android 密钥库在哪里存储密钥对对象?
Where does android keystore store keypairs object?
我正在使用 keyStore 在我的 android 设备中保存一些重要信息(将该信息视为 public 密钥和私钥)。
我想知道那个 keyPair 存储在哪里?在受信任的执行环境中?
这个环境是硬件还是软件?
密钥永远不会提供给应用程序进程,这使得攻击者更难提取密钥。
密钥可能存储在硬件中,具体取决于设备和密钥类型。您的代码可以检查密钥是否在硬件中。
- Key material never enters the application process. When an application performs cryptographic operations using an Android Keystore key, behind the scenes plaintext, ciphertext, and messages to be signed or verified are fed to a system process which carries out the cryptographic operations. If the app's process is compromised, the attacker may be able to use the app's keys but cannot extract their key material (for example, to be used outside of the Android device).
- Key material may be bound to the secure hardware (e.g., Trusted Execution Environment (TEE), Secure Element (SE)) of the Android device. When this feature is enabled for a key, its key material is never exposed outside of secure hardware. If the Android OS is compromised or an attacker can read the device's internal storage, the attacker may be able to use any app's Android Keystore keys on the Android device, but not extract them from the device. This feature is enabled only if the device's secure hardware supports the particular combination of key algorithm, block modes, padding schemes, and digests with which the key is authorized to be used. To check whether the feature is enabled for a key, obtain a
KeyInfo
for the key and inspect the return value of KeyInfo.isInsideSecurityHardware()
.
我正在使用 keyStore 在我的 android 设备中保存一些重要信息(将该信息视为 public 密钥和私钥)。 我想知道那个 keyPair 存储在哪里?在受信任的执行环境中? 这个环境是硬件还是软件?
密钥永远不会提供给应用程序进程,这使得攻击者更难提取密钥。
密钥可能存储在硬件中,具体取决于设备和密钥类型。您的代码可以检查密钥是否在硬件中。
- Key material never enters the application process. When an application performs cryptographic operations using an Android Keystore key, behind the scenes plaintext, ciphertext, and messages to be signed or verified are fed to a system process which carries out the cryptographic operations. If the app's process is compromised, the attacker may be able to use the app's keys but cannot extract their key material (for example, to be used outside of the Android device).
- Key material may be bound to the secure hardware (e.g., Trusted Execution Environment (TEE), Secure Element (SE)) of the Android device. When this feature is enabled for a key, its key material is never exposed outside of secure hardware. If the Android OS is compromised or an attacker can read the device's internal storage, the attacker may be able to use any app's Android Keystore keys on the Android device, but not extract them from the device. This feature is enabled only if the device's secure hardware supports the particular combination of key algorithm, block modes, padding schemes, and digests with which the key is authorized to be used. To check whether the feature is enabled for a key, obtain a
KeyInfo
for the key and inspect the return value ofKeyInfo.isInsideSecurityHardware()
.