|
|
|
|
|
|
by phh
2620 days ago
|
|
|
Short answer: no Longer answer:
This article mentions how to leak the key, but it assumes that you can generate many signatures successfully.
But to successfully use the key (thus sign with the key), you need to provide the password to the TEE, else it will refuse any operation on the key.
If the TEE is properly written (I'd say Qualcomm's is), the key in keymaster (which encrypts the key for the storage) itself is encrypted based on the password, so it can't leak anything since it's not decrypted even for the TEE itself. Also, unless you unlocked your bootloader, the attacker would need to be able to launch its own software while the device is on the boot lockscreen. That requires to find an additional security flaw in the bootloader and/or early Android boot. |
|
|