Add some NullPointerExceptions to AndroidKeyStore

Existing KeyStore implementations throw NullPointerExceptions beacuse
the KeyStoreSpi doesn't check these arguments for null. Add in checks so
we don't accidentally check some bogus values.

Also switch a RuntimeException to a KeyStoreException

Change-Id: I18f4d4474d607cb2057ea8069b901e0992275e78

Author: kruton

keystore/java/android/security/AndroidKeyStore.java

@@ -90,6 +90,10 @@ public Key engineGetKey(String alias, char[] password) throws NoSuchAlgorithmExc
 
     @Override
     public Certificate[] engineGetCertificateChain(String alias) {
+        if (alias == null) {
+            throw new NullPointerException("alias == null");
+        }
+
         final X509Certificate leaf = (X509Certificate) engineGetCertificate(alias);
         if (leaf == null) {
             return null;
@@ -119,6 +123,10 @@ public Certificate[] engineGetCertificateChain(String alias) {
 
     @Override
     public Certificate engineGetCertificate(String alias) {
+        if (alias == null) {
+            throw new NullPointerException("alias == null");
+        }
+
         byte[] certificate = mKeyStore.get(Credentials.USER_CERTIFICATE + alias);
         if (certificate != null) {
             return toCertificate(certificate);
@@ -166,6 +174,10 @@ private Date getModificationDate(String alias) {
 
     @Override
     public Date engineGetCreationDate(String alias) {
+        if (alias == null) {
+            throw new NullPointerException("alias == null");
+        }
+
         Date d = getModificationDate(Credentials.USER_PRIVATE_KEY + alias);
         if (d != null) {
             return d;
@@ -325,7 +337,7 @@ private void setPrivateKeyEntry(String alias, PrivateKey key, Certificate[] chai
     @Override
     public void engineSetKeyEntry(String alias, byte[] userKey, Certificate[] chain)
             throws KeyStoreException {
-        throw new RuntimeException("Operation not supported because key encoding is unknown");
+        throw new KeyStoreException("Operation not supported because key encoding is unknown");
     }
 
     @Override
@@ -334,6 +346,11 @@ public void engineSetCertificateEntry(String alias, Certificate cert) throws Key
             throw new KeyStoreException("Entry exists and is not a trusted certificate");
         }
 
+        // We can't set something to null.
+        if (cert == null) {
+            throw new NullPointerException("cert == null");
+        }
+
         final byte[] encoded;
         try {
             encoded = cert.getEncoded();
@@ -348,6 +365,10 @@ public void engineSetCertificateEntry(String alias, Certificate cert) throws Key
 
     @Override
     public void engineDeleteEntry(String alias) throws KeyStoreException {
+        if (!isKeyEntry(alias) && !isCertificateEntry(alias)) {
+            return;
+        }
+
         if (!Credentials.deleteAllTypesForAlias(mKeyStore, alias)) {
             throw new KeyStoreException("No such entry " + alias);
         }
@@ -380,6 +401,10 @@ public Enumeration<String> engineAliases() {
 
     @Override
     public boolean engineContainsAlias(String alias) {
+        if (alias == null) {
+            throw new NullPointerException("alias == null");
+        }
+
         return mKeyStore.contains(Credentials.USER_PRIVATE_KEY + alias)
                 || mKeyStore.contains(Credentials.USER_CERTIFICATE + alias)
                 || mKeyStore.contains(Credentials.CA_CERTIFICATE + alias);
@@ -396,12 +421,24 @@ public boolean engineIsKeyEntry(String alias) {
     }
 
     private boolean isKeyEntry(String alias) {
+        if (alias == null) {
+            throw new NullPointerException("alias == null");
+        }
+
         return mKeyStore.contains(Credentials.USER_PRIVATE_KEY + alias);
     }
 
+    private boolean isCertificateEntry(String alias) {
+        if (alias == null) {
+            throw new NullPointerException("alias == null");
+        }
+
+        return mKeyStore.contains(Credentials.CA_CERTIFICATE + alias);
+    }
+
     @Override
     public boolean engineIsCertificateEntry(String alias) {
-        return !isKeyEntry(alias) && mKeyStore.contains(Credentials.CA_CERTIFICATE + alias);
+        return !isKeyEntry(alias) && isCertificateEntry(alias);
     }
 
     @Override