From 87b53610cbc944e9b77000a0dd99678f2fa34be0 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 14 May 2026 22:13:26 +0000
Subject: [PATCH 1/2] Initial plan
From b577ed482159aeb89668df5554cb0ede9f0740ed Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 14 May 2026 22:37:17 +0000
Subject: [PATCH 2/2] Add XML documentation to Android.Security.KeyChain public
methods
Agent-Logs-Url: https://github.com/dotnet/android/sessions/aaa417d4-fe5b-4b78-b07a-462fda67df43
Co-authored-by: jonathanpeppers <840039+jonathanpeppers@users.noreply.github.com>
---
src/Mono.Android/Android.Security/KeyChain.cs | 84 +++++++++++++++++++
1 file changed, 84 insertions(+)
diff --git a/src/Mono.Android/Android.Security/KeyChain.cs b/src/Mono.Android/Android.Security/KeyChain.cs
index 711da0cf6c9..86a648f137b 100644
--- a/src/Mono.Android/Android.Security/KeyChain.cs
+++ b/src/Mono.Android/Android.Security/KeyChain.cs
@@ -8,6 +8,20 @@ namespace Android.Security
{
public partial class KeyChain
{
+ ///
+ /// Retrieves an with its associated private key from the Android system KeyChain.
+ ///
+ /// The Android context used to access the KeyChain.
+ /// The alias of the private key and certificate chain to retrieve.
+ ///
+ /// An containing the certificate and private key,
+ /// or if the private key or certificate chain is not available for the given alias.
+ ///
+ ///
+ /// This method combines and
+ /// into a single call that returns a .NET suitable for use with
+ /// or other TLS APIs.
+ ///
public static X509Certificate2? GetX509Certificate2WithPrivateKey (Android.Content.Context context, string alias)
{
var privateKey = KeyChain.GetPrivateKey (context, alias);
@@ -26,6 +40,22 @@ public partial class KeyChain
return certificate;
}
+ ///
+ /// Displays the system UI for the user to select a private key alias, filtering by URI.
+ ///
+ /// The activity to use as the parent for the certificate selection UI.
+ /// The acceptable types of asymmetric keys, or to allow any type.
+ /// The acceptable certificate issuers for the certificate matching the private key, or to allow any issuer.
+ /// The URI to filter by, or to allow the user to choose any alias.
+ /// The initial alias to preselect if available, or for no preselection.
+ ///
+ /// A representing the asynchronous operation. The result is the alias chosen by the user,
+ /// or if the user cancelled the selection.
+ ///
+ ///
+ /// This is an async wrapper around .
+ /// This overload requires Android API 23 or later.
+ ///
[SupportedOSPlatform("android23.0")]
public static async Task ChoosePrivateKeyAliasAsync (
Android.App.Activity activity,
@@ -39,6 +69,22 @@ public partial class KeyChain
return await tcs.Task;
}
+ ///
+ /// Displays the system UI for the user to select a private key alias, filtering by host and port.
+ ///
+ /// The activity to use as the parent for the certificate selection UI.
+ /// The acceptable types of asymmetric keys, or to allow any type.
+ /// The acceptable certificate issuers for the certificate matching the private key, or to allow any issuer.
+ /// The host name of the server requesting the certificate, or for no host filtering.
+ /// The port number of the server requesting the certificate, or -1 if unavailable.
+ /// The initial alias to preselect if available, or for no preselection.
+ ///
+ /// A representing the asynchronous operation. The result is the alias chosen by the user,
+ /// or if the user cancelled the selection.
+ ///
+ ///
+ /// This is an async wrapper around .
+ ///
public static async Task ChoosePrivateKeyAliasAsync (
Android.App.Activity activity,
string[]? keyTypes,
@@ -52,6 +98,25 @@ public partial class KeyChain
return await tcs.Task;
}
+ ///
+ /// Displays the system UI for the user to select a certificate, then retrieves the corresponding
+ /// with its private key, filtering by URI.
+ ///
+ /// The activity to use as the parent for the certificate selection UI.
+ /// The acceptable types of asymmetric keys, or to allow any type.
+ /// The acceptable certificate issuers for the certificate matching the private key, or to allow any issuer.
+ /// The URI to filter by, or to allow the user to choose any alias.
+ /// The initial alias to preselect if available, or for no preselection.
+ ///
+ /// A representing the asynchronous operation. The result is an
+ /// containing the certificate and private key, or if the user cancelled the selection
+ /// or the certificate could not be retrieved.
+ ///
+ ///
+ /// This method combines
+ /// and into a single call for a one-step TLS client certificate workflow.
+ /// This overload requires Android API 23 or later.
+ ///
[SupportedOSPlatform("android23.0")]
public static async Task ChooseX509Certificate2WithPrivateKeyAsync (
Android.App.Activity activity,
@@ -68,6 +133,25 @@ public partial class KeyChain
return GetX509Certificate2WithPrivateKey (activity, alias);
}
+ ///
+ /// Displays the system UI for the user to select a certificate, then retrieves the corresponding
+ /// with its private key, filtering by host and port.
+ ///
+ /// The activity to use as the parent for the certificate selection UI.
+ /// The acceptable types of asymmetric keys, or to allow any type.
+ /// The acceptable certificate issuers for the certificate matching the private key, or to allow any issuer.
+ /// The host name of the server requesting the certificate, or for no host filtering.
+ /// The port number of the server requesting the certificate, or -1 if unavailable.
+ /// The initial alias to preselect if available, or for no preselection.
+ ///
+ /// A representing the asynchronous operation. The result is an
+ /// containing the certificate and private key, or if the user cancelled the selection
+ /// or the certificate could not be retrieved.
+ ///
+ ///
+ /// This method combines
+ /// and into a single call for a one-step TLS client certificate workflow.
+ ///
public static async Task ChooseX509Certificate2WithPrivateKeyAsync (
Android.App.Activity activity,
string[]? keyTypes,