Added in API level 18
Deprecated in API level 23

Summary: Nested Classes | Methods | Inherited Methods

KeyPairGeneratorSpec

Kotlin |Java

public final class KeyPairGeneratorSpec
extends Object implements AlgorithmParameterSpec

java.lang.Object
↳	android.security.KeyPairGeneratorSpec

This class was deprecated in API level 23.
Use KeyGenParameterSpec instead.

This provides the required parameters needed for initializing the KeyPairGenerator that works with Android KeyStore facility. The Android KeyStore facility is accessed through a KeyPairGenerator API using the AndroidKeyStore provider. The context passed in may be used to pop up some UI to ask the user to unlock or initialize the Android KeyStore facility.

After generation, the keyStoreAlias is used with the KeyStore.getEntry(String, java.security.KeyStore.ProtectionParameter) interface to retrieve the PrivateKey and its associated Certificate chain.

The KeyPair generator will create a self-signed certificate with the subject as its X.509v3 Subject Distinguished Name and as its X.509v3 Issuer Distinguished Name along with the other parameters specified with the Builder.

The self-signed X.509 certificate may be replaced at a later time by a certificate signed by a real Certificate Authority.

Summary

Nested classes
`class`	`KeyPairGeneratorSpec.Builder` This class was deprecated in API level 23. Use `KeyGenParameterSpec.Builder` instead.

Public methods
`AlgorithmParameterSpec`	`getAlgorithmParameterSpec()` Returns the `AlgorithmParameterSpec` that will be used for creation of the key pair.
`Context`	`getContext()` Gets the Android context used for operations with this instance.
`Date`	`getEndDate()` Gets the end date to be used on the X.509 certificate that will be put in the `KeyStore`.
`int`	`getKeySize()` Returns the key size specified by this parameter.
`String`	`getKeyType()` Returns the type of key pair (e.g., `EC`, `RSA`) to be generated.
`String`	`getKeystoreAlias()` Returns the alias that will be used in the `java.security.KeyStore` in conjunction with the `AndroidKeyStore`.
`BigInteger`	`getSerialNumber()` Gets the serial number to be used on the X.509 certificate that will be put in the `KeyStore`.
`Date`	`getStartDate()` Gets the start date to be used on the X.509 certificate that will be put in the `KeyStore`.
`X500Principal`	`getSubjectDN()` Gets the subject distinguished name to be used on the X.509 certificate that will be put in the `KeyStore`.
`boolean`	`isEncryptionRequired()` This method is deprecated. Encryption at rest is on by default. If extra binding to the lockscreen screen credential is desired use `KeyGenParameterSpec.Builder.setUserAuthenticationRequired(boolean)`. This flag will be ignored from Android S.

Inherited methods

From class


        
          java.lang.Object

`Object`	`clone()` Creates and returns a copy of this object.
`boolean`	`equals(Object obj)` Indicates whether some other object is "equal to" this one.
`void`	`finalize()` Called by the garbage collector on an object when garbage collection determines that there are no more references to the object.
`final Class<?>`	`getClass()` Returns the runtime class of this `Object`.
`int`	`hashCode()` Returns a hash code value for the object.
`final void`	`notify()` Wakes up a single thread that is waiting on this object's monitor.
`final void`	`notifyAll()` Wakes up all threads that are waiting on this object's monitor.
`String`	`toString()` Returns a string representation of the object.
`final void`	`wait(long timeoutMillis, int nanos)` Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.
`final void`	`wait(long timeoutMillis)` Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.
`final void`	`wait()` Causes the current thread to wait until it is awakened, typically by being notified or interrupted.

Public methods

getAlgorithmParameterSpec

Added in API level 19
Deprecated in API level 23

public AlgorithmParameterSpec getAlgorithmParameterSpec ()

Returns the AlgorithmParameterSpec that will be used for creation of the key pair.

Returns
`AlgorithmParameterSpec`	This value cannot be `null`.

getContext

Added in API level 18

public Context getContext ()

Gets the Android context used for operations with this instance.

Returns
`Context`

getEndDate

Added in API level 18

public Date getEndDate ()

Gets the end date to be used on the X.509 certificate that will be put in the KeyStore.

Returns
`Date`	This value cannot be `null`.

getKeySize

Added in API level 19
Deprecated in API level 23

public int getKeySize ()

Returns the key size specified by this parameter. For instance, for RSA this will return the modulus size and for EC it will return the field size.

Returns
`int`

getKeyType

Added in API level 19
Deprecated in API level 23

public String getKeyType ()

Returns the type of key pair (e.g., EC, RSA) to be generated. See KeyProperties.KEY_ALGORITHM constants.

Returns

Returns
`String`	This value may be `null`. Value is `KeyProperties.KEY_ALGORITHM_RSA`, `KeyProperties.KEY_ALGORITHM_EC`, android.security.keystore.KeyProperties.KEY_ALGORITHM_XDH, `KeyProperties.KEY_ALGORITHM_AES`, `KeyProperties.KEY_ALGORITHM_HMAC_SHA1`, `KeyProperties.KEY_ALGORITHM_HMAC_SHA224`, `KeyProperties.KEY_ALGORITHM_HMAC_SHA256`, `KeyProperties.KEY_ALGORITHM_HMAC_SHA384`, or `KeyProperties.KEY_ALGORITHM_HMAC_SHA512`

String

This value may be null. Value is KeyProperties.KEY_ALGORITHM_RSA, KeyProperties.KEY_ALGORITHM_EC, android.security.keystore.KeyProperties.KEY_ALGORITHM_XDH, KeyProperties.KEY_ALGORITHM_AES, KeyProperties.KEY_ALGORITHM_HMAC_SHA1, KeyProperties.KEY_ALGORITHM_HMAC_SHA224, KeyProperties.KEY_ALGORITHM_HMAC_SHA256, KeyProperties.KEY_ALGORITHM_HMAC_SHA384, or KeyProperties.KEY_ALGORITHM_HMAC_SHA512

getKeystoreAlias

Added in API level 18

public String getKeystoreAlias ()

Returns the alias that will be used in the java.security.KeyStore in conjunction with the AndroidKeyStore.

Returns
`String`

getSerialNumber

Added in API level 18

public BigInteger getSerialNumber ()

Gets the serial number to be used on the X.509 certificate that will be put in the KeyStore.

Returns
`BigInteger`	This value cannot be `null`.

getStartDate

Added in API level 18

public Date getStartDate ()

Gets the start date to be used on the X.509 certificate that will be put in the KeyStore.

Returns
`Date`	This value cannot be `null`.

getSubjectDN

Added in API level 18

public X500Principal getSubjectDN ()

Gets the subject distinguished name to be used on the X.509 certificate that will be put in the KeyStore.

Returns
`X500Principal`	This value cannot be `null`.

isEncryptionRequired

Added in API level 18

public boolean isEncryptionRequired ()

This method is deprecated.
Encryption at rest is on by default. If extra binding to the lockscreen screen credential is desired use KeyGenParameterSpec.Builder.setUserAuthenticationRequired(boolean). This flag will be ignored from Android S.

Returns true if the key must be encrypted at rest. This will protect the key pair with the secure lock screen credential (e.g., password, PIN, or pattern).

Note that encrypting the key at rest requires that the secure lock screen (e.g., password, PIN, pattern) is set up, otherwise key generation will fail. Moreover, this key will be deleted when the secure lock screen is disabled or reset (e.g., by the user or a Device Administrator). Finally, this key cannot be used until the user unlocks the secure lock screen after boot.

Returns
`boolean`

See also:

KeyguardManager.isDeviceSecure()

KeyPairGeneratorSpec

Summary

Nested classes

Public methods

Inherited methods

Public methods

getAlgorithmParameterSpec

getContext

getEndDate

getKeySize

getKeyType

getKeystoreAlias

getSerialNumber

getStartDate

getSubjectDN

isEncryptionRequired