Add some NullPointerExceptions to AndroidKeyStore
Existing KeyStore implementations throw NullPointerExceptions beacuse
the KeyStoreSpi doesn't check these arguments for null. Add in checks so
we don't accidentally check some bogus values.
Also switch a RuntimeException to a KeyStoreException
Change-Id: I18f4d4474d607cb2057ea8069b901e0992275e78
diff --git a/keystore/java/android/security/AndroidKeyStore.java b/keystore/java/android/security/AndroidKeyStore.java
index 7b6e540..aabfcae 100644
--- a/keystore/java/android/security/AndroidKeyStore.java
+++ b/keystore/java/android/security/AndroidKeyStore.java
@@ -90,6 +90,10 @@
@Override
public Certificate[] engineGetCertificateChain(String alias) {
+ if (alias == null) {
+ throw new NullPointerException("alias == null");
+ }
+
final X509Certificate leaf = (X509Certificate) engineGetCertificate(alias);
if (leaf == null) {
return null;
@@ -119,6 +123,10 @@
@Override
public Certificate engineGetCertificate(String alias) {
+ if (alias == null) {
+ throw new NullPointerException("alias == null");
+ }
+
byte[] certificate = mKeyStore.get(Credentials.USER_CERTIFICATE + alias);
if (certificate != null) {
return toCertificate(certificate);
@@ -166,6 +174,10 @@
@Override
public Date engineGetCreationDate(String alias) {
+ if (alias == null) {
+ throw new NullPointerException("alias == null");
+ }
+
Date d = getModificationDate(Credentials.USER_PRIVATE_KEY + alias);
if (d != null) {
return d;
@@ -325,7 +337,7 @@
@Override
public void engineSetKeyEntry(String alias, byte[] userKey, Certificate[] chain)
throws KeyStoreException {
- throw new RuntimeException("Operation not supported because key encoding is unknown");
+ throw new KeyStoreException("Operation not supported because key encoding is unknown");
}
@Override
@@ -334,6 +346,11 @@
throw new KeyStoreException("Entry exists and is not a trusted certificate");
}
+ // We can't set something to null.
+ if (cert == null) {
+ throw new NullPointerException("cert == null");
+ }
+
final byte[] encoded;
try {
encoded = cert.getEncoded();
@@ -348,6 +365,10 @@
@Override
public void engineDeleteEntry(String alias) throws KeyStoreException {
+ if (!isKeyEntry(alias) && !isCertificateEntry(alias)) {
+ return;
+ }
+
if (!Credentials.deleteAllTypesForAlias(mKeyStore, alias)) {
throw new KeyStoreException("No such entry " + alias);
}
@@ -380,6 +401,10 @@
@Override
public boolean engineContainsAlias(String alias) {
+ if (alias == null) {
+ throw new NullPointerException("alias == null");
+ }
+
return mKeyStore.contains(Credentials.USER_PRIVATE_KEY + alias)
|| mKeyStore.contains(Credentials.USER_CERTIFICATE + alias)
|| mKeyStore.contains(Credentials.CA_CERTIFICATE + alias);
@@ -396,12 +421,24 @@
}
private boolean isKeyEntry(String alias) {
+ if (alias == null) {
+ throw new NullPointerException("alias == null");
+ }
+
return mKeyStore.contains(Credentials.USER_PRIVATE_KEY + alias);
}
+ private boolean isCertificateEntry(String alias) {
+ if (alias == null) {
+ throw new NullPointerException("alias == null");
+ }
+
+ return mKeyStore.contains(Credentials.CA_CERTIFICATE + alias);
+ }
+
@Override
public boolean engineIsCertificateEntry(String alias) {
- return !isKeyEntry(alias) && mKeyStore.contains(Credentials.CA_CERTIFICATE + alias);
+ return !isKeyEntry(alias) && isCertificateEntry(alias);
}
@Override