)); assertTrue(mKeyStore.generate(TEST_KEYNAME));
assertTrue(mKeyStore.contains(TEST_KEYNAME));
final byte[] signature = mKeyStore.sign(TEST_KEYNAME, TEST_DATA); final byte[] signature = mKeyStore.sign(TEST_KEYNAME, TEST_DATA);
assertNotNull("Signature should not be null", signature); assertNotNull("Signature should not be null", signature);
@@ -406,6 +553,38 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> {
mKeyStore.ungrant(TEST_KEYNAME, 0)); mKeyStore.ungrant(TEST_KEYNAME, 0));
} }
public void testMigrate_grantedUid_Wifi_Success() throws Exception {
assertTrue(mKeyStore.password(TEST_PASSWD));
assertFalse(mKeyStore.contains(TEST_KEYNAME));
assertTrue(mKeyStore.generate(TEST_KEYNAME));
assertTrue(mKeyStore.contains(TEST_KEYNAME));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
assertTrue(mKeyStore.migrate(TEST_KEYNAME, Process.WIFI_UID));
assertFalse(mKeyStore.contains(TEST_KEYNAME));
assertTrue(mKeyStore.contains(TEST_KEYNAME, Process.WIFI_UID));
}
public void testMigrate_ungrantedUid_Bluetooth_Failure() throws Exception {
assertTrue(mKeyStore.password(TEST_PASSWD));
assertFalse(mKeyStore.contains(TEST_KEYNAME));
assertTrue(mKeyStore.generate(TEST_KEYNAME));
assertTrue(mKeyStore.contains(TEST_KEYNAME));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID));
assertFalse(mKeyStore.migrate(TEST_KEYNAME, Process.BLUETOOTH_UID));
assertTrue(mKeyStore.contains(TEST_KEYNAME));
assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID));
}
/** /**
* The amount of time to allow before and after expected time for variance * The amount of time to allow before and after expected time for variance
* in timing tests. * in timing tests.