javax.crypto.IllegalBlockSizeException on few devices

[Farasy]

For some reason devices like ZTE V6 Plus (6.0) throw javax.crypto.IllegalBlockSizeException where others, mainly mainstream Samsung, Huawei, Sony work as expected.

RxFingerprint.encrypt(EncryptionMethod.AES, context, "a", "1234567890123456").subscribe()

At least one fingerprint has been enrolled. Any ideas?

[Mauin]

Do you have a more detailed Stacktrace for the exception? Which version of RxFingerprint are you currently using?

[Farasy]

Unfortunately not. It's 2.2.1.

[Mauin]

Without much more details it's hard to guess what actually is the problem in this case. For AES the key size is set to 256 by default which should be valid. Might be that the implementation on the ZTE device is somehow incompatible with this.

[Farasy]

Yes... Let me take a peek into firebase. May there's more to work with.

[Farasy]

Exception javax.crypto.IllegalBlockSizeException: android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal (AndroidKeyStoreCipherSpiBase.java:519) javax.crypto.Cipher.doFinal (Cipher.java:2056) com.a.a.g.a (SourceFile:110) com.a.a.i$2.onAuthenticationSucceeded (SourceFile:114) android.hardware.fingerprint.FingerprintManager$MyHandler.sendAuthenticatedSucceeded (FingerprintManager.java:855) android.hardware.fingerprint.FingerprintManager$MyHandler.handleMessage (FingerprintManager.java:803) android.os.Handler.dispatchMessage (Handler.java:110) android.os.Looper.loop (Looper.java:203) android.app.ActivityThread.main (ActivityThread.java:6255) java.lang.reflect.Method.invoke (Method.java) com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run (ZygoteInit.java:1063) com.android.internal.os.ZygoteInit.main (ZygoteInit.java:924)

[Farasy]

Another device facing the same problem: One Plus 5T But only after creating new fingerprints from the android settings. Old fingerprints worked well with the lib.

[Mauin]

Interesting. Unfortunately I have neither device at hand to test it. Also the Stacktrace is not being much more helpful.

Which encryption method are you using? Did you change this at some point?

[Farasy]

Same for me :/ Untouched encryption method is AES. See my code above.

From AndroidKeyStoreCipherSpiBase.java:

@Override protected final byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen) throws IllegalBlockSizeException, BadPaddingException { if (mCachedException != null) { throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(mCachedException); } try { ensureKeystoreOperationInitialized(); } catch (InvalidKeyException | InvalidAlgorithmParameterException e) { throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(e); } byte[] output; try { flushAAD(); byte[] additionalEntropy = KeyStoreCryptoOperationUtils.getRandomBytesToMixIntoKeystoreRng( mRng, getAdditionalEntropyAmountForFinish()); output = mMainDataStreamer.doFinal( input, inputOffset, inputLen, null, // no signature involved additionalEntropy); } catch (KeyStoreException e) { switch (e.getErrorCode()) { case KeymasterDefs.KM_ERROR_INVALID_INPUT_LENGTH: throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(e); case KeymasterDefs.KM_ERROR_INVALID_ARGUMENT: throw (BadPaddingException) new BadPaddingException().initCause(e); case KeymasterDefs.KM_ERROR_VERIFICATION_FAILED: throw (AEADBadTagException) new AEADBadTagException().initCause(e); default: //line 519 throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(e); } } resetWhilePreservingInitState(); return output; }

link

[Farasy]

Hey Mauin, here's another Stacktrace from Android Vitals for a OnePlus3, Android 8:

java.lang.NullPointerException: at com.mtramin.rxfingerprint.AesDecryptionObservable (SourceFile:95) at com.mtramin.rxfingerprint.FingerprintObservable$2.onAuthenticationSucceeded (SourceFile:105) at android.hardware.fingerprint.FingerprintManager$MyHandler.sendAuthenticatedSucceeded (FingerprintManager.java:1005) at android.hardware.fingerprint.FingerprintManager$MyHandler.handleMessage (FingerprintManager.java:926) at android.os.Handler.dispatchMessage (Handler.java:105) at android.os.Looper.loop (Looper.java:164) at android.app.ActivityThread.main (ActivityThread.java:6809) at java.lang.reflect.Method.invoke (Native Method) at com.android.internal.os.Zygote$MethodAndArgsCaller.run (Zygote.java:240) at com.android.internal.os.ZygoteInit.main (ZygoteInit.java:767)

[YaroslavHavrylovych]

Xiaomui Mi5 javax.crypto.IllegalBlockSizeException: input must be under 256 bytes at com.android.org.conscrypt.OpenSSLCipherRSA.engineDoFinal(OpenSSLCipherRSA.java:246) at javax.crypto.Cipher.doFinal(Cipher.java:2056) at com.mtramin.rxfingerprint.RsaEncryptionObservable.subscribe(RsaEncryptionObservable.java:81) at io.reactivex.internal.operators.observable.ObservableCreate.subscribeActual(ObservableCreate.java:40) at io.reactivex.Observable.subscribe(Observable.java:11194) at io.reactivex.Observable.subscribe(Observable.java:11180) at io.reactivex.Observable.subscribe(Observable.java:11109) at com.android.monitor.test.LoginFragment.storeAndLogin(LoginFragment.java:140) at com.android.monitor.test.LoginFragment.access$000(LoginFragment.java:34) at com.android.monitor.test.LoginFragment$1.lambda$onResponse$2$LoginFragment$1(LoginFragment.java:203) at com.android.monitor.test.LoginFragment$1$$Lambda$1.run(Unknown Source) at android.os.Handler.handleCallback(Handler.java:754) at android.os.Handler.dispatchMessage(Handler.java:95) at android.os.Looper.loop(Looper.java:163) at android.app.ActivityThread.main(ActivityThread.java:6337) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:880) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:770)

[ddeath]

Just going around and have similar issue. Try it in android studio emulator on Nexus One with api 23. You will probably get the same error. This could help you with debugging

[filipatbnp]

any update on this? I have same problem