Android Keystore 是否会自动使用可信执行环境 (TEE) 和安全元件 (SE)(如果可用)? [英] Does the Android Keystore make use of the Trusted Execution Environment (TEE) and Secure Element (SE) automatically if it is available?

问题描述

Android 密钥库是否会自动使用可信执行环境 (TEE) 和安全元素 (SE)(如果可用)?或者是否需要进一步的步骤?

Does the Android Keystore make use of the Trusted Execution Environment (TEE) and Secure Element (SE) automatically if it is available? Or are any further steps required?

推荐答案

一般是.

没有要求 Keystore 在所有设备上都有硬件支持，但如果它 是硬件支持的，并且如果是 TEE(常见情况)，那么它将在 Keystore 的任何时候使用使用支持的密钥.

There is no requirement for the Keystore to be hardware backed on all device, but if it is hardware backed and if that is by a TEE (the common case) then it will be used whenever Keystore backed keys are used.

有关这方面的要求，请参阅当前的 CDD 文档.9.11 部分.密钥和凭据

See the current CDD document for requirements around this. Section 9.11. Keys and Credentials

您还可以找到这个答案有趣的是，因为它谈到了 keymaster &TEE 实施.

You may also find this answer interesting, as it talks about the keymaster & TEE implementations.

这篇关于Android Keystore 是否会自动使用可信执行环境 (TEE) 和安全元件 (SE)(如果可用)?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！