I found a crash on Crashlytics for my app. The crash statistics show that 93% of the affected devices are Xiaomi, with 49% on Android 13, 42% on Android 12, and 9% on Android 11. I use encryption to save my data, and the key is generated in the following mode:
val generator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore")
generator.init(KeyGenParameterSpec.Builder(
alias,
KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT
).apply {
setBlockModes(KeyProperties.BLOCK_MODE_GCM)
setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
setUserAuthenticationRequired(true)
setUserAuthenticationParameters(0, KeyProperties.AUTH_BIOMETRIC_STRONG or KeyProperties.AUTH_DEVICE_CREDENTIAL)
setKeySize(256)
}.build())
generator.generateKey()
The crash is in the last line
Fatal Exception: java.security.ProviderException: Keystore key generation failed at android.security.keystore2.AndroidKeyStoreKeyGeneratorSpi.engineGenerateKey(AndroidKeyStoreKeyGeneratorSpi.java:413) at javax.crypto.KeyGenerator.generateKey(KeyGenerator.java:612)
Caused by android.security.KeyStoreException: User authentication required at android.security.KeyStore2.getKeyStoreException(KeyStore2.java:330) at android.security.KeyStoreSecurityLevel.handleExceptions(KeyStoreSecurityLevel.java:57) at android.security.KeyStoreSecurityLevel.generateKey(KeyStoreSecurityLevel.java:145) at android.security.keystore2.AndroidKeyStoreKeyGeneratorSpi.engineGenerateKey(AndroidKeyStoreKeyGeneratorSpi.java:400) at javax.crypto.KeyGenerator.generateKey(KeyGenerator.java:612)
I didn't find anything on Google or on Stack Overflow. The BiometricPrompt is needed when I use this key with a cipher, so the "User authentication required" problem doesn't make sense. Does anyone have an explanation for this crash?