public
final
class
KeyPairGeneratorSpec
extends Object
implements
AlgorithmParameterSpec
java.lang.Object | |
↳ | android.security.KeyPairGeneratorSpec |
This class was deprecated
in API level 23.
Use KeyGenParameterSpec
instead.
This provides the required parameters needed for initializing the
KeyPairGenerator
that works with
Android KeyStore
facility. The Android KeyStore facility is accessed through a
KeyPairGenerator
API using the AndroidKeyStore
provider. The context
passed in may be used to pop up some UI to ask
the user to unlock or initialize the Android KeyStore facility.
After generation, the keyStoreAlias
is used with the
getEntry(String, java.security.KeyStore.ProtectionParameter)
interface to retrieve the PrivateKey
and its associated
Certificate
chain.
The KeyPair generator will create a self-signed certificate with the subject
as its X.509v3 Subject Distinguished Name and as its X.509v3 Issuer
Distinguished Name along with the other parameters specified with the
KeyPairGeneratorSpec.Builder
.
The self-signed X.509 certificate may be replaced at a later time by a certificate signed by a real Certificate Authority.
Nested classes | |
---|---|
class |
KeyPairGeneratorSpec.Builder
This class was deprecated
in API level 23.
Use |
Public methods | |
---|---|
AlgorithmParameterSpec
|
getAlgorithmParameterSpec()
Returns the |
Context
|
getContext()
Gets the Android context used for operations with this instance. |
Date
|
getEndDate()
Gets the end date to be used on the X.509 certificate that will be put in
the |
int
|
getKeySize()
Returns the key size specified by this parameter. |
String
|
getKeyType()
Returns the type of key pair (e.g., |
String
|
getKeystoreAlias()
Returns the alias that will be used in the |
BigInteger
|
getSerialNumber()
Gets the serial number to be used on the X.509 certificate that will be
put in the |
Date
|
getStartDate()
Gets the start date to be used on the X.509 certificate that will be put
in the |
X500Principal
|
getSubjectDN()
Gets the subject distinguished name to be used on the X.509 certificate
that will be put in the |
boolean
|
isEncryptionRequired()
Returns |
Inherited methods | |
---|---|
From
class
java.lang.Object
|
AlgorithmParameterSpec getAlgorithmParameterSpec ()
Returns the AlgorithmParameterSpec
that will be used for creation
of the key pair.
Returns | |
---|---|
AlgorithmParameterSpec |
Context getContext ()
Gets the Android context used for operations with this instance.
Returns | |
---|---|
Context |
Date getEndDate ()
Gets the end date to be used on the X.509 certificate that will be put in
the KeyStore
.
Returns | |
---|---|
Date |
int getKeySize ()
Returns the key size specified by this parameter. For instance, for RSA this will return the modulus size and for EC it will return the field size.
Returns | |
---|---|
int |
String getKeyType ()
Returns the type of key pair (e.g., EC
, RSA
) to be generated. See
KeyProperties
.KEY_ALGORITHM
constants.
Returns | |
---|---|
String |
String getKeystoreAlias ()
Returns the alias that will be used in the java.security.KeyStore
in conjunction with the AndroidKeyStore
.
Returns | |
---|---|
String |
BigInteger getSerialNumber ()
Gets the serial number to be used on the X.509 certificate that will be
put in the KeyStore
.
Returns | |
---|---|
BigInteger |
Date getStartDate ()
Gets the start date to be used on the X.509 certificate that will be put
in the KeyStore
.
Returns | |
---|---|
Date |
X500Principal getSubjectDN ()
Gets the subject distinguished name to be used on the X.509 certificate
that will be put in the KeyStore
.
Returns | |
---|---|
X500Principal |
boolean isEncryptionRequired ()
Returns true
if the key must be encrypted at rest. This will protect the key pair
with the secure lock screen credential (e.g., password, PIN, or pattern).
Note that encrypting the key at rest requires that the secure lock screen (e.g., password, PIN, pattern) is set up, otherwise key generation will fail. Moreover, this key will be deleted when the secure lock screen is disabled or reset (e.g., by the user or a Device Administrator). Finally, this key cannot be used until the user unlocks the secure lock screen after boot.
Returns | |
---|---|
boolean |
See also: