Fix a crash on KitKat when clearing the KeyStore

Apparently KitKat doesn't like KeyPermanentlyInvalidatedException
2025-05-14 14:02:49 +00:00 · 2019-04-04 18:41:56 +02:00 · 2019-04-04 18:41:56 +02:00 · 6d93b78f9a
commit 6d93b78f9a
parent 4365a693f2
1 changed files with 24 additions and 11 deletions
--- a/app/src/main/java/com/beemdevelopment/aegis/crypto/KeyStoreHandle.java
+++ b/app/src/main/java/com/beemdevelopment/aegis/crypto/KeyStoreHandle.java
@ -21,6 +21,8 @@ import javax.crypto.KeyGenerator;
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.SecretKey;

+import androidx.annotation.RequiresApi;
+
 public class KeyStoreHandle {
    private final KeyStore _keyStore;
    private static final String STORE_NAME = "AndroidKeyStore";
@ -77,22 +79,33 @@ public class KeyStoreHandle {
            throw new KeyStoreHandleException(e);
        }

-        // try to initialize a dummy cipher
-        // and see if KeyPermanentlyInvalidatedException is thrown
-        if (isSupported()) {
-            try {
-                Cipher cipher = Cipher.getInstance(CryptoUtils.CRYPTO_AEAD);
-                cipher.init(Cipher.ENCRYPT_MODE, key);
-            } catch (KeyPermanentlyInvalidatedException e) {
+        if (isSupported() && isKeyPermanentlyInvalidated(key)) {
            return null;
-            } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException e) {
-                throw new RuntimeException(e);
-            }
        }

        return key;
    }

+    @RequiresApi(api = Build.VERSION_CODES.M)
+    private static boolean isKeyPermanentlyInvalidated(SecretKey key) {
+        // try to initialize a dummy cipher
+        // and see if KeyPermanentlyInvalidatedException is thrown
+        try {
+            Cipher cipher = Cipher.getInstance(CryptoUtils.CRYPTO_AEAD);
+            cipher.init(Cipher.ENCRYPT_MODE, key);
+        } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException e) {
+            // apparently KitKat doesn't like KeyPermanentlyInvalidatedException, even when guarded with a version check
+            // it will throw a java.lang.VerifyError when its listed in a 'catch' statement
+            // so instead, check for it here
+            if (e instanceof KeyPermanentlyInvalidatedException) {
+                return true;
+            }
+            throw new RuntimeException(e);
+        }
+
+        return false;
+    }
+
    public void deleteKey(String id) throws KeyStoreHandleException {
        try {
            _keyStore.deleteEntry(id);