5 files changed, 76 insertions, 10 deletions

diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java b/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java
index 3e2fb94f0387..f3cfcf18dec1 100644
--- a/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java
+++ b/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java
@@ -41,6 +41,8 @@ import android.system.keystore2.KeyMetadata;
 import android.system.keystore2.ResponseCode;
 import android.util.Log;
 
+import com.android.internal.annotations.VisibleForTesting;
+
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
@@ -974,7 +976,6 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
     }
 
     private Set<String> getUniqueAliases() {
-
         try {
             final KeyDescriptor[] keys = mKeyStore.list(
                     getTargetDomain(),
@@ -987,7 +988,7 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
             return aliases;
         } catch (android.security.KeyStoreException e) {
             Log.e(TAG, "Failed to list keystore entries.", e);
-            return null;
+            return new HashSet<>();
         }
     }
 
@@ -1099,6 +1100,17 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
         return caAlias;
     }
 
+    /**
+     * Used by Tests to initialize with a fake KeyStore2.
+     * @hide
+     * @param keystore
+     */
+    @VisibleForTesting
+    public void initForTesting(KeyStore2 keystore) {
+        mKeyStore = keystore;
+        mNamespace = KeyProperties.NAMESPACE_APPLICATION;
+    }
+
     @Override
     public void engineStore(OutputStream stream, char[] password) throws IOException,
             NoSuchAlgorithmException, CertificateException {
diff --git a/keystore/tests/Android.bp b/keystore/tests/Android.bp
index 2315a8568c64..7de45233494b 100644
--- a/keystore/tests/Android.bp
+++ b/keystore/tests/Android.bp
@@ -28,6 +28,7 @@ android_test {
     static_libs: [
         "androidx.test.rules",
         "hamcrest-library",
+        "mockito-target-minus-junit4",
     ],
     platform_apis: true,
     libs: ["android.test.runner"],
diff --git a/keystore/tests/src/android/security/ParcelableKeyGenParameterSpecTest.java b/keystore/tests/src/android/security/ParcelableKeyGenParameterSpecTest.java
index b7d72fce6eba..2ae61ab3b38d 100644
--- a/keystore/tests/src/android/security/ParcelableKeyGenParameterSpecTest.java
+++ b/keystore/tests/src/android/security/ParcelableKeyGenParameterSpecTest.java
@@ -43,7 +43,6 @@ public final class ParcelableKeyGenParameterSpecTest {
     static final String ALIAS = "keystore-alias";
     static final String ANOTHER_ALIAS = "another-keystore-alias";
     static final int KEY_PURPOSES = KeyProperties.PURPOSE_SIGN | KeyProperties.PURPOSE_VERIFY;
-    static final int UID = 1230;
     static final int KEYSIZE = 2048;
     static final X500Principal SUBJECT = new X500Principal("CN=subject");
     static final BigInteger SERIAL = new BigInteger("1234567890");
@@ -61,7 +60,7 @@ public final class ParcelableKeyGenParameterSpecTest {
 
     public static KeyGenParameterSpec configureDefaultSpec() {
         return new KeyGenParameterSpec.Builder(ALIAS, KEY_PURPOSES)
-                .setUid(UID)
+                .setNamespace(KeyProperties.NAMESPACE_WIFI)
                 .setKeySize(KEYSIZE)
                 .setCertificateSubject(SUBJECT)
                 .setCertificateSerialNumber(SERIAL)
@@ -88,10 +87,11 @@ public final class ParcelableKeyGenParameterSpecTest {
                 .build();
     }
 
-    public static void validateSpecValues(KeyGenParameterSpec spec, int uid, String alias) {
+    public static void validateSpecValues(KeyGenParameterSpec spec,
+            @KeyProperties.Namespace int namespace, String alias) {
         assertThat(spec.getKeystoreAlias(), is(alias));
         assertThat(spec.getPurposes(), is(KEY_PURPOSES));
-        assertThat(spec.getUid(), is(uid));
+        assertThat(spec.getNamespace(), is(namespace));
         assertThat(spec.getKeySize(), is(KEYSIZE));
         assertThat(spec.getCertificateSubject(), is(SUBJECT));
         assertThat(spec.getCertificateSerialNumber(), is(SERIAL));
@@ -134,7 +134,7 @@ public final class ParcelableKeyGenParameterSpecTest {
         Parcel parcel = parcelForReading(spec);
         ParcelableKeyGenParameterSpec fromParcel =
             ParcelableKeyGenParameterSpec.CREATOR.createFromParcel(parcel);
-        validateSpecValues(fromParcel.getSpec(), UID, ALIAS);
+        validateSpecValues(fromParcel.getSpec(), KeyProperties.NAMESPACE_WIFI, ALIAS);
         assertThat(parcel.dataAvail(), is(0));
     }
 
diff --git a/keystore/tests/src/android/security/keystore/KeyGenParameterSpecTest.java b/keystore/tests/src/android/security/keystore/KeyGenParameterSpecTest.java
index b2edfd05d13f..ddbb1d8c097c 100644
--- a/keystore/tests/src/android/security/keystore/KeyGenParameterSpecTest.java
+++ b/keystore/tests/src/android/security/keystore/KeyGenParameterSpecTest.java
@@ -21,8 +21,6 @@ import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertThat;
 
 import android.security.ParcelableKeyGenParameterSpecTest;
-import android.security.keystore.KeyGenParameterSpec;
-import android.security.keystore.KeyProperties;
 
 import androidx.test.runner.AndroidJUnit4;
 
@@ -41,7 +39,7 @@ public final class KeyGenParameterSpecTest {
         KeyGenParameterSpec copiedSpec =
                 new KeyGenParameterSpec.Builder(spec).build();
         ParcelableKeyGenParameterSpecTest.validateSpecValues(
-                copiedSpec, spec.getUid(), spec.getKeystoreAlias());
+                copiedSpec, spec.getNamespace(), spec.getKeystoreAlias());
     }
 
     @Test
diff --git a/keystore/tests/src/android/security/keystore2/AndroidKeyStoreSpiTest.java b/keystore/tests/src/android/security/keystore2/AndroidKeyStoreSpiTest.java
new file mode 100644
index 000000000000..1bd3069f483a
--- /dev/null
+++ b/keystore/tests/src/android/security/keystore2/AndroidKeyStoreSpiTest.java
@@ -0,0 +1,55 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.security.keystore2;
+
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.mockito.Mockito.anyInt;
+import static org.mockito.Mockito.anyLong;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import android.security.KeyStore2;
+import android.security.KeyStoreException;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+
+public class AndroidKeyStoreSpiTest {
+
+    @Mock
+    private KeyStore2 mKeystore2;
+
+    @Before
+    public void setUp() {
+        MockitoAnnotations.initMocks(this);
+    }
+
+    @Test
+    public void testEngineAliasesReturnsEmptySetOnKeyStoreError() throws Exception {
+        when(mKeystore2.list(anyInt(), anyLong()))
+                .thenThrow(new KeyStoreException(6, "Some Error"));
+        AndroidKeyStoreSpi spi = new AndroidKeyStoreSpi();
+        spi.initForTesting(mKeystore2);
+
+        assertThat("Empty collection expected", !spi.engineAliases().hasMoreElements());
+
+        verify(mKeystore2).list(anyInt(), anyLong());
+    }
+
+}