Android->设置 - >安全 - GT&; StorageType获得价值内部应用程序 [英] Android->Settings->Security->StorageType get Value inside app
问题描述
在的Android的新版本(因为我猜4.2)有所谓的硬件支持和软件只是一个选项。
随着谷歌假设:
In newer versions of Android (I guess since 4.2) there is an option called "hardware-backed" and "software only". As Google supposes:
Android的现在也支持您的钥匙串硬件备份的存储
凭证,通过使键不可用提供更多的安全性
提取。也就是说,一旦键是在一个硬件支持密钥存储
的(安全元素,TPM,或TrustZone的)下,它们可以用于
密码操作但私钥材料不能
出口。即使是操作系统内核无法访问这些关键材料。而
并不是所有的Android设备支持的硬件存储空间,可以
检查在运行时,如果硬件支持的存储可用
Android also now supports hardware-backed storage for your KeyChain credentials, providing more security by making the keys unavailable for extraction. That is, once keys are in a hardware-backed key store (Secure Element, TPM, or TrustZone), they can be used for cryptographic operations but the private key material cannot be exported. Even the OS kernel cannot access this key material. While not all Android-powered devices support storage on hardware, you can check at runtime if hardware-backed storage is available
ephasis是我的
ephasis is mine
我不明白的是:GalaxyNexus还有的Nexus 7有NFC芯片的与安全元素,但它的存储类型是纯软件。 Nexus的4具有NFC安全元素,而且是硬件支持,而为Nexus 7(2013年)和Nexus 5的不具有NFC功能的安全-元素,但仍然是硬件支持。我可以在设置 - 应用程序内手动检查这一点,但有没有一种方法来检查这个我的应用程序内?
What I can't understand is: the GalaxyNexus as well as the Nexus 7 have an NFC-Chip with Secure Element, but its storage-type is "software only". The Nexus 4 has an NFC Secure Element, and is "hardware-backed", while the Nexus 7 (2013) and the Nexus 5 don't have a NFC-Secure-Element but are still "hardware backed". I can check this manually inside the Settings-App, but Is there a way to check this inside my App?
由于CommonsWare提到的,我应该提供链接:
首先信息固定元素有关,储水式被提及这里:
信息的另一种有用的来源是 Nelenkov的博客
As CommonsWare mentioned, I should provide links: First info that Secure Element is related to the storage-type is mentioned here: another useful source of info was Nelenkov's blog
推荐答案
你真的阅读博客? :)目前硬件支持指的TrustZone(TEE)-backed发布的所有设备。使用嵌入式安全元件因为这是相当棘手的政治原因,也没有目前的Android设备有一个TMP。这使得基于TrustZone的-TEE实现。顺便说一句,Galaxy Nexus的也有一个,但司机被禁止在发布版本。它一直在那里,因为4.1。
Did you actually read the blog? :) Currently 'hardware-backed' means TrustZone (TEE)-backed for all released devices. Using the embedded secure element for this is rather tricky for political reasons, and no current Android devices have a TMP. This leaves TrustZone-based TEE implementations. BTW, Galaxy Nexus also has one, but the driver is disabled in release builds. It has been there since 4.1.
要从应用程序使用检查 KeyChain.isBoundKeyAlgorithm(字符串算法)。
To check from an app use KeyChain.isBoundKeyAlgorithm(String algorithm).
这篇关于Android->设置 - >安全 - GT&; StorageType获得价值内部应用程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
