KeyPairGeneratorSpec
classKeyPairGeneratorSpec: AlgorithmParameterSpec
kotlin.Any | |
↳ | android.security.KeyPairGeneratorSpec |
This provides the required parameters needed for initializing the KeyPairGenerator
that works with Android KeyStore facility. The Android KeyStore facility is accessed through a java.security.KeyPairGenerator
API using the AndroidKeyStore
provider. The context
passed in may be used to pop up some UI to ask the user to unlock or initialize the Android KeyStore facility.
After generation, the keyStoreAlias
is used with the java.security.KeyStore#getEntry(String, java.security.KeyStore.ProtectionParameter)
interface to retrieve the PrivateKey
and its associated Certificate
chain.
The KeyPair generator will create a self-signed certificate with the subject as its X.509v3 Subject Distinguished Name and as its X.509v3 Issuer Distinguished Name along with the other parameters specified with the Builder
.
The self-signed X.509 certificate may be replaced at a later time by a certificate signed by a real Certificate Authority.
Summary
Nested classes | |
---|---|
Builder class for |
Public methods | |
---|---|
AlgorithmParameterSpec |
Returns the |
Context! |
Gets the Android context used for operations with this instance. |
Date |
Gets the end date to be used on the X. |
Int |
Returns the key size specified by this parameter. |
String? |
Returns the type of key pair (e.g., |
String! |
Returns the alias that will be used in the |
BigInteger |
Gets the serial number to be used on the X. |
Date |
Gets the start date to be used on the X. |
X500Principal |
Gets the subject distinguished name to be used on the X. |
Boolean |
Returns |
Public methods
getAlgorithmParameterSpec
fungetAlgorithmParameterSpec(): AlgorithmParameterSpec
Deprecated: Deprecated in Java.
Returns the AlgorithmParameterSpec
that will be used for creation of the key pair.
Return | |
---|---|
AlgorithmParameterSpec |
This value cannot be null . |
getContext
fungetContext(): Context!
Deprecated: Deprecated in Java.
Gets the Android context used for operations with this instance.
getEndDate
fungetEndDate(): Date
Deprecated: Deprecated in Java.
Gets the end date to be used on the X.509 certificate that will be put in the java.security.KeyStore
.
Return | |
---|---|
Date |
This value cannot be null . |
getKeySize
fungetKeySize(): Int
Deprecated: Deprecated in Java.
Returns the key size specified by this parameter. For instance, for RSA this will return the modulus size and for EC it will return the field size.
getKeyType
fungetKeyType(): String?
Deprecated: Deprecated in Java.
Returns the type of key pair (e.g., EC
, RSA
) to be generated. See KeyProperties
.KEY_ALGORITHM
constants.
getKeystoreAlias
fungetKeystoreAlias(): String!
Deprecated: Deprecated in Java.
Returns the alias that will be used in the java.security.KeyStore
in conjunction with the AndroidKeyStore
.
getSerialNumber
fungetSerialNumber(): BigInteger
Deprecated: Deprecated in Java.
Gets the serial number to be used on the X.509 certificate that will be put in the java.security.KeyStore
.
Return | |
---|---|
BigInteger |
This value cannot be null . |
getStartDate
fungetStartDate(): Date
Deprecated: Deprecated in Java.
Gets the start date to be used on the X.509 certificate that will be put in the java.security.KeyStore
.
Return | |
---|---|
Date |
This value cannot be null . |
getSubjectDN
fungetSubjectDN(): X500Principal
Deprecated: Deprecated in Java.
Gets the subject distinguished name to be used on the X.509 certificate that will be put in the java.security.KeyStore
.
Return | |
---|---|
X500Principal |
This value cannot be null . |
isEncryptionRequired
funisEncryptionRequired(): Boolean
Deprecated: Encryption at rest is on by default. If extra binding to the lockscreen screen credential is desired use KeyGenParameterSpec.Builder.setUserAuthenticationRequired(boolean)
. This flag will be ignored from Android S.
Returns true
if the key must be encrypted at rest. This will protect the key pair with the secure lock screen credential (e.g., password, PIN, or pattern).
Note that encrypting the key at rest requires that the secure lock screen (e.g., password, PIN, pattern) is set up, otherwise key generation will fail. Moreover, this key will be deleted when the secure lock screen is disabled or reset (e.g., by the user or a Device Administrator). Finally, this key cannot be used until the user unlocks the secure lock screen after boot.