Keystore cannot load the key with ID: _androidx_security_master_key_

Question

I am trying to use masterKey to encrypt shared prefs. However, sometimes my users are crashing due to invalidKeyException from keystore. I cannot reproduce this locally =\

 java.security.KeyStoreException: the master key android-keystore://_androidx_security_master_key_ exists but is unusable


 Caused by: java.security.InvalidKeyException: Keystore cannot load the key with ID: _androidx_security_master_key_

Any ideas why this is happening?

    val masterKey = MasterKey.Builder(context)
        .setKeyGenParameterSpec(
            KeyGenParameterSpec.Builder(
                MasterKey.DEFAULT_MASTER_KEY_ALIAS,
                PURPOSE_ENCRYPT or PURPOSE_DECRYPT
            )
                .setBlockModes(BLOCK_MODE_GCM)
                .setEncryptionPaddings(ENCRYPTION_PADDING_NONE)
                .setKeySize(MasterKey.DEFAULT_AES_GCM_MASTER_KEY_SIZE)
                .build()
        )
        .build()
    securePrefs = EncryptedSharedPreferences.create(
        context,
        PREFERENCES,
        masterKey,
        EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
        EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
    )

Answer 1

The issue has been in detail reported to the Google bug tracker as well. Might be better to follow the discussions there.

https://issuetracker.google.com/issues/176215143