本文整理汇总了Java中android.security.keystore.KeyProperties.PURPOSE_DECRYPT属性的典型用法代码示例。如果您正苦于以下问题:Java KeyProperties.PURPOSE_DECRYPT属性的具体用法?Java KeyProperties.PURPOSE_DECRYPT怎么用?Java KeyProperties.PURPOSE_DECRYPT使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类android.security.keystore.KeyProperties的用法示例。
在下文中一共展示了KeyProperties.PURPOSE_DECRYPT属性的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: generateKey
protected SecretKey generateKey() {
SecretKey key = null;
try {
KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(
getKeyAlias(),
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT);
KeyGenParameterSpec keySpec = builder
.setKeySize(CIPHER_KEY_LENGHT)
.setBlockModes(CIPHER_BLOCKS)
.setEncryptionPaddings(CIPHER_PADDING)
.setRandomizedEncryptionRequired(false) //FIXME: set to true because we should be using IND-CPA but this means that a IV has to be store per token (less generic than i though)
.setUserAuthenticationRequired(isKeyPinRequired())
.setUserAuthenticationValidityDurationSeconds(getKeyPinDuration())
.build();
KeyGenerator kg = KeyGenerator.getInstance(CIPHER_ALGO, KEYSTORE_TYPE);
kg.init(keySpec);
key = kg.generateKey();
} catch (InvalidAlgorithmParameterException | NoSuchProviderException | NoSuchAlgorithmException e) {
Log.e(TAG, "Couldn't generate secret key", e);
}
return key;
}
示例2: getSecretKey
/**
* Gets a secret key from Android key store.
* If no key has been generated with a given alias then generate a new one
* @return
* @throws KeyStoreException
* @throws CertificateException
* @throws NoSuchAlgorithmException
* @throws IOException
* @throws NoSuchProviderException
* @throws InvalidAlgorithmParameterException
* @throws UnrecoverableKeyException
*/
@RequiresApi(api = Build.VERSION_CODES.M)
private static Key getSecretKey() throws GeneralSecurityException, IOException {
KeyStore keyStore = KeyStore.getInstance(KEY_STORE_ANDROID);
keyStore.load(null);
if (!keyStore.containsAlias(KEY_ALIAS_AMAZE)) {
KeyGenerator keyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, KEY_STORE_ANDROID);
KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(KEY_ALIAS_AMAZE,
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT);
builder.setBlockModes(KeyProperties.BLOCK_MODE_GCM);
builder.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE);
builder.setRandomizedEncryptionRequired(false);
keyGenerator.init(builder.build());
return keyGenerator.generateKey();
} else {
return keyStore.getKey(KEY_ALIAS_AMAZE, null);
}
}
示例3: initKeyStore
/**
* Generates a new AES key and stores it under the { @code KEY_ALIAS_AES } in the
* Android Keystore.
*/
private void initKeyStore() {
if (android.os.Build.VERSION.SDK_INT < android.os.Build.VERSION_CODES.M) {
return;
}
try {
mKeyStore = KeyStore.getInstance(ANDROID_KEYSTORE_PROVIDER);
mKeyStore.load(null);
// Check if a generated key exists under the KEY_ALIAS_AES .
if (!mKeyStore.containsAlias(KEY_ALIAS_AES)) {
KeyGenerator keyGenerator = KeyGenerator.getInstance(
KeyProperties.KEY_ALGORITHM_AES, ANDROID_KEYSTORE_PROVIDER);
KeyGenParameterSpec.Builder builder = null;
builder = new KeyGenParameterSpec.Builder(
KEY_ALIAS_AES,
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT);
builder.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
.setKeySize(256)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
// forces user authentication with fingerprint
.setUserAuthenticationRequired(true);
keyGenerator.init(builder.build());
keyGenerator.generateKey();
}
} catch (Exception e) {
}
}
示例4: generateAesKey
/**
* Generates a new AES key and stores it under the { @code KEY_ALIAS_AES } in the
* Android Keystore.
*/
@SuppressWarnings("StatementWithEmptyBody")
private void generateAesKey() {
try {
// The KeyGenerator is an engine class for creating symmetric keys utilizing the
// algorithm it was initialized with.
KeyGenerator keyGenerator = KeyGenerator.getInstance(
KeyProperties.KEY_ALGORITHM_AES, ANDROID_KEYSTORE_PROVIDER);
// Create a new instance of the KeyGenParameterSpec.Builder, hand over
// the key alias and the different purposes for which you want to use the key.
// Keep in mind that you can only use the key for the operations you have specified
// here - once the key is created it can't be changed.
KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(
KEY_ALIAS_AES,
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT);
// Define the basic encryption parameters for the key. The set configuration
// matches the AES_DEFAULT_TRANSFORMATION constant.
builder.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
.setKeySize(256)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7);
if (mRadioUserAuthentication.isChecked()) {
// Create a key which requires the user to be authenticated during
// the last 30 seconds. Could also be 30 seconds or even 5 minutes -
// choose whatever fits your security guidelines best.
// Before continuing, check if the user has set up a secure lockscreen -
// if not, prompt the user to set one up ;-)
if (!hasSetupSecureLockscreen()) return;
builder.setUserAuthenticationRequired(true)
.setUserAuthenticationValidityDurationSeconds(15);
} else if (mRadioUserFingerprint.isChecked()) {
// Create a key which needs fingerprint authentication every time.
// Before continuing, check if the device supports fingerprint
// authentication and if the user has at least enrolled one fingerprint -
// if not, prompt the user to enroll one ;-)
if (!hasSetupFingerprint()) return;
builder.setUserAuthenticationRequired(true);
} else {
// Create a key which does not need any user authentication.
// Nothing more to add here!
}
// Initialize the KeyGenerator with the KeyGenParameterSpec which will be created by
// the KeyGenParameterSpec.Builder .
keyGenerator.init(builder.build());
// Finally, generate the key...
keyGenerator.generateKey();
// ...and show a TextView with a confirmation text.
showSuccessTextView();
} catch (NoSuchAlgorithmException | NoSuchProviderException
| InvalidAlgorithmParameterException e) {
throw new RuntimeException("Failed to create a symmetric key", e);
}
}