问题
I have generated a key pair using KeyPairGenerator. How can I set password to my private key so that who knows the password can only access the private key.
回答1:
Android KeyStore can no be protected with passwords .
Requesting and additional password is not user friendly using mobile devices. Keys can be protected requiring user to unlock the device before before using the key. Then only the owner of the device can use it, since he/she has configured the PIN/pattern or even fingerprint. It you need an extra protection level, then you can define that some keys can only be used with fingerprint authentication
The Android Keystore system lets you store cryptographic keys in a container to make it more difficult to extract from the device. Once keys are in the keystore, they can be used for cryptographic operations with the key material remaining non-exportable. Moreover, it offers facilities to restrict when and how keys can be used, such as requiring user authentication for key use or restricting keys to be used only in certain cryptographic modes.
For example:
KeyPairGenerator kpg = KeyPairGenerator.getInstance(
KeyProperties.KEY_ALGORITHM_RSA, "AndroidKeyStore");
kpg.initialize(new KeyGenParameterSpec.Builder(
alias,
KeyProperties.PURPOSE_SIGN | KeyProperties.PURPOSE_VERIFY)
.setDigests(KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA512)
.setKeySize(keySize)
.setUserAuthenticationRequired()
.build());
KeyPair keyPair = kpg.generateKeyPair();
If you are referring to protect your keys from usage from other applications (it is not clear in your question), then do not worry, Android Keys can only be used by the app that created them
来源:https://stackoverflow.com/questions/42748436/how-to-set-key-entry-with-password-in-android-keystore