diff options
author | evitayan <evitayan@google.com> | 2019-09-25 15:42:29 -0700 |
---|---|---|
committer | evitayan <evitayan@google.com> | 2019-10-09 14:36:36 -0700 |
commit | ce55d5c4edd8c81f3d78d38b2f7f0ad6c1f8cd16 (patch) | |
tree | 2ec40371cc520ec65fce72b2b84dfb813a7d1c0d /tests/iketests/src | |
parent | 17c6ae863388d6319f970a103c01156a6cb3065f (diff) | |
download | ike-ce55d5c4edd8c81f3d78d38b2f7f0ad6c1f8cd16.tar.gz |
Generate digital signature for outbound packet
Bug: 122685769
Test: atest FrameworksIkeTests(new tests passed)
Change-Id: Icadb710f4728d86515413f47b5f9367661a691c3
Diffstat (limited to 'tests/iketests/src')
-rw-r--r-- | tests/iketests/src/java/com/android/ike/ikev2/message/IkeAuthDigitalSignPayloadTest.java | 26 | ||||
-rw-r--r-- | tests/iketests/src/java/com/android/ike/ikev2/testutils/CertUtils.java | 22 |
2 files changed, 43 insertions, 5 deletions
diff --git a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeAuthDigitalSignPayloadTest.java b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeAuthDigitalSignPayloadTest.java index 52f9259a..239bd504 100644 --- a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeAuthDigitalSignPayloadTest.java +++ b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeAuthDigitalSignPayloadTest.java @@ -16,6 +16,8 @@ package com.android.ike.ikev2.message; +import static com.android.ike.ikev2.message.IkeAuthDigitalSignPayload.SIGNATURE_ALGO_RSA_SHA2_256; + import static org.junit.Assert.assertArrayEquals; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; @@ -31,6 +33,7 @@ import com.android.ike.ikev2.testutils.CertUtils; import org.junit.Before; import org.junit.Test; +import java.security.PrivateKey; import java.security.cert.X509Certificate; public final class IkeAuthDigitalSignPayloadTest { @@ -92,9 +95,7 @@ public final class IkeAuthDigitalSignPayloadTest { assertTrue(payload instanceof IkeAuthDigitalSignPayload); IkeAuthDigitalSignPayload dsPayload = (IkeAuthDigitalSignPayload) payload; - assertEquals( - IkeAuthDigitalSignPayload.SIGNATURE_ALGO_RSA_SHA2_256, - dsPayload.signatureAlgoAndHash); + assertEquals(SIGNATURE_ALGO_RSA_SHA2_256, dsPayload.signatureAlgoAndHash); assertArrayEquals(dsPayload.signature, TestUtils.hexStringToByteArray(SIGNATURE)); } @@ -136,7 +137,24 @@ public final class IkeAuthDigitalSignPayloadTest { PRF_RESP_KEY); fail("Expected to fail due to wrong certificate."); } catch (AuthenticationFailedException expected) { - } } + + @Test + public void testGenerateSignature() throws Exception { + PrivateKey key = CertUtils.createRsaPrivateKeyFromKeyFile("end-cert-key-a.key"); + + IkeAuthDigitalSignPayload authPayload = + new IkeAuthDigitalSignPayload( + SIGNATURE_ALGO_RSA_SHA2_256, + key, + IKE_INIT_RESP_REQUEST, + NONCE_INIT_RESP, + ID_RESP_PAYLOAD_BODY, + mIkeHmacSha1Prf, + PRF_RESP_KEY); + + assertEquals(SIGNATURE_ALGO_RSA_SHA2_256, authPayload.signatureAlgoAndHash); + assertArrayEquals(authPayload.signature, TestUtils.hexStringToByteArray(SIGNATURE)); + } } diff --git a/tests/iketests/src/java/com/android/ike/ikev2/testutils/CertUtils.java b/tests/iketests/src/java/com/android/ike/ikev2/testutils/CertUtils.java index e44551a0..e42e5647 100644 --- a/tests/iketests/src/java/com/android/ike/ikev2/testutils/CertUtils.java +++ b/tests/iketests/src/java/com/android/ike/ikev2/testutils/CertUtils.java @@ -21,14 +21,21 @@ import android.content.Context; import androidx.test.InstrumentationRegistry; import com.android.ike.ikev2.message.IkeMessage; +import com.android.org.bouncycastle.util.io.pem.PemObject; +import com.android.org.bouncycastle.util.io.pem.PemReader; import java.io.InputStream; +import java.io.InputStreamReader; +import java.security.KeyFactory; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; +import java.security.interfaces.RSAPrivateKey; +import java.security.spec.PKCS8EncodedKeySpec; -/** CertUtils provides utility methods for creating X509 certificate. */ +/** CertUtils provides utility methods for creating X509 certificate and private key. */ public final class CertUtils { private static final String PEM_FOLDER_NAME = "pem"; + private static final String KEY_FOLDER_NAME = "key"; /** Creates an X509Certificate with a pem file */ public static X509Certificate createCertFromPemFile(String fileName) throws Exception { @@ -40,4 +47,17 @@ public final class CertUtils { CertificateFactory.getInstance("X.509", IkeMessage.getSecurityProvider()); return (X509Certificate) factory.generateCertificate(inputStream); } + + /** Creates an private key from a PKCS8 format key file */ + public static RSAPrivateKey createRsaPrivateKeyFromKeyFile(String fileName) throws Exception { + Context context = InstrumentationRegistry.getContext(); + InputStream inputStream = + context.getResources().getAssets().open(KEY_FOLDER_NAME + "/" + fileName); + + PemObject pemObject = new PemReader(new InputStreamReader(inputStream)).readPemObject(); + + KeyFactory keyFactory = KeyFactory.getInstance("RSA"); + return (RSAPrivateKey) + keyFactory.generatePrivate(new PKCS8EncodedKeySpec(pemObject.getContent())); + } } |