Friday, 29 October 2021

How to reproduce or solve KeyStoreException?

Get crash with next description:

Caused by java.security.UnrecoverableKeyException: Failed to obtain X.509 form of public key at android.security.keystore.AndroidKeyStoreProvider.loadAndroidKeyStorePublicKeyFromKeystore(AndroidKeyStoreProvider.java:263) at android.security.keystore.AndroidKeyStoreProvider.loadAndroidKeyStoreKeyPairFromKeystore(AndroidKeyStoreProvider.java:303) at android.security.keystore.AndroidKeyStoreProvider.loadAndroidKeyStorePrivateKeyFromKeystore(AndroidKeyStoreProvider.java:324) at android.security.keystore.AndroidKeyStoreProvider.loadAndroidKeyStoreKeyFromKeystore(AndroidKeyStoreProvider.java:388) at android.security.keystore.AndroidKeyStoreSpi.engineGetKey(AndroidKeyStoreSpi.java:105) at java.security.KeyStore.getKey(KeyStore.java:1062) at com.mandarine.sai.sdk.tools.keystore.KeyStoreManager.getKeyPair(KeyStoreManager.java:117) at com.mandarine.sai.sdk.tools.keystore.KeyStoreManager.deleteKeyPairs(KeyStoreManager.java:222) at com.mandarine.sai.features.authorizations.common.ConnectionKeyBuilderKt.collectConnectionsAndKeys(ConnectionKeyBuilderKt.java:73) at com.mandarine.sai.features.authorizations.common.ConnectionKeyBuilderKt.collectConnectionsAndKeys(ConnectionKeyBuilderKt.java:41) at com.mandarine.sai.features.authorizations.list.AuthorizationsListViewModel.(AuthorizationsListViewModel.java:79) at com.mandarine.sai.app.ViewModelsFactory.create(ViewModelsFactory.java:102)

KeyStoreException: Invalid key blob

Caused by android.security.KeyStoreException: Invalid key blob at android.security.KeyStore.getKeyStoreException(KeyStore.java:1301) at android.security.keystore.AndroidKeyStoreProvider.loadAndroidKeyStorePublicKeyFromKeystore(AndroidKeyStoreProvider.java:265) at android.security.keystore.AndroidKeyStoreProvider.loadAndroidKeyStoreKeyPairFromKeystore(AndroidKeyStoreProvider.java:303) at android.security.keystore.AndroidKeyStoreProvider.loadAndroidKeyStorePrivateKeyFromKeystore(AndroidKeyStoreProvider.java:324) at android.security.keystore.AndroidKeyStoreProvider.loadAndroidKeyStoreKeyFromKeystore(AndroidKeyStoreProvider.java:388) at android.security.keystore.AndroidKeyStoreSpi.engineGetKey(AndroidKeyStoreSpi.java:105) at java.security.KeyStore.getKey(KeyStore.java:1062) at com.mandarine.sai.sdk.tools.keystore.KeyStoreManager.getKeyPair(KeyStoreManager.java:117) at com.mandarine.sai.sdk.tools.keystore.KeyStoreManager.deleteKeyPairs(KeyStoreManager.java:222) at com.mandarine.sai.features.authorizations.common.ConnectionKeyBuilderKt.collectConnectionsAndKeys(ConnectionKeyBuilderKt.java:73) at com.mandarine.sai.features.authorizations.common.ConnectionKeyBuilderKt.collectConnectionsAndKeys(ConnectionKeyBuilderKt.java:41) at com.mandarine.sai.features.authorizations.list.AuthorizationsListViewModel.(AuthorizationsListViewModel.java:79) at com.mandarine.sai.app.ViewModelsFactory.create(ViewModelsFactory.java:102) at androidx.lifecycle.ViewModelProvider.get(ViewModelProvider.java:187) at androidx.lifecycle.ViewModelProvider.get(ViewModelProvider.java:150) at com.mandarine.sai.features.authorizations.list.AuthorizationsListFragment.setupViewModel(AuthorizationsListFragment.java:119) at com.mandarine.sai.features.authorizations.list.AuthorizationsListFragment.onCreate(AuthorizationsListFragment.java:65) at androidx.fragment.app.Fragment.performCreate(Fragment.java:2684)

Here is code:

fun collectConnectionsAndKeys(
    repository: ConnectionsRepositoryAbs,
    keyStoreManager: KeyStoreManagerAbs
): Map<ConnectionID, ConnectionAndKey> {
    return repository.getAllActiveConnections().mapNotNull {
        it.getPrivateKeyForConnection(keyStoreManager)
    }.toMap()
}




  /**
     *  Get related private key for connection
     *
     *  @param connection Connection
     *  @return ConnectionAndKey
     */
    override fun createConnectionAndKeyModel(connection: ConnectionAbs): ConnectionAndKey? {
        return getKeyPair(connection.guid)?.private?.let { key ->
            ConnectionAndKey(connection, key)
        }
    }

    /**
     * Get RSA key pair by the given alias
     *
     * @param alias - the alias name
     * @return KeyPair object
     */
    override fun getKeyPair(alias: String?): KeyPair? {
        val keyAlias = alias ?: return null
        val store = androidKeyStore ?: return null
        return (store.getKey(keyAlias, null) as? PrivateKey)?.let { privateKey ->
            val publicKey: PublicKey? = store.getCertificate(keyAlias).publicKey
            KeyPair(publicKey, privateKey)
        }
    }

UPDATE:

So i write something like this:

override fun getKeyPair(alias: String?): KeyPair? {
    return try {
        val keyAlias = alias ?: return null
        val store = androidKeyStore ?: return null
        (store.getKey(keyAlias, null) as? PrivateKey)?.let { privateKey ->
            val publicKey: PublicKey? = store.getCertificate(keyAlias).publicKey
            KeyPair(publicKey, privateKey)
        }
    } catch (e: UnrecoverableKeyException) {
        null
    } catch (e: Exception) {
        Timber.e(e)
        null
    }
}

But i don't understand why is my android keystore currently blocked on my XIAOMI phone? I have seen similar problems here and here, but deleting the key from keystore is not my solution.



from How to reproduce or solve KeyStoreException?

No comments:

Post a Comment