KeyCipherAlgorithm
Inherits: Enum
Algorithm used to encrypt/wrap the secret key in Android KeyStore.
Different algorithms provide different security guarantees and compatibility levels:
- RSA algorithms wrap the AES encryption key with RSA (no biometric support)
- AES algorithm stores the key directly in Android KeyStore (supports biometric authentication)
See the [AndroidOptions] class for usage examples and combinations.
Properties
-
AES_GCM_NO_PADDING–AES/GCM/NoPadding for KeyStore-based key wrapping (supports biometrics).
-
RSA_ECB_OAEP_WITH_SHA256_AND_MGF1_PADDING–RSA/ECB/OAEPWithSHA-256AndMGF1Padding (API 23+).
-
RSA_ECB_PKCS1_PADDING–Legacy RSA/ECB/PKCS1Padding for backwards compatibility.
Properties#
AES_GCM_NO_PADDING = 'AES_GCM_NoPadding'
class-attribute
instance-attribute
#
AES/GCM/NoPadding for KeyStore-based key wrapping (supports biometrics).
Use this algorithm when you need biometric authentication support. Requires API 23+ for basic use, API 28+ for enforced biometric authentication.
RSA_ECB_OAEP_WITH_SHA256_AND_MGF1_PADDING = 'RSA_ECB_OAEPwithSHA_256andMGF1Padding'
class-attribute
instance-attribute
#
RSA/ECB/OAEPWithSHA-256AndMGF1Padding (API 23+).
This is the default and recommended algorithm for most use cases. Provides strong authenticated encryption without biometrics.
RSA_ECB_PKCS1_PADDING = 'RSA_ECB_PKCS1Padding'
class-attribute
instance-attribute
#
Legacy RSA/ECB/PKCS1Padding for backwards compatibility.