private void createKey(KeyStore ks, String keyName, int timeout) throws Exception { KeyStore.Entry entry=ks.getEntry(keyName, null); if (entry==null) { KeyGenParameterSpec spec= new KeyGenParameterSpec.Builder(keyName, KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT) .setBlockModes(KeyProperties.BLOCK_MODE_CBC) .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7) .setUserAuthenticationRequired(true) .setUserAuthenticationValidityDurationSeconds(timeout) .setRandomizedEncryptionRequired(false) .build(); KeyGenerator keygen= KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, KEYSTORE); keygen.init(spec); keygen.generateKey(); } }
private void createKey(String keyName, int timeout) throws Exception { KeyStore.Entry entry=ks.getEntry(keyName, null); if (entry==null) { KeyGenParameterSpec spec= new KeyGenParameterSpec.Builder(keyName, KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT) .setBlockModes(KeyProperties.BLOCK_MODE_CBC) .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7) .setUserAuthenticationRequired(true) .setUserAuthenticationValidityDurationSeconds(timeout) .setRandomizedEncryptionRequired(false) .build(); KeyGenerator keygen= KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, KEYSTORE); keygen.init(spec); keygen.generateKey(); } } }
private SecretKey generateKey(String keyAlias) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException { KeyGenerator keyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, KEYSTORE_PROVIDER); keyGenerator.init(new KeyGenParameterSpec.Builder(keyAlias, KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT) .setBlockModes(KeyProperties.BLOCK_MODE_CBC) .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7) .setRandomizedEncryptionRequired(false) // we need that to make our custom IV work .build()); return keyGenerator.generateKey(); } }
.setKeySize(256) .setUserAuthenticationRequired(false) .setRandomizedEncryptionRequired(true) .setEncryptionPaddings(PADDING) .build());
.setCertificateNotAfter(end.getTime()) .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1) .setRandomizedEncryptionRequired(false) .build(); keyGenerator.initialize(spec);
private EncryptionKey loadKey() { SecretKey key; KeyGenerator keyGen; try { key = (SecretKey) mStore.getKey(KEY_ALIAS, null); if (key != null) { return new EncryptionKey(key, loadIv()); } keyGen = KeyGenerator.getInstance( KeyProperties.KEY_ALGORITHM_AES, KEYSTORE_PROVIDER); KeyGenParameterSpec spec = new KeyGenParameterSpec.Builder( KEY_ALIAS, KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT) .setBlockModes(KeyProperties.BLOCK_MODE_GCM) .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE) .setRandomizedEncryptionRequired(false) .build(); keyGen.init(spec); } catch (GeneralSecurityException e) { // Should never happen. throw new RuntimeException("Failed to load encryption key: ", e); } key = keyGen.generateKey(); byte[] iv = generateIv(); saveIv(iv); return new EncryptionKey(key, iv); }
private static AlgorithmParameterSpec generateParameterSpec(String alias) { return new KeyGenParameterSpec.Builder( alias, KeyProperties.PURPOSE_DECRYPT | KeyProperties.PURPOSE_ENCRYPT) .setBlockModes(ENCRYPTION_BLOCK_MODE) .setEncryptionPaddings(ENCRYPTION_PADDING) .setRandomizedEncryptionRequired(true) .setKeySize(ENCRYPTION_KEY_SIZE) .build(); }