How to use Android KeyStore API with API 18?

java android security
11,952

Solution 1

Symmetric key generation and storage in the Android KeyStore is supported from Android 6.0 (API Level 23) onwards.

Asymmetric key generation and storage in the Android KeyStore is supported from Android 4.3 (API Level 18) onwards.

See this document for more info: Android Keystore System

Though there are some problems you can use Asymmetric key generation. Follow the reference bellow..

Asymmetric Key Generation

Solution 2

private final String ENCRYPTION_ALIAS = "anEncryptionAlias"

if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
    KeyPairGenerator generator = KeyPairGenerator.getInstance(KEY_ALGORITHM_RSA, AndroidKeyStore);
    generator.initialize(new KeyGenParameterSpec.Builder(
        ENCRYPTION_ALIAS,
        KeyProperties.PURPOSE_SIGN | KeyProperties.PURPOSE_VERIFY)
        .setDigests(
            KeyProperties.DIGEST_SHA256,
            KeyProperties.DIGEST_SHA512)
        .build()
    );
    generator.generateKeyPair();
} else {
    Calendar start = Calendar.getInstance();
    Calendar end = Calendar.getInstance();
    end.add(Calendar.YEAR, 1);
    KeyPairGeneratorSpec spec = new KeyPairGeneratorSpec
        .Builder(SadadApplication.getInstance().getApplicationContext())
        .setAlias(ENCRYPTION_ALIAS)
        .setSubject(new X500Principal("CN=Your Company ," +
            " O=Your Organization" +
            " C=Your Coountry"))
        .setSerialNumber(BigInteger.ONE)
        .setStartDate(start.getTime())
        .setEndDate(end.getTime())
        .build();
    KeyPairGenerator generator = KeyPairGenerator.getInstance(KEY_ALGORITHM_RSA, AndroidKeyStore);

    generator.initialize(spec);
    generator.generateKeyPair();
}
Share:
11,952

Related videos on Youtube

user299648
Author by

user299648

Updated on September 15, 2022

Comments

  • user299648
    user299648 over 1 year

    How do I get the equivalent code below when I'm targeting API 18? Code below works only for API 23 and above. Also how secure would the API 18 code be, given that we can't use KeyGenParameterSpec and the API 18 code might use deprecated APIs? 

    KeyGenerator keyGenerator = KeyGenerator.getInstance(
    KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore");

keyGenerator.init(new KeyGenParameterSpec.Builder(alias,
    KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
    .setBlockModes(KeyProperties.BLOCK_MODE_CBC)
    .setKeySize(256)
    .setUserAuthenticationRequired(true)
    .setUserAuthenticationValidityDurationSeconds(400)
    .setRandomizedEncryptionRequired(false)
    .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
    .build());

SecretKey key = keyGenerator.generateKey();
  • Arst
    Arst about 6 years
    Is there any way you can generate symmetric key prior to API level 23?
  • IgorGanapolsky
    IgorGanapolsky almost 6 years
    KeyPairGeneratorSpec is not the same thing as KeyGenerator
  • Amir Raza
    Amir Raza about 3 years
    @Arst Yes, you can generate symmetric key but It will not be in the keystore, what you can do is, generate asymmetric key (will be in keystore) then generate symmetric key and encrypt it with public key of asymmetric and encodeToString it with Base64 and store it to db like SharedPreferences, then you can use it by decrypting with private key. Symmetric key can be generated as KeyGenerator.getInstance("AES").apply { init(KEY_SIZE) //256 etc... }.generateKey()
  • hornet2319
    hornet2319 almost 3 years
    KEY_ALGORITHM_RSA Field still requires API level 23

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to Hash String using SHA-1 with key?
How to create a secure SSL connection between Android client and Java server?
java.lang.SecurityException: Permission Denial: starting Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER]
Key from String in Java RSA
Is RSA PKCS1-OAEP padding supported in bouncycastle?
Obfuscation: hide hardcoded values in java
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. Android 2.3
Android java.security.cert.CertPathValidatorException: Trust anchor for certification path not found
Android encryption
How to check if class exists somewhere in package?