Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Android KeyStoreException:

Tags:

android

encryption

android-fingerprint-api

My app is using Android's keystore to encrypt some data after authenticating with a fingerprint. This seems to work on most devices but I have received error reports of OnePlus2 users with the exception

android.security.KeyStoreException: Signature/MAC verification failed
    at android.security.KeyStore.getKeyStoreException(KeyStore.java:632)
    at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.update(KeyStoreCryptoOperationChunkedStreamer.java:132)
    at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:217)
    at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:473)
    at javax.crypto.Cipher.doFinal(Cipher.java:1502)

My code basically does this (Written in Mono for Android):

Cipher _cipher = Cipher.GetInstance(KeyProperties.KeyAlgorithmAes + "/"
                                              + KeyProperties.BlockModeCbc + "/"
                                              + KeyProperties.EncryptionPaddingPkcs7);

KeyStore _keystore = KeyStore.GetInstance("AndroidKeyStore");
FingerprintManager _fingerprintManager = (FingerprintManager) Context.GetSystemService(Context.FingerprintService);

_keystore.Load(null);
var key = _keystore.GetKey(_keyId, null);
_cipher.Init(CipherMode.EncryptMode, key);
_cryptoObject = new FingerprintManager.CryptoObject(_cipher);
_fingerprintManager.Authenticate(_cryptoObject, _cancellationSignal, 0 /* flags */, this, null);

//OnAuthSucceeded:
var mySecret = _cipher.DoFinal(System.Text.Encoding.UTF8.GetBytes(textToEncrypt));

Is there anything wrong with the code? What does the exception mean?

like image 248
Philipp Avatar asked Apr 18 '16 20:04

Philipp

1 Answers

First, your code looks fine.

In my experience Android fingerprint tends to have a lot of weird edge case errors across various devices.. I can't answer exactly but it sounds like a HW or implementation issue with the FP api on oneplus's part. I know XiaoMi and even Google has acknowledged various weird issues with their implementation.

Tips:

make sure you are listening only once for fingerprint. if you listen twice, you can receive the incorrect cipher object, so the encryption won't match.

update your gradle/min sdk/support libraries, all that stuff

hold on to your butt

like image 72
Chris Merrick Avatar answered Oct 04 '22 12:10

Chris Merrick
Sign in to Comment

Related questions

Android: variable has incorrect value in while loop
setRadius on Circle gives bad user experience in Google Maps
React native notification with custom template for Android
How to check if app user is in Google Play Beta Testing
Dramatic shift in location accuracy distribution starting February 15
Android: Put GPSTimeStamp into jpg EXIF tags
Consumer closed input channel or an error occurred. events=0x8
Android WebView not refreshed after webview content has been modified by JavaScript
Send MMS from My application in android
What's different between using WebView and Browser for YouTube Video api?
Can we access the Microphone driver of my android phone
OpenCV FeatureDetector
IllegalArgumentException Invalid payload item type - With ActionBarCompat
3D object rendering in openCV using metaio in Android
Applying physics to Android View objects
share image does not work in viber and facebook
How to check the internet connectivity within the network in Android (using internet of some other device through HOTSPOT)
Android Picasso auto rotates image
In-app purchase uses wrong account after update
How to find every version of android support libraries source code

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!