Android APIs
Added in API level 18
Deprecated since API level 23
public static final class

KeyPairGeneratorSpec.Builder

extends Object
java.lang.Object
   ↳ android.security.KeyPairGeneratorSpec.Builder

This class was deprecated in API level 23.
Use KeyGenParameterSpec.Builder instead.

Class Overview

Builder class for KeyPairGeneratorSpec objects.

This will build a parameter spec for use with the Android KeyStore facility.

The required fields must be filled in with the builder.

Example:

 Calendar start = new Calendar();
 Calendar end = new Calendar();
 end.add(1, Calendar.YEAR);

 KeyPairGeneratorSpec spec =
         new KeyPairGeneratorSpec.Builder(mContext).setAlias("myKey")
                 .setSubject(new X500Principal("CN=myKey")).setSerial(BigInteger.valueOf(1337))
                 .setStartDate(start.getTime()).setEndDate(end.getTime()).build();
 

Summary

Public Constructors
KeyPairGeneratorSpec.Builder(Context context)
Creates a new instance of the Builder with the given context.
Public Methods
KeyPairGeneratorSpec build()
Builds the instance of the KeyPairGeneratorSpec.
KeyPairGeneratorSpec.Builder setAlgorithmParameterSpec(AlgorithmParameterSpec spec)
Sets the algorithm-specific key generation parameters.
KeyPairGeneratorSpec.Builder setAlias(String alias)
Sets the alias to be used to retrieve the key later from a KeyStore instance using the AndroidKeyStore provider.
KeyPairGeneratorSpec.Builder setEncryptionRequired()
Indicates that this key pair must be encrypted at rest.
KeyPairGeneratorSpec.Builder setEndDate(Date endDate)
Sets the end of the validity period for the self-signed certificate of the generated key pair.
KeyPairGeneratorSpec.Builder setKeySize(int keySize)
Sets the key size for the keypair to be created.
KeyPairGeneratorSpec.Builder setKeyType(String keyType)
Sets the type of key pair (e.g., EC, RSA) of the key pair to be generated.
KeyPairGeneratorSpec.Builder setSerialNumber(BigInteger serialNumber)
Sets the serial number used for the self-signed certificate of the generated key pair.
KeyPairGeneratorSpec.Builder setStartDate(Date startDate)
Sets the start of the validity period for the self-signed certificate of the generated key pair.
KeyPairGeneratorSpec.Builder setSubject(X500Principal subject)
Sets the subject used for the self-signed certificate of the generated key pair.
[Expand]
Inherited Methods
From class java.lang.Object

Public Constructors

public KeyPairGeneratorSpec.Builder (Context context)

Added in API level 18

Creates a new instance of the Builder with the given context. The context passed in may be used to pop up some UI to ask the user to unlock or initialize the Android KeyStore facility.

Parameters
context

Public Methods

public KeyPairGeneratorSpec build ()

Added in API level 18

Builds the instance of the KeyPairGeneratorSpec.

Returns
KeyPairGeneratorSpec built instance of KeyPairGeneratorSpec
Throws
IllegalArgumentException if a required field is missing

public KeyPairGeneratorSpec.Builder setAlgorithmParameterSpec (AlgorithmParameterSpec spec)

Added in API level 19

Sets the algorithm-specific key generation parameters. For example, for RSA keys this may be an instance of RSAKeyGenParameterSpec.

Parameters
spec
Returns
KeyPairGeneratorSpec.Builder

public KeyPairGeneratorSpec.Builder setAlias (String alias)

Added in API level 18

Sets the alias to be used to retrieve the key later from a KeyStore instance using the AndroidKeyStore provider.

Parameters
alias
Returns
KeyPairGeneratorSpec.Builder

public KeyPairGeneratorSpec.Builder setEncryptionRequired ()

Added in API level 18

Indicates that this key pair must be encrypted at rest. This will protect the key pair with the secure lock screen credential (e.g., password, PIN, or pattern).

Note that this feature requires that the secure lock screen (e.g., password, PIN, pattern) is set up, otherwise key pair generation will fail. Moreover, this key pair will be deleted when the secure lock screen is disabled or reset (e.g., by the user or a Device Administrator). Finally, this key pair cannot be used until the user unlocks the secure lock screen after boot.

Returns
KeyPairGeneratorSpec.Builder

See also:

public KeyPairGeneratorSpec.Builder setEndDate (Date endDate)

Added in API level 18

Sets the end of the validity period for the self-signed certificate of the generated key pair.

Parameters
endDate
Returns
KeyPairGeneratorSpec.Builder

public KeyPairGeneratorSpec.Builder setKeySize (int keySize)

Added in API level 19

Sets the key size for the keypair to be created. For instance, for a key type of RSA this will set the modulus size and for a key type of EC it will select a curve with a matching field size.

Parameters
keySize
Returns
KeyPairGeneratorSpec.Builder

public KeyPairGeneratorSpec.Builder setKeyType (String keyType)

Added in API level 19

Sets the type of key pair (e.g., EC, RSA) of the key pair to be generated. See KeyProperties.KEY_ALGORITHM constants.

Parameters
keyType
Returns
KeyPairGeneratorSpec.Builder
Throws
NoSuchAlgorithmException

public KeyPairGeneratorSpec.Builder setSerialNumber (BigInteger serialNumber)

Added in API level 18

Sets the serial number used for the self-signed certificate of the generated key pair.

Parameters
serialNumber
Returns
KeyPairGeneratorSpec.Builder

public KeyPairGeneratorSpec.Builder setStartDate (Date startDate)

Added in API level 18

Sets the start of the validity period for the self-signed certificate of the generated key pair.

Parameters
startDate
Returns
KeyPairGeneratorSpec.Builder

public KeyPairGeneratorSpec.Builder setSubject (X500Principal subject)

Added in API level 18

Sets the subject used for the self-signed certificate of the generated key pair.

Parameters
subject
Returns
KeyPairGeneratorSpec.Builder