Android KeyStore Initialization

前端 未结 2 2143
慢半拍i
慢半拍i 2021-02-11 09:26

First off I am new to android Programming, though I am not new to programming itself. What I am, essentially, trying to do is to save my encryption Keys into the Android Keystor

相关标签:
2条回答
  • 2021-02-11 09:56

    I think Android Key Store does not support symmetric keys like AES keys. Please refer to here. BTW, why does the app need so many symmetric keys? I suggest that you store one master asymmetric key in key store, and use this key to encrypt many other symmetric keys in your app. Hope you solve your problem soon.

    0 讨论(0)
  • 2021-02-11 10:19

    If you set your minSdkVersion to 23 or higher Android M makes it easy to generate and manage symmetric keys as of this month.

    Check out the 4th example listed here. https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.html

     KeyGenerator keyGenerator = KeyGenerator.getInstance(
             KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore");
     keyGenerator.init(
             new KeyGenParameterSpec.Builder("key2",
                     KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
                     .setBlockModes(KeyProperties.BLOCK_MODE_GCM)
                     .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
                     .build());
     SecretKey key = keyGenerator.generateKey();
    
     Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
     cipher.init(Cipher.ENCRYPT_MODE, key);
     ...
    
     // The key can also be obtained from the Android Keystore any time as follows:
     KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
     keyStore.load(null);
     key = (SecretKey) keyStore.getKey("key2", null);
    

    This example also was helpful. https://github.com/googlesamples/android-ConfirmCredential/blob/master/Application/src/main/java/com/example/android/confirmcredential/MainActivity.java

    0 讨论(0)
提交回复
热议问题