aboutsummaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorJan-Felix Schmakeit <jfschmakeit@google.com>2017-01-19 17:01:21 +1100
committerJan-Felix Schmakeit <jfschmakeit@google.com>2017-02-09 01:03:27 +0000
commit6f3586bc08b96d14d8f1315f4839ac59aa39798c (patch)
tree994fbb354afcfe5cc1d29dd9da9cb65d2a9816e9 /security
parent9bc28e3c6afc84700fb35a2ae3b9440a0f59c107 (diff)
downloadandroid-6f3586bc08b96d14d8f1315f4839ac59aa39798c.tar.gz
Update BasicKeyStore sample for new keystore APIs.
Above Android M, use KeyGenparameterSpec to generate the key pair. This change also updates the icons. Change-Id: I2717d21c3df62441eecdb5e24882c0311eb1a1cf
Diffstat (limited to 'security')
-rw-r--r--security/keystore/BasicAndroidKeyStore/Application/src/main/AndroidManifest.xml2
-rw-r--r--security/keystore/BasicAndroidKeyStore/Application/src/main/java/com/example/android/basicandroidkeystore/BasicAndroidKeyStoreFragment.java70
-rw-r--r--security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-hdpi/ic_launcher.pngbin4199 -> 0 bytes
-rw-r--r--security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-mdpi/ic_launcher.pngbin2535 -> 0 bytes
-rw-r--r--security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-xhdpi/ic_launcher.pngbin6022 -> 0 bytes
-rw-r--r--security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-xxhdpi/ic_launcher.pngbin11040 -> 0 bytes
-rw-r--r--security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-hdpi/ic_launcher.pngbin0 -> 3217 bytes
-rw-r--r--security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-mdpi/ic_launcher.pngbin0 -> 2006 bytes
-rw-r--r--security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-xhdpi/ic_launcher.pngbin0 -> 4021 bytes
-rw-r--r--security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-xxhdpi/ic_launcher.pngbin0 -> 6521 bytes
-rw-r--r--security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-xxxhdpi/ic_launcher.pngbin0 -> 9058 bytes
-rw-r--r--security/keystore/BasicAndroidKeyStore/screenshots/big_icon.pngbin75125 -> 34900 bytes
-rw-r--r--security/keystore/BasicAndroidKeyStore/template-params.xml10
13 files changed, 57 insertions, 25 deletions
diff --git a/security/keystore/BasicAndroidKeyStore/Application/src/main/AndroidManifest.xml b/security/keystore/BasicAndroidKeyStore/Application/src/main/AndroidManifest.xml
index 1c3b255f..1f8a4319 100644
--- a/security/keystore/BasicAndroidKeyStore/Application/src/main/AndroidManifest.xml
+++ b/security/keystore/BasicAndroidKeyStore/Application/src/main/AndroidManifest.xml
@@ -26,7 +26,7 @@
<application android:allowBackup="true"
android:label="@string/app_name"
- android:icon="@drawable/ic_launcher"
+ android:icon="@mipmap/ic_launcher"
android:theme="@style/AppTheme">
<activity android:name=".MainActivity"
diff --git a/security/keystore/BasicAndroidKeyStore/Application/src/main/java/com/example/android/basicandroidkeystore/BasicAndroidKeyStoreFragment.java b/security/keystore/BasicAndroidKeyStore/Application/src/main/java/com/example/android/basicandroidkeystore/BasicAndroidKeyStoreFragment.java
index e6244bfb..3616e88e 100644
--- a/security/keystore/BasicAndroidKeyStore/Application/src/main/java/com/example/android/basicandroidkeystore/BasicAndroidKeyStoreFragment.java
+++ b/security/keystore/BasicAndroidKeyStore/Application/src/main/java/com/example/android/basicandroidkeystore/BasicAndroidKeyStoreFragment.java
@@ -16,15 +16,18 @@
package com.example.android.basicandroidkeystore;
+import com.example.android.common.logger.Log;
+
import android.content.Context;
+import android.os.Build;
import android.os.Bundle;
import android.security.KeyPairGeneratorSpec;
+import android.security.keystore.KeyGenParameterSpec;
+import android.security.keystore.KeyProperties;
import android.support.v4.app.Fragment;
import android.util.Base64;
import android.view.MenuItem;
-import com.example.android.common.logger.Log;
-
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
@@ -39,6 +42,7 @@ import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
+import java.security.spec.AlgorithmParameterSpec;
import java.util.Calendar;
import java.util.GregorianCalendar;
@@ -46,7 +50,7 @@ import javax.security.auth.x500.X500Principal;
public class BasicAndroidKeyStoreFragment extends Fragment {
- public static final String TAG = "BasicAndroidKeyStoreFragment";
+ public static final String TAG = "KeyStoreFragment";
// BEGIN_INCLUDE(values)
@@ -159,36 +163,54 @@ public class BasicAndroidKeyStoreFragment extends Fragment {
end.add(Calendar.YEAR, 1);
//END_INCLUDE(create_valid_dates)
-
- // BEGIN_INCLUDE(create_spec)
- // The KeyPairGeneratorSpec object is how parameters for your key pair are passed
- // to the KeyPairGenerator. For a fun home game, count how many classes in this sample
- // start with the phrase "KeyPair".
- KeyPairGeneratorSpec spec =
- new KeyPairGeneratorSpec.Builder(context)
- // You'll use the alias later to retrieve the key. It's a key for the key!
- .setAlias(mAlias)
- // The subject used for the self-signed certificate of the generated pair
- .setSubject(new X500Principal("CN=" + mAlias))
- // The serial number used for the self-signed certificate of the
- // generated pair.
- .setSerialNumber(BigInteger.valueOf(1337))
- // Date range of validity for the generated pair.
- .setStartDate(start.getTime())
- .setEndDate(end.getTime())
- .build();
- // END_INCLUDE(create_spec)
-
// BEGIN_INCLUDE(create_keypair)
// Initialize a KeyPair generator using the the intended algorithm (in this example, RSA
// and the KeyStore. This example uses the AndroidKeyStore.
KeyPairGenerator kpGenerator = KeyPairGenerator
.getInstance(SecurityConstants.TYPE_RSA,
SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
+ // END_INCLUDE(create_keypair)
+
+ // BEGIN_INCLUDE(create_spec)
+ // The KeyPairGeneratorSpec object is how parameters for your key pair are passed
+ // to the KeyPairGenerator.
+ AlgorithmParameterSpec spec;
+
+ if (Build.VERSION.SDK_INT < Build.VERSION_CODES.M) {
+ // Below Android M, use the KeyPairGeneratorSpec.Builder.
+
+ spec = new KeyPairGeneratorSpec.Builder(context)
+ // You'll use the alias later to retrieve the key. It's a key for the key!
+ .setAlias(mAlias)
+ // The subject used for the self-signed certificate of the generated pair
+ .setSubject(new X500Principal("CN=" + mAlias))
+ // The serial number used for the self-signed certificate of the
+ // generated pair.
+ .setSerialNumber(BigInteger.valueOf(1337))
+ // Date range of validity for the generated pair.
+ .setStartDate(start.getTime())
+ .setEndDate(end.getTime())
+ .build();
+
+
+ } else {
+ // On Android M or above, use the KeyGenparameterSpec.Builder and specify permitted
+ // properties and restrictions of the key.
+ spec = new KeyGenParameterSpec.Builder(mAlias, KeyProperties.PURPOSE_SIGN)
+ .setCertificateSubject(new X500Principal("CN=" + mAlias))
+ .setDigests(KeyProperties.DIGEST_SHA256)
+ .setSignaturePaddings(KeyProperties.SIGNATURE_PADDING_RSA_PKCS1)
+ .setCertificateSerialNumber(BigInteger.valueOf(1337))
+ .setCertificateNotBefore(start.getTime())
+ .setCertificateNotAfter(end.getTime())
+ .build();
+ }
+
kpGenerator.initialize(spec);
+
KeyPair kp = kpGenerator.generateKeyPair();
+ // END_INCLUDE(create_spec)
Log.d(TAG, "Public Key is: " + kp.getPublic().toString());
- // END_INCLUDE(create_keypair)
}
/**
diff --git a/security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-hdpi/ic_launcher.png b/security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-hdpi/ic_launcher.png
deleted file mode 100644
index b1efaf4b..00000000
--- a/security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-hdpi/ic_launcher.png
+++ /dev/null
Binary files differ
diff --git a/security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-mdpi/ic_launcher.png b/security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-mdpi/ic_launcher.png
deleted file mode 100644
index f5f9244f..00000000
--- a/security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-mdpi/ic_launcher.png
+++ /dev/null
Binary files differ
diff --git a/security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-xhdpi/ic_launcher.png b/security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-xhdpi/ic_launcher.png
deleted file mode 100644
index 5d07b3f0..00000000
--- a/security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-xhdpi/ic_launcher.png
+++ /dev/null
Binary files differ
diff --git a/security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-xxhdpi/ic_launcher.png b/security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-xxhdpi/ic_launcher.png
deleted file mode 100644
index 6ef21e1f..00000000
--- a/security/keystore/BasicAndroidKeyStore/Application/src/main/res/drawable-xxhdpi/ic_launcher.png
+++ /dev/null
Binary files differ
diff --git a/security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-hdpi/ic_launcher.png b/security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-hdpi/ic_launcher.png
new file mode 100644
index 00000000..c57b83ab
--- /dev/null
+++ b/security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-hdpi/ic_launcher.png
Binary files differ
diff --git a/security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-mdpi/ic_launcher.png b/security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-mdpi/ic_launcher.png
new file mode 100644
index 00000000..c43fc24a
--- /dev/null
+++ b/security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-mdpi/ic_launcher.png
Binary files differ
diff --git a/security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-xhdpi/ic_launcher.png b/security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-xhdpi/ic_launcher.png
new file mode 100644
index 00000000..4255f237
--- /dev/null
+++ b/security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-xhdpi/ic_launcher.png
Binary files differ
diff --git a/security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-xxhdpi/ic_launcher.png b/security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-xxhdpi/ic_launcher.png
new file mode 100644
index 00000000..f6ca8a92
--- /dev/null
+++ b/security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-xxhdpi/ic_launcher.png
Binary files differ
diff --git a/security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-xxxhdpi/ic_launcher.png b/security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-xxxhdpi/ic_launcher.png
new file mode 100644
index 00000000..0f623f6f
--- /dev/null
+++ b/security/keystore/BasicAndroidKeyStore/Application/src/main/res/mipmap-xxxhdpi/ic_launcher.png
Binary files differ
diff --git a/security/keystore/BasicAndroidKeyStore/screenshots/big_icon.png b/security/keystore/BasicAndroidKeyStore/screenshots/big_icon.png
index 004d80cd..aa816d75 100644
--- a/security/keystore/BasicAndroidKeyStore/screenshots/big_icon.png
+++ b/security/keystore/BasicAndroidKeyStore/screenshots/big_icon.png
Binary files differ
diff --git a/security/keystore/BasicAndroidKeyStore/template-params.xml b/security/keystore/BasicAndroidKeyStore/template-params.xml
index e2fddf67..bb0056ab 100644
--- a/security/keystore/BasicAndroidKeyStore/template-params.xml
+++ b/security/keystore/BasicAndroidKeyStore/template-params.xml
@@ -57,7 +57,10 @@ To verify the data using the signature provided, click \"Verify\".\n\n
<img>screenshots/screenshot5.png</img>
</screenshots>
<api_refs>
+ <android>android.security.keystore.KeyGenParameterSpec</android>
+ <android>android.security.keystore.KeyProperties</android>
<android>android.security.KeyPairGeneratorSpec</android>
+ <android>java.security.KeyStore</android>
</api_refs>
<description>
<![CDATA[
@@ -72,12 +75,19 @@ encryption keys that only your application can access.
A [KeyPair][2] consisting of a [PrivateKey][3] and a [PublicKey][4] is being generated.
The private key then is being used to sign and verify a String.
+Below Android M, this sample uses a [KeyPairGeneratorSpec][5] to generate a key pair.
+On newer versions of Android, a [KeyGenParameterSpec][6] generates a key pair with
+additional restrictions and properties.
+
+
Next to that appropriate exception handling for potential errors is being displayed.
[1]: https://developer.android.com/reference/java/security/KeyStore.html
[2]: https://developer.android.com/reference/java/security/KeyPair.html
[3]: https://developer.android.com/reference/java/security/PrivateKey.html
[4]: https://developer.android.com/reference/java/security/PublicKey.html
+[5]: https://developer.android.com/reference/android/security/KeyPairGeneratorSpec.html
+[6]: https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.html
]]>
</intro>
</metadata>
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-26 20:21:19 +0000