Merge "Updated CTS test for Android Security b/199754277" into rvc-dev am: 64fa53bdfd

Original change: https://googleplex-android-review.googlesource.com/c/platform/cts/+/21701202

Change-Id: I034aac9edf4d38909cbdc44ef625bc5b68730d6b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/hostsidetests/securitybulletin/src/android/security/cts/CVE_2021_0963.java b/hostsidetests/securitybulletin/src/android/security/cts/CVE_2021_0963.java
index 90d8196..645f909 100644
--- a/hostsidetests/securitybulletin/src/android/security/cts/CVE_2021_0963.java
+++ b/hostsidetests/securitybulletin/src/android/security/cts/CVE_2021_0963.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2022 The Android Open Source Project
+ * Copyright (C) 2023 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -20,7 +20,7 @@
 
 import android.platform.test.annotations.AsbSecurityTest;
 
-import com.android.sts.common.tradefed.testtype.StsExtraBusinessLogicHostTestBase;
+import com.android.sts.common.tradefed.testtype.NonRootSecurityTestCase;
 import com.android.tradefed.device.ITestDevice;
 import com.android.tradefed.testtype.DeviceJUnit4ClassRunner;
 
@@ -28,41 +28,39 @@
 import org.junit.runner.RunWith;
 
 @RunWith(DeviceJUnit4ClassRunner.class)
-public class CVE_2021_0963 extends StsExtraBusinessLogicHostTestBase {
-    static final String TEST_PKG = "android.security.cts.CVE_2021_0963";
+public class CVE_2021_0963 extends NonRootSecurityTestCase {
 
-    /**
-     * b/199754277
-     * Vulnerable app    : KeyChain.apk
-     * Vulnerable module : com.android.keychain
-     * Is Play managed   : No
-     */
+    // b/199754277
+    // Vulnerable app    : KeyChain.apk
+    // Vulnerable module : com.android.keychain
+    // Is Play managed   : No
     @AsbSecurityTest(cveBugId = 199754277)
     @Test
     public void testPocCVE_2021_0963() {
+        int userId = 0;
+        String component = null;
+        ITestDevice device = null;
         try {
-            ITestDevice device = getDevice();
+            // Install the application
+            installPackage("CVE-2021-0963.apk", "-t");
 
-            /* Wake up the device */
-            AdbUtils.runCommandLine("input keyevent KEYCODE_WAKEUP", device);
-            AdbUtils.runCommandLine("input keyevent KEYCODE_MENU", device);
-            AdbUtils.runCommandLine("input keyevent KEYCODE_HOME", device);
+            // Set test-app as device owner.
+            final String testPkg = "android.security.cts.CVE_2021_0963";
+            component = testPkg + "/" + testPkg + ".PocDeviceAdminReceiver";
+            device = getDevice();
+            device.setDeviceOwner(component, userId);
 
-            /* Install the application */
-            installPackage("CVE-2021-0963.apk");
-
-            /*
-             * Set device as owner. After the test is completed, this change is reverted in the
-             * DeviceTest.java's tearDown() method by calling clearDeviceOwnerApp() on an instance
-             * of DevicePolicyManager.
-             */
-            AdbUtils.runCommandLine("dpm set-device-owner --user 0 '" + TEST_PKG + "/" + TEST_PKG
-                    + ".PocDeviceAdminReceiver" + "'", device);
-
-            /* Run the device test "testOverlayButtonPresence" */
-            runDeviceTests(TEST_PKG, TEST_PKG + "." + "DeviceTest", "testOverlayButtonPresence");
+            // Run the device test "testOverlayButtonPresence"
+            runDeviceTests(testPkg, testPkg + ".DeviceTest", "testOverlayButtonPresence");
         } catch (Exception e) {
             assumeNoException(e);
+        } finally {
+            try {
+                // Remove test-app as device owner.
+                device.removeAdmin(component, userId);
+            } catch (Exception e) {
+                // ignore
+            }
         }
     }
 }
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/Android.bp b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/Android.bp
index ea39e68..2a30791 100644
--- a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/Android.bp
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/Android.bp
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2022 The Android Open Source Project
+ * Copyright (C) 2023 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -35,5 +35,5 @@
         "androidx.test.rules",
         "androidx.test.uiautomator_uiautomator",
     ],
-    platform_apis: true,
+    platform_apis: true, // required for using RemoteCallback
 }
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/AndroidManifest.xml b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/AndroidManifest.xml
index ae0d416..dec0ae4 100644
--- a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/AndroidManifest.xml
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/AndroidManifest.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  Copyright 2022 The Android Open Source Project
+  Copyright 2023 The Android Open Source Project
 
   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
@@ -18,7 +18,7 @@
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
     package="android.security.cts.CVE_2021_0963">
     <uses-permission android:name="android.permission.SYSTEM_ALERT_WINDOW" />
-    <application>
+    <application android:testOnly="true">
         <activity android:name=".PocActivity"
             android:exported="true">
             <intent-filter>
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/raw/cve_2021_0963_pkey b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/raw/cve_2021_0963_pkey
new file mode 100644
index 0000000..3a07113
--- /dev/null
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/raw/cve_2021_0963_pkey
Binary files differ
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/raw/cve_2021_0963_usercert b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/raw/cve_2021_0963_usercert
new file mode 100644
index 0000000..4665a94
--- /dev/null
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/raw/cve_2021_0963_usercert
Binary files differ
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/values/integers.xml b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/values/integers.xml
index 6a14b4a..18ccaba 100644
--- a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/values/integers.xml
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/values/integers.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  Copyright 2022 The Android Open Source Project
+  Copyright 2023 The Android Open Source Project
 
   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/values/strings.xml b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/values/strings.xml
index 1da84fe..e6915d6 100644
--- a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/values/strings.xml
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/values/strings.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  Copyright 2022 The Android Open Source Project
+  Copyright 2023 The Android Open Source Project
 
   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
@@ -16,25 +16,32 @@
   -->
 
 <resources>
-    <string name="actionKeychainActivity">com.android.keychain.CHOOSER</string>
-    <string name="activityNotFoundMsg">The activity with intent was not found : </string>
-    <string name="activityNotStartedException">Unable to start the activity with intent : </string>
+    <string name="action">com.android.keychain.CHOOSER</string>
     <string name="alias">Client</string>
-    <string name="callbackKey">callback</string>
-    <string name="canNotDrawOverlaysMsg">The application cannot draw overlays</string>
-    <string name="certType">X.509</string>
-    <string name="dumpsysActivity">dumpsys activity %1$s</string>
-    <string name="dumpsysActivityNotStartedException">Could not execute dumpsys activity command
-    </string>
-    <string name="errorMessage">Device is vulnerable to b/199754277 hence any app with
-    "SYSTEM_ALERT_WINDOW can overlay the %1$s screen</string>
-    <string name="keyType">RSA</string>
-    <string name="mResumedTrue">mResumed=true</string>
-    <string name="messageKey">message</string>
-    <string name="overlayButtonText">OverlayButton</string>
-    <string name="overlayServiceNotStartedException">Unable to start the overlay service</string>
-    <string name="overlayUiScreenError">Overlay UI did not appear on the screen</string>
-    <string name="statusKey">status</string>
-    <string name="vulActivityNotRunningError">The activity %1$s is not currently running
-    on the device</string>
+    <string name="callback">callback</string>
+    <string name="cmdAdbHome">input keyevent KEYCODE_HOME</string>
+    <string name="cmdDumpsysActivityByActivity">dumpsys activity %1$s</string>
+    <string name="cmdDumpsysActivityByPkg">dumpsys activity -p %1$s activities</string>
+    <string name="exceptionActivityNotFound">The activity with intent was not found : </string>
+    <string name="exceptionActivityNotStart">Unable to start the activity with intent : </string>
+    <string name="exceptionCanNotDrawOverlays">The application cannot draw overlays</string>
+    <string name="exceptionOverlayUiNotVisible">Overlay UI did not appear on the screen</string>
+    <string name="exceptionServiceNotStart">Unable to start the overlay service</string>
+    <string name="exceptionVulActivityNotResume">The activity %1$s is not currently resumed on the
+    device</string>
+    <string name="exceptionVulUiNotVisible">UI of vulnerable activity %1$s is not visible</string>
+    <string name="failMsg">Device is vulnerable to b/199754277 !! Any app with SYSTEM_ALERT_WINDOW
+    can overlay the %1$s screen</string>
+    <string name="flagActivityResumed">mResumed=true</string>
+    <string name="flagActivityVisible">mVisible=true</string>
+    <string name="message">message</string>
+    <string name="pKey">cve_2021_0963_pkey</string>
+    <string name="rawResOpenError">Could not open the raw resource %1$s</string>
+    <string name="status">status</string>
+    <string name="strSplitRegex"><![CDATA[((?<=mVisible=(true|false)))]]></string>
+    <string name="streamReadError">Could not read from stream of the raw resource %1$s</string>
+    <string name="txtOverlayBtn">CVE_2021_0963_button</string>
+    <string name="typeCert">X.509</string>
+    <string name="typeKey">RSA</string>
+    <string name="userCert">cve_2021_0963_usercert</string>
 </resources>
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/xml/device_policies.xml b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/xml/device_policies.xml
index a826e80..ed5352d 100644
--- a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/xml/device_policies.xml
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/res/xml/device_policies.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  Copyright 2022 The Android Open Source Project
+  Copyright 2023 The Android Open Source Project
 
   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
@@ -16,6 +16,5 @@
   -->
 
 <device-admin>
-    <uses-policies>
-    </uses-policies>
+    <uses-policies />
 </device-admin>
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/DeviceTest.java b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/DeviceTest.java
index 3d1c0df..209bdf0 100644
--- a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/DeviceTest.java
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/DeviceTest.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2022 The Android Open Source Project
+ * Copyright (C) 2023 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -43,6 +43,9 @@
 import org.junit.runner.RunWith;
 
 import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
 import java.security.KeyFactory;
 import java.security.PrivateKey;
 import java.security.cert.Certificate;
@@ -56,256 +59,31 @@
 public class DeviceTest {
     private DevicePolicyManager mDevicePolicyManager;
     private ComponentName mComponentName;
-    Context mContext;
+    private Context mContext;
+    private UiDevice mDevice;
+    private Resources mResources;
 
-    /**
-     * Generated from above and converted with:
-     *
-     * openssl pkcs8 -topk8 -outform d -in userkey.pem -nocrypt | xxd -i | sed 's/0x/(byte) 0x/g'
-     */
-    private static final byte[] PRIVATE_KEY =
-            new byte[] {(byte) 0x30, (byte) 0x82, (byte) 0x02, (byte) 0x76, (byte) 0x02,
-                    (byte) 0x01, (byte) 0x00, (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09,
-                    (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d,
-                    (byte) 0x01, (byte) 0x01, (byte) 0x01, (byte) 0x05, (byte) 0x00, (byte) 0x04,
-                    (byte) 0x82, (byte) 0x02, (byte) 0x60, (byte) 0x30, (byte) 0x82, (byte) 0x02,
-                    (byte) 0x5c, (byte) 0x02, (byte) 0x01, (byte) 0x00, (byte) 0x02, (byte) 0x81,
-                    (byte) 0x81, (byte) 0x00, (byte) 0xee, (byte) 0x6e, (byte) 0x51, (byte) 0xa8,
-                    (byte) 0xc4, (byte) 0x44, (byte) 0xd9, (byte) 0xb7, (byte) 0x53, (byte) 0xf1,
-                    (byte) 0xb9, (byte) 0x1b, (byte) 0x9d, (byte) 0x8d, (byte) 0x7c, (byte) 0x9f,
-                    (byte) 0x06, (byte) 0xe7, (byte) 0xed, (byte) 0xa8, (byte) 0x05, (byte) 0xb8,
-                    (byte) 0xaa, (byte) 0x0a, (byte) 0x2d, (byte) 0x74, (byte) 0x05, (byte) 0x8b,
-                    (byte) 0xad, (byte) 0xfe, (byte) 0xd3, (byte) 0x3e, (byte) 0x08, (byte) 0x9d,
-                    (byte) 0xc9, (byte) 0xf5, (byte) 0xf7, (byte) 0x81, (byte) 0x90, (byte) 0xf1,
-                    (byte) 0xcc, (byte) 0x3f, (byte) 0x91, (byte) 0xda, (byte) 0xcb, (byte) 0x67,
-                    (byte) 0x6a, (byte) 0xe8, (byte) 0x4a, (byte) 0xa0, (byte) 0xc3, (byte) 0x8a,
-                    (byte) 0x53, (byte) 0xd9, (byte) 0xf0, (byte) 0x17, (byte) 0xbe, (byte) 0x90,
-                    (byte) 0xbb, (byte) 0x95, (byte) 0x29, (byte) 0x01, (byte) 0xce, (byte) 0x32,
-                    (byte) 0xce, (byte) 0xf8, (byte) 0x02, (byte) 0xfe, (byte) 0xe8, (byte) 0x19,
-                    (byte) 0x91, (byte) 0x29, (byte) 0x46, (byte) 0xf7, (byte) 0x67, (byte) 0xd1,
-                    (byte) 0xcb, (byte) 0xa7, (byte) 0x20, (byte) 0x8b, (byte) 0x85, (byte) 0x8a,
-                    (byte) 0x0c, (byte) 0x07, (byte) 0xf8, (byte) 0xfe, (byte) 0xf4, (byte) 0x5d,
-                    (byte) 0x08, (byte) 0xf4, (byte) 0x63, (byte) 0x4a, (byte) 0x69, (byte) 0x66,
-                    (byte) 0x28, (byte) 0xcb, (byte) 0x0d, (byte) 0x1c, (byte) 0x7f, (byte) 0x7f,
-                    (byte) 0x7e, (byte) 0x83, (byte) 0x49, (byte) 0x66, (byte) 0x6c, (byte) 0x83,
-                    (byte) 0x2d, (byte) 0xa0, (byte) 0x51, (byte) 0xf6, (byte) 0x14, (byte) 0x68,
-                    (byte) 0x47, (byte) 0x31, (byte) 0x72, (byte) 0x4d, (byte) 0xe9, (byte) 0x1e,
-                    (byte) 0x12, (byte) 0x1b, (byte) 0xd0, (byte) 0xe6, (byte) 0x21, (byte) 0xd8,
-                    (byte) 0x84, (byte) 0x5f, (byte) 0xe3, (byte) 0xef, (byte) 0x02, (byte) 0x03,
-                    (byte) 0x01, (byte) 0x00, (byte) 0x01, (byte) 0x02, (byte) 0x81, (byte) 0x80,
-                    (byte) 0x24, (byte) 0x95, (byte) 0xb8, (byte) 0xe1, (byte) 0xf4, (byte) 0x7b,
-                    (byte) 0xbc, (byte) 0x0c, (byte) 0x6d, (byte) 0x4d, (byte) 0x01, (byte) 0xe2,
-                    (byte) 0x42, (byte) 0xe2, (byte) 0x9a, (byte) 0xe4, (byte) 0xab, (byte) 0xe2,
-                    (byte) 0x9a, (byte) 0x8c, (byte) 0xd5, (byte) 0x93, (byte) 0xe8, (byte) 0x43,
-                    (byte) 0x77, (byte) 0x85, (byte) 0xfd, (byte) 0xf3, (byte) 0xd8, (byte) 0xd6,
-                    (byte) 0xe9, (byte) 0x02, (byte) 0xf3, (byte) 0xbf, (byte) 0x82, (byte) 0x65,
-                    (byte) 0xc3, (byte) 0x7c, (byte) 0x96, (byte) 0x09, (byte) 0x04, (byte) 0x16,
-                    (byte) 0x1d, (byte) 0x03, (byte) 0x3d, (byte) 0x82, (byte) 0xb8, (byte) 0xdc,
-                    (byte) 0xbb, (byte) 0xd6, (byte) 0xbf, (byte) 0x2a, (byte) 0x52, (byte) 0x83,
-                    (byte) 0x76, (byte) 0x5b, (byte) 0xae, (byte) 0x59, (byte) 0xf6, (byte) 0xee,
-                    (byte) 0x84, (byte) 0x44, (byte) 0x4a, (byte) 0xa7, (byte) 0x25, (byte) 0x50,
-                    (byte) 0x89, (byte) 0x63, (byte) 0x43, (byte) 0x0b, (byte) 0xc8, (byte) 0xd5,
-                    (byte) 0x17, (byte) 0x9d, (byte) 0x8b, (byte) 0x62, (byte) 0xd5, (byte) 0xf1,
-                    (byte) 0xde, (byte) 0x45, (byte) 0xe6, (byte) 0x35, (byte) 0x10, (byte) 0xba,
-                    (byte) 0x58, (byte) 0x18, (byte) 0x44, (byte) 0xc1, (byte) 0x6d, (byte) 0xb6,
-                    (byte) 0x1d, (byte) 0x2f, (byte) 0x53, (byte) 0xb6, (byte) 0x5a, (byte) 0xf1,
-                    (byte) 0x66, (byte) 0xbc, (byte) 0x0e, (byte) 0x63, (byte) 0xa7, (byte) 0x0f,
-                    (byte) 0x81, (byte) 0x4b, (byte) 0x07, (byte) 0x31, (byte) 0xa5, (byte) 0x70,
-                    (byte) 0xec, (byte) 0x30, (byte) 0x57, (byte) 0xc4, (byte) 0x14, (byte) 0xb2,
-                    (byte) 0x8b, (byte) 0x6f, (byte) 0x26, (byte) 0x7e, (byte) 0x55, (byte) 0x60,
-                    (byte) 0x63, (byte) 0x7d, (byte) 0x90, (byte) 0xd7, (byte) 0x5f, (byte) 0xef,
-                    (byte) 0x7d, (byte) 0xc1, (byte) 0x02, (byte) 0x41, (byte) 0x00, (byte) 0xfe,
-                    (byte) 0x92, (byte) 0xa9, (byte) 0xf1, (byte) 0x29, (byte) 0x1e, (byte) 0xd4,
-                    (byte) 0x72, (byte) 0xd3, (byte) 0x3f, (byte) 0x9d, (byte) 0xd6, (byte) 0x3d,
-                    (byte) 0xe9, (byte) 0xcf, (byte) 0x3e, (byte) 0x06, (byte) 0xdc, (byte) 0x65,
-                    (byte) 0x8f, (byte) 0xc0, (byte) 0x81, (byte) 0xc2, (byte) 0x66, (byte) 0xc1,
-                    (byte) 0x5c, (byte) 0x2c, (byte) 0xfa, (byte) 0x08, (byte) 0x65, (byte) 0xb6,
-                    (byte) 0x47, (byte) 0xc5, (byte) 0x14, (byte) 0x8d, (byte) 0x69, (byte) 0xe9,
-                    (byte) 0xaf, (byte) 0x42, (byte) 0x02, (byte) 0x53, (byte) 0x04, (byte) 0x63,
-                    (byte) 0x47, (byte) 0xaf, (byte) 0xcc, (byte) 0xae, (byte) 0x08, (byte) 0x31,
-                    (byte) 0xba, (byte) 0xea, (byte) 0x85, (byte) 0xda, (byte) 0xd6, (byte) 0xb2,
-                    (byte) 0xe7, (byte) 0x4c, (byte) 0xda, (byte) 0xad, (byte) 0x52, (byte) 0x76,
-                    (byte) 0x48, (byte) 0x16, (byte) 0xeb, (byte) 0x02, (byte) 0x41, (byte) 0x00,
-                    (byte) 0xef, (byte) 0xc4, (byte) 0x7d, (byte) 0x69, (byte) 0x7b, (byte) 0xcb,
-                    (byte) 0xcb, (byte) 0xf7, (byte) 0x00, (byte) 0x2d, (byte) 0x05, (byte) 0x3c,
-                    (byte) 0xe4, (byte) 0xfd, (byte) 0x5c, (byte) 0xea, (byte) 0xcf, (byte) 0x40,
-                    (byte) 0x84, (byte) 0x10, (byte) 0xf1, (byte) 0xc0, (byte) 0xaf, (byte) 0xc7,
-                    (byte) 0xc8, (byte) 0x51, (byte) 0xac, (byte) 0x18, (byte) 0x25, (byte) 0x63,
-                    (byte) 0x75, (byte) 0xc7, (byte) 0x0e, (byte) 0xa9, (byte) 0xed, (byte) 0x9c,
-                    (byte) 0x78, (byte) 0x08, (byte) 0x28, (byte) 0x1d, (byte) 0x9e, (byte) 0xfa,
-                    (byte) 0x17, (byte) 0x0f, (byte) 0x7a, (byte) 0x6a, (byte) 0x78, (byte) 0x63,
-                    (byte) 0x6e, (byte) 0xb3, (byte) 0x6b, (byte) 0xd6, (byte) 0x43, (byte) 0x4b,
-                    (byte) 0x58, (byte) 0xb8, (byte) 0x77, (byte) 0x10, (byte) 0x07, (byte) 0x70,
-                    (byte) 0xa6, (byte) 0xa9, (byte) 0xae, (byte) 0x0d, (byte) 0x02, (byte) 0x41,
-                    (byte) 0x00, (byte) 0x92, (byte) 0x4c, (byte) 0x79, (byte) 0x0b, (byte) 0x95,
-                    (byte) 0xc5, (byte) 0x18, (byte) 0xf4, (byte) 0x90, (byte) 0x40, (byte) 0x8c,
-                    (byte) 0x15, (byte) 0x96, (byte) 0x69, (byte) 0x2a, (byte) 0xe7, (byte) 0x8b,
-                    (byte) 0x8b, (byte) 0xd7, (byte) 0x76, (byte) 0x00, (byte) 0x7c, (byte) 0xd1,
-                    (byte) 0xda, (byte) 0xb9, (byte) 0x9e, (byte) 0x9e, (byte) 0x5e, (byte) 0x66,
-                    (byte) 0xbb, (byte) 0x05, (byte) 0x41, (byte) 0x43, (byte) 0x9a, (byte) 0x67,
-                    (byte) 0x16, (byte) 0x89, (byte) 0xec, (byte) 0x65, (byte) 0x33, (byte) 0xee,
-                    (byte) 0xbf, (byte) 0xa3, (byte) 0xca, (byte) 0x8b, (byte) 0xd6, (byte) 0x45,
-                    (byte) 0xe1, (byte) 0x81, (byte) 0xaa, (byte) 0xd8, (byte) 0xa2, (byte) 0x6a,
-                    (byte) 0x3c, (byte) 0x5e, (byte) 0x7e, (byte) 0x1c, (byte) 0xa5, (byte) 0xc3,
-                    (byte) 0x5b, (byte) 0x93, (byte) 0x8c, (byte) 0x24, (byte) 0x57, (byte) 0x02,
-                    (byte) 0x40, (byte) 0x0a, (byte) 0x6d, (byte) 0x3f, (byte) 0x0e, (byte) 0xf1,
-                    (byte) 0x45, (byte) 0x41, (byte) 0x8f, (byte) 0x72, (byte) 0x40, (byte) 0x82,
-                    (byte) 0xf3, (byte) 0xcc, (byte) 0xf9, (byte) 0x7f, (byte) 0xaa, (byte) 0xee,
-                    (byte) 0x6c, (byte) 0x5d, (byte) 0xd1, (byte) 0xe6, (byte) 0xd1, (byte) 0x7c,
-                    (byte) 0x53, (byte) 0x71, (byte) 0xd0, (byte) 0xab, (byte) 0x6d, (byte) 0x39,
-                    (byte) 0x63, (byte) 0x03, (byte) 0xe2, (byte) 0x2e, (byte) 0x2f, (byte) 0x11,
-                    (byte) 0x98, (byte) 0x36, (byte) 0x58, (byte) 0x14, (byte) 0x76, (byte) 0x85,
-                    (byte) 0x4d, (byte) 0x56, (byte) 0xe7, (byte) 0x63, (byte) 0x69, (byte) 0x71,
-                    (byte) 0xe6, (byte) 0xd1, (byte) 0x0f, (byte) 0x98, (byte) 0x66, (byte) 0xee,
-                    (byte) 0xf2, (byte) 0x3d, (byte) 0xdf, (byte) 0x77, (byte) 0xbe, (byte) 0x08,
-                    (byte) 0xb4, (byte) 0xcb, (byte) 0x6a, (byte) 0xa1, (byte) 0x99, (byte) 0x02,
-                    (byte) 0x40, (byte) 0x52, (byte) 0x01, (byte) 0xde, (byte) 0x62, (byte) 0xc2,
-                    (byte) 0x25, (byte) 0xbf, (byte) 0x5d, (byte) 0x77, (byte) 0xe4, (byte) 0x6b,
-                    (byte) 0xb6, (byte) 0xd7, (byte) 0x8f, (byte) 0x89, (byte) 0x2c, (byte) 0xe6,
-                    (byte) 0x8d, (byte) 0xe5, (byte) 0xad, (byte) 0x39, (byte) 0x17, (byte) 0x54,
-                    (byte) 0x2b, (byte) 0x35, (byte) 0x53, (byte) 0xd1, (byte) 0xa1, (byte) 0xef,
-                    (byte) 0x48, (byte) 0xbc, (byte) 0x95, (byte) 0x48, (byte) 0xcf, (byte) 0x62,
-                    (byte) 0xf4, (byte) 0x33, (byte) 0xcf, (byte) 0x37, (byte) 0x78, (byte) 0xeb,
-                    (byte) 0x17, (byte) 0xb4, (byte) 0x0b, (byte) 0x83, (byte) 0x4f, (byte) 0xb6,
-                    (byte) 0xab, (byte) 0x7d, (byte) 0x67, (byte) 0x3e, (byte) 0x4e, (byte) 0x44,
-                    (byte) 0x4a, (byte) 0x55, (byte) 0x2e, (byte) 0x34, (byte) 0x12, (byte) 0x0b,
-                    (byte) 0x59, (byte) 0xb3, (byte) 0xb1, (byte) 0x1e, (byte) 0x3d};
-
-
-    /**
-     * Generated from above and converted with:
-     *
-     * openssl x509 -outform d -in usercert.pem | xxd -i | sed 's/0x/(byte) 0x/g'
-     */
-    private static final byte[] USER_CERT =
-            {(byte) 0x30, (byte) 0x82, (byte) 0x02, (byte) 0xd8, (byte) 0x30, (byte) 0x82,
-                    (byte) 0x01, (byte) 0xc0, (byte) 0xa0, (byte) 0x03, (byte) 0x02, (byte) 0x01,
-                    (byte) 0x02, (byte) 0x02, (byte) 0x01, (byte) 0x01, (byte) 0x30, (byte) 0x0d,
-                    (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0x86,
-                    (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x0b, (byte) 0x05,
-                    (byte) 0x00, (byte) 0x30, (byte) 0x33, (byte) 0x31, (byte) 0x0b, (byte) 0x30,
-                    (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x06,
-                    (byte) 0x13, (byte) 0x02, (byte) 0x41, (byte) 0x55, (byte) 0x31, (byte) 0x13,
-                    (byte) 0x30, (byte) 0x11, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04,
-                    (byte) 0x08, (byte) 0x0c, (byte) 0x0a, (byte) 0x53, (byte) 0x6f, (byte) 0x6d,
-                    (byte) 0x65, (byte) 0x2d, (byte) 0x53, (byte) 0x74, (byte) 0x61, (byte) 0x74,
-                    (byte) 0x65, (byte) 0x31, (byte) 0x0f, (byte) 0x30, (byte) 0x0d, (byte) 0x06,
-                    (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x0a, (byte) 0x0c, (byte) 0x06,
-                    (byte) 0x47, (byte) 0x6f, (byte) 0x6f, (byte) 0x67, (byte) 0x6c, (byte) 0x65,
-                    (byte) 0x30, (byte) 0x1e, (byte) 0x17, (byte) 0x0d, (byte) 0x32, (byte) 0x32,
-                    (byte) 0x30, (byte) 0x33, (byte) 0x32, (byte) 0x35, (byte) 0x30, (byte) 0x37,
-                    (byte) 0x32, (byte) 0x30, (byte) 0x31, (byte) 0x32, (byte) 0x5a, (byte) 0x17,
-                    (byte) 0x0d, (byte) 0x33, (byte) 0x32, (byte) 0x30, (byte) 0x33, (byte) 0x32,
-                    (byte) 0x32, (byte) 0x30, (byte) 0x37, (byte) 0x32, (byte) 0x30, (byte) 0x31,
-                    (byte) 0x32, (byte) 0x5a, (byte) 0x30, (byte) 0x33, (byte) 0x31, (byte) 0x0b,
-                    (byte) 0x30, (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04,
-                    (byte) 0x06, (byte) 0x13, (byte) 0x02, (byte) 0x41, (byte) 0x55, (byte) 0x31,
-                    (byte) 0x13, (byte) 0x30, (byte) 0x11, (byte) 0x06, (byte) 0x03, (byte) 0x55,
-                    (byte) 0x04, (byte) 0x08, (byte) 0x0c, (byte) 0x0a, (byte) 0x53, (byte) 0x6f,
-                    (byte) 0x6d, (byte) 0x65, (byte) 0x2d, (byte) 0x53, (byte) 0x74, (byte) 0x61,
-                    (byte) 0x74, (byte) 0x65, (byte) 0x31, (byte) 0x0f, (byte) 0x30, (byte) 0x0d,
-                    (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x04, (byte) 0x0a, (byte) 0x0c,
-                    (byte) 0x06, (byte) 0x47, (byte) 0x6f, (byte) 0x6f, (byte) 0x67, (byte) 0x6c,
-                    (byte) 0x65, (byte) 0x30, (byte) 0x81, (byte) 0x9f, (byte) 0x30, (byte) 0x0d,
-                    (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86, (byte) 0x48, (byte) 0x86,
-                    (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x01, (byte) 0x05,
-                    (byte) 0x00, (byte) 0x03, (byte) 0x81, (byte) 0x8d, (byte) 0x00, (byte) 0x30,
-                    (byte) 0x81, (byte) 0x89, (byte) 0x02, (byte) 0x81, (byte) 0x81, (byte) 0x00,
-                    (byte) 0xee, (byte) 0x6e, (byte) 0x51, (byte) 0xa8, (byte) 0xc4, (byte) 0x44,
-                    (byte) 0xd9, (byte) 0xb7, (byte) 0x53, (byte) 0xf1, (byte) 0xb9, (byte) 0x1b,
-                    (byte) 0x9d, (byte) 0x8d, (byte) 0x7c, (byte) 0x9f, (byte) 0x06, (byte) 0xe7,
-                    (byte) 0xed, (byte) 0xa8, (byte) 0x05, (byte) 0xb8, (byte) 0xaa, (byte) 0x0a,
-                    (byte) 0x2d, (byte) 0x74, (byte) 0x05, (byte) 0x8b, (byte) 0xad, (byte) 0xfe,
-                    (byte) 0xd3, (byte) 0x3e, (byte) 0x08, (byte) 0x9d, (byte) 0xc9, (byte) 0xf5,
-                    (byte) 0xf7, (byte) 0x81, (byte) 0x90, (byte) 0xf1, (byte) 0xcc, (byte) 0x3f,
-                    (byte) 0x91, (byte) 0xda, (byte) 0xcb, (byte) 0x67, (byte) 0x6a, (byte) 0xe8,
-                    (byte) 0x4a, (byte) 0xa0, (byte) 0xc3, (byte) 0x8a, (byte) 0x53, (byte) 0xd9,
-                    (byte) 0xf0, (byte) 0x17, (byte) 0xbe, (byte) 0x90, (byte) 0xbb, (byte) 0x95,
-                    (byte) 0x29, (byte) 0x01, (byte) 0xce, (byte) 0x32, (byte) 0xce, (byte) 0xf8,
-                    (byte) 0x02, (byte) 0xfe, (byte) 0xe8, (byte) 0x19, (byte) 0x91, (byte) 0x29,
-                    (byte) 0x46, (byte) 0xf7, (byte) 0x67, (byte) 0xd1, (byte) 0xcb, (byte) 0xa7,
-                    (byte) 0x20, (byte) 0x8b, (byte) 0x85, (byte) 0x8a, (byte) 0x0c, (byte) 0x07,
-                    (byte) 0xf8, (byte) 0xfe, (byte) 0xf4, (byte) 0x5d, (byte) 0x08, (byte) 0xf4,
-                    (byte) 0x63, (byte) 0x4a, (byte) 0x69, (byte) 0x66, (byte) 0x28, (byte) 0xcb,
-                    (byte) 0x0d, (byte) 0x1c, (byte) 0x7f, (byte) 0x7f, (byte) 0x7e, (byte) 0x83,
-                    (byte) 0x49, (byte) 0x66, (byte) 0x6c, (byte) 0x83, (byte) 0x2d, (byte) 0xa0,
-                    (byte) 0x51, (byte) 0xf6, (byte) 0x14, (byte) 0x68, (byte) 0x47, (byte) 0x31,
-                    (byte) 0x72, (byte) 0x4d, (byte) 0xe9, (byte) 0x1e, (byte) 0x12, (byte) 0x1b,
-                    (byte) 0xd0, (byte) 0xe6, (byte) 0x21, (byte) 0xd8, (byte) 0x84, (byte) 0x5f,
-                    (byte) 0xe3, (byte) 0xef, (byte) 0x02, (byte) 0x03, (byte) 0x01, (byte) 0x00,
-                    (byte) 0x01, (byte) 0xa3, (byte) 0x7b, (byte) 0x30, (byte) 0x79, (byte) 0x30,
-                    (byte) 0x09, (byte) 0x06, (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x13,
-                    (byte) 0x04, (byte) 0x02, (byte) 0x30, (byte) 0x00, (byte) 0x30, (byte) 0x2c,
-                    (byte) 0x06, (byte) 0x09, (byte) 0x60, (byte) 0x86, (byte) 0x48, (byte) 0x01,
-                    (byte) 0x86, (byte) 0xf8, (byte) 0x42, (byte) 0x01, (byte) 0x0d, (byte) 0x04,
-                    (byte) 0x1f, (byte) 0x16, (byte) 0x1d, (byte) 0x4f, (byte) 0x70, (byte) 0x65,
-                    (byte) 0x6e, (byte) 0x53, (byte) 0x53, (byte) 0x4c, (byte) 0x20, (byte) 0x47,
-                    (byte) 0x65, (byte) 0x6e, (byte) 0x65, (byte) 0x72, (byte) 0x61, (byte) 0x74,
-                    (byte) 0x65, (byte) 0x64, (byte) 0x20, (byte) 0x43, (byte) 0x65, (byte) 0x72,
-                    (byte) 0x74, (byte) 0x69, (byte) 0x66, (byte) 0x69, (byte) 0x63, (byte) 0x61,
-                    (byte) 0x74, (byte) 0x65, (byte) 0x30, (byte) 0x1d, (byte) 0x06, (byte) 0x03,
-                    (byte) 0x55, (byte) 0x1d, (byte) 0x0e, (byte) 0x04, (byte) 0x16, (byte) 0x04,
-                    (byte) 0x14, (byte) 0xee, (byte) 0xec, (byte) 0x08, (byte) 0xcc, (byte) 0xdd,
-                    (byte) 0xa3, (byte) 0x29, (byte) 0x6e, (byte) 0x2b, (byte) 0x78, (byte) 0x23,
-                    (byte) 0xb3, (byte) 0xf0, (byte) 0xb8, (byte) 0x9d, (byte) 0x53, (byte) 0x41,
-                    (byte) 0x2e, (byte) 0x3c, (byte) 0x61, (byte) 0x30, (byte) 0x1f, (byte) 0x06,
-                    (byte) 0x03, (byte) 0x55, (byte) 0x1d, (byte) 0x23, (byte) 0x04, (byte) 0x18,
-                    (byte) 0x30, (byte) 0x16, (byte) 0x80, (byte) 0x14, (byte) 0x86, (byte) 0xdb,
-                    (byte) 0xa5, (byte) 0x5e, (byte) 0x0e, (byte) 0x03, (byte) 0xbc, (byte) 0xe4,
-                    (byte) 0xc1, (byte) 0xc8, (byte) 0xf3, (byte) 0xed, (byte) 0x24, (byte) 0x48,
-                    (byte) 0xb1, (byte) 0x37, (byte) 0x3a, (byte) 0x52, (byte) 0x10, (byte) 0x57,
-                    (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86,
-                    (byte) 0x48, (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01,
-                    (byte) 0x0b, (byte) 0x05, (byte) 0x00, (byte) 0x03, (byte) 0x82, (byte) 0x01,
-                    (byte) 0x01, (byte) 0x00, (byte) 0x15, (byte) 0x5a, (byte) 0x5c, (byte) 0x08,
-                    (byte) 0xe4, (byte) 0x0e, (byte) 0x28, (byte) 0x4c, (byte) 0xa9, (byte) 0x0e,
-                    (byte) 0x35, (byte) 0xbe, (byte) 0xe3, (byte) 0xd5, (byte) 0xd1, (byte) 0xb4,
-                    (byte) 0x47, (byte) 0x87, (byte) 0x63, (byte) 0xd2, (byte) 0x5e, (byte) 0x7e,
-                    (byte) 0xf6, (byte) 0xd8, (byte) 0xce, (byte) 0xdf, (byte) 0x10, (byte) 0x15,
-                    (byte) 0x61, (byte) 0xc4, (byte) 0x9a, (byte) 0xf1, (byte) 0xba, (byte) 0x33,
-                    (byte) 0xf2, (byte) 0xc2, (byte) 0x01, (byte) 0x95, (byte) 0xa7, (byte) 0x74,
-                    (byte) 0x97, (byte) 0xc1, (byte) 0x43, (byte) 0x68, (byte) 0x92, (byte) 0xbe,
-                    (byte) 0x9a, (byte) 0x6f, (byte) 0x38, (byte) 0xcb, (byte) 0xa0, (byte) 0xcf,
-                    (byte) 0x1e, (byte) 0x5b, (byte) 0x03, (byte) 0xde, (byte) 0x45, (byte) 0x6d,
-                    (byte) 0xea, (byte) 0xf0, (byte) 0x46, (byte) 0x4d, (byte) 0xb6, (byte) 0x4b,
-                    (byte) 0x88, (byte) 0xc7, (byte) 0xb8, (byte) 0xe3, (byte) 0x9f, (byte) 0x58,
-                    (byte) 0x8b, (byte) 0x2d, (byte) 0xbf, (byte) 0x4b, (byte) 0x3f, (byte) 0x54,
-                    (byte) 0x2d, (byte) 0xa8, (byte) 0x27, (byte) 0x72, (byte) 0x5e, (byte) 0x36,
-                    (byte) 0x67, (byte) 0x5c, (byte) 0x6e, (byte) 0x9a, (byte) 0x67, (byte) 0x73,
-                    (byte) 0x44, (byte) 0xaf, (byte) 0x46, (byte) 0x7f, (byte) 0xd6, (byte) 0x2b,
-                    (byte) 0x9d, (byte) 0x28, (byte) 0xb1, (byte) 0xc4, (byte) 0xc4, (byte) 0x72,
-                    (byte) 0x3d, (byte) 0x6d, (byte) 0x7d, (byte) 0x28, (byte) 0x40, (byte) 0x62,
-                    (byte) 0x40, (byte) 0x21, (byte) 0x52, (byte) 0xb5, (byte) 0x0b, (byte) 0xf3,
-                    (byte) 0xcc, (byte) 0x36, (byte) 0x03, (byte) 0x10, (byte) 0x19, (byte) 0xe3,
-                    (byte) 0xc2, (byte) 0xfe, (byte) 0xe9, (byte) 0x08, (byte) 0x0d, (byte) 0xd4,
-                    (byte) 0x8b, (byte) 0x12, (byte) 0xd6, (byte) 0x3d, (byte) 0xc5, (byte) 0xb8,
-                    (byte) 0x8c, (byte) 0xbd, (byte) 0xa5, (byte) 0xcd, (byte) 0xb3, (byte) 0xe4,
-                    (byte) 0xd1, (byte) 0xd8, (byte) 0x4c, (byte) 0x32, (byte) 0x44, (byte) 0x3f,
-                    (byte) 0x63, (byte) 0x32, (byte) 0x09, (byte) 0xdb, (byte) 0x8b, (byte) 0x7b,
-                    (byte) 0x30, (byte) 0x58, (byte) 0xc7, (byte) 0xcf, (byte) 0xc3, (byte) 0x44,
-                    (byte) 0xd9, (byte) 0xff, (byte) 0x63, (byte) 0x91, (byte) 0x74, (byte) 0xd8,
-                    (byte) 0x62, (byte) 0x2b, (byte) 0x52, (byte) 0xc8, (byte) 0x82, (byte) 0x9f,
-                    (byte) 0xeb, (byte) 0x22, (byte) 0x5c, (byte) 0xa2, (byte) 0x26, (byte) 0xfe,
-                    (byte) 0x04, (byte) 0x31, (byte) 0x53, (byte) 0x09, (byte) 0xa7, (byte) 0x23,
-                    (byte) 0xe3, (byte) 0x0f, (byte) 0xf8, (byte) 0xe9, (byte) 0x99, (byte) 0xad,
-                    (byte) 0x4b, (byte) 0x23, (byte) 0x07, (byte) 0xfb, (byte) 0xfa, (byte) 0xc3,
-                    (byte) 0x55, (byte) 0x59, (byte) 0xdb, (byte) 0x6b, (byte) 0x71, (byte) 0xdf,
-                    (byte) 0x25, (byte) 0x0f, (byte) 0xaa, (byte) 0xa2, (byte) 0xfa, (byte) 0x28,
-                    (byte) 0x49, (byte) 0x65, (byte) 0x7e, (byte) 0x0b, (byte) 0x74, (byte) 0x30,
-                    (byte) 0xd9, (byte) 0x9a, (byte) 0xfe, (byte) 0x2c, (byte) 0x8c, (byte) 0x67,
-                    (byte) 0x50, (byte) 0x0c, (byte) 0x6d, (byte) 0x4c, (byte) 0xba, (byte) 0x34,
-                    (byte) 0x3b, (byte) 0x0d, (byte) 0x16, (byte) 0x45, (byte) 0x63, (byte) 0x73,
-                    (byte) 0xc2, (byte) 0x9f, (byte) 0xb4, (byte) 0xdd, (byte) 0x6f, (byte) 0xde,
-                    (byte) 0x9d, (byte) 0x71, (byte) 0xbf, (byte) 0x8d, (byte) 0x1b, (byte) 0x79,
-                    (byte) 0xa0, (byte) 0x0a, (byte) 0x66, (byte) 0x7e, (byte) 0x56, (byte) 0x83,
-                    (byte) 0x8f, (byte) 0x3f, (byte) 0x7d, (byte) 0x93, (byte) 0xf6, (byte) 0xc9,
-                    (byte) 0x42, (byte) 0xfc, (byte) 0xc5, (byte) 0xf2, (byte) 0x49, (byte) 0xec};
+    private byte[] getByteArrayFromRawRes(int resId, String resName) throws IOException {
+        byte[] byteArray = null;
+        try (InputStream inStream = mResources.openRawResource(resId);
+                ByteArrayOutputStream outStream = new ByteArrayOutputStream(); ) {
+            assumeTrue(mContext.getString(R.string.rawResOpenError, resName), inStream != null);
+            byteArray = new byte[1024];
+            int nRead = inStream.read(byteArray, 0, byteArray.length);
+            assumeTrue(mContext.getString(R.string.streamReadError, resName), nRead > 0);
+            outStream.write(byteArray, 0, nRead);
+        }
+        return byteArray;
+    }
 
     @After
     public void tearDown() {
         try {
+            // Go to home screen
+            mDevice.executeShellCommand(mContext.getString(R.string.cmdAdbHome));
+
+            // Remove key pair added by the test as part of cleanup
             mDevicePolicyManager.removeKeyPair(mComponentName, mContext.getString(R.string.alias));
-            mDevicePolicyManager.clearDeviceOwnerApp(mContext.getPackageName());
         } catch (Exception e) {
             // ignore all exceptions as the test is already complete
         }
@@ -314,85 +92,146 @@
     @Test
     public void testOverlayButtonPresence() {
         try {
-            /* Install key pair required to launch KeyChainActivity dialog */
+            // Create the byte arrays from raw resources of private key and user certificate
+            // respectively.
             mContext = getInstrumentation().getContext();
-            Resources resources = mContext.getResources();
-            KeyFactory kf = KeyFactory.getInstance(mContext.getString(R.string.keyType));
-            PrivateKey privKey = kf.generatePrivate(new PKCS8EncodedKeySpec(PRIVATE_KEY));
-            CertificateFactory cf =
-                    CertificateFactory.getInstance(mContext.getString(R.string.certType));
-            Certificate cert = cf.generateCertificate(new ByteArrayInputStream(USER_CERT));
-            mDevicePolicyManager = mContext.getSystemService(DevicePolicyManager.class);
-            mComponentName = new ComponentName(PocDeviceAdminReceiver.class.getPackage().getName(),
-                    PocDeviceAdminReceiver.class.getName());
-            assumeTrue(mDevicePolicyManager.installKeyPair(mComponentName, privKey, cert,
-                    mContext.getString(R.string.alias)));
+            mResources = mContext.getResources();
+            byte[] privateKeyByteArray =
+                    getByteArrayFromRawRes(
+                            R.raw.cve_2021_0963_pkey, mContext.getString(R.string.pKey));
+            byte[] userCertByteArray =
+                    getByteArrayFromRawRes(
+                            R.raw.cve_2021_0963_usercert, mContext.getString(R.string.userCert));
 
-            /* Start the overlay service */
+            // Install key pair required to launch KeyChainActivity dialog
+            KeyFactory kf = KeyFactory.getInstance(mContext.getString(R.string.typeKey));
+            PrivateKey privKey = kf.generatePrivate(new PKCS8EncodedKeySpec(privateKeyByteArray));
+            CertificateFactory cf =
+                    CertificateFactory.getInstance(mContext.getString(R.string.typeCert));
+            Certificate cert = cf.generateCertificate(new ByteArrayInputStream(userCertByteArray));
+            mDevicePolicyManager = mContext.getSystemService(DevicePolicyManager.class);
+            mComponentName =
+                    new ComponentName(
+                            PocDeviceAdminReceiver.class.getPackage().getName(),
+                            PocDeviceAdminReceiver.class.getName());
+            assumeTrue(
+                    mDevicePolicyManager.installKeyPair(
+                            mComponentName, privKey, cert, mContext.getString(R.string.alias)));
+
+            // Start the overlay service
             Intent intent = new Intent(mContext, PocService.class);
-            assumeTrue(mContext.getString(R.string.canNotDrawOverlaysMsg),
+            assumeTrue(
+                    mContext.getString(R.string.exceptionCanNotDrawOverlays),
                     Settings.canDrawOverlays(mContext));
             CompletableFuture<PocStatus> callbackReturn = new CompletableFuture<>();
-            RemoteCallback cb = new RemoteCallback((Bundle result) -> {
-                PocStatus pocStatus =
-                        new PocStatus(result.getInt(mContext.getString(R.string.statusKey)),
-                                result.getString(mContext.getString(R.string.messageKey)));
-                callbackReturn.complete(pocStatus);
-            });
-            intent.putExtra(mContext.getString(R.string.callbackKey), cb);
+            RemoteCallback cb =
+                    new RemoteCallback(
+                            (Bundle result) -> {
+                                PocStatus pocStatus =
+                                        new PocStatus(
+                                                result.getInt(mContext.getString(R.string.status)),
+                                                result.getString(
+                                                        mContext.getString(R.string.message)));
+                                callbackReturn.complete(pocStatus);
+                            });
+            intent.putExtra(mContext.getString(R.string.callback), cb);
             mContext.startService(intent);
-            PocStatus result = callbackReturn.get(resources.getInteger(R.integer.timeoutMs),
-                    TimeUnit.MILLISECONDS);
-            assumeTrue(result.getErrorMessage(),
-                    result.getStatusCode() != resources.getInteger(R.integer.assumptionFailure));
-
-            /* Wait for the overlay window */
-            Pattern overlayTextPattern = Pattern.compile(
-                    mContext.getString(R.string.overlayButtonText), Pattern.CASE_INSENSITIVE);
-            UiDevice device = UiDevice.getInstance(getInstrumentation());
-            assumeTrue(mContext.getString(R.string.overlayUiScreenError),
-                    device.wait(Until.hasObject(By.text(overlayTextPattern)),
-                            mContext.getResources().getInteger(R.integer.timeoutMs)));
-
-            /* Start PocActivity which starts the vulnerable activity */
-            intent = new Intent(mContext, PocActivity.class);
-            intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
-            CompletableFuture<PocStatus> pocActivityReturn = new CompletableFuture<>();
-            RemoteCallback pocActivityCb = new RemoteCallback((Bundle pocActivityResult) -> {
-                PocStatus pocStatus = new PocStatus(
-                        pocActivityResult.getInt(mContext.getString(R.string.statusKey)),
-                        pocActivityResult.getString(mContext.getString(R.string.messageKey)));
-                pocActivityReturn.complete(pocStatus);
-            });
-            intent.putExtra(mContext.getString(R.string.callbackKey), pocActivityCb);
-            mContext.startActivity(intent);
-            result = pocActivityReturn.get(resources.getInteger(R.integer.timeoutMs),
-                    TimeUnit.MILLISECONDS);
-            assumeTrue(result.getErrorMessage(),
-                    result.getStatusCode() != resources.getInteger(R.integer.assumptionFailure));
-
-            /* Get the vulnerable activity name by using an alternative intent */
-            Intent vulIntent = new Intent(mContext.getString(R.string.actionKeychainActivity));
-            ResolveInfo ri = mContext.getPackageManager().resolveActivity(vulIntent,
-                    PackageManager.MATCH_DEFAULT_ONLY);
-            String vulnerableActivityName = ri.activityInfo.name;
-
-            /* Wait until the object of launcher activity is gone */
-            boolean overlayDisallowed = device.wait(Until.gone(By.pkg(mContext.getPackageName())),
-                    mContext.getResources().getInteger(R.integer.timeoutMs));
-
-            /* Check if the currently running activity is the vulnerable activity */
-            String activityDump = "";
-            activityDump = device.executeShellCommand(
-                    mContext.getString(R.string.dumpsysActivity, vulnerableActivityName));
-            Pattern activityPattern = Pattern.compile(mContext.getString(R.string.mResumedTrue),
-                    Pattern.CASE_INSENSITIVE);
+            PocStatus result =
+                    callbackReturn.get(
+                            mResources.getInteger(R.integer.timeoutMs), TimeUnit.MILLISECONDS);
             assumeTrue(
-                    mContext.getString(R.string.vulActivityNotRunningError, vulnerableActivityName),
+                    result.getErrorMessage(),
+                    result.getStatusCode() != mResources.getInteger(R.integer.assumptionFailure));
+
+            // Wait for the overlay window
+            mDevice = UiDevice.getInstance(getInstrumentation());
+            Pattern overlayTextPattern =
+                    Pattern.compile(
+                            mContext.getString(R.string.txtOverlayBtn), Pattern.CASE_INSENSITIVE);
+            assumeTrue(
+                    mContext.getString(R.string.exceptionOverlayUiNotVisible),
+                    mDevice.wait(
+                            Until.hasObject(By.text(overlayTextPattern)),
+                            mResources.getInteger(R.integer.timeoutMs)));
+
+            // Start PocActivity which in turn starts the vulnerable activity
+            intent = new Intent(mContext, PocActivity.class);
+            intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK | Intent.FLAG_ACTIVITY_CLEAR_TASK);
+            CompletableFuture<PocStatus> pocActivityReturn = new CompletableFuture<>();
+            RemoteCallback pocActivityCb =
+                    new RemoteCallback(
+                            (Bundle pocActivityResult) -> {
+                                PocStatus pocStatus =
+                                        new PocStatus(
+                                                pocActivityResult.getInt(
+                                                        mContext.getString(R.string.status)),
+                                                pocActivityResult.getString(
+                                                        mContext.getString(R.string.message)));
+                                pocActivityReturn.complete(pocStatus);
+                            });
+            intent.putExtra(mContext.getString(R.string.callback), pocActivityCb);
+            mContext.startActivity(intent);
+            result =
+                    pocActivityReturn.get(
+                            mResources.getInteger(R.integer.timeoutMs), TimeUnit.MILLISECONDS);
+            assumeTrue(
+                    result.getErrorMessage(),
+                    result.getStatusCode() != mResources.getInteger(R.integer.assumptionFailure));
+
+            // Get the vulnerable activity name by using an alternative intent
+            Intent vulIntent = new Intent(mContext.getString(R.string.action));
+            ResolveInfo ri =
+                    mContext.getPackageManager()
+                            .resolveActivity(vulIntent, PackageManager.MATCH_DEFAULT_ONLY);
+            String vulnerableActivityName = ri.activityInfo.name;
+            String vulnerablePkgName = ri.activityInfo.packageName;
+
+            // Wait until the object of launcher activity is gone
+            boolean overlayDisallowed =
+                    mDevice.wait(
+                            Until.gone(By.pkg(mContext.getPackageName())),
+                            mResources.getInteger(R.integer.timeoutMs));
+
+            // Check if the currently resumed activity is the vulnerable activity
+            String activityDump =
+                    mDevice.executeShellCommand(
+                            mContext.getString(
+                                    R.string.cmdDumpsysActivityByActivity, vulnerableActivityName));
+            Pattern activityPattern =
+                    Pattern.compile(
+                            mContext.getString(R.string.flagActivityResumed),
+                            Pattern.CASE_INSENSITIVE);
+            assumeTrue(
+                    mContext.getString(
+                            R.string.exceptionVulActivityNotResume, vulnerableActivityName),
                     activityPattern.matcher(activityDump).find());
 
-            /* Failing the test as fix is not present */
-            assertTrue(mContext.getString(R.string.errorMessage, vulnerableActivityName),
+            // Check if vulnerable activity's UI is visible
+            String vulPkgDump =
+                    mDevice.executeShellCommand(
+                            mContext.getString(
+                                    R.string.cmdDumpsysActivityByPkg, vulnerablePkgName));
+            boolean isVisible = false;
+            for (String vulPkgDumpElement :
+                    vulPkgDump.split(mContext.getString(R.string.strSplitRegex))) {
+                if (vulPkgDumpElement
+                        .toLowerCase()
+                        .contains(vulnerableActivityName.toLowerCase())) {
+                    if (vulPkgDumpElement.contains(
+                            mContext.getString(R.string.flagActivityVisible))) {
+                        isVisible = true;
+                        break;
+                    }
+                }
+            }
+            assumeTrue(
+                    mContext.getString(R.string.exceptionVulUiNotVisible, vulnerableActivityName),
+                    isVisible);
+
+            // On vulnerable device, vulnerable activity will be overlaid so 'overlayDisallowed'
+            // will be set to true so the test fails, else it passes.
+            assertTrue(
+                    mContext.getString(R.string.failMsg, vulnerableActivityName),
                     overlayDisallowed);
         } catch (Exception e) {
             assumeNoException(e);
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocActivity.java b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocActivity.java
index ac8ea15..bcf98e1 100644
--- a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocActivity.java
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocActivity.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2022 The Android Open Source Project
+ * Copyright (C) 2023 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -27,13 +27,19 @@
 public class PocActivity extends Activity {
 
     @Override
-    protected void onCreate(Bundle savedInstanceState) {
+    public void onResume() {
         try {
-            super.onCreate(savedInstanceState);
-            KeyChainAliasCallback callback = new KeyChainAliasCallback() {
-                @Override
-                public void alias(@Nullable String alias) {}
-            };
+            super.onResume();
+
+            // Waiting briefly for the PocActivity window transition animation to complete.
+            Thread.sleep(500);
+
+            // Launching the vulnerable activity KeyChainActivity
+            KeyChainAliasCallback callback =
+                    new KeyChainAliasCallback() {
+                        @Override
+                        public void alias(@Nullable String alias) {}
+                    };
             KeyChain.choosePrivateKeyAlias(this, callback, null, null, null, -1, null);
             sendTestResult(getResources().getInteger(R.integer.noException), "");
         } catch (Exception e) {
@@ -44,10 +50,10 @@
     void sendTestResult(int status, String message) {
         try {
             RemoteCallback cb =
-                    (RemoteCallback) getIntent().getExtras().get(getString(R.string.callbackKey));
+                    (RemoteCallback) getIntent().getExtras().get(getString(R.string.callback));
             Bundle res = new Bundle();
-            res.putString(getString(R.string.messageKey), message);
-            res.putInt(getString(R.string.statusKey), status);
+            res.putString(getString(R.string.message), message);
+            res.putInt(getString(R.string.status), status);
             cb.sendResult(res);
         } catch (Exception e) {
             // ignore all exceptions
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocDeviceAdminReceiver.java b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocDeviceAdminReceiver.java
index 5592323..b8ef104 100644
--- a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocDeviceAdminReceiver.java
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocDeviceAdminReceiver.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2022 The Android Open Source Project
+ * Copyright (C) 2023 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,5 +18,4 @@
 
 import android.app.admin.DeviceAdminReceiver;
 
-public class PocDeviceAdminReceiver extends DeviceAdminReceiver {
-}
+public class PocDeviceAdminReceiver extends DeviceAdminReceiver {}
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocService.java b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocService.java
index b83e824..c78d7d4 100644
--- a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocService.java
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocService.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2022 The Android Open Source Project
+ * Copyright (C) 2023 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -55,8 +55,8 @@
             mWindowManager = getSystemService(WindowManager.class);
             mLayoutParams = new LayoutParams();
             mLayoutParams.type = LayoutParams.TYPE_APPLICATION_OVERLAY;
-            mLayoutParams.flags = LayoutParams.FLAG_NOT_TOUCH_MODAL |
-                    LayoutParams.FLAG_NOT_FOCUSABLE;
+            mLayoutParams.flags =
+                    LayoutParams.FLAG_NOT_TOUCH_MODAL | LayoutParams.FLAG_NOT_FOCUSABLE;
             mLayoutParams.format = PixelFormat.OPAQUE;
             mLayoutParams.gravity = Gravity.LEFT | Gravity.TOP;
             mLayoutParams.width = getScreenWidth();
@@ -65,7 +65,7 @@
             mLayoutParams.y = getScreenHeight() / 2;
             Context context = getApplicationContext();
             mButton = new Button(context);
-            mButton.setText(context.getString(R.string.overlayButtonText));
+            mButton.setText(context.getString(R.string.txtOverlayBtn));
             mWindowManager.addView(mButton, mLayoutParams);
             sendTestResult(getResources().getInteger(R.integer.noException), "");
         } catch (Exception e) {
@@ -87,10 +87,10 @@
     void sendTestResult(int status, String message) {
         try {
             RemoteCallback cb =
-                    (RemoteCallback) mIntent.getExtras().get(getString(R.string.callbackKey));
+                    (RemoteCallback) mIntent.getExtras().get(getString(R.string.callback));
             Bundle res = new Bundle();
-            res.putString(getString(R.string.messageKey), message);
-            res.putInt(getString(R.string.statusKey), status);
+            res.putString(getString(R.string.message), message);
+            res.putInt(getString(R.string.status), status);
             cb.sendResult(res);
         } catch (Exception e) {
             // ignore exception here
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocStatus.java b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocStatus.java
index de67f0f..7e6c63d 100644
--- a/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocStatus.java
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0963/src/android/security/cts/CVE_2021_0963/PocStatus.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2022 The Android Open Source Project
+ * Copyright (C) 2023 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.