I am working on a C / C++ implementation that involves generating private keys without exposing them to userland. This ability has been in the Linux kernel for quite some time, and a look at recent Android kernels indicate that its support is enabled (CONFIG_KEYS=y) but the keyutils library is not in the sysroot and the keyctl function is nowhere to be found. Is this something that we are not allowed to use in the NDK? Are there any other methods to achieve this goal? I'd love to avoid going through JNI into Java just to use the Android KeyStore class, which I am assuming simply calls back into the JRE to use keyutils anyway (seems like a waste of an expensive trip across the managed / unmanaged border twice).
--
You received this message because you are subscribed to the Google Groups "android-ndk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to android-ndk...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/android-ndk/4c334e71-ee30-4329-8a0c-b52c4124b911o%40googlegroups.com.
Could you file a bug? I don't know about the actual availability asking the various Kernel versions, but we can get CTS tests added and probably add the library that exposes the sys all wrappers, assuming there isn't a reason we've avoided adding this other than just being overlooked :)
On Thu, Jun 18, 2020, 20:27 'Jim Borden' via android-ndk <andro...@googlegroups.com> wrote:
I am working on a C / C++ implementation that involves generating private keys without exposing them to userland. This ability has been in the Linux kernel for quite some time, and a look at recent Android kernels indicate that its support is enabled (CONFIG_KEYS=y) but the keyutils library is not in the sysroot and the keyctl function is nowhere to be found. Is this something that we are not allowed to use in the NDK? Are there any other methods to achieve this goal? I'd love to avoid going through JNI into Java just to use the Android KeyStore class, which I am assuming simply calls back into the JRE to use keyutils anyway (seems like a waste of an expensive trip across the managed / unmanaged border twice).--
You received this message because you are subscribed to the Google Groups "android-ndk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to andro...@googlegroups.com.
To unsubscribe from this group and stop receiving emails from it, send an email to android-ndk...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/android-ndk/c61fc400-ac63-4b88-adba-6f30bddfd1b1o%40googlegroups.com.