Android->Settings->Security->StorageType get Value inside app

南笙酒味 提交于 2020-01-03 03:30:09

问题


In newer versions of Android (I guess since 4.2) there is an option called "hardware-backed" and "software only". As Google supposes:

Android also now supports hardware-backed storage for your KeyChain credentials, providing more security by making the keys unavailable for extraction. That is, once keys are in a hardware-backed key store (Secure Element, TPM, or TrustZone), they can be used for cryptographic operations but the private key material cannot be exported. Even the OS kernel cannot access this key material. While not all Android-powered devices support storage on hardware, you can check at runtime if hardware-backed storage is available

ephasis is mine

What I can't understand is: the GalaxyNexus as well as the Nexus 7 have an NFC-Chip with Secure Element, but its storage-type is "software only". The Nexus 4 has an NFC Secure Element, and is "hardware-backed", while the Nexus 7 (2013) and the Nexus 5 don't have a NFC-Secure-Element but are still "hardware backed". I can check this manually inside the Settings-App, but Is there a way to check this inside my App?

As CommonsWare mentioned, I should provide links: First info that Secure Element is related to the storage-type is mentioned here: another useful source of info was Nelenkov's blog


回答1:


Did you actually read the blog? :) Currently 'hardware-backed' means TrustZone (TEE)-backed for all released devices. Using the embedded secure element for this is rather tricky for political reasons, and no current Android devices have a TMP. This leaves TrustZone-based TEE implementations. BTW, Galaxy Nexus also has one, but the driver is disabled in release builds. It has been there since 4.1.

To check from an app use KeyChain.isBoundKeyAlgorithm(String algorithm).



来源:https://stackoverflow.com/questions/19841662/android-settings-security-storagetype-get-value-inside-app

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!