Android P - KeyStore exception android.os.ServiceSpecificException










12















If I run this code on Android P, I receive the follow exception:



private static KeyStore.PrivateKeyEntry getPrivateKeyEntry(String alias) 
try
KeyStore ks = KeyStore
.getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
ks.load(null);
KeyStore.Entry entry = ks.getEntry(alias, null);

if (entry == null)
Log.w(TAG, "No key found under alias: " + alias);
Log.w(TAG, "Exiting signData()...");
return null;


if (!(entry instanceof KeyStore.PrivateKeyEntry))
Log.w(TAG, "Not an instance of a PrivateKeyEntry");
Log.w(TAG, "Exiting signData()...");
return null;

return (KeyStore.PrivateKeyEntry) entry;
catch (Exception e)
Log.e(TAG, e.getMessage(), e);
return null;




Exception:




KeyStore exception
android.os.ServiceSpecificException: (code 7)
at android.os.Parcel.createException(Parcel.java:1956)
at android.os.Parcel.readException(Parcel.java:1910)
at android.os.Parcel.readException(Parcel.java:1860)
at android.security.IKeystoreService$Stub$Proxy.get(IKeystoreService.java:786)
at android.security.KeyStore.get(KeyStore.java:195)
at android.security.keystore.AndroidKeyStoreSpi.engineGetCertificateChain(AndroidKeyStoreSpi.java:118)
at java.security.KeyStoreSpi.engineGetEntry(KeyStoreSpi.java:484)
at java.security.KeyStore.getEntry(KeyStore.java:1560)
at com.phenodev.testenc.KeyStoreHelper.getPrivateKeyEntry(KeyStoreHelper.java:151)
at com.phenodev.testenc.KeyStoreHelper.encrypt(KeyStoreHelper.java:173)
at com.phenodev.testenc.KeyStoreEncryptor.encrypt(KeyStoreEncryptor.java:19)




Please help to fix it.










share|improve this question






















  • i have the same problem :-(

    – UKoehler
    Sep 6 '18 at 12:53















12















If I run this code on Android P, I receive the follow exception:



private static KeyStore.PrivateKeyEntry getPrivateKeyEntry(String alias) 
try
KeyStore ks = KeyStore
.getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
ks.load(null);
KeyStore.Entry entry = ks.getEntry(alias, null);

if (entry == null)
Log.w(TAG, "No key found under alias: " + alias);
Log.w(TAG, "Exiting signData()...");
return null;


if (!(entry instanceof KeyStore.PrivateKeyEntry))
Log.w(TAG, "Not an instance of a PrivateKeyEntry");
Log.w(TAG, "Exiting signData()...");
return null;

return (KeyStore.PrivateKeyEntry) entry;
catch (Exception e)
Log.e(TAG, e.getMessage(), e);
return null;




Exception:




KeyStore exception
android.os.ServiceSpecificException: (code 7)
at android.os.Parcel.createException(Parcel.java:1956)
at android.os.Parcel.readException(Parcel.java:1910)
at android.os.Parcel.readException(Parcel.java:1860)
at android.security.IKeystoreService$Stub$Proxy.get(IKeystoreService.java:786)
at android.security.KeyStore.get(KeyStore.java:195)
at android.security.keystore.AndroidKeyStoreSpi.engineGetCertificateChain(AndroidKeyStoreSpi.java:118)
at java.security.KeyStoreSpi.engineGetEntry(KeyStoreSpi.java:484)
at java.security.KeyStore.getEntry(KeyStore.java:1560)
at com.phenodev.testenc.KeyStoreHelper.getPrivateKeyEntry(KeyStoreHelper.java:151)
at com.phenodev.testenc.KeyStoreHelper.encrypt(KeyStoreHelper.java:173)
at com.phenodev.testenc.KeyStoreEncryptor.encrypt(KeyStoreEncryptor.java:19)




Please help to fix it.










share|improve this question






















  • i have the same problem :-(

    – UKoehler
    Sep 6 '18 at 12:53













12












12








12


5






If I run this code on Android P, I receive the follow exception:



private static KeyStore.PrivateKeyEntry getPrivateKeyEntry(String alias) 
try
KeyStore ks = KeyStore
.getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
ks.load(null);
KeyStore.Entry entry = ks.getEntry(alias, null);

if (entry == null)
Log.w(TAG, "No key found under alias: " + alias);
Log.w(TAG, "Exiting signData()...");
return null;


if (!(entry instanceof KeyStore.PrivateKeyEntry))
Log.w(TAG, "Not an instance of a PrivateKeyEntry");
Log.w(TAG, "Exiting signData()...");
return null;

return (KeyStore.PrivateKeyEntry) entry;
catch (Exception e)
Log.e(TAG, e.getMessage(), e);
return null;




Exception:




KeyStore exception
android.os.ServiceSpecificException: (code 7)
at android.os.Parcel.createException(Parcel.java:1956)
at android.os.Parcel.readException(Parcel.java:1910)
at android.os.Parcel.readException(Parcel.java:1860)
at android.security.IKeystoreService$Stub$Proxy.get(IKeystoreService.java:786)
at android.security.KeyStore.get(KeyStore.java:195)
at android.security.keystore.AndroidKeyStoreSpi.engineGetCertificateChain(AndroidKeyStoreSpi.java:118)
at java.security.KeyStoreSpi.engineGetEntry(KeyStoreSpi.java:484)
at java.security.KeyStore.getEntry(KeyStore.java:1560)
at com.phenodev.testenc.KeyStoreHelper.getPrivateKeyEntry(KeyStoreHelper.java:151)
at com.phenodev.testenc.KeyStoreHelper.encrypt(KeyStoreHelper.java:173)
at com.phenodev.testenc.KeyStoreEncryptor.encrypt(KeyStoreEncryptor.java:19)




Please help to fix it.










share|improve this question














If I run this code on Android P, I receive the follow exception:



private static KeyStore.PrivateKeyEntry getPrivateKeyEntry(String alias) 
try
KeyStore ks = KeyStore
.getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
ks.load(null);
KeyStore.Entry entry = ks.getEntry(alias, null);

if (entry == null)
Log.w(TAG, "No key found under alias: " + alias);
Log.w(TAG, "Exiting signData()...");
return null;


if (!(entry instanceof KeyStore.PrivateKeyEntry))
Log.w(TAG, "Not an instance of a PrivateKeyEntry");
Log.w(TAG, "Exiting signData()...");
return null;

return (KeyStore.PrivateKeyEntry) entry;
catch (Exception e)
Log.e(TAG, e.getMessage(), e);
return null;




Exception:




KeyStore exception
android.os.ServiceSpecificException: (code 7)
at android.os.Parcel.createException(Parcel.java:1956)
at android.os.Parcel.readException(Parcel.java:1910)
at android.os.Parcel.readException(Parcel.java:1860)
at android.security.IKeystoreService$Stub$Proxy.get(IKeystoreService.java:786)
at android.security.KeyStore.get(KeyStore.java:195)
at android.security.keystore.AndroidKeyStoreSpi.engineGetCertificateChain(AndroidKeyStoreSpi.java:118)
at java.security.KeyStoreSpi.engineGetEntry(KeyStoreSpi.java:484)
at java.security.KeyStore.getEntry(KeyStore.java:1560)
at com.phenodev.testenc.KeyStoreHelper.getPrivateKeyEntry(KeyStoreHelper.java:151)
at com.phenodev.testenc.KeyStoreHelper.encrypt(KeyStoreHelper.java:173)
at com.phenodev.testenc.KeyStoreEncryptor.encrypt(KeyStoreEncryptor.java:19)




Please help to fix it.







java android keystore android-keystore






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Aug 26 '18 at 9:01









phnmnnphnmnn

3,65942534




3,65942534












  • i have the same problem :-(

    – UKoehler
    Sep 6 '18 at 12:53

















  • i have the same problem :-(

    – UKoehler
    Sep 6 '18 at 12:53
















i have the same problem :-(

– UKoehler
Sep 6 '18 at 12:53





i have the same problem :-(

– UKoehler
Sep 6 '18 at 12:53












2 Answers
2






active

oldest

votes


















22














Finally I found a solution. It looks like since Android P (KeyStore.PrivateKeyEntry) keyStore.getEntry("alias", null) is not a proper way to get private key.



I was able to get rid of this warning by accessing private/public key this way



KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
keyStore.load(null);

PrivateKey privateKey = (PrivateKey) keyStore.getKey("alias", null);
PublicKey publicKey = keyStore.getCertificate("alias").getPublicKey();





share|improve this answer

























  • Thanks! Using the getKey() and getCertificate() methods instead of getEntry() indeed solved the problem.

    – mreichelt
    Sep 13 '18 at 16:22











  • Although I'm currently extracting the keys this way, in an emulator with API 29 I'm still receiving the warning the first time I try to get the key (only the first time). If I kill the process and start the app again, the warning is gone.

    – giroxiii
    Nov 12 '18 at 19:20












  • And just for clarity, I tested it on API level 21 (to see if we need to use different logic conditional on the API version), but it seems to work fine there as well.

    – wildcat12
    Jan 8 at 16:03


















0














In my case, the warning was still there even getting the keys as the accepted solution, but only when the key did not yet exist.



The warning comes from the getCertificate call, so, to avoid it:



KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
keyStore.load(null);

PrivateKey privateKey = (PrivateKey) keyStore.getKey("alias", null);
PublicKey publicKey = privateKey != null ? keyStore.getCertificate("alias").getPublicKey() : null;





share|improve this answer






















    Your Answer






    StackExchange.ifUsing("editor", function ()
    StackExchange.using("externalEditor", function ()
    StackExchange.using("snippets", function ()
    StackExchange.snippets.init();
    );
    );
    , "code-snippets");

    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "1"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f52024752%2fandroid-p-keystore-exception-android-os-servicespecificexception%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    22














    Finally I found a solution. It looks like since Android P (KeyStore.PrivateKeyEntry) keyStore.getEntry("alias", null) is not a proper way to get private key.



    I was able to get rid of this warning by accessing private/public key this way



    KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
    keyStore.load(null);

    PrivateKey privateKey = (PrivateKey) keyStore.getKey("alias", null);
    PublicKey publicKey = keyStore.getCertificate("alias").getPublicKey();





    share|improve this answer

























    • Thanks! Using the getKey() and getCertificate() methods instead of getEntry() indeed solved the problem.

      – mreichelt
      Sep 13 '18 at 16:22











    • Although I'm currently extracting the keys this way, in an emulator with API 29 I'm still receiving the warning the first time I try to get the key (only the first time). If I kill the process and start the app again, the warning is gone.

      – giroxiii
      Nov 12 '18 at 19:20












    • And just for clarity, I tested it on API level 21 (to see if we need to use different logic conditional on the API version), but it seems to work fine there as well.

      – wildcat12
      Jan 8 at 16:03















    22














    Finally I found a solution. It looks like since Android P (KeyStore.PrivateKeyEntry) keyStore.getEntry("alias", null) is not a proper way to get private key.



    I was able to get rid of this warning by accessing private/public key this way



    KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
    keyStore.load(null);

    PrivateKey privateKey = (PrivateKey) keyStore.getKey("alias", null);
    PublicKey publicKey = keyStore.getCertificate("alias").getPublicKey();





    share|improve this answer

























    • Thanks! Using the getKey() and getCertificate() methods instead of getEntry() indeed solved the problem.

      – mreichelt
      Sep 13 '18 at 16:22











    • Although I'm currently extracting the keys this way, in an emulator with API 29 I'm still receiving the warning the first time I try to get the key (only the first time). If I kill the process and start the app again, the warning is gone.

      – giroxiii
      Nov 12 '18 at 19:20












    • And just for clarity, I tested it on API level 21 (to see if we need to use different logic conditional on the API version), but it seems to work fine there as well.

      – wildcat12
      Jan 8 at 16:03













    22












    22








    22







    Finally I found a solution. It looks like since Android P (KeyStore.PrivateKeyEntry) keyStore.getEntry("alias", null) is not a proper way to get private key.



    I was able to get rid of this warning by accessing private/public key this way



    KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
    keyStore.load(null);

    PrivateKey privateKey = (PrivateKey) keyStore.getKey("alias", null);
    PublicKey publicKey = keyStore.getCertificate("alias").getPublicKey();





    share|improve this answer















    Finally I found a solution. It looks like since Android P (KeyStore.PrivateKeyEntry) keyStore.getEntry("alias", null) is not a proper way to get private key.



    I was able to get rid of this warning by accessing private/public key this way



    KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
    keyStore.load(null);

    PrivateKey privateKey = (PrivateKey) keyStore.getKey("alias", null);
    PublicKey publicKey = keyStore.getCertificate("alias").getPublicKey();






    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited Sep 12 '18 at 19:02

























    answered Sep 12 '18 at 12:42









    Dr GlassDr Glass

    1,02811434




    1,02811434












    • Thanks! Using the getKey() and getCertificate() methods instead of getEntry() indeed solved the problem.

      – mreichelt
      Sep 13 '18 at 16:22











    • Although I'm currently extracting the keys this way, in an emulator with API 29 I'm still receiving the warning the first time I try to get the key (only the first time). If I kill the process and start the app again, the warning is gone.

      – giroxiii
      Nov 12 '18 at 19:20












    • And just for clarity, I tested it on API level 21 (to see if we need to use different logic conditional on the API version), but it seems to work fine there as well.

      – wildcat12
      Jan 8 at 16:03

















    • Thanks! Using the getKey() and getCertificate() methods instead of getEntry() indeed solved the problem.

      – mreichelt
      Sep 13 '18 at 16:22











    • Although I'm currently extracting the keys this way, in an emulator with API 29 I'm still receiving the warning the first time I try to get the key (only the first time). If I kill the process and start the app again, the warning is gone.

      – giroxiii
      Nov 12 '18 at 19:20












    • And just for clarity, I tested it on API level 21 (to see if we need to use different logic conditional on the API version), but it seems to work fine there as well.

      – wildcat12
      Jan 8 at 16:03
















    Thanks! Using the getKey() and getCertificate() methods instead of getEntry() indeed solved the problem.

    – mreichelt
    Sep 13 '18 at 16:22





    Thanks! Using the getKey() and getCertificate() methods instead of getEntry() indeed solved the problem.

    – mreichelt
    Sep 13 '18 at 16:22













    Although I'm currently extracting the keys this way, in an emulator with API 29 I'm still receiving the warning the first time I try to get the key (only the first time). If I kill the process and start the app again, the warning is gone.

    – giroxiii
    Nov 12 '18 at 19:20






    Although I'm currently extracting the keys this way, in an emulator with API 29 I'm still receiving the warning the first time I try to get the key (only the first time). If I kill the process and start the app again, the warning is gone.

    – giroxiii
    Nov 12 '18 at 19:20














    And just for clarity, I tested it on API level 21 (to see if we need to use different logic conditional on the API version), but it seems to work fine there as well.

    – wildcat12
    Jan 8 at 16:03





    And just for clarity, I tested it on API level 21 (to see if we need to use different logic conditional on the API version), but it seems to work fine there as well.

    – wildcat12
    Jan 8 at 16:03













    0














    In my case, the warning was still there even getting the keys as the accepted solution, but only when the key did not yet exist.



    The warning comes from the getCertificate call, so, to avoid it:



    KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
    keyStore.load(null);

    PrivateKey privateKey = (PrivateKey) keyStore.getKey("alias", null);
    PublicKey publicKey = privateKey != null ? keyStore.getCertificate("alias").getPublicKey() : null;





    share|improve this answer



























      0














      In my case, the warning was still there even getting the keys as the accepted solution, but only when the key did not yet exist.



      The warning comes from the getCertificate call, so, to avoid it:



      KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
      keyStore.load(null);

      PrivateKey privateKey = (PrivateKey) keyStore.getKey("alias", null);
      PublicKey publicKey = privateKey != null ? keyStore.getCertificate("alias").getPublicKey() : null;





      share|improve this answer

























        0












        0








        0







        In my case, the warning was still there even getting the keys as the accepted solution, but only when the key did not yet exist.



        The warning comes from the getCertificate call, so, to avoid it:



        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);

        PrivateKey privateKey = (PrivateKey) keyStore.getKey("alias", null);
        PublicKey publicKey = privateKey != null ? keyStore.getCertificate("alias").getPublicKey() : null;





        share|improve this answer













        In my case, the warning was still there even getting the keys as the accepted solution, but only when the key did not yet exist.



        The warning comes from the getCertificate call, so, to avoid it:



        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);

        PrivateKey privateKey = (PrivateKey) keyStore.getKey("alias", null);
        PublicKey publicKey = privateKey != null ? keyStore.getCertificate("alias").getPublicKey() : null;






        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 13 '18 at 18:08









        giroxiiigiroxiii

        300110




        300110



























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f52024752%2fandroid-p-keystore-exception-android-os-servicespecificexception%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            這個網誌中的熱門文章

            How to read a connectionString WITH PROVIDER in .NET Core?

            Node.js Script on GitHub Pages or Amazon S3

            Museum of Modern and Contemporary Art of Trento and Rovereto