From Jelly Bean 4.3 Android offers a custom Java Security Provider in the KeyStore facility, called Android Key Store, which allows you to generate and save private keys that may be seen and used by the application only.In other words, a credential store was officially renamed to 'Android Key Store' which brought a public API for generating and saving private keys that may be seen and used by the application only. However, a Key Store operates differently basing on the type of the credential storage: Hardware-backed or Software-only.
So if the device has a hardware-backed key store implementation, keys will be generated outside of the Android OS and won't be directly accessible even to the system (or root user) and private keys could not be exported.
Well, but where is a location of a Key Store if the device credential storage is software-only?
