TrustZone - Documentation

Link to this headingTrustZone

Link to this headingKeystore

How the Keystore works
Android Security: The Forgetful Keystore

On Android 6+ (API XX) if the device supports it The Master key is stored in the Trusted Execution Environment (TEE).

These are stored in [USERID]_[KEYTYPE]_[KEYNAME].

Key Types

USRPKEY: User Private Key
USRSKEY: User Shared Key
CACERT: CA Certificate

Encrypted Keystore Files:

root@bullhead:/data/misc/keystore/user_0 # ls -al -rw------- keystore keystore 84 2017-09-20 18:09 .masterkey -rw------- keystore keystore 1428 2019-07-15 11:02 1000_CACERT_BurpCA -rw------- keystore keystore 1428 2019-08-21 14:00 1000_CACERT_1 -rw------- keystore keystore 1428 2018-08-08 12:07 1000_CACERT_2+Pburp -rw------- keystore keystore 1428 2019-12-16 14:25 1000_CACERT_burp -rw------- keystore keystore 1428 2017-09-22 17:35 1000_CACERT_burpca -rw------- keystore keystore 1428 2019-06-06 14:46 1000_CACERT_3_burp -rw------- keystore keystore 324 2019-06-04 16:46 10013_USRCERT_unstable+^825349ac930c2370b39f30e7d789963b+^2 -rw------- keystore keystore 1028 2019-06-04 16:46 10013_USRPKEY_unstable+^825349ac930c2370b39f30e7d789963b+^2 -rw------- keystore keystore 932 2017-09-20 18:37 10013_USRSKEY_android_pay_recent_unlock_key_2 -rw------- keystore keystore 932 2019-06-06 14:49 10087_USRSKEY_AppUserKeyAlias -rw------- keystore keystore 1428 2019-07-15 11:02 1010_CACERT_portswigger -rw------- keystore keystore 324 2020-01-21 11:00 10110_USRCERT_TrustDefenderSDK -rw------- keystore keystore 1012 2020-01-21 11:00 10110_USRPKEY_TrustDefenderSDK -rw------- keystore keystore 948 2020-01-21 10:54 10110_USRSKEY__androidx_security_master_key_

How to Decrypt Keystore Files:

keystore_cli_v2 list #Currently Gives ListKeys failed. keystore_cli list #Currently Gives Error 6 Permission Denied

An Open Framework for Architecting Trusted Execution Environments
Android Keystore info
How Secure is your Android Keystore Authentication?

Link to this headingFingerprint

Setting a Key with setUserAuthenticaitonRequired(true) prevents it from being retrieved without authenticating with a Fingerprint.