Status Update
No update yet.
Comments
is...@google.com
be...@thryve.de
I am not sure I understand the use case. how can the benchmark be code to real world scenario when it's not possible to do right now ? which scenario is it ?
In any case, since this would be for benchmarking, this would clearly not be available through the public DSL. We should find a semi-private way of doing this (maybe the private variant API object could offer that functionality for instance or a property).
ju...@google.com
We want benchmarks to measure code after Progaurd / R8, but it's not possible to turn that on for androidTests in library modules at the moment (to my knowledge?)
Benchmarks are also a public facing thing, but we have a plugin to help configure gradle builds for our users, so if support for this ends up in a private API, we could try to keep those usages localized to our code perhaps.
Description
We've been using androidx.security:security-crypto-ktx, the version is 1.1.0-alpha02.
An ANR issue has been happening on our production releases (google play store live versions).
Here's the trace stack:
main (native)
tid=1 systid=24238
0
libc.so
__ioctl
1
libc.so
ioctl
2
libbinder.so
android::IPCThreadState::talkWithDriver(bool)
3
libbinder.so
android::IPCThreadState::waitForResponse(android::Parcel*, int*)
4
libbinder.so
android::IPCThreadState::transact(int, unsigned int, android::Parcel const&, android::Parcel*, unsigned int)
5
libbinder.so
android::BpBinder::transact(unsigned int, android::Parcel const&, android::Parcel*, unsigned int)
6
libandroid_runtime.so
android_os_BinderProxy_transact(_JNIEnv*, _jobject*, int, _jobject*, _jobject*, int)
android.os.BinderProxy.transactNative (BinderProxy.java)
android.os.BinderProxy.transact (BinderProxy.java:635)
android.system.keystore2.IKeystoreSecurityLevel$Stub$Proxy.createOperation (IKeystoreSecurityLevel.java:311)
android.security.KeyStoreSecurityLevel.createOperation (KeyStoreSecurityLevel.java:83)
android.security.keystore2.AndroidKeyStoreCipherSpiBase.ensureKeystoreOperationInitialized (AndroidKeyStoreCipherSpiBase.java:340)
android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineInit (AndroidKeyStoreCipherSpiBase.java:177)
javax.crypto.Cipher.tryTransformWithProvider (Cipher.java:2984)
javax.crypto.Cipher.tryCombinations (Cipher.java:2891)
javax.crypto.Cipher$SpiAndProviderUpdater.updateAndGetSpiAndProvider (Cipher.java:2796)
javax.crypto.Cipher.chooseProvider (Cipher.java:773)
javax.crypto.Cipher.init (Cipher.java:1143)
javax.crypto.Cipher.init (Cipher.java:1084)
com.google.crypto.tink.integration.android.AndroidKeystoreAesGcm.encrypt (AndroidKeystoreAesGcm.java:69)
com.google.crypto.tink.integration.android.AndroidKeystoreKmsClient.validateAead (AndroidKeystoreKmsClient.java:226)
com.google.crypto.tink.integration.android.AndroidKeystoreKmsClient.getAead (AndroidKeystoreKmsClient.java:160)
com.google.crypto.tink.integration.android.AndroidKeysetManager$Builder.readOrGenerateNewMasterKey (AndroidKeysetManager.java:259)
com.google.crypto.tink.integration.android.AndroidKeysetManager$Builder.build (AndroidKeysetManager.java:228)
As mentioned above, it's a production issue, reported by firebase. We are not able to reproduce it in our QA phase.
And I noticed that it happened on only Android 11 and Android 12 devices, 75% on Android 12, and 25% on Android 11.
Can you take a look? thanks