KeyPairGeneratorSpec.Builder
public
static
final
class
KeyPairGeneratorSpec.Builder
extends Object
java.lang.Object | |
↳ | android.security.KeyPairGeneratorSpec.Builder |
This class was deprecated
in API level 23.
Use KeyGenParameterSpec.Builder
instead.
Builder class for KeyPairGeneratorSpec
objects.
This will build a parameter spec for use with the Android KeyStore facility.
The required fields must be filled in with the builder.
Example:
Calendar start = Calendar.getInstance(); Calendar end = Calendar.getInstance(); end.add(Calendar.YEAR, 1); KeyPairGeneratorSpec spec = new KeyPairGeneratorSpec.Builder(mContext).setAlias("myKey") .setSubject(new X500Principal("CN=myKey")).setSerialNumber(BigInteger.valueOf(1337)) .setStartDate(start.getTime()).setEndDate(end.getTime()).build();
Summary
Public constructors | |
---|---|
Builder(Context context)
Creates a new instance of the |
Public methods | |
---|---|
KeyPairGeneratorSpec
|
build()
Builds the instance of the |
KeyPairGeneratorSpec.Builder
|
setAlgorithmParameterSpec(AlgorithmParameterSpec spec)
Sets the algorithm-specific key generation parameters. |
KeyPairGeneratorSpec.Builder
|
setAlias(String alias)
Sets the alias to be used to retrieve the key later from a
|
KeyPairGeneratorSpec.Builder
|
setEncryptionRequired()
This method is deprecated.
Data at rest encryption is enabled by default. If extra binding to the
lockscreen credential is desired, use
|
KeyPairGeneratorSpec.Builder
|
setEndDate(Date endDate)
Sets the end of the validity period for the self-signed certificate of the generated key pair. |
KeyPairGeneratorSpec.Builder
|
setKeySize(int keySize)
Sets the key size for the keypair to be created. |
KeyPairGeneratorSpec.Builder
|
setKeyType(String keyType)
Sets the type of key pair (e.g., |
KeyPairGeneratorSpec.Builder
|
setSerialNumber(BigInteger serialNumber)
Sets the serial number used for the self-signed certificate of the generated key pair. |
KeyPairGeneratorSpec.Builder
|
setStartDate(Date startDate)
Sets the start of the validity period for the self-signed certificate of the generated key pair. |
KeyPairGeneratorSpec.Builder
|
setSubject(X500Principal subject)
Sets the subject used for the self-signed certificate of the generated key pair. |
Inherited methods | |
---|---|
Public constructors
Builder
public Builder (Context context)
Creates a new instance of the Builder
with the given
context
. The context
passed in may be used to pop up
some UI to ask the user to unlock or initialize the Android KeyStore
facility.
Parameters | |
---|---|
context |
Context : This value cannot be null . |
Public methods
build
public KeyPairGeneratorSpec build ()
Builds the instance of the KeyPairGeneratorSpec
.
Returns | |
---|---|
KeyPairGeneratorSpec |
built instance of KeyPairGeneratorSpec
This value cannot be null . |
Throws | |
---|---|
IllegalArgumentException |
if a required field is missing |
setAlgorithmParameterSpec
public KeyPairGeneratorSpec.Builder setAlgorithmParameterSpec (AlgorithmParameterSpec spec)
Sets the algorithm-specific key generation parameters. For example, for RSA keys
this may be an instance of RSAKeyGenParameterSpec
.
Parameters | |
---|---|
spec |
AlgorithmParameterSpec : This value cannot be null . |
Returns | |
---|---|
KeyPairGeneratorSpec.Builder |
setAlias
public KeyPairGeneratorSpec.Builder setAlias (String alias)
Sets the alias to be used to retrieve the key later from a
KeyStore
instance using the
AndroidKeyStore
provider.
Parameters | |
---|---|
alias |
String : This value cannot be null . |
Returns | |
---|---|
KeyPairGeneratorSpec.Builder |
This value cannot be null . |
setEncryptionRequired
public KeyPairGeneratorSpec.Builder setEncryptionRequired ()
This method is deprecated.
Data at rest encryption is enabled by default. If extra binding to the
lockscreen credential is desired, use
KeyGenParameterSpec.Builder.setUserAuthenticationRequired(boolean)
.
This flag will be ignored from Android S.
Indicates that this key pair must be encrypted at rest. This will protect the key pair with the secure lock screen credential (e.g., password, PIN, or pattern).
Note that this feature requires that the secure lock screen (e.g., password, PIN, pattern) is set up, otherwise key pair generation will fail. Moreover, this key pair will be deleted when the secure lock screen is disabled or reset (e.g., by the user or a Device Administrator). Finally, this key pair cannot be used until the user unlocks the secure lock screen after boot.
Returns | |
---|---|
KeyPairGeneratorSpec.Builder |
This value cannot be null . |
See also:
setEndDate
public KeyPairGeneratorSpec.Builder setEndDate (Date endDate)
Sets the end of the validity period for the self-signed certificate of the generated key pair.
Parameters | |
---|---|
endDate |
Date : This value cannot be null . |
Returns | |
---|---|
KeyPairGeneratorSpec.Builder |
This value cannot be null . |
setKeySize
public KeyPairGeneratorSpec.Builder setKeySize (int keySize)
Sets the key size for the keypair to be created. For instance, for a key type of RSA this will set the modulus size and for a key type of EC it will select a curve with a matching field size.
Parameters | |
---|---|
keySize |
int |
Returns | |
---|---|
KeyPairGeneratorSpec.Builder |
This value cannot be null . |
setKeyType
public KeyPairGeneratorSpec.Builder setKeyType (String keyType)
Sets the type of key pair (e.g., EC
, RSA
) of the key pair to be
generated. See KeyProperties
.KEY_ALGORITHM
constants.
Parameters | |
---|---|
keyType |
String : This value cannot be null .
Value is KeyProperties.KEY_ALGORITHM_RSA , KeyProperties.KEY_ALGORITHM_EC , android.security.keystore.KeyProperties.KEY_ALGORITHM_XDH, KeyProperties.KEY_ALGORITHM_AES , KeyProperties.KEY_ALGORITHM_HMAC_SHA1 , KeyProperties.KEY_ALGORITHM_HMAC_SHA224 , KeyProperties.KEY_ALGORITHM_HMAC_SHA256 , KeyProperties.KEY_ALGORITHM_HMAC_SHA384 , or KeyProperties.KEY_ALGORITHM_HMAC_SHA512 |
Returns | |
---|---|
KeyPairGeneratorSpec.Builder |
This value cannot be null . |
Throws | |
---|---|
NoSuchAlgorithmException |
setSerialNumber
public KeyPairGeneratorSpec.Builder setSerialNumber (BigInteger serialNumber)
Sets the serial number used for the self-signed certificate of the generated key pair.
Parameters | |
---|---|
serialNumber |
BigInteger : This value cannot be null . |
Returns | |
---|---|
KeyPairGeneratorSpec.Builder |
This value cannot be null . |
setStartDate
public KeyPairGeneratorSpec.Builder setStartDate (Date startDate)
Sets the start of the validity period for the self-signed certificate of the generated key pair.
Parameters | |
---|---|
startDate |
Date : This value cannot be null . |
Returns | |
---|---|
KeyPairGeneratorSpec.Builder |
This value cannot be null . |
setSubject
public KeyPairGeneratorSpec.Builder setSubject (X500Principal subject)
Sets the subject used for the self-signed certificate of the generated key pair.
Parameters | |
---|---|
subject |
X500Principal : This value cannot be null . |
Returns | |
---|---|
KeyPairGeneratorSpec.Builder |
This value cannot be null . |