如何在API 18中使用Android KeyStore API？

Question

如何在API 18中使用Android KeyStore API？

19

当我针对API 18时，如何获得与下面的等效代码？下面的代码仅适用于API 23及以上。另外，鉴于我们无法使用KeyGenParameterSpec，API 18代码会有多安全，可能会使用已弃用的API？

KeyGenerator keyGenerator = KeyGenerator.getInstance(
    KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore");

keyGenerator.init(new KeyGenParameterSpec.Builder(alias,
    KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
    .setBlockModes(KeyProperties.BLOCK_MODE_CBC)
    .setKeySize(256)
    .setUserAuthenticationRequired(true)
    .setUserAuthenticationValidityDurationSeconds(400)
    .setRandomizedEncryptionRequired(false)
    .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
    .build());

SecretKey key = keyGenerator.generateKey();

- user299648

1个回答

网页内容由stack overflow 提供, 点击上面的

可以查看英文原文，
原文链接

- Raza · Accepted Answer

private final String ENCRYPTION_ALIAS = "anEncryptionAlias"

if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
    KeyPairGenerator generator = KeyPairGenerator.getInstance(KEY_ALGORITHM_RSA, AndroidKeyStore);
    generator.initialize(new KeyGenParameterSpec.Builder(
        ENCRYPTION_ALIAS,
        KeyProperties.PURPOSE_SIGN | KeyProperties.PURPOSE_VERIFY)
        .setDigests(
            KeyProperties.DIGEST_SHA256,
            KeyProperties.DIGEST_SHA512)
        .build()
    );
    generator.generateKeyPair();
} else {
    Calendar start = Calendar.getInstance();
    Calendar end = Calendar.getInstance();
    end.add(Calendar.YEAR, 1);
    KeyPairGeneratorSpec spec = new KeyPairGeneratorSpec
        .Builder(YourApplication.getInstance().getApplicationContext())
        .setAlias(ENCRYPTION_ALIAS)
        .setSubject(new X500Principal("CN=Your Company ," +
            " O=Your Organization" +
            " C=Your Coountry"))
        .setSerialNumber(BigInteger.ONE)
        .setStartDate(start.getTime())
        .setEndDate(end.getTime())
        .build();
    KeyPairGenerator generator = KeyPairGenerator.getInstance(KEY_ALGORITHM_RSA, AndroidKeyStore);

    generator.initialize(spec);
    generator.generateKeyPair();
}