encode() with private key in “AndroidKeyStore” return null

Question

With Android 4.3, this code return null.

KeyStore keyStore = KeyStore.getInstance(\"AndroidKeyStore\");
keyStore.load(null);
keyStore.setKeyEntry(alias, priv         


        

Answer 1

The Android KeyChain API prevents you from being able to get an encoded private key.

See the method at line 158 of OpenSSLRSAPrivateKey.java

@Override
public final BigInteger getPrivateExponent() {
    if (key.isEngineBased()) {
        throw new UnsupportedOperationException("private exponent cannot be extracted");
    }

But the benefit of using the KeyChain API is that it provides system-wide credential storage. Any app should be able to retrieve the key pair and certificate by its alias. Refer to the KeyStore docs.