5

I'm getting lots of crash reported on samsung devices running android 12 from yesterday. AndroidKeyStoreProvider throws NPE when calling X509Certificate.getPublicKey(). it's working fine on other brands devices.

Key pair generation method :

   public void generateKeys(Context context) throws GeneratePairKeyException {
    KeyPairGenerator keyPairGenerator;
    try {
        if(KeyStoreUtil.getPrivateKey() == null){
            Calendar start = GregorianCalendar.getInstance();
            Calendar end = GregorianCalendar.getInstance();
            end.add(Calendar.YEAR, 10);
            keyPairGenerator = KeyPairGenerator.getInstance("RSA", ANDROID_KEY_STORE);
            keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(context)
                    .setAlias(ALIAS)
                    .setSerialNumber(BigInteger.valueOf(1))
                    .setStartDate(start.getTime())
                    .setEndDate(end.getTime())
                    .setSubject(new X500Principal("CN=Pushe_CA"))
                    .build());
            keyPairGenerator.generateKeyPair();
        }
    } catch (NoSuchAlgorithmException |
            NoSuchProviderException | InvalidAlgorithmParameterException e) {
        Logger.e(e);
        throw new GeneratePairKeyException("pair key not created");
    } catch (IllegalStateException e) {
        throw e;
    } catch (Exception e) {
        throw new GeneratePairKeyException("pair key not created");
    }
}

App crashes when i'm trying to get private key like this :

 KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
 keyStore.load(null);
 (PrivateKey) keyStore.getKey(ALIAS, null);

here's the crash log :

Fatal Exception: java.lang.NullPointerException: Attempt to invoke virtual method 'java.security.PublicKey java.security.cert.X509Certificate.getPublicKey()' on a null object reference at android.security.keystore2.AndroidKeyStoreProvider.makeAndroidKeyStorePublicKeyFromKeyEntryResponse(AndroidKeyStoreProvider.java:220) at android.security.keystore2.AndroidKeyStoreProvider.loadAndroidKeyStoreKeyFromKeystore(AndroidKeyStoreProvider.java:401) at android.security.keystore2.AndroidKeyStoreProvider.loadAndroidKeyStoreKeyFromKeystore(AndroidKeyStoreProvider.java:343) at android.security.keystore2.AndroidKeyStoreSpi.engineGetKey(AndroidKeyStoreSpi.java:110) at java.security.KeyStore.getKey(KeyStore.java:1062)

Any solutions?

Mohsen Einhesari
  • 361
  • 2
  • 9

0 Answers0