| Constructors Summary |
|---|
public KeyPairGeneratorSpec(android.content.Context context, String keyStoreAlias, String keyType, int keySize, AlgorithmParameterSpec spec, X500Principal subjectDN, BigInteger serialNumber, Date startDate, Date endDate, int flags)Parameter specification for the "{@code AndroidKeyPairGenerator}"
instance of the {@link java.security.KeyPairGenerator} API. The
{@code context} passed in may be used to pop up some UI to ask the user
to unlock or initialize the Android keystore facility.
After generation, the {@code keyStoreAlias} is used with the
{@link java.security.KeyStore#getEntry(String, java.security.KeyStore.ProtectionParameter)}
interface to retrieve the {@link PrivateKey} and its associated
{@link Certificate} chain.
The KeyPair generator will create a self-signed certificate with the
properties of {@code subjectDN} as its X.509v3 Subject Distinguished Name
and as its X.509v3 Issuer Distinguished Name, using the specified
{@code serialNumber}, and the validity date starting at {@code startDate}
and ending at {@code endDate}.
if (context == null) {
throw new IllegalArgumentException("context == null");
} else if (TextUtils.isEmpty(keyStoreAlias)) {
throw new IllegalArgumentException("keyStoreAlias must not be empty");
} else if (subjectDN == null) {
throw new IllegalArgumentException("subjectDN == null");
} else if (serialNumber == null) {
throw new IllegalArgumentException("serialNumber == null");
} else if (startDate == null) {
throw new IllegalArgumentException("startDate == null");
} else if (endDate == null) {
throw new IllegalArgumentException("endDate == null");
} else if (endDate.before(startDate)) {
throw new IllegalArgumentException("endDate < startDate");
}
final int keyTypeInt = KeyStore.getKeyTypeForAlgorithm(keyType);
if (keySize == -1) {
keySize = getDefaultKeySizeForType(keyTypeInt);
}
checkCorrectParametersSpec(keyTypeInt, keySize, spec);
checkValidKeySize(keyTypeInt, keySize);
mContext = context;
mKeystoreAlias = keyStoreAlias;
mKeyType = keyType;
mKeySize = keySize;
mSpec = spec;
mSubjectDN = subjectDN;
mSerialNumber = serialNumber;
mStartDate = startDate;
mEndDate = endDate;
mFlags = flags;
|
| Methods Summary |
|---|
| private static void | checkCorrectParametersSpec(int keyType, int keySize, java.security.spec.AlgorithmParameterSpec spec)
if (keyType == NativeCrypto.EVP_PKEY_DSA && spec != null) {
if (!(spec instanceof DSAParameterSpec)) {
throw new IllegalArgumentException("DSA keys must have DSAParameterSpec specified");
}
} else if (keyType == NativeCrypto.EVP_PKEY_RSA && spec != null) {
if (spec instanceof RSAKeyGenParameterSpec) {
RSAKeyGenParameterSpec rsaSpec = (RSAKeyGenParameterSpec) spec;
if (keySize != -1 && keySize != rsaSpec.getKeysize()) {
throw new IllegalArgumentException("RSA key size must match: " + keySize
+ " vs " + rsaSpec.getKeysize());
}
} else {
throw new IllegalArgumentException("RSA may only use RSAKeyGenParameterSpec");
}
}
|
| private static void | checkValidKeySize(int keyType, int keySize)
if (keyType == NativeCrypto.EVP_PKEY_DSA) {
if (keySize < DSA_MIN_KEY_SIZE || keySize > DSA_MAX_KEY_SIZE) {
throw new IllegalArgumentException("DSA keys must be >= " + DSA_MIN_KEY_SIZE
+ " and <= " + DSA_MAX_KEY_SIZE);
}
} else if (keyType == NativeCrypto.EVP_PKEY_EC) {
if (keySize < EC_MIN_KEY_SIZE || keySize > EC_MAX_KEY_SIZE) {
throw new IllegalArgumentException("EC keys must be >= " + EC_MIN_KEY_SIZE
+ " and <= " + EC_MAX_KEY_SIZE);
}
} else if (keyType == NativeCrypto.EVP_PKEY_RSA) {
if (keySize < RSA_MIN_KEY_SIZE || keySize > RSA_MAX_KEY_SIZE) {
throw new IllegalArgumentException("RSA keys must be >= " + RSA_MIN_KEY_SIZE
+ " and <= " + RSA_MAX_KEY_SIZE);
}
} else {
throw new IllegalArgumentException("Invalid key type " + keyType);
}
|
| public java.security.spec.AlgorithmParameterSpec | getAlgorithmParameterSpec()Returns the {@link AlgorithmParameterSpec} that will be used for creation
of the key pair.
return mSpec;
|
| public android.content.Context | getContext()Gets the Android context used for operations with this instance.
return mContext;
|
| private static int | getDefaultKeySizeForType(int keyType)
if (keyType == NativeCrypto.EVP_PKEY_DSA) {
return DSA_DEFAULT_KEY_SIZE;
} else if (keyType == NativeCrypto.EVP_PKEY_EC) {
return EC_DEFAULT_KEY_SIZE;
} else if (keyType == NativeCrypto.EVP_PKEY_RSA) {
return RSA_DEFAULT_KEY_SIZE;
}
throw new IllegalArgumentException("Invalid key type " + keyType);
|
| public java.util.Date | getEndDate()Gets the end date to be used on the X.509 certificate that will be put in
the {@link java.security.KeyStore}.
return mEndDate;
|
| int | getFlags()
return mFlags;
|
| public int | getKeySize()Returns the key size specified by this parameter. For instance, for RSA
this will return the modulus size and for EC it will return the field
size.
return mKeySize;
|
| public java.lang.String | getKeyType()Returns the key type (e.g., "RSA", "DSA", "EC") specified by this
parameter.
return mKeyType;
|
| public java.lang.String | getKeystoreAlias()Returns the alias that will be used in the {@code java.security.KeyStore}
in conjunction with the {@code AndroidKeyStore}.
return mKeystoreAlias;
|
| public java.math.BigInteger | getSerialNumber()Gets the serial number to be used on the X.509 certificate that will be
put in the {@link java.security.KeyStore}.
return mSerialNumber;
|
| public java.util.Date | getStartDate()Gets the start date to be used on the X.509 certificate that will be put
in the {@link java.security.KeyStore}.
return mStartDate;
|
| public javax.security.auth.x500.X500Principal | getSubjectDN()Gets the subject distinguished name to be used on the X.509 certificate
that will be put in the {@link java.security.KeyStore}.
return mSubjectDN;
|
| public boolean | isEncryptionRequired()Returns {@code true} if this parameter will require generated keys to be
encrypted in the {@link java.security.KeyStore}.
return (mFlags & KeyStore.FLAG_ENCRYPTED) != 0;
|
