Last active
March 6, 2019 03:39
-
-
Save aramezx/8cc5922a9602694a02fa905149f02a63 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * By using the IKeyStoreService directly you can store symmetric keys or other secret data | |
| * in the system key store by using the put() method, which the current java.security.KeyStore implementation | |
| * does not allow (it can only store PrivateKey's). Such data is only encrypted | |
| * by the key store master key, and even the system key store is hardware-backed, | |
| * data is not protected by hardware in any way. | |
| * | |
| * Accessing hidden services is not the only way to augment the system key store functionality. | |
| * Since the sign() operation implements a 'raw' signature operation (RSASP1 in RFC 3447), | |
| * key store-managed (including hardware-backed) keys can be used to | |
| * implement signature algorithms not natively supported by Android. | |
| * You don't need to use the IKeyStoreService interface, because | |
| * this operation is available through the standard JCE Cipher interface: | |
| */ | |
| KeyStore ks = KeyStore.getInstance("AndroidKeyStore"); | |
| ks.load(null); | |
| KeyStore.Entry keyEntry = keyStore.getEntry("key1", null); | |
| RSAPrivteKey privKey = (RSAPrivateKey) keyEntry.getPrivateKey(); | |
| Cipher c = Cipher.getInstance("RSA/ECB/NoPadding"); | |
| cipher.init(Cipher.ENCRYPT_MODE, i privateKey); | |
| // suppose {in} as a symmetric key material which is going to be protected using rsa public key encryption | |
| byte[] result = cipher.doFinal(in, o, in.length); | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment