Added in API level 23

KeyProperties

Kotlin |Java

public abstract class KeyProperties
extends Object

java.lang.Object
↳	android.security.keystore.KeyProperties

Properties of Android Keystore keys.

Summary

Constants
`int`	`AUTH_BIOMETRIC_STRONG` Any biometric (e.g. fingerprint, iris, or face) on the device that meets or exceeds the requirements for Strong, as defined by the Android CDD.
`int`	`AUTH_DEVICE_CREDENTIAL` The non-biometric credential used to secure the device (i.e., PIN, pattern, or password)
`String`	`BLOCK_MODE_CBC` Cipher Block Chaining (CBC) block mode.
`String`	`BLOCK_MODE_CTR` Counter (CTR) block mode.
`String`	`BLOCK_MODE_ECB` Electronic Codebook (ECB) block mode.
`String`	`BLOCK_MODE_GCM` Galois/Counter Mode (GCM) block mode.
`String`	`DIGEST_MD5` MD5 digest.
`String`	`DIGEST_NONE` No digest: sign/authenticate the raw message.
`String`	`DIGEST_SHA1` SHA-1 digest.
`String`	`DIGEST_SHA224` SHA-2 224 (aka SHA-224) digest.
`String`	`DIGEST_SHA256` SHA-2 256 (aka SHA-256) digest.
`String`	`DIGEST_SHA384` SHA-2 384 (aka SHA-384) digest.
`String`	`DIGEST_SHA512` SHA-2 512 (aka SHA-512) digest.
`String`	`ENCRYPTION_PADDING_NONE` No encryption padding.
`String`	`ENCRYPTION_PADDING_PKCS7` PKCS#7 encryption padding scheme.
`String`	`ENCRYPTION_PADDING_RSA_OAEP` RSA Optimal Asymmetric Encryption Padding (OAEP) scheme.
`String`	`ENCRYPTION_PADDING_RSA_PKCS1` RSA PKCS#1 v1.5 padding scheme for encryption.
`String`	`KEY_ALGORITHM_3DES` This constant was deprecated in API level 28. Included for interoperability with legacy systems. Prefer `KeyProperties#KEY_ALGORITHM_AES` for new development.
`String`	`KEY_ALGORITHM_AES` Advanced Encryption Standard (AES) key.
`String`	`KEY_ALGORITHM_EC` Elliptic Curve (EC) Cryptography key.
`String`	`KEY_ALGORITHM_HMAC_SHA1` Keyed-Hash Message Authentication Code (HMAC) key using SHA-1 as the hash.
`String`	`KEY_ALGORITHM_HMAC_SHA224` Keyed-Hash Message Authentication Code (HMAC) key using SHA-224 as the hash.
`String`	`KEY_ALGORITHM_HMAC_SHA256` Keyed-Hash Message Authentication Code (HMAC) key using SHA-256 as the hash.
`String`	`KEY_ALGORITHM_HMAC_SHA384` Keyed-Hash Message Authentication Code (HMAC) key using SHA-384 as the hash.
`String`	`KEY_ALGORITHM_HMAC_SHA512` Keyed-Hash Message Authentication Code (HMAC) key using SHA-512 as the hash.
`String`	`KEY_ALGORITHM_RSA` Rivest Shamir Adleman (RSA) key.
`int`	`ORIGIN_GENERATED` Key was generated inside AndroidKeyStore.
`int`	`ORIGIN_IMPORTED` Key was imported into AndroidKeyStore.
`int`	`ORIGIN_SECURELY_IMPORTED` Key was imported into the AndroidKeyStore in an encrypted wrapper.
`int`	`ORIGIN_UNKNOWN` Origin of the key is unknown.
`int`	`PURPOSE_DECRYPT` Purpose of key: decryption.
`int`	`PURPOSE_ENCRYPT` Purpose of key: encryption.
`int`	`PURPOSE_SIGN` Purpose of key: signing or generating a Message Authentication Code (MAC).
`int`	`PURPOSE_VERIFY` Purpose of key: signature or Message Authentication Code (MAC) verification.
`int`	`PURPOSE_WRAP_KEY` Purpose of key: wrapping and unwrapping wrapped keys for secure import.
`String`	`SIGNATURE_PADDING_RSA_PKCS1` RSA PKCS#1 v1.5 padding for signatures.
`String`	`SIGNATURE_PADDING_RSA_PSS` RSA PKCS#1 v2.1 Probabilistic Signature Scheme (PSS) padding.

Inherited methods

From class


        
          java.lang.Object

`Object`	`clone()` Creates and returns a copy of this object.
`boolean`	`equals(Object obj)` Indicates whether some other object is "equal to" this one.
`void`	`finalize()` Called by the garbage collector on an object when garbage collection determines that there are no more references to the object.
`final Class<?>`	`getClass()` Returns the runtime class of this `Object`.
`int`	`hashCode()` Returns a hash code value for the object.
`final void`	`notify()` Wakes up a single thread that is waiting on this object's monitor.
`final void`	`notifyAll()` Wakes up all threads that are waiting on this object's monitor.
`String`	`toString()` Returns a string representation of the object.
`final void`	`wait(long timeout, int nanos)` Causes the current thread to wait until another thread invokes the `notify()` method or the `notifyAll()` method for this object, or some other thread interrupts the current thread, or a certain amount of real time has elapsed.
`final void`	`wait(long timeout)` Causes the current thread to wait until either another thread invokes the `notify()` method or the `notifyAll()` method for this object, or a specified amount of time has elapsed.
`final void`	`wait()` Causes the current thread to wait until another thread invokes the `notify()` method or the `notifyAll()` method for this object.

Constants

AUTH_BIOMETRIC_STRONG

Added in API level 30

public static final int AUTH_BIOMETRIC_STRONG

Any biometric (e.g. fingerprint, iris, or face) on the device that meets or exceeds the requirements for Strong, as defined by the Android CDD.

Constant Value: 2 (0x00000002)

AUTH_DEVICE_CREDENTIAL

Added in API level 30

public static final int AUTH_DEVICE_CREDENTIAL

The non-biometric credential used to secure the device (i.e., PIN, pattern, or password)

Constant Value: 1 (0x00000001)

BLOCK_MODE_CBC

Added in API level 23

public static final String BLOCK_MODE_CBC

Cipher Block Chaining (CBC) block mode.

Constant Value: "CBC"

BLOCK_MODE_CTR

Added in API level 23

public static final String BLOCK_MODE_CTR

Counter (CTR) block mode.

Constant Value: "CTR"

BLOCK_MODE_ECB

Added in API level 23

public static final String BLOCK_MODE_ECB

Electronic Codebook (ECB) block mode.

Constant Value: "ECB"

BLOCK_MODE_GCM

Added in API level 23

public static final String BLOCK_MODE_GCM

Galois/Counter Mode (GCM) block mode.

Constant Value: "GCM"

DIGEST_MD5

Added in API level 23

public static final String DIGEST_MD5

MD5 digest.

Constant Value: "MD5"

DIGEST_NONE

Added in API level 23

public static final String DIGEST_NONE

No digest: sign/authenticate the raw message.

Constant Value: "NONE"

DIGEST_SHA1

Added in API level 23

public static final String DIGEST_SHA1

SHA-1 digest.

Constant Value: "SHA-1"

DIGEST_SHA224

Added in API level 23

public static final String DIGEST_SHA224

SHA-2 224 (aka SHA-224) digest.

Constant Value: "SHA-224"

DIGEST_SHA256

Added in API level 23

public static final String DIGEST_SHA256

SHA-2 256 (aka SHA-256) digest.

Constant Value: "SHA-256"

DIGEST_SHA384

Added in API level 23

public static final String DIGEST_SHA384

SHA-2 384 (aka SHA-384) digest.

Constant Value: "SHA-384"

DIGEST_SHA512

Added in API level 23

public static final String DIGEST_SHA512

SHA-2 512 (aka SHA-512) digest.

Constant Value: "SHA-512"

ENCRYPTION_PADDING_NONE

Added in API level 23

public static final String ENCRYPTION_PADDING_NONE

No encryption padding.

Constant Value: "NoPadding"

ENCRYPTION_PADDING_PKCS7

Added in API level 23

public static final String ENCRYPTION_PADDING_PKCS7

PKCS#7 encryption padding scheme.

Constant Value: "PKCS7Padding"

ENCRYPTION_PADDING_RSA_OAEP

Added in API level 23

public static final String ENCRYPTION_PADDING_RSA_OAEP

RSA Optimal Asymmetric Encryption Padding (OAEP) scheme.

Constant Value: "OAEPPadding"

ENCRYPTION_PADDING_RSA_PKCS1

Added in API level 23

public static final String ENCRYPTION_PADDING_RSA_PKCS1

RSA PKCS#1 v1.5 padding scheme for encryption.

Constant Value: "PKCS1Padding"

KEY_ALGORITHM_3DES

Added in API level 28
Deprecated in API level 28

public static final String KEY_ALGORITHM_3DES

This constant was deprecated in API level 28.
Included for interoperability with legacy systems. Prefer KeyProperties#KEY_ALGORITHM_AES for new development.

Triple Data Encryption Algorithm (3DES) key.

Constant Value: "DESede"

KEY_ALGORITHM_AES

Added in API level 23

public static final String KEY_ALGORITHM_AES

Advanced Encryption Standard (AES) key.

Constant Value: "AES"

KEY_ALGORITHM_EC

Added in API level 23

public static final String KEY_ALGORITHM_EC

Elliptic Curve (EC) Cryptography key.

Constant Value: "EC"

KEY_ALGORITHM_HMAC_SHA1

Added in API level 23

public static final String KEY_ALGORITHM_HMAC_SHA1

Keyed-Hash Message Authentication Code (HMAC) key using SHA-1 as the hash.

Constant Value: "HmacSHA1"

KEY_ALGORITHM_HMAC_SHA224

Added in API level 23

public static final String KEY_ALGORITHM_HMAC_SHA224

Keyed-Hash Message Authentication Code (HMAC) key using SHA-224 as the hash.

Constant Value: "HmacSHA224"

KEY_ALGORITHM_HMAC_SHA256

Added in API level 23

public static final String KEY_ALGORITHM_HMAC_SHA256

Keyed-Hash Message Authentication Code (HMAC) key using SHA-256 as the hash.

Constant Value: "HmacSHA256"

KEY_ALGORITHM_HMAC_SHA384

Added in API level 23

public static final String KEY_ALGORITHM_HMAC_SHA384

Keyed-Hash Message Authentication Code (HMAC) key using SHA-384 as the hash.

Constant Value: "HmacSHA384"

KEY_ALGORITHM_HMAC_SHA512

Added in API level 23

public static final String KEY_ALGORITHM_HMAC_SHA512

Keyed-Hash Message Authentication Code (HMAC) key using SHA-512 as the hash.

Constant Value: "HmacSHA512"

KEY_ALGORITHM_RSA

Added in API level 23

public static final String KEY_ALGORITHM_RSA

Rivest Shamir Adleman (RSA) key.

Constant Value: "RSA"

ORIGIN_GENERATED

Added in API level 23

public static final int ORIGIN_GENERATED

Key was generated inside AndroidKeyStore.

Constant Value: 1 (0x00000001)

ORIGIN_IMPORTED

Added in API level 23

public static final int ORIGIN_IMPORTED

Key was imported into AndroidKeyStore.

Constant Value: 2 (0x00000002)

ORIGIN_SECURELY_IMPORTED

Added in API level 28

public static final int ORIGIN_SECURELY_IMPORTED

Key was imported into the AndroidKeyStore in an encrypted wrapper. Unlike imported keys, securely imported keys can be imported without appearing as plaintext in the device's host memory.

Constant Value: 8 (0x00000008)

ORIGIN_UNKNOWN

Added in API level 23

public static final int ORIGIN_UNKNOWN

Origin of the key is unknown. This can occur only for keys backed by an old TEE-backed implementation which does not record origin information.

Constant Value: 4 (0x00000004)

PURPOSE_DECRYPT

Added in API level 23

public static final int PURPOSE_DECRYPT

Purpose of key: decryption.

Constant Value: 2 (0x00000002)

PURPOSE_ENCRYPT

Added in API level 23

public static final int PURPOSE_ENCRYPT

Purpose of key: encryption.

Constant Value: 1 (0x00000001)

PURPOSE_SIGN

Added in API level 23

public static final int PURPOSE_SIGN

Purpose of key: signing or generating a Message Authentication Code (MAC).

Constant Value: 4 (0x00000004)

PURPOSE_VERIFY

Added in API level 23

public static final int PURPOSE_VERIFY

Purpose of key: signature or Message Authentication Code (MAC) verification.

Constant Value: 8 (0x00000008)

PURPOSE_WRAP_KEY

Added in API level 28

public static final int PURPOSE_WRAP_KEY

Purpose of key: wrapping and unwrapping wrapped keys for secure import.

Constant Value: 32 (0x00000020)

SIGNATURE_PADDING_RSA_PKCS1

Added in API level 23

public static final String SIGNATURE_PADDING_RSA_PKCS1

RSA PKCS#1 v1.5 padding for signatures.

Constant Value: "PKCS1"

SIGNATURE_PADDING_RSA_PSS

Added in API level 23

public static final String SIGNATURE_PADDING_RSA_PSS

RSA PKCS#1 v2.1 Probabilistic Signature Scheme (PSS) padding.

Constant Value: "PSS"