Hi I have a program that need store a key in the keystore, I generate a pair keys and I sign a value and this works perfectly all time. The problem comes when the user goes to preferences and changes the password or change the password mode to pin mode. After that, when I try to access to the private key the keystore return to me a null value.
I know that the keysotore values are signed with the unlock password value, but I believed that if the user changed the password the keystore would be to resign with the new key, but this is not the case.
I'm doing something wrong? If it is not the case, exist any way to take the password change and do manually?
this is the code that I'm using.
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
kpg.initialize(new KeyPairGeneratorSpec.Builder(context)
.setAlias(ALIAS)
.setStartDate(now)
.setEndDate(end)
.setSerialNumber(BigInteger.valueOf(1))
.setSubject(new X500Principal("CN=test1"))
.build());
KeyPair kp = kpg.generateKeyPair();
an this is the code of obtain keystore
KeyStore ks = KeyStore.getInstance("AndroidKeyStore");
ks.load(null);
KeyStore.Entry entry = ks.getEntry(ALIAS, null);
if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
Log.w("borrar", "Not an instance of a PrivateKeyEntry");
return null;
}
Thank you,