[Partner Bug]. Exception on device when creating passkey [308450953]

Assigned

Bug

Status Update

No update yet.

Description

ah...@gmail.com

created issue #1

Oct 30, 2023 08:10PM

Component used: Credentials

Version used: 1.2.0-rc01

Devices/Android versions reproduced on:
Pixel 5a Android 14

While trying to create a passkey on this device with my google account signedIn i get the
following exception
PS : This issue only happens on this device, works fine with other devices
```
[RegistrationRequestHandler] Error during registration: unable to create key.
java.util.concurrent.ExecutionException: ahvn: 8: Failed to get shared key.
at ebrb.s(:com.google.android.gms@234212044@23.42.12 (190400-574052649):21)
at ebrb.get(:com.google.android.gms@234212044@23.42.12 (190400-574052649):14)
at aqwp.run(:com.google.android.gms@234212044@23.42.12 (190400-574052649):1309)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:487)
at java.util.concurrent.FutureTask.run(FutureTask.java:264)
at ajji.c(:com.google.android.gms@234212044@23.42.12 (190400-574052649):50)
at ajji.run(:com.google.android.gms@234212044@23.42.12 (190400-574052649):76)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:644)
at ajon.run(:com.google.android.gms@234212044@23.42.12 (190400-574052649):8)
at java.lang.Thread.run(Thread.java:1012)
Caused by: ahvn: 8: Failed to get shared key.
at airt.a(:com.google.android.gms@234212044@23.42.12 (190400-574052649):15)
at aibf.b(:com.google.android.gms@234212044@23.42.12 (190400-574052649):11)
at aqtl.a(:com.google.android.gms@234212044@23.42.12 (190400-574052649):3)
at aqst.fd(:com.google.android.gms@234212044@23.42.12 (190400-574052649):23)
at ndy.onTransact(:com.google.android.gms@234212044@23.42.12 (190400-574052649):74)
at android.os.Binder.execTransactInternal(Binder.java:1337)
at android.os.Binder.execTransact(Binder.java:1278)
[Fido2RequestController] Inside RegistrationOperation.Callback#onRegistrationResult. response: AuthenticatorErrorResponse{errorCode=28, errorMessage=Unable to create key during registration}, type: null, didCreateDiscoverableCredential: false, unsignedOutputs: UnsignedOutputs{dpk=Optional.absent(), prf=Optional.absent()}
[Fido2ApiImpl] Inside Fido2RequestController.Callback#onSecurityKeyResultReceived. response: AuthenticatorErrorResponse{errorCode=28, errorMessage=Unable to create key during registration}, type: null, didCreateDiscoverableCredential: false, unsignedOutputs: UnsignedOutputs{dpk=Optional.absent(), prf=Optional.absent()}, userPermissionForAllowList: false
[RequestController] Timeout Runnable is removed, and timer is stopped.
[RequestController] Timeout Runnable is removed, and timer is stopped.
Transition requested: android.os.BinderProxy@37f0e12 TransitionRequestInfo { type = 2, triggerTask = null, remoteTransition = null, displayChange = null, flags = 0 }
[FidoApiImpl] updateTransaction is called for pause
[FidoApiImpl] pauseSecurityKeyRequestController should not be called when SecurityKeyRequestController is null.
```
Also i noticed in the logcat the following

```
[FolsomKeyStoreException] Exception during decryption [CONTEXT service_id=172 ]
xbq: javax.crypto.AEADBadTagException
at xbv.c(:com.google.android.gms@234212044@23.42.12 (190400-574052649):42)
at xcx.y(:com.google.android.gms@234212044@23.42.12 (190400-574052649):59)
at xcx.g(:com.google.android.gms@234212044@23.42.12 (190400-574052649):143)
at xdg.I(:com.google.android.gms@234212044@23.42.12 (190400-574052649):7)
at xdg.i(:com.google.android.gms@234212044@23.42.12 (190400-574052649):46)
at com.google.android.gms.auth.folsom.service.FolsomGcmTaskChimeraService.hc(:com.google.android.gms@234212044@23.42.12 (190400-574052649):509)
at bfqt.call(:com.google.android.gms@234212044@23.42.12 (190400-574052649):32)
at java.util.concurrent.FutureTask.run(FutureTask.java:264)
at ajji.c(:com.google.android.gms@234212044@23.42.12 (190400-574052649):50)
at ajji.run(:com.google.android.gms@234212044@23.42.12 (190400-574052649):76)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:644)
at ajon.run(:com.google.android.gms@234212044@23.42.12 (190400-574052649):8)
at java.lang.Thread.run(Thread.java:1012)
Caused by: javax.crypto.AEADBadTagException
at android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:626)
at javax.crypto.Cipher.doFinal(Cipher.java:2056)
at xfd.e(:com.google.android.gms@234212044@23.42.12 (190400-574052649):43)
at xbv.c(:com.google.android.gms@234212044@23.42.12 (190400-574052649):17)
at xcx.y(:com.google.android.gms@234212044@23.42.12 (190400-574052649):59)
at xcx.g(:com.google.android.gms@234212044@23.42.12 (190400-574052649):143)
at xdg.I(:com.google.android.gms@234212044@23.42.12 (190400-574052649):7)
at xdg.i(:com.google.android.gms@234212044@23.42.12 (190400-574052649):46)
at com.google.android.gms.auth.folsom.service.FolsomGcmTaskChimeraService.hc(:com.google.android.gms@234212044@23.42.12 (190400-574052649):509)
at bfqt.call(:com.google.android.gms@234212044@23.42.12 (190400-574052649):32)
at java.util.concurrent.FutureTask.run(FutureTask.java:264)
at ajji.c(:com.google.android.gms@234212044@23.42.12 (190400-574052649):50)
at ajji.run(:com.google.android.gms@234212044@23.42.12 (190400-574052649):76)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:644)
at ajon.run(:com.google.android.gms@234212044@23.42.12 (190400-574052649):8)
at java.lang.Thread.run(Thread.java:1012)
Caused by: android.security.KeyStoreException: Signature/MAC verification failed (internal Keystore code: -30 message: system/security/keystore2/src/

operation.rs:850: KeystoreOperation::finish

Caused by:
0: system/security/keystore2/src/

operation.rs:426: Finish failed.
1: Error::Km(r#VERIFICATION_FAILED)) (public error code: 10 internal Keystore code: -30)
at android.security.KeyStore2.getKeyStoreException(KeyStore2.java:386)
at android.security.KeyStoreOperation.handleExceptions(KeyStoreOperation.java:78)
at android.security.KeyStoreOperation.finish(KeyStoreOperation.java:128)
at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer$MainDataStream.finish(KeyStoreCryptoOperationChunkedStreamer.java:228)
at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:181)
at android.security.keystore2.AndroidKeyStoreAuthenticatedAESCipherSpi$BufferAllOutputUntilDoFinalStreamer.doFinal(AndroidKeyStoreAuthenticatedAESCipherSpi.java:396)
at android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:618)
... 16 more

```

Comments

bl...@google.com <bl...@google.com> #2Oct 30, 2023 08:13PM

Reassigned to he...@google.com.

Automated by Blunderbuss job android-credential-manager-autoassigner for config android_credman_config for component 1301097.

he...@google.com <he...@google.com> Oct 30, 2023 11:02PM

Reassigned to de...@google.com.

de...@google.com <de...@google.com> #3Oct 30, 2023 11:30PM

The error you posted state "activity is cancelled by the user". This implies the request was cancelled somehow during the request.

Can you grab a bugreport and attach it to this bug?

de...@google.com <de...@google.com> Mar 4, 2024 07:25PM

Reassigned to ep...@google.com.

Issue 308450953

Description

Issue summary

Comments

bl...@google.com <bl...@google.com> #2Oct 30, 2023 08:13PM

he...@google.com <he...@google.com> Oct 30, 2023 11:02PM

de...@google.com <de...@google.com> #3Oct 30, 2023 11:30PM

de...@google.com <de...@google.com> Mar 4, 2024 07:25PM

Add comment

Issue metadata