KeyProperties
abstract class KeyProperties
kotlin.Any | |
↳ | android.security.keystore.KeyProperties |
Properties of Android Keystore keys.
Summary
Constants | |
---|---|
static Int |
Any biometric (e.g. fingerprint, iris, or face) on the device that meets or exceeds the requirements for |
static Int |
The non-biometric credential used to secure the device (i.e., PIN, pattern, or password) |
static String |
Cipher Block Chaining (CBC) block mode. |
static String |
Counter (CTR) block mode. |
static String |
Electronic Codebook (ECB) block mode. |
static String |
Galois/Counter Mode (GCM) block mode. |
static String |
MD5 digest. |
static String |
No digest: sign/authenticate the raw message. |
static String |
SHA-1 digest. |
static String |
SHA-2 224 (aka SHA-224) digest. |
static String |
SHA-2 256 (aka SHA-256) digest. |
static String |
SHA-2 384 (aka SHA-384) digest. |
static String |
SHA-2 512 (aka SHA-512) digest. |
static String |
No encryption padding. |
static String |
PKCS#7 encryption padding scheme. |
static String |
RSA Optimal Asymmetric Encryption Padding (OAEP) scheme. |
static String |
RSA PKCS#1 v1. |
static String |
Triple Data Encryption Algorithm (3DES) key. |
static String |
Advanced Encryption Standard (AES) key. |
static String |
Elliptic Curve (EC) Cryptography key. |
static String |
Keyed-Hash Message Authentication Code (HMAC) key using SHA-1 as the hash. |
static String |
Keyed-Hash Message Authentication Code (HMAC) key using SHA-224 as the hash. |
static String |
Keyed-Hash Message Authentication Code (HMAC) key using SHA-256 as the hash. |
static String |
Keyed-Hash Message Authentication Code (HMAC) key using SHA-384 as the hash. |
static String |
Keyed-Hash Message Authentication Code (HMAC) key using SHA-512 as the hash. |
static String |
Rivest Shamir Adleman (RSA) key. |
static Int |
Key was generated inside AndroidKeyStore. |
static Int |
Key was imported into AndroidKeyStore. |
static Int |
Key was imported into the AndroidKeyStore in an encrypted wrapper. |
static Int |
Origin of the key is unknown. |
static Int |
Purpose of key: creating a shared ECDH secret through key agreement. |
static Int |
Purpose of key: Signing attestations. |
static Int |
Purpose of key: decryption. |
static Int |
Purpose of key: encryption. |
static Int |
Purpose of key: signing or generating a Message Authentication Code (MAC). |
static Int |
Purpose of key: signature or Message Authentication Code (MAC) verification. |
static Int |
Purpose of key: wrapping and unwrapping wrapped keys for secure import. |
static Int |
Indicates enforcement by system software. |
static Int |
Indicates enforcement by environment meeting the Strongbox security profile, such as a secure element. |
static Int |
Indicates enforcement by a trusted execution environment. |
static Int |
This security level indicates that no assumptions can be made about the security level of the respective key. |
static Int |
This security level indicates that due to the target API level of the caller no exact statement can be made about the security level of the key, however, the security level can be considered is at least equivalent to |
static String |
RSA PKCS#1 v1. |
static String |
RSA PKCS#1 v2. |
static Int |
This value indicates that there is no restriction on the number of times the key can be used. |
Constants
AUTH_BIOMETRIC_STRONG
static val AUTH_BIOMETRIC_STRONG: Int
Any biometric (e.g. fingerprint, iris, or face) on the device that meets or exceeds the requirements for Strong, as defined by the Android CDD.
Value: 2
AUTH_DEVICE_CREDENTIAL
static val AUTH_DEVICE_CREDENTIAL: Int
The non-biometric credential used to secure the device (i.e., PIN, pattern, or password)
Value: 1
BLOCK_MODE_CBC
static val BLOCK_MODE_CBC: String
Cipher Block Chaining (CBC) block mode.
Value: "CBC"
BLOCK_MODE_CTR
static val BLOCK_MODE_CTR: String
Counter (CTR) block mode.
Value: "CTR"
BLOCK_MODE_ECB
static val BLOCK_MODE_ECB: String
Electronic Codebook (ECB) block mode.
Value: "ECB"
BLOCK_MODE_GCM
static val BLOCK_MODE_GCM: String
Galois/Counter Mode (GCM) block mode.
Value: "GCM"
DIGEST_NONE
static val DIGEST_NONE: String
No digest: sign/authenticate the raw message.
Value: "NONE"
DIGEST_SHA224
static val DIGEST_SHA224: String
SHA-2 224 (aka SHA-224) digest.
Value: "SHA-224"
DIGEST_SHA256
static val DIGEST_SHA256: String
SHA-2 256 (aka SHA-256) digest.
Value: "SHA-256"
DIGEST_SHA384
static val DIGEST_SHA384: String
SHA-2 384 (aka SHA-384) digest.
Value: "SHA-384"
DIGEST_SHA512
static val DIGEST_SHA512: String
SHA-2 512 (aka SHA-512) digest.
Value: "SHA-512"
ENCRYPTION_PADDING_NONE
static val ENCRYPTION_PADDING_NONE: String
No encryption padding.
Value: "NoPadding"
ENCRYPTION_PADDING_PKCS7
static val ENCRYPTION_PADDING_PKCS7: String
PKCS#7 encryption padding scheme.
Value: "PKCS7Padding"
ENCRYPTION_PADDING_RSA_OAEP
static val ENCRYPTION_PADDING_RSA_OAEP: String
RSA Optimal Asymmetric Encryption Padding (OAEP) scheme.
Value: "OAEPPadding"
ENCRYPTION_PADDING_RSA_PKCS1
static val ENCRYPTION_PADDING_RSA_PKCS1: String
RSA PKCS#1 v1.5 padding scheme for encryption.
Value: "PKCS1Padding"
KEY_ALGORITHM_3DES
static valKEY_ALGORITHM_3DES: String
Deprecated: Included for interoperability with legacy systems. Prefer android.security.keystore.KeyProperties#KEY_ALGORITHM_AES
for new development.
Triple Data Encryption Algorithm (3DES) key.
Value: "DESede"
KEY_ALGORITHM_AES
static val KEY_ALGORITHM_AES: String
Advanced Encryption Standard (AES) key.
Value: "AES"
KEY_ALGORITHM_EC
static val KEY_ALGORITHM_EC: String
Elliptic Curve (EC) Cryptography key.
Value: "EC"
KEY_ALGORITHM_HMAC_SHA1
static val KEY_ALGORITHM_HMAC_SHA1: String
Keyed-Hash Message Authentication Code (HMAC) key using SHA-1 as the hash.
Value: "HmacSHA1"
KEY_ALGORITHM_HMAC_SHA224
static val KEY_ALGORITHM_HMAC_SHA224: String
Keyed-Hash Message Authentication Code (HMAC) key using SHA-224 as the hash.
Value: "HmacSHA224"
KEY_ALGORITHM_HMAC_SHA256
static val KEY_ALGORITHM_HMAC_SHA256: String
Keyed-Hash Message Authentication Code (HMAC) key using SHA-256 as the hash.
Value: "HmacSHA256"
KEY_ALGORITHM_HMAC_SHA384
static val KEY_ALGORITHM_HMAC_SHA384: String
Keyed-Hash Message Authentication Code (HMAC) key using SHA-384 as the hash.
Value: "HmacSHA384"
KEY_ALGORITHM_HMAC_SHA512
static val KEY_ALGORITHM_HMAC_SHA512: String
Keyed-Hash Message Authentication Code (HMAC) key using SHA-512 as the hash.
Value: "HmacSHA512"
KEY_ALGORITHM_RSA
static val KEY_ALGORITHM_RSA: String
Rivest Shamir Adleman (RSA) key.
Value: "RSA"
ORIGIN_GENERATED
static val ORIGIN_GENERATED: Int
Key was generated inside AndroidKeyStore.
Value: 1
ORIGIN_IMPORTED
static val ORIGIN_IMPORTED: Int
Key was imported into AndroidKeyStore.
Value: 2
ORIGIN_SECURELY_IMPORTED
static val ORIGIN_SECURELY_IMPORTED: Int
Key was imported into the AndroidKeyStore in an encrypted wrapper. Unlike imported keys, securely imported keys can be imported without appearing as plaintext in the device's host memory.
Value: 8
ORIGIN_UNKNOWN
static val ORIGIN_UNKNOWN: Int
Origin of the key is unknown. This can occur only for keys backed by an old TEE-backed implementation which does not record origin information.
Value: 4
PURPOSE_AGREE_KEY
static val PURPOSE_AGREE_KEY: Int
Purpose of key: creating a shared ECDH secret through key agreement.
A key having this purpose can be combined with the elliptic curve public key of another party to establish a shared secret over an insecure channel. It should be used as a parameter to javax.crypto.KeyAgreement#init(java.security.Key)
(a complete example is available here). See this article for a more detailed explanation.
Value: 64
PURPOSE_ATTEST_KEY
static val PURPOSE_ATTEST_KEY: Int
Purpose of key: Signing attestations. This purpose is incompatible with all others, meaning that when generating a key with PURPOSE_ATTEST_KEY, no other purposes may be specified. In addition, PURPOSE_ATTEST_KEY may not be specified for imported keys.
Value: 128
PURPOSE_DECRYPT
static val PURPOSE_DECRYPT: Int
Purpose of key: decryption.
Value: 2
PURPOSE_ENCRYPT
static val PURPOSE_ENCRYPT: Int
Purpose of key: encryption.
Value: 1
PURPOSE_SIGN
static val PURPOSE_SIGN: Int
Purpose of key: signing or generating a Message Authentication Code (MAC).
Value: 4
PURPOSE_VERIFY
static val PURPOSE_VERIFY: Int
Purpose of key: signature or Message Authentication Code (MAC) verification.
Value: 8
PURPOSE_WRAP_KEY
static val PURPOSE_WRAP_KEY: Int
Purpose of key: wrapping and unwrapping wrapped keys for secure import.
Value: 32
SECURITY_LEVEL_SOFTWARE
static val SECURITY_LEVEL_SOFTWARE: Int
Indicates enforcement by system software.
Value: 0
SECURITY_LEVEL_STRONGBOX
static val SECURITY_LEVEL_STRONGBOX: Int
Indicates enforcement by environment meeting the Strongbox security profile, such as a secure element.
Value: 2
SECURITY_LEVEL_TRUSTED_ENVIRONMENT
static val SECURITY_LEVEL_TRUSTED_ENVIRONMENT: Int
Indicates enforcement by a trusted execution environment.
Value: 1
SECURITY_LEVEL_UNKNOWN
static val SECURITY_LEVEL_UNKNOWN: Int
This security level indicates that no assumptions can be made about the security level of the respective key.
Value: -2
SECURITY_LEVEL_UNKNOWN_SECURE
static val SECURITY_LEVEL_UNKNOWN_SECURE: Int
This security level indicates that due to the target API level of the caller no exact statement can be made about the security level of the key, however, the security level can be considered is at least equivalent to SECURITY_LEVEL_TRUSTED_ENVIRONMENT
.
Value: -1
SIGNATURE_PADDING_RSA_PKCS1
static val SIGNATURE_PADDING_RSA_PKCS1: String
RSA PKCS#1 v1.5 padding for signatures.
Value: "PKCS1"
SIGNATURE_PADDING_RSA_PSS
static val SIGNATURE_PADDING_RSA_PSS: String
RSA PKCS#1 v2.1 Probabilistic Signature Scheme (PSS) padding.
Value: "PSS"
UNRESTRICTED_USAGE_COUNT
static val UNRESTRICTED_USAGE_COUNT: Int
This value indicates that there is no restriction on the number of times the key can be used.
Value: -1