Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Android KeyStore : Failed to generate self-signed certificate , invalid date string

I 'm trying to create keyPair using android Keystore following my code :

Calendar start = Calendar.getInstance();
                Calendar end = Calendar.getInstance();
                end.add(Calendar.YEAR, 10);
                KeyPairGeneratorSpec spec = new KeyPairGeneratorSpec.Builder(MyApplication.getInstance())
                        .setAlias(m_alias)
                        .setSubject(new X500Principal("CN="+m_alias))
                        .setSerialNumber(BigInteger.ONE)
                        .setStartDate(start.getTime())
                        .setEndDate(end.getTime())
                        .build();
                KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                generator.initialize(spec);

                KeyPair keyPair = generator.generateKeyPair();

At runtime I got this exception :

java.security.ProviderException: Failed to generate self-signed certificate
             at android.security.keystore.AndroidKeyStoreKeyPairGeneratorSpi.generateKeyPair(AndroidKeyStoreKeyPairGeneratorSpi.java:504)
             at java.security.KeyPairGenerator$KeyPairGeneratorImpl.generateKeyPair(KeyPairGenerator.java:276)

....
 Caused by: java.lang.IllegalArgumentException: invalid date string: Unparseable date: "af`cab`hdedfGMT+00:00" (at offset 0)
             at com.android.org.bouncycastle.asn1.ASN1UTCTime.<init>(ASN1UTCTime.java:115)
             at com.android.org.bouncycastle.asn1.DERUTCTime.<init>(DERUTCTime.java:23)
             at com.android.org.bouncycastle.asn1.x509.Time.<init>(Time.java:67)

I searched about this issue and didn't find any possible solution, Please your help to fix the issue.

Notes : - Device : HTC M9 , Android v.6.0, build number : 3.35.401.12

  • Date format examples : start Date : Sat Mar 12 23:10:08 GMT+03:00 2016 . End Date : Thu Mar 12 23:10:08 GMT+03:00 2026

Thanks in advance.

like image 279
Radi Avatar asked Mar 12 '16 08:03

Radi


2 Answers

Key store issue with Arabic or Persian

When keystore generates the key pair, it generates a self signed cert. The ASN1 parser used internally by Android Keystore doesn't correctly take in the locale and it causes the failures for device locale with language from right to left. Sample stack trace:

Caused by: java.lang.IllegalArgumentException: invalid date string: Unparseable date: "÷ððñðñððððððGMT+00:00" at com.android.org.bouncycastle.asn1.ASN1UTCTime.(ASN1UTCTime.java:115) at com.android.org.bouncycastle.asn1.DERUTCTime.(DERUTCTime.java:23) at com.android.org.bouncycastle.asn1.x509.Time.(Time.java:67) at android.security.keystore.AndroidKeyStoreKeyPairGeneratorSpi.generateSelfSignedCertificateWithFakeSignature(AndroidKeyStoreKeyPairGeneratorSpi.java:696)

Issues reported to google: https://code.google.com/p/android/issues/detail?id=207613

like image 82
Muralidhar Reddy Avatar answered Oct 27 '22 04:10

Muralidhar Reddy


As @Muralidhar says, it is a known issue with AndroidKeyStore.

Android KeyStore doesn't correctly take in the locale and it causes the failures for device locale with language from right to left.

A workaround is setting English locale before generating a key pair and changing it back after all. Take a look to this answer.

like image 36
David Miguel Avatar answered Oct 27 '22 03:10

David Miguel