1 /* 2 * Copyright (C) 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package com.android.cts.deviceowner; 17 18 import static com.android.cts.deviceowner.FakeKeys.FAKE_RSA_1; 19 20 import android.app.admin.DevicePolicyManager; 21 22 import java.io.ByteArrayInputStream; 23 import java.security.cert.CertificateException; 24 import java.security.cert.CertificateFactory; 25 import java.security.cert.Certificate; 26 import java.security.KeyFactory; 27 import java.security.NoSuchAlgorithmException; 28 import java.security.PrivateKey; 29 import java.security.spec.InvalidKeySpecException; 30 import java.security.spec.PKCS8EncodedKeySpec; 31 32 public class KeyManagementTest extends BaseDeviceOwnerTest { 33 34 @Override setUp()35 protected void setUp() throws Exception { 36 super.setUp(); 37 assertTrue(mDevicePolicyManager.resetPassword("test", 0)); 38 } 39 40 @Override tearDown()41 protected void tearDown() throws Exception { 42 mDevicePolicyManager.setPasswordQuality(getWho(), 43 DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED); 44 mDevicePolicyManager.setPasswordMinimumLength(getWho(), 0); 45 assertTrue(mDevicePolicyManager.resetPassword("", 0)); 46 super.tearDown(); 47 } 48 testCanInstallValidRsaKeypair()49 public void testCanInstallValidRsaKeypair() 50 throws CertificateException, NoSuchAlgorithmException, InvalidKeySpecException { 51 final String alias = "com.android.test.valid-rsa-key-1"; 52 final PrivateKey privKey = getPrivateKey(FAKE_RSA_1.privateKey , "RSA"); 53 final Certificate cert = getCertificate(FAKE_RSA_1.caCertificate); 54 assertTrue(mDevicePolicyManager.installKeyPair(getWho(), privKey, cert, alias)); 55 } 56 testNullKeyParamsFailGracefully()57 public void testNullKeyParamsFailGracefully() 58 throws CertificateException, NoSuchAlgorithmException, InvalidKeySpecException { 59 final String alias = "com.android.test.null-key-1"; 60 final PrivateKey privKey = getPrivateKey(FAKE_RSA_1.privateKey, "RSA"); 61 final Certificate cert = getCertificate(FAKE_RSA_1.caCertificate); 62 try { 63 assertFalse(mDevicePolicyManager.installKeyPair(getWho(), null, cert, alias)); 64 } catch (NullPointerException accept) { 65 // Accept either false return value or NPE 66 } 67 try { 68 assertFalse(mDevicePolicyManager.installKeyPair(getWho(), privKey, null, alias)); 69 } catch (NullPointerException accept) { 70 // Accept either false return value or NPE 71 } 72 } 73 testNullAdminComponentIsDenied()74 public void testNullAdminComponentIsDenied() 75 throws CertificateException, NoSuchAlgorithmException, InvalidKeySpecException { 76 final String alias = "com.android.test.null-admin-1"; 77 final PrivateKey privKey = getPrivateKey(FAKE_RSA_1.privateKey, "RSA"); 78 final Certificate cert = getCertificate(FAKE_RSA_1.caCertificate); 79 try { 80 assertFalse(mDevicePolicyManager.installKeyPair(null, privKey, cert, alias)); 81 fail("Exception should have been thrown for null ComponentName"); 82 } catch (SecurityException | NullPointerException expected) { 83 } 84 } 85 getPrivateKey(final byte[] key, String type)86 PrivateKey getPrivateKey(final byte[] key, String type) 87 throws NoSuchAlgorithmException, InvalidKeySpecException { 88 return KeyFactory.getInstance(type).generatePrivate( 89 new PKCS8EncodedKeySpec(key)); 90 } 91 getCertificate(byte[] cert)92 Certificate getCertificate(byte[] cert) throws CertificateException { 93 return CertificateFactory.getInstance("X.509").generateCertificate( 94 new ByteArrayInputStream(cert)); 95 } 96 97 } 98