KeyProtection
instead.@Deprecated public final class KeyStoreParameter extends Object implements KeyStore.ProtectionParameter
KeyStore
entries that work with
Android KeyStore
facility. The Android KeyStore facility is accessed through a
KeyStore
API using the AndroidKeyStore
provider. The context
passed in may be used to pop up some UI to ask
the user to unlock or initialize the Android KeyStore facility.
Any entries placed in the KeyStore
may be retrieved later. Note that
there is only one logical instance of the KeyStore
per application
UID so apps using the sharedUid
facility will also share a
KeyStore
.
Keys may be generated using the KeyPairGenerator
facility with a
KeyPairGeneratorSpec
to specify the entry's alias
. A
self-signed X.509 certificate will be attached to generated entries, but that
may be replaced at a later time by a certificate signed by a real Certificate
Authority.
Modifier and Type | Class and Description |
---|---|
static class |
KeyStoreParameter.Builder
Deprecated.
Use
KeyProtection.Builder instead. |
Modifier and Type | Method and Description |
---|---|
int |
getFlags()
Deprecated.
|
boolean |
isEncryptionRequired()
Deprecated.
Returns
true if the KeyStore entry must be encrypted at rest. |
public int getFlags()
public boolean isEncryptionRequired()
true
if the KeyStore
entry must be encrypted at rest.
This will protect the entry with the secure lock screen credential (e.g., password, PIN, or
pattern).
Note that encrypting the key at rest requires that the secure lock screen (e.g., password, PIN, pattern) is set up, otherwise key generation will fail. Moreover, this key will be deleted when the secure lock screen is disabled or reset (e.g., by the user or a Device Administrator). Finally, this key cannot be used until the user unlocks the secure lock screen after boot.
KeyguardManager.isDeviceSecure()