Android KeyStore Initialization

2020-06-06 06:59发布

站内问答 / Android
1068 2 6

First off I am new to android Programming, though I am not new to programming itself. What I am, essentially, trying to do is to save my encryption Keys into the Android Keystore. There seems to be a phenomenal lack of such information on GOOGLE, itself. Since there is not much how-to available on the topic I am assuming that it isn't fairly standard knowledge. So can someone please give me a sample code to

  1. Initialize the KeyStore(Will be using AES-256).
  2. Save multiple keys in a KeyStore(Please tell me the max number of keys I can store in 1 KeyStore, since i plan on saving nothing short of a 100).
  3. Get Keys from KeyStore.
  4. Edit Keys
  5. Delete Keys
  6. Delete Entire KeyStore

So in essence a code for all basic functions of a keystore. Thank you in advance for your assistance.

2条回答
萌系小妹纸
2楼-- · 2020-06-06 07:39

If you set your minSdkVersion to 23 or higher Android M makes it easy to generate and manage symmetric keys as of this month.

Check out the 4th example listed here. https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.html

 KeyGenerator keyGenerator = KeyGenerator.getInstance(
         KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore");
 keyGenerator.initialize(
         new KeyGenParameterSpec.Builder("key2",
                 KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
                 .setBlockModes(KeyProperties.BLOCK_MODE_GCM)
                 .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
                 .build());
 SecretKey key = keyGenerator.generateKey();

 Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
 cipher.init(Cipher.ENCRYPT_MODE, key);
 ...

 // The key can also be obtained from the Android Keystore any time as follows:
 KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
 keyStore.load(null);
 key = (SecretKey) keyStore.getKey("key2", null);

This example also was helpful. https://github.com/googlesamples/android-ConfirmCredential/blob/master/Application/src/main/java/com/example/android/confirmcredential/MainActivity.java

查看更多
0人赞 添加讨论(0) 举报
叛逆
3楼-- · 2020-06-06 07:55

I think Android Key Store does not support symmetric keys like AES keys. Please refer to here. BTW, why does the app need so many symmetric keys? I suggest that you store one master asymmetric key in key store, and use this key to encrypt many other symmetric keys in your app. Hope you solve your problem soon.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)