How to store text in AndroidKeyStore?

android keystore store password
android keystore example github
android keystore password
android keystore alias
android keystore fingerprint
android keychain vs keystore
android store secret key
android keystore library

I'm trying to store a short piece of text inside Android's Secure element using the following code:

KeyStore ks = KeyStore.getInstance("AndroidKeyStore");
ks.load(null);

PasswordProtection keyStorePP = new KeyStore.PasswordProtection(null);

SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEwithHmacSHA1");
SecretKey generatedSecret = factory.generateSecret(newPBEKeySpec(mySecureText.toCharArray()));

ks.setEntry("alias", new KeyStore.SecretKeyEntry(generatedSecret), keyStorePP);

The code above gives the following exception:

08-17 14:39:32.832: W/System.err(11713): java.security.KeyStoreException: Unsupported protection parameter class: java.security.KeyStore$PasswordProtection. Supported: android.security.keystore.KeyProtection

Is there something I'm doing wrong or just AndroidKeyStore does not support storing strings?

Last thing, if I'll switch to BKS the code will execute.

Thanks.

The error tells you to change this:

PasswordProtection keyStorePP = new KeyStore.PasswordProtection(null);

To this

PasswordProtection keyStorePP = new KeyStore.KeyProtection();

How Can I Use the Android KeyStore to securely store arbitrary , getPublicKey(); Log.v(TAG, "private key = " + privateKey.toString()); Log.v(TAG, "​public key = " + publicKey.toString()); // Encrypt the text String plainText = "This  The Android Keystore system lets you store cryptographic keys in a container to make it more difficult to extract from the device. Once keys are in the keystore, they can be used for cryptographic operations with the key material remaining non-exportable.

KeyProtection cant set null password.

char[] password = {'p','a','s','s'};
KeyStore.ProtectionParameter protParam =
                    new KeyStore.PasswordProtection(password);
ks.setEntry("alias", new KeyStore.SecretKeyEntry(generatedSecret), keyStorePP);

Securely Storing Secrets in an Android Application - minun, Sometimes an app developer needs to store secrets inside an app. For example, I am writing a You need a key management framework, and that's what the Android KeyStore API is designed for. KeyStore provides two Encrypt the text The Keystore is not used directly for storing application secrets such as password, however, it provides a secure container, which can be used by apps to store their private keys, in a way that’s

I got this to work below. This is how you specify new KeyProtection:

        import android.security.keystore.KeyProtection;
        import android.security.keystore.KeyProperties;
        ...............

        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null, null);      

        SecureRandom secureRandom = new SecureRandom(mySecureText.getBytes());
        KeyGenerator keyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES);
        keyGenerator.init(256, secureRandom);
        SecretKeySpec keySpec = new SecretKeySpec(keyGenerator.generateKey().getEncoded(), KeyProperties.KEY_ALGORITHM_AES);


        keyStore.setEntry(alias, new SecretKeyEntry(keySpec),
                          new KeyProtection.Builder(KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
                                             .setBlockModes(KeyProperties.BLOCK_MODE_GCM)
                                             .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
                                             .setRandomizedEncryptionRequired(false)
                                             .build()
        );

Using the Android Keystore system to store and retrieve sensitive , The Android Keystore system lets you store cryptographic keys in a container method returns a byte array which is the actual encrypted text. The Android Keystore system lets you store cryptographic keys in a container to make it more difficult to extract from the device. Once keys are in the keystore, they can be used for cryptographic operations with the key material remaining non-exportable.

Use Android Keystore for securely storing and retrieving the data, I would like to brief how we can use Android Keystore to store The doFinal method returns a byte array which is the actual encrypted text. The Android Keystore system lets you store cryptographic keys in a container to make it more difficult to extract from the device. Once keys are in the keystore, they can be used for cryptographic operations with the key material remaining non-exportable.

Android keystore system, Triple DES 168. When generating or importing keys using the KeyStore class, you indicate a preference for storing the key in the StrongBox  For Keystore API 1 you need to manually create Keystore file and make sure that access to it is secure. Usually, for 90% of software, private directory is a safe enough place to store data. However, this is not the case for rooted devices, where said data can be easily accessed. Additionally, Keystore can be protected with a password.

Storing Secret Keys in Android, If you are using dynamically generated secrets, the most effective way to store this information is to use the Android Keystore API. You should not store them in  Android Keystore public and private keys are stored in the /data/misc/keystore/user_0 directory.  The private key is stored in a file that has <app_id>_USRCERT_<key_alias>.  On a rooted phone you

Comments
  • According to documentation, the PasswordProtection ctor must receive char[] password (could be nullable). the error comes from: SecretKeyEntry(generatedSecret), keyStorePP);