Skip non KeyEntry from PKCS12 file during extraction.
Change-Id: I76880fc3a39c092cfc007450f59c477a2bdaf48e
Fix: 29315994
diff --git a/src/com/android/certinstaller/CredentialHelper.java b/src/com/android/certinstaller/CredentialHelper.java
index 3285a36..6c1efba 100644
--- a/src/com/android/certinstaller/CredentialHelper.java
+++ b/src/com/android/certinstaller/CredentialHelper.java
@@ -370,14 +370,21 @@
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
- KeyStore.Entry entry = keystore.getEntry(alias, password);
- Log.d(TAG, "extracted alias = " + alias + ", entry=" + entry.getClass());
+ if (keystore.isKeyEntry(alias)) {
+ KeyStore.Entry entry = keystore.getEntry(alias, password);
+ Log.d(TAG, "extracted alias = " + alias + ", entry=" + entry.getClass());
- if (entry instanceof PrivateKeyEntry) {
- if (TextUtils.isEmpty(mName)) {
- mName = alias;
+ if (entry instanceof PrivateKeyEntry) {
+ if (TextUtils.isEmpty(mName)) {
+ mName = alias;
+ }
+ return installFrom((PrivateKeyEntry) entry);
}
- return installFrom((PrivateKeyEntry) entry);
+ } else {
+ // KeyStore.getEntry with non-null ProtectionParameter can only be invoked on
+ // PrivateKeyEntry or SecretKeyEntry.
+ // See https://docs.oracle.com/javase/8/docs/api/java/security/KeyStore.html
+ Log.d(TAG, "Skip non-key entry, alias = " + alias);
}
}
return true;
