Below is the code that I'm running on Android API 27:
KeyPairGenerator keyGen = null;
keyGen = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA, "AndroidKeyStore"); // store the key in the Android KeyStore for security purposes
keyGen.initialize(new KeyGenParameterSpec.Builder(
"key1",
KeyProperties.PURPOSE_SIGN)
.build()); // defaults to RSA 2048
KeyPair keyPair = keyGen.generateKeyPair();
KeyFactory factory = KeyFactory.getInstance(keyPair.getPrivate().getAlgorithm(), "AndroidKeyStore");
KeyInfo keyInfo = factory.getKeySpec(keyPair.getPrivate(), KeyInfo.class);
boolean secure = keyInfo.isInsideSecureHardware();
System.out.println("Is the private key backed in hardware: " + secure);
Since I'm running this code on an emulator I would expect it to return false, but somehow it is returning true. How is an emulator hardware-backed when it's completely in software? Is Android Studio somehow using the T2 chip on my Mac as its hardware backing?
