KeyStoreParameter
public
final
class
KeyStoreParameter
extends Object
implements
KeyStore.ProtectionParameter
This class was deprecated
in API level 23.
Use KeyProtection
instead.
This provides the optional parameters that can be specified for
KeyStore
entries that work with
Android KeyStore
facility. The Android KeyStore facility is accessed through a
KeyStore
API using the AndroidKeyStore
provider. The context
passed in may be used to pop up some UI to ask
the user to unlock or initialize the Android KeyStore facility.
Any entries placed in the KeyStore
may be retrieved later. Note that
there is only one logical instance of the KeyStore
per application
UID so apps using the sharedUid
facility will also share a
KeyStore
.
Keys may be generated using the KeyPairGenerator
facility with a
KeyPairGeneratorSpec
to specify the entry's alias
. A
self-signed X.509 certificate will be attached to generated entries, but that
may be replaced at a later time by a certificate signed by a real Certificate
Authority.
Summary
Nested classes |
class |
KeyStoreParameter.Builder
This class was deprecated
in API level 23.
Use KeyProtection.Builder instead.
|
Inherited methods |
From class
java.lang.Object
Object
|
clone()
Creates and returns a copy of this object.
|
boolean
|
equals(Object obj)
Indicates whether some other object is "equal to" this one.
|
void
|
finalize()
Called by the garbage collector on an object when garbage collection
determines that there are no more references to the object.
|
final
Class<?>
|
getClass()
Returns the runtime class of this Object .
|
int
|
hashCode()
Returns a hash code value for the object.
|
final
void
|
notify()
Wakes up a single thread that is waiting on this object's
monitor.
|
final
void
|
notifyAll()
Wakes up all threads that are waiting on this object's monitor.
|
String
|
toString()
Returns a string representation of the object.
|
final
void
|
wait(long timeoutMillis, int nanos)
Causes the current thread to wait until it is awakened, typically
by being notified or interrupted, or until a
certain amount of real time has elapsed.
|
final
void
|
wait(long timeoutMillis)
Causes the current thread to wait until it is awakened, typically
by being notified or interrupted, or until a
certain amount of real time has elapsed.
|
final
void
|
wait()
Causes the current thread to wait until it is awakened, typically
by being notified or interrupted.
|
|
Public methods
isEncryptionRequired
public boolean isEncryptionRequired ()
This method is deprecated.
Data at rest encryption is enabled by default. If extra binding to the
lockscreen credential is desired, use
.Builder#setUserAuthenticationRequired(boolean)
.
This flag will be ignored from Android S.
Returns true
if the KeyStore
entry must be encrypted at rest.
This will protect the entry with the secure lock screen credential (e.g., password, PIN, or
pattern).
Note that encrypting the key at rest requires that the secure lock screen (e.g., password,
PIN, pattern) is set up, otherwise key generation will fail. Moreover, this key will be
deleted when the secure lock screen is disabled or reset (e.g., by the user or a Device
Administrator). Finally, this key cannot be used until the user unlocks the secure lock
screen after boot.
Content and code samples on this page are subject to the licenses described in the Content License. Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.
Last updated 2025-02-10 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-02-10 UTC."],[],[],null,["# KeyStoreParameter\n\nAdded in [API level 18](/guide/topics/manifest/uses-sdk-element#ApiLevels) \nDeprecated in [API level\n23](/guide/topics/manifest/uses-sdk-element#ApiLevels) \nSummary: [Nested Classes](#nestedclasses) \\| [Methods](#pubmethods) \\| [Inherited Methods](#inhmethods) \n\nKeyStoreParameter\n=================\n\n*** ** * ** ***\n\n[Kotlin](/reference/kotlin/android/security/KeyStoreParameter \"View this page in Kotlin\") \\|Java\n\n\n`\npublic\n\nfinal\n\nclass\nKeyStoreParameter\n`\n\n\n`\n\nextends `[Object](/reference/java/lang/Object)`\n\n\n`\n\n`\n\n\nimplements\n\n`[KeyStore.ProtectionParameter](/reference/java/security/KeyStore.ProtectionParameter)`\n\n\n`\n\n|---|------------------------------------|\n| [java.lang.Object](/reference/java/lang/Object) ||\n| ↳ | android.security.KeyStoreParameter |\n\n\u003cbr /\u003e\n\n*** ** * ** ***\n\n\n**This class was deprecated\nin API level 23.** \n\nUse [KeyProtection](/reference/android/security/keystore/KeyProtection) instead.\n\nThis provides the optional parameters that can be specified for\n`KeyStore` entries that work with\n[Android KeyStore\nfacility](/training/articles/keystore). The Android KeyStore facility is accessed through a\n[KeyStore](/reference/java/security/KeyStore) API using the `AndroidKeyStore`\nprovider. The `context` passed in may be used to pop up some UI to ask\nthe user to unlock or initialize the Android KeyStore facility.\n\n\nAny entries placed in the `KeyStore` may be retrieved later. Note that\nthere is only one logical instance of the `KeyStore` per application\nUID so apps using the `sharedUid` facility will also share a\n`KeyStore`.\n\n\nKeys may be generated using the [KeyPairGenerator](/reference/java/security/KeyPairGenerator) facility with a\n[KeyPairGeneratorSpec](/reference/android/security/KeyPairGeneratorSpec) to specify the entry's `alias`. A\nself-signed X.509 certificate will be attached to generated entries, but that\nmay be replaced at a later time by a certificate signed by a real Certificate\nAuthority.\n\nSummary\n-------\n\n| ### Nested classes ||\n|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| ` class` | [KeyStoreParameter.Builder](/reference/android/security/KeyStoreParameter.Builder) *This class was deprecated in API level 23. Use [KeyProtection.Builder](/reference/android/security/keystore/KeyProtection.Builder) instead.* |\n\n| ### Public methods ||\n|------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| ` boolean` | ` `[isEncryptionRequired](/reference/android/security/KeyStoreParameter#isEncryptionRequired())`() ` *This method is deprecated. Data at rest encryption is enabled by default. If extra binding to the lockscreen credential is desired, use [.Builder#setUserAuthenticationRequired(boolean)](/reference/android/security/keystore/KeyGenParameterSpec). This flag will be ignored from Android S.* |\n\n| ### Inherited methods |\n|-----------------------|---|\n| From class ` `[java.lang.Object](/reference/java/lang/Object)` ` |---------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | ` `[Object](/reference/java/lang/Object) | ` `[clone](/reference/java/lang/Object#clone())`() ` Creates and returns a copy of this object. | | ` boolean` | ` `[equals](/reference/java/lang/Object#equals(java.lang.Object))`(`[Object](/reference/java/lang/Object)` obj) ` Indicates whether some other object is \"equal to\" this one. | | ` void` | ` `[finalize](/reference/java/lang/Object#finalize())`() ` Called by the garbage collector on an object when garbage collection determines that there are no more references to the object. | | ` final `[Class](/reference/java/lang/Class)`\u003c?\u003e` | ` `[getClass](/reference/java/lang/Object#getClass())`() ` Returns the runtime class of this `Object`. | | ` int` | ` `[hashCode](/reference/java/lang/Object#hashCode())`() ` Returns a hash code value for the object. | | ` final void` | ` `[notify](/reference/java/lang/Object#notify())`() ` Wakes up a single thread that is waiting on this object's monitor. | | ` final void` | ` `[notifyAll](/reference/java/lang/Object#notifyAll())`() ` Wakes up all threads that are waiting on this object's monitor. | | ` `[String](/reference/java/lang/String) | ` `[toString](/reference/java/lang/Object#toString())`() ` Returns a string representation of the object. | | ` final void` | ` `[wait](/reference/java/lang/Object#wait(long,%20int))`(long timeoutMillis, int nanos) ` Causes the current thread to wait until it is awakened, typically by being *notified* or *interrupted*, or until a certain amount of real time has elapsed. | | ` final void` | ` `[wait](/reference/java/lang/Object#wait(long))`(long timeoutMillis) ` Causes the current thread to wait until it is awakened, typically by being *notified* or *interrupted*, or until a certain amount of real time has elapsed. | | ` final void` | ` `[wait](/reference/java/lang/Object#wait())`() ` Causes the current thread to wait until it is awakened, typically by being *notified* or *interrupted*. | ||\n\nPublic methods\n--------------\n\n### isEncryptionRequired\n\nAdded in [API level 18](/guide/topics/manifest/uses-sdk-element#ApiLevels) \n\n```\npublic boolean isEncryptionRequired ()\n```\n\n\n**This method is deprecated.** \n\nData at rest encryption is enabled by default. If extra binding to the\nlockscreen credential is desired, use\n[.Builder#setUserAuthenticationRequired(boolean)](/reference/android/security/keystore/KeyGenParameterSpec).\nThis flag will be ignored from Android S.\n\nReturns `true` if the [KeyStore](/reference/java/security/KeyStore) entry must be encrypted at rest.\nThis will protect the entry with the secure lock screen credential (e.g., password, PIN, or\npattern).\n\nNote that encrypting the key at rest requires that the secure lock screen (e.g., password,\nPIN, pattern) is set up, otherwise key generation will fail. Moreover, this key will be\ndeleted when the secure lock screen is disabled or reset (e.g., by the user or a Device\nAdministrator). Finally, this key cannot be used until the user unlocks the secure lock\nscreen after boot.\n\n\u003cbr /\u003e\n\n| Returns ||\n|-----------|--------|\n| `boolean` | \u003cbr /\u003e |\n\n**See also:**\n\n- [KeyguardManager.isDeviceSecure()](/reference/android/app/KeyguardManager#isDeviceSecure())"]]