File Doc Category Size Date Package
KeyStore.java API Doc Android 5.1 API 10915 Thu Mar 12 22:22:30 GMT 2015 android.security

KeyStore

java.lang.Object

public class KeyStore extends Object

hide: This should not be made public in its present form because it assumes that private and secret key bytes are available and would preclude the use of hardware crypto.

Fields Summary
private static final String
TAG
public static final int
NO_ERROR
public static final int
LOCKED
public static final int
UNINITIALIZED
public static final int
SYSTEM_ERROR
public static final int
PROTOCOL_ERROR
public static final int
PERMISSION_DENIED
public static final int
KEY_NOT_FOUND
public static final int
VALUE_CORRUPTED
public static final int
UNDEFINED_ACTION
public static final int
WRONG_PASSWORD
public static final int
UID_SELF
public static final int
FLAG_NONE
public static final int
FLAG_ENCRYPTED
private int
mError
private final IKeystoreService
mBinder
Constructors Summary
private KeyStore(IKeystoreService binder)
mBinder = binder;
Methods Summary
public boolean clearUid(int uid)
try { return mBinder.clear_uid(uid) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean contains(java.lang.String key, int uid)
try { return mBinder.exist(key, uid) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean contains(java.lang.String key)
return contains(key, UID_SELF);
public boolean delKey(java.lang.String key, int uid)
try { return mBinder.del_key(key, uid) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean delKey(java.lang.String key)
return delKey(key, UID_SELF);
public boolean delete(java.lang.String key, int uid)
try { return mBinder.del(key, uid) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean delete(java.lang.String key)
return delete(key, UID_SELF);
public boolean duplicate(java.lang.String srcKey, int srcUid, java.lang.String destKey, int destUid)
try { return mBinder.duplicate(srcKey, srcUid, destKey, destUid) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean generate(java.lang.String key, int uid, int keyType, int keySize, int flags, byte[][] args)
try { return mBinder.generate(key, uid, keyType, keySize, flags, args) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public byte[] get(java.lang.String key)
try { return mBinder.get(key); } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return null; }
public static android.security.KeyStore getInstance()
IKeystoreService keystore = IKeystoreService.Stub.asInterface(ServiceManager .getService("android.security.keystore")); return new KeyStore(keystore);
static int getKeyTypeForAlgorithm(java.lang.String keyType)
if ("RSA".equalsIgnoreCase(keyType)) { return NativeCrypto.EVP_PKEY_RSA; } else if ("DSA".equalsIgnoreCase(keyType)) { return NativeCrypto.EVP_PKEY_DSA; } else if ("EC".equalsIgnoreCase(keyType)) { return NativeCrypto.EVP_PKEY_EC; } else { throw new IllegalArgumentException("Unsupported key type: " + keyType); }
public int getLastError()
return mError;
public byte[] getPubkey(java.lang.String key)
try { return mBinder.get_pubkey(key); } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return null; }
public long getmtime(java.lang.String key)
Returns the last modification time of the key in milliseconds since the epoch. Will return -1L if the key could not be found or other error.
try { final long millis = mBinder.getmtime(key); if (millis == -1L) { return -1L; } return millis * 1000L; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return -1L; }
public boolean grant(java.lang.String key, int uid)
try { return mBinder.grant(key, uid) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean importKey(java.lang.String keyName, byte[] key, int uid, int flags)
try { return mBinder.import_key(keyName, key, uid, flags) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean isEmpty()
try { return mBinder.zero() == KEY_NOT_FOUND; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean isHardwareBacked()
return isHardwareBacked("RSA");
public boolean isHardwareBacked(java.lang.String keyType)
try { return mBinder.is_hardware_backed(keyType.toUpperCase(Locale.US)) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean isUnlocked()
return state() == State.UNLOCKED;
public boolean lock()
try { return mBinder.lock() == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean password(java.lang.String password)
try { return mBinder.password(password) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean passwordUid(java.lang.String password, int uid)
try { mError = mBinder.password_uid(password, uid); return mError == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean put(java.lang.String key, byte[] value, int uid, int flags)
try { return mBinder.insert(key, value, uid, flags) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean reset()
try { return mBinder.reset() == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean resetUid(int uid)
try { mError = mBinder.reset_uid(uid); return mError == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public java.lang.String[] saw(java.lang.String prefix, int uid)
try { return mBinder.saw(prefix, uid); } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return null; }
public java.lang.String[] saw(java.lang.String prefix)
return saw(prefix, UID_SELF);
public byte[] sign(java.lang.String key, byte[] data)
try { return mBinder.sign(key, data); } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return null; }
public android.security.KeyStore$State state()
final int ret; try { ret = mBinder.test(); } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); throw new AssertionError(e); } switch (ret) { case NO_ERROR: return State.UNLOCKED; case LOCKED: return State.LOCKED; case UNINITIALIZED: return State.UNINITIALIZED; default: throw new AssertionError(mError); }
public boolean syncUid(int sourceUid, int targetUid)
try { mError = mBinder.sync_uid(sourceUid, targetUid); return mError == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean ungrant(java.lang.String key, int uid)
try { return mBinder.ungrant(key, uid) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean unlock(java.lang.String password)
try { mError = mBinder.unlock(password); return mError == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }
public boolean verify(java.lang.String key, byte[] data, byte[] signature)
try { return mBinder.verify(key, data, signature) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; }