I am getting the issue when running the application below android 6.0
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
KeyguardManager keyguardManager = (KeyguardManager) getSystemService(KEYGUARD_SERVICE);
FingerprintManager fingerprintManager = (FingerprintManager) getSystemService(FINGERPRINT_SERVICE);
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
if (!fingerprintManager.isHardwareDetected()) {
/**
* An error message will be displayed if the device does not contain the fin.gerprint hardware.
* However if you plan to implement a default authentication method,
* you can redirect the user to a default authentication ctivity from here.
* Example:
*
*/
} else {
// Checks whether fingerprint permission is set on manifest
if (ActivityCompat.checkSelfPermission(this, Manifest.permission.USE_FINGERPRINT) != PackageManager.PERMISSION_GRANTED) {
// permission not granted
} else {
// Check whether at least one fingerprint is registered
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
// Checks whether lock screen security is enabled or not
if (!keyguardManager.isKeyguardSecure()) {
// finger print not support
} else {
if (!fingerprintManager.hasEnrolledFingerprints()) {
// finger print not enrolled
} else {
/*Amit Verma EC signature*/
createKeyPair();
if (initSignature()) {
ConstantDeclaration.mCryptoObject = new FingerprintManager.CryptoObject(mSignature);
}
}
}
}
}
}
}
}
Here is code for key-pair Generation
#TargetApi(Build.VERSION_CODES.M)
private void createKeyPair() {
// The enrolling flow for fingerprint. This is where you ask the user to set up fingerprint
// for your flow. Use of keys is necessary if you need to know if the set of
// enrolled fingerprints has changed.
try {
// Set the alias of the entry in Android KeyStore where the key will appear
// and the constrains (purposes) in the constructor of the Builder
KeyPairGenerator mKeyPairGenerator = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_EC, "AndroidKeyStore");
mKeyPairGenerator.initialize(
new KeyGenParameterSpec.Builder(KEY_NAME,
KeyProperties.PURPOSE_SIGN)
.setDigests(KeyProperties.DIGEST_SHA1)
.setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1"))
// Require the user to authenticate with a fingerprint to authorize
// every use of the private key
// .setUserAuthenticationRequired(true)
.setUserAuthenticationRequired(false)
.build());
mKeyPairGenerator.generateKeyPair();
} catch (InvalidAlgorithmParameterException e) {
throw new RuntimeException(e);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchProviderException e) {
e.printStackTrace();
}
}
here is the code for signature initiate.
#TargetApi(Build.VERSION_CODES.M)
private boolean initSignature() {
try {
mKeyStore = KeyStore.getInstance("AndroidKeyStore");
mKeyStore.load(null);
PrivateKey key = (PrivateKey) mKeyStore.getKey(KEY_NAME, null);
// String strKey = Base64.encodeToString(key.getEncoded(),Base64.DEFAULT);
// System.out.println("PrivateKey::"+strKey);
mSignature = Signature.getInstance("SHA1withECDSA");
mSignature.initSign(key);
PublicKey publicKey = mKeyStore.getCertificate(KEY_NAME).getPublicKey();
String strPublicKey = Base64.encodeToString(publicKey.getEncoded(), Base64.DEFAULT);
Singleton.getInstance().public_key_fp = strPublicKey;
return true;
} catch (KeyPermanentlyInvalidatedException e) {
return false;
} catch (Exception e) {
throw new RuntimeException("Failed to init Cipher", e);
}/*catch (KeyStoreException | CertificateException | UnrecoverableKeyException | IOException
| NoSuchAlgorithmException | InvalidKeyException e) {
throw new RuntimeException("Failed to init Cipher", e);
}*/
}
This code is working fine but when I am running my application in below Android 6.0 getting the exception on the launching the app.
Android version: 19
Device: samsung SM-J100ML
App version: 7
Line Number1: java.lang.Class.newInstanceImpl(Native Method)
Description : java.lang.VerifyError: launcherActivity
at java.lang.Class.newInstanceImpl(Native Method)
at java.lang.Class.newInstance(Class.java:1208)
at android.app.Instrumentation.newActivity(Instrumentation.java:1068)
at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2288)
at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2493)
at android.app.ActivityThread.access$800(ActivityThread.java:166)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1283)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:136)
at android.app.ActivityThread.main(ActivityThread.java:5584)
at java.lang.reflect.Method.invokeNative(Native Method)
at java.lang.reflect.Method.invoke(Method.java:515)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1268)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1084)
at dalvik.system.NativeStart.main(Native Method)
I think the problem with Signature import is import java.security.Signature;
I figured out the problem by reading logcat as said above in comment,
Could not find class 'android.security.keystore.KeyGenParameterSpec$Builder'
and
Could not find class 'android.hardware.fingerprint.FingerprintManager'
I googled above classes and found this link here
So I removed catch block InvalidAlgorithmParameterException ,**KeyPermanentlyInvalidatedException** and replaced with parent class "Exception" only.
Related
I am looking for a way to get notify if the user changed his/her fingerprint.
I saw this answer here but it wasn't clear how to use "setAllowedAuthenticators" in this scenario.
I would appreciate it if someone could help.
[update] the updated code:
1- Generate secret key
generateSecretKey(new KeyGenParameterSpec.Builder(
KEY_NAME,
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
.setUserAuthenticationRequired(true)
// Invalidate the keys if the user has registered a new biometric
// credential, such as a new fingerprint. Can call this method only
// on Android 7.0 (API level 24) or higher. The variable
.setInvalidatedByBiometricEnrollment(true)
.build());
2- Generate cipher
Cipher cipher = getCipher();
SecretKey secretKey = getSecretKey();
try {
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
} catch (KeyPermanentlyInvalidatedException e) {
System.out.print("key has changed");
} catch (InvalidKeyException e) {
e.printStackTrace();
}
3- authenticate
biometricPrompt.authenticate(new CancellationSignal(), excutor, new BiometricPrompt.AuthenticationCallback() {
#Override
public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult result) {
}
});
}
});
}
});
Error:
E/AndroidRuntime: FATAL EXCEPTION: main
Process: com.example.fingerprint_poc, PID: 9523
java.lang.IllegalArgumentException: keystoreAlias must not be empty
at android.security.keystore.KeyGenParameterSpec$Builder.<init>(KeyGenParameterSpec.java:760)
at com.example.fingerprint_poc.task$5.onClick(task.java:153)
at android.view.View.performClick(View.java:6597)
at android.view.View.performClickInternal(View.java:6574)
at android.view.View.access$3100(View.java:778)
at android.view.View$PerformClick.run(View.java:25885)
at android.os.Handler.handleCallback(Handler.java:873)
at android.os.Handler.dispatchMessage(Handler.java:99)
at android.os.Looper.loop(Looper.java:193)
at android.app.ActivityThread.main(ActivityThread.java:6669)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:493)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:858) I/Process: Sending signal. PID: 9523 SIG: 9
Using the functions here link and link
You add this code before the authentication
Cipher cipher = getCipher();
SecretKey secretKey = getSecretKey();
if (getSecretKey() == null){
generateSecretKey(new KeyGenParameterSpec.Builder(
KEY_NAME,
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
.setUserAuthenticationRequired(true)
// Invalidate the keys if the user has registered a new biometric
// credential, such as a new fingerprint. Can call this method only
// on Android 7.0 (API level 24) or higher. The variable
.setInvalidatedByBiometricEnrollment(true)
.build());
}
try {
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
} catch (KeyPermanentlyInvalidatedException e) {
System.out.print("key has changed");
Toast.makeText(task.this, "changed", Toast.LENGTH_LONG).show();
generateSecretKey(new KeyGenParameterSpec.Builder(
KEY_NAME,
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
.setUserAuthenticationRequired(true)
// Invalidate the keys if the user has registered a new biometric
// credential, such as a new fingerprint. Can call this method only
// on Android 7.0 (API level 24) or higher. The variable
.setInvalidatedByBiometricEnrollment(true)
.build());
} catch (InvalidKeyException e) {
e.printStackTrace();
}
Important: the KEY_NAME must be the same, it must not change between instances.
I am facing issue with Fingerprint authentication, actually, I have integrated Fingerprint Authentication in my app and working fine except one case.
I have set up two Fingerprint in my device, after initializing KeyGenerator with Fingerprint KEY, I have removed one Fingerprint from device and come back to my app and performing Fingerprint Auth it is working fine. I don't know why it is not triggering InvalidKeyException as like adding Fingerprint works. Is this expected behavior or any bug with OS?
Device Details are below,
Device : Pixel
OS: Android 8.0
Code of my implementation follows,
protected void generateKey() {
try {
keyStore = KeyStore.getInstance("AndroidKeyStore");
} catch (Exception e) {
e.printStackTrace();
}
KeyGenerator keyGenerator;
try {
keyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore");
} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
throw new RuntimeException("Failed to get KeyGenerator instance", e);
}
try {
keyStore.load(null);
keyGenerator.init(new
KeyGenParameterSpec.Builder(KEY_NAME,
KeyProperties.PURPOSE_ENCRYPT |
KeyProperties.PURPOSE_DECRYPT)
.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
.setUserAuthenticationRequired(true)
.setEncryptionPaddings(
KeyProperties.ENCRYPTION_PADDING_PKCS7)
.build());
keyGenerator.generateKey();
} catch (NoSuchAlgorithmException |
InvalidAlgorithmParameterException
| CertificateException | IOException e) {
throw new RuntimeException(e);
}
}
public boolean cipherInit() {
try {
cipher = Cipher.getInstance(KeyProperties.KEY_ALGORITHM_AES + "/" + KeyProperties.BLOCK_MODE_CBC + "/" + KeyProperties.ENCRYPTION_PADDING_PKCS7);
} catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
throw new RuntimeException("Failed to get Cipher", e);
}
try {
keyStore.load(null);
SecretKey key = (SecretKey) keyStore.getKey(KEY_NAME,
null);
cipher.init(Cipher.ENCRYPT_MODE, key);
return true;
} catch (KeyPermanentlyInvalidatedException e) {
return false;
} catch (KeyStoreException | CertificateException | UnrecoverableKeyException | IOException | NoSuchAlgorithmException | InvalidKeyException e) {
throw new RuntimeException("Failed to init Cipher", e);
}
}
}
I have already tried with few posts(How to detect the removal fingerprint in Android?, Android Fingerprint API and Private/Public keys, Android Key Invalidation when Fingerprints removed), nothing helped me to get rid of it.
Your code is not strictly tied to fingerprints. All it has that is somewhat related is:
setUserAuthenticationRequired(true)
That says that the key that you are creating in the AndroidKeyStore requires user authentication. It does not say anything about fingerprints.
If the user has fingerprints registered, the user could use a fingerprint to authenticate for the purposes of using this key. That would be for any fingerprint registered by the user, and in your case, you still have a registered fingerprint (even after the user removed the second fingerprint). Also, the user does not have to use a fingerprint to authenticate — they could use their passphrase, PIN, or pattern, if they choose.
Is this expected behavior or any bug with OS?
This is expected behavior.
I recently implemented fingerprint authentication into one of my apps. Everything works as expected except for this one problem that I discovered when testing. Some background: I generated a key with the following key gen parameters:
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
.setUserAuthenticationRequired(true)
.setUserAuthenticationValidityDurationSeconds(80)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
so the user will remain authenticated for 80 seconds. Any time the app needs to re-verify the user, it will check if the key is still valid, and otherwise createConfirmDeviceCredentialIntent if the key timed out, which brings up a system screen prompting the user to authenticate their fingerprint or enter a password/pin/pattern.
The problem: Now this screen should be un-cancelable, however if I tap the back button or top arrow button multiple times in a row, the user gets into the app. Has anyone had this experience?
EDIT:
This seems to only be happening on Samsung devices I tested, it works well on the Nexus and Google Pixel.
Here is the code being used, it's from the Google sample project on using createConfirmDeviceCredentialIntent.
This is the method to check the if the key is still valid.
protected boolean tryEncrypt() {
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
try {
mKeyStore = KeyStore.getInstance("AndroidKeyStore");
mKeyStore.load(null);
SecretKey secretKey = (SecretKey) mKeyStore.getKey(KEY_NAME, null);
mCipher = Cipher.getInstance(
KeyProperties.KEY_ALGORITHM_AES + "/" + KeyProperties.BLOCK_MODE_CBC + "/"
+ KeyProperties.ENCRYPTION_PADDING_PKCS7);
mCipher.init(Cipher.ENCRYPT_MODE, secretKey);
mCipher.doFinal(SECRET_BYTE_ARRAY);
return true;
} catch (UserNotAuthenticatedException e) {
// User is not authenticated, let's authenticate with device credentials.
showAuthenticationScreen();
return false;
} catch (KeyPermanentlyInvalidatedException e) {
return false;
} catch (BadPaddingException | IllegalBlockSizeException | KeyStoreException |
CertificateException | UnrecoverableKeyException | IOException
| NoSuchPaddingException | NoSuchAlgorithmException | InvalidKeyException e) {
throw new RuntimeException(e);
}
}
return false;
}
Here is the showEncryption method that is called if the key is timed out:
protected void showAuthenticationScreen() {
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
Intent intent = getKeyguardManager().createConfirmDeviceCredentialIntent(null, null);
if (intent != null) {
startActivityForResult(intent, 1);
}
}
}
I have a project on Android with minSDK=17 and targetSDK=23. We have a fingerprint authentication in this project made using FingerprintManager class (it was added in SDK23). We added SDK version check, so we are not using anything related to fingerprint if SDK<23. But in older SDK versions app behaviour is unpredictable: on some versions app just crashing, on other -- fingerprint not working (so, it's ok).
My question:
1) Is it any good and easy-to-implement libraries for minSDK=17, that can recognize fingerprints?
2) How can I avoid app crashing in devices with SDK<23?
Crash error:
E/dalvikvm: Could not find class 'android.hardware.fingerprint.FingerprintManager', referenced from method nl.intratuin.LoginActivity.loginByFingerprint
E/AndroidRuntime: FATAL EXCEPTION: main java.lang.VerifyError:
LoginActivity at java.lang.Class.newInstanceImpl(Native Method)
Some new info: created HelloWorld fingerprint project using this tutorial:
http://www.techotopia.com/index.php/An_Android_Fingerprint_Authentication_Tutorial
Found the root of the problem:
FingerprintDemoActivity->cipherInit:
try {
keyStore.load(null);
SecretKey key = (SecretKey) keyStore.getKey(KEY_NAME,
null);
cipher.init(Cipher.ENCRYPT_MODE, key);
return true;
} catch (KeyPermanentlyInvalidatedException e) {
return false;
} catch (KeyStoreException | CertificateException
| UnrecoverableKeyException | IOException
| NoSuchAlgorithmException | InvalidKeyException e) {
throw new RuntimeException("Failed to init Cipher", e);
}
First catch block breacking whole app with error I mentioned above. Of course, I can just remove this catch (this exception extends InvalidKeyException, so it will be handled), and return false in case of any exceptions. Is it any better way?
I think, I found acceptable solution: catch not KeyPermanentlyInvalidatedException, but InvalidKeyException. Everything working fine this way. Still have no idea how this exception crashed whole app...
It happened to me also..even when i used : if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M).. my app crashes on android 4.4- kitkat. so eventually the problem was in the initCipher method in the catches part - see the following code (even though i m not suppose to get there as it targeted to M and above... very strange behaviour..) :
#TargetApi(Build.VERSION_CODES.M)
private boolean initCipher() {
try {
mKeyStore.load(null);
SecretKey key = (SecretKey) mKeyStore.getKey(KEY_NAME, null);
mCipher.init(Cipher.ENCRYPT_MODE, key);
return true;
} catch (KeyStoreException | CertificateException | UnrecoverableKeyException | IOException
| NoSuchAlgorithmException e) {
throw new RuntimeException("Failed to init Cipher", e);
} catch (InvalidKeyException e) {
e.printStackTrace();
return false;
}
}
apparently the order off the catches matter..so just make sure to write it as i mentioned.
Reason for Crash:
The FingerprintManager class works with Android version 23 and Higher.
If your app is using FingerprintManager class and runs on older version of Android then you will encounter this exception.
Supporting older versions of Android:
Use FingerprintManagerCompat instead of FingerprintManager if you are planning to support Android <23. The FingerprintManagerCompat class internally checks for the Android version and handle Authentication part with ease.
How to Use it:
Replace android.hardware.fingerprint.FingerprintManager With android.support.v4.hardware.fingerprint.FingerprintManagerCompat
Replace android.os.CancellationSignal With android.support.v4.os.CancellationSignal
See Sample Code
https://github.com/hiteshsahu/FingerPrint-Authentication-With-React-Native-Android/blob/master/android/app/src/main/java/com/aproject/view/Fragments/FingerprintAuthenticationDialogFragment.java
Have a look at a library created by afollestad called digitus.
This library can fall back to a password if fingerprints are not available.
Any devices prior to SDK 23 need to use their own separate device manufacturer based sdk.
just follow android studio hint, it will be OK.
try {
mKeyStore.load(null);
SecretKey key = (SecretKey) mKeyStore.getKey(keyName, null);
cipher.init(Cipher.ENCRYPT_MODE, key);
return true;
} catch (IOException | NoSuchAlgorithmException | CertificateException
| UnrecoverableKeyException | KeyStoreException | InvalidKeyException e) {
e.printStackTrace();
throw new RuntimeException("Failed to init Cipher", e);
}
To answer the second part of the question
How can I avoid app crashing in devices with SDK<23?
This simplistic logic check will suffice:
if (Build.VERSION.SDK_INT < 23) {
// Handle the mechanism where the SDK is older.
}else{
// Handle the mechanism where the SDK is 23 or later.
}
I solved this by moving all the fingerprint code to a helper class so that the classes related to the fingerprint code are not imported in the activity and by instantiating the helper class only when the SDK_INT is greater than 23 (In my case, as I'm supporting only Android 6+)
I also had this problem.Even when i used : if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M).. my app crashes on lower API's. I solved that as follow:
Replaced these codes:
try {
keyStore.load(null);
SecretKey key = (SecretKey) keyStore.getKey(KEY_NAME,
null);
cipher.init(Cipher.ENCRYPT_MODE, key);
return true;
} catch (KeyPermanentlyInvalidatedException e) {
return false;
} catch (KeyStoreException | CertificateException
| UnrecoverableKeyException | IOException
| NoSuchAlgorithmException | InvalidKeyException e) {
throw new RuntimeException("Failed to init Cipher", e);
}
with:
try {
keyStore.load(null);
} catch (CertificateException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
SecretKey key = null;
try {
key = (SecretKey) keyStore.getKey(KEY_NAME,
null);
} catch (KeyStoreException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (UnrecoverableKeyException e) {
e.printStackTrace();
}
try {
cipher.init(Cipher.ENCRYPT_MODE, key);
} catch (InvalidKeyException e) {
e.printStackTrace();
}
return true;
I cannot obtain a (private) key from KeyStore on Android. Problem occurs mainly
on Samsung devices (S6, S6 Edge) and Android 6.
android.security.KeyStoreException: Invalid key blob
is thrown when following line is called (where alias is name for store key).
KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry)keyStore.getEntry(alias, null);
The KeyStore itself is obtained by
KeyStore.getInstance("AndroidKeyStore");
And key is generated by the following method:
private static void createKey(String alias, String subject, KeyStore keyStore, BigInteger serialNumber, Date startDate, Date endDate, String algorithm, String keyStoreProvider, Context context)
throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
if (keyStore.containsAlias(alias)) {
// Key already exists.
return;
}
// Generate keys.
KeyPairGeneratorSpec spec = new KeyPairGeneratorSpec.Builder(context)
.setAlias(alias)
.setSubject(new X500Principal(subject))
.setSerialNumber(serialNumber)
.setStartDate(startDate)
.setEndDate(endDate)
.build();
KeyPairGenerator generator = KeyPairGenerator.getInstance(algorithm, keyStoreProvider);
generator.initialize(spec);
KeyPair keyPair = generator.generateKeyPair();
}
Where algorithm is "RSA" and keyStoreProvider is "AndroidKeyStore".
The part of the stacktrace:
android.security.KeyStoreException: Invalid key blob
at android.security.KeyStore.getKeyStoreException(KeyStore.java:939)
at android.security.keystore.AndroidKeyStoreProvider.loadAndroidKeyStorePublicKeyFromKeystore(AndroidKeyStoreProvider.java:216)
at android.security.keystore.AndroidKeyStoreProvider.loadAndroidKeyStoreKeyPairFromKeystore(AndroidKeyStoreProvider.java:252)
at android.security.keystore.AndroidKeyStoreProvider.loadAndroidKeyStorePrivateKeyFromKeystore(AndroidKeyStoreProvider.java:263)
at android.security.keystore.AndroidKeyStoreSpi.engineGetKey(AndroidKeyStoreSpi.java:93)
at java.security.KeyStoreSpi.engineGetEntry(KeyStoreSpi.java:372)
at java.security.KeyStore.getEntry(KeyStore.java:645)
The exception causes java.security.UnrecoverableKeyException: Failed to obtain information about private key to be thrown.
I was not able to find any closer information about "Invalid key blob",
only that the message itself is defined here: https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/security/keymaster/KeymasterDefs.java
This problem is occurred when user tries to UNLOCK from LOCK/UNINITIALIZED. It is by default defined as 30 secs for timing. This problem is it's API related implementation issue.
This error is generated from InvalidKeyException. By bypassing this exception and call the method again, you can get rid of this error.
You have to remove the InvalidKeyException class from the catch argument. This will still allow you to check for InvalidKeyException. After checking you have to try for second time with code so that the problem is not shown in eye but doing 2 times checking it may solve your issue. Code is given below.
try {
KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.keyStore
.getEntry("alias", null);
} catch (InvalidKeyException ex) {
ex.printStackTrace();
if (ex instanceof InvalidKeyException) { // bypass
// InvalidKeyException
// You can again call the method and make a counter for deadlock
// situation or implement your own code according to your
// situation
if (retry) {
keyStore.deleteEntry(keyName);
return getCypher(keyName, false);
} else {
throw ex;
}
}
} catch (final Exception e) {
e.printStackTrace();
throw e;
}
You can see my another answer that describes one by one occurring
issue and solution.
UPDATE from #Ankis:
As you solved the issue by changing InvalidKeyException to UnrecoverableKeyException. So I have updated as per your suggestion so that world can know the actual answer. Thanks for sharing :).
try {
KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.keyStore
.getEntry("alias", null);
} catch (UnrecoverableKeyException ex) {
ex.printStackTrace();
// You can again call the method and make a counter for deadlock
// situation or implement your own code according to your
// situation
if (retry) {
keyStore.deleteEntry(keyName);
return getCypher(keyName, false);
}
} catch (final Exception e) {
e.printStackTrace();
throw e;
}