search

AzureAD / microsoft-authentication-library-common-for-android

Common code used by both the Active Directory Authentication Library (ADAL) and the Microsoft Authentication Library (MSAL)
MIT License
41 stars 35 forks source link

KeyStore exception #1892

Open arcticfox1919 opened 2 years ago

arcticfox1919 commented 2 years ago

My current version is 8.0.2.

I'm guessing this issue has not been fully fixed, or has created new problems?

W/KeyStore(10039): KeyStore exception
W/KeyStore(10039): android.os.ServiceSpecificException:  (code 7)
W/KeyStore(10039):  at android.os.Parcel.createException(Parcel.java:2085)
W/KeyStore(10039):  at android.os.Parcel.readException(Parcel.java:2039)
W/KeyStore(10039):  at android.os.Parcel.readException(Parcel.java:1987)
W/KeyStore(10039):  at android.security.keystore.IKeystoreService$Stub$Proxy.get(IKeystoreService.java:978)
W/KeyStore(10039):  at android.security.KeyStore.get(KeyStore.java:236)
W/KeyStore(10039):  at android.security.KeyStore.get(KeyStore.java:225)
W/KeyStore(10039):  at android.security.keystore.AndroidKeyStoreSpi.engineGetCertificate(AndroidKeyStoreSpi.java:160)
W/KeyStore(10039):  at java.security.KeyStore.getCertificate(KeyStore.java:1120)
W/KeyStore(10039):  at com.microsoft.identity.common.internal.util.AndroidKeyStoreUtil.readKey(AndroidKeyStoreUtil.java:205)
W/KeyStore(10039):  at com.microsoft.identity.common.crypto.AndroidWrappedKeyLoader.readKeyStoreKeyPair(AndroidWrappedKeyLoader.java:308)
W/KeyStore(10039):  at com.microsoft.identity.common.crypto.AndroidWrappedKeyLoader.readSecretKeyFromStorage(AndroidWrappedKeyLoader.java:199)
W/KeyStore(10039):  at com.microsoft.identity.common.crypto.AndroidWrappedKeyLoader.getKey(AndroidWrappedKeyLoader.java:160)
W/KeyStore(10039):  at com.microsoft.identity.common.java.crypto.StorageEncryptionManager.encrypt(StorageEncryptionManager.java:128)
W/KeyStore(10039):  at com.microsoft.identity.common.java.crypto.KeyAccessorStringAdapter.encrypt(KeyAccessorStringAdapter.java:47)
W/KeyStore(10039):  at com.microsoft.identity.common.internal.cache.SharedPreferencesFileManager.encryptDecryptInternal(SharedPreferencesFileManager.java:336)
W/KeyStore(10039):  at com.microsoft.identity.common.internal.cache.SharedPreferencesFileManager.encrypt(SharedPreferencesFileManager.java:319)
W/KeyStore(10039):  at com.microsoft.identity.common.internal.cache.SharedPreferencesFileManager.putString(SharedPreferencesFileManager.java:149)
W/KeyStore(10039):  at com.microsoft.identity.common.internal.util.SharedPrefStringNameValueStorage.put(SharedPrefStringNameValueStorage.java:53)
W/KeyStore(10039):  at com.microsoft.identity.common.internal.util.SharedPrefStringNameValueStorage.put(SharedPrefStringNameValueStorage.java:38)
W/KeyStore(10039):  at com.microsoft.identity.common.java.cache.SharedPreferencesAccountCredentialCache.saveAccount(SharedPreferencesAccountCredentialCache.java:123)
W/KeyStore(10039):  at com.microsoft.identity.common.java.cache.MsalOAuth2TokenCache.saveAccounts(MsalOAuth2TokenCache.java:1576)
W/KeyStore(10039):  at com.microsoft.identity.common.java.cache.MsalOAuth2TokenCache.save(MsalOAuth2TokenCache.java:369)
W/KeyStore(10039):  at com.microsoft.identity.common.java.cache.MsalOAuth2TokenCache.saveAndLoadAggregatedAccountData(MsalOAuth2TokenCache.java:498)
W/KeyStore(10039):  at com.microsoft.identity.common.java.controllers.BaseController.saveTokens(BaseController.java:783)
W/KeyStore(10039):  at com.microsoft.identity.common.internal.controllers.LocalMSALController.acquireToken(LocalMSALController.java:182)
W/KeyStore(10039):  at com.microsoft.identity.common.java.commands.InteractiveTokenCommand.execute(InteractiveTokenCommand.java:65)
W/KeyStore(10039):  at com.microsoft.identity.common.java.commands.InteractiveTokenCommand.execute(InteractiveTokenCommand.java:37)
W/KeyStore(10039):  at com.microsoft.identity.common.java.controllers.CommandDispatcher.executeCommand(CommandDispatcher.java:455)
W/KeyStore(10039):  at com.microsoft.identity.common.java.controllers.CommandDispatcher.access$100(CommandDispatcher.java:86)
W/KeyStore(10039):  at com.microsoft.identity.common.java.controllers.CommandDispatcher$5.run(CommandDispatcher.java:683)
W/KeyStore(10039):  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
W/KeyStore(10039):  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
W/KeyStore(10039):  at java.lang.Thread.run(Thread.java:919)

The problem seems to be in this code(AndroidKeyStoreUtil.java:205):

try {
            final KeyStore keyStore = getKeyStore();
            final Certificate cert = keyStore.getCertificate(keyAlias);
            final Key privateKey = keyStore.getKey(keyAlias, null);
            if (cert == null || privateKey == null) {
                Logger.verbose(methodTag, "Key entry doesn't exist.");
                return null;
            }

            Logger.verbose(methodTag, "Key read from KeyStore");
            return new KeyPair(cert.getPublicKey(), (PrivateKey) privateKey);
        }

You may be able to fix the problem with reference to this suggestion on stackoverflow.

kevinycliu commented 1 year ago

I am having this issue too, any luck?