KeyPairGeneratorSpec
public
final
class
KeyPairGeneratorSpec
extends Object
implements
AlgorithmParameterSpec
java.lang.Object | |
↳ | android.security.KeyPairGeneratorSpec |
This class was deprecated
in API level 23.
Use KeyGenParameterSpec
instead.
This provides the required parameters needed for initializing the
KeyPairGenerator
that works with
Android KeyStore
facility. The Android KeyStore facility is accessed through a
KeyPairGenerator
API using the AndroidKeyStore
provider. The context
passed in may be used to pop up some UI to ask
the user to unlock or initialize the Android KeyStore facility.
After generation, the keyStoreAlias
is used with the
KeyStore.getEntry(String, java.security.KeyStore.ProtectionParameter)
interface to retrieve the PrivateKey
and its associated
Certificate
chain.
The KeyPair generator will create a self-signed certificate with the subject
as its X.509v3 Subject Distinguished Name and as its X.509v3 Issuer
Distinguished Name along with the other parameters specified with the
Builder
.
The self-signed X.509 certificate may be replaced at a later time by a certificate signed by a real Certificate Authority.
Summary
Nested classes | |
---|---|
class |
KeyPairGeneratorSpec.Builder
This class was deprecated
in API level 23.
Use |
Public methods | |
---|---|
AlgorithmParameterSpec
|
getAlgorithmParameterSpec()
Returns the |
Context
|
getContext()
Gets the Android context used for operations with this instance. |
Date
|
getEndDate()
Gets the end date to be used on the X.509 certificate that will be put in
the |
int
|
getKeySize()
Returns the key size specified by this parameter. |
String
|
getKeyType()
Returns the type of key pair (e.g., |
String
|
getKeystoreAlias()
Returns the alias that will be used in the |
BigInteger
|
getSerialNumber()
Gets the serial number to be used on the X.509 certificate that will be
put in the |
Date
|
getStartDate()
Gets the start date to be used on the X.509 certificate that will be put
in the |
X500Principal
|
getSubjectDN()
Gets the subject distinguished name to be used on the X.509 certificate
that will be put in the |
boolean
|
isEncryptionRequired()
This method is deprecated.
Encryption at rest is on by default. If extra binding to the lockscreen screen
credential is desired use
|
Inherited methods | |
---|---|
Public methods
getAlgorithmParameterSpec
public AlgorithmParameterSpec getAlgorithmParameterSpec ()
Returns the AlgorithmParameterSpec
that will be used for creation
of the key pair.
Returns | |
---|---|
AlgorithmParameterSpec |
This value cannot be null . |
getContext
public Context getContext ()
Gets the Android context used for operations with this instance.
Returns | |
---|---|
Context |
getEndDate
public Date getEndDate ()
Gets the end date to be used on the X.509 certificate that will be put in
the KeyStore
.
Returns | |
---|---|
Date |
This value cannot be null . |
getKeySize
public int getKeySize ()
Returns the key size specified by this parameter. For instance, for RSA this will return the modulus size and for EC it will return the field size.
Returns | |
---|---|
int |
getKeyType
public String getKeyType ()
Returns the type of key pair (e.g., EC
, RSA
) to be generated. See
KeyProperties
.KEY_ALGORITHM
constants.
Returns | |
---|---|
String |
This value may be null .
Value is KeyProperties.KEY_ALGORITHM_RSA , KeyProperties.KEY_ALGORITHM_EC , android.security.keystore.KeyProperties.KEY_ALGORITHM_XDH, KeyProperties.KEY_ALGORITHM_AES , KeyProperties.KEY_ALGORITHM_HMAC_SHA1 , KeyProperties.KEY_ALGORITHM_HMAC_SHA224 , KeyProperties.KEY_ALGORITHM_HMAC_SHA256 , KeyProperties.KEY_ALGORITHM_HMAC_SHA384 , or KeyProperties.KEY_ALGORITHM_HMAC_SHA512 |
getKeystoreAlias
public String getKeystoreAlias ()
Returns the alias that will be used in the java.security.KeyStore
in conjunction with the AndroidKeyStore
.
Returns | |
---|---|
String |
getSerialNumber
public BigInteger getSerialNumber ()
Gets the serial number to be used on the X.509 certificate that will be
put in the KeyStore
.
Returns | |
---|---|
BigInteger |
This value cannot be null . |
getStartDate
public Date getStartDate ()
Gets the start date to be used on the X.509 certificate that will be put
in the KeyStore
.
Returns | |
---|---|
Date |
This value cannot be null . |
getSubjectDN
public X500Principal getSubjectDN ()
Gets the subject distinguished name to be used on the X.509 certificate
that will be put in the KeyStore
.
Returns | |
---|---|
X500Principal |
This value cannot be null . |
isEncryptionRequired
public boolean isEncryptionRequired ()
This method is deprecated.
Encryption at rest is on by default. If extra binding to the lockscreen screen
credential is desired use
KeyGenParameterSpec.Builder.setUserAuthenticationRequired(boolean)
.
This flag will be ignored from Android S.
Returns true
if the key must be encrypted at rest. This will protect the key pair
with the secure lock screen credential (e.g., password, PIN, or pattern).
Note that encrypting the key at rest requires that the secure lock screen (e.g., password, PIN, pattern) is set up, otherwise key generation will fail. Moreover, this key will be deleted when the secure lock screen is disabled or reset (e.g., by the user or a Device Administrator). Finally, this key cannot be used until the user unlocks the secure lock screen after boot.
Returns | |
---|---|
boolean |
See also:
Content and code samples on this page are subject to the licenses described in the Content License. Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.
Last updated 2024-12-18 UTC.