Inconsistent Keystore Key Generation Failure on Samsung Devices

Mobile
1

Description:
We encountered an issue where the following exception is thrown on some Samsung devices:

Caused by java.security.ProviderException: Keystore key generation failed

Affected Devices:

  • Samsung e3q
  • Samsung dm3q
  • Samsung dm2q

The issue occurs inconsistently and seems to happen randomly. The same code runs successfully on other Android devices.

Steps to Reproduce:

  1. Use the following Kotlin code to generate a key:
val specBuilder: KeyGenParameterSpec.Builder = KeyGenParameterSpec.Builder(
    keyAlias,
    KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT
)
    .setBlockModes(KeyProperties.BLOCK_MODE_GCM)
    .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
    .setRandomizedEncryptionRequired(true)
    .setUserAuthenticationRequired(false)
    .setKeySize(256)

val keyGenerator = KeyGenerator.getInstance(
    KeyProperties.KEY_ALGORITHM_AES,  "AndroidKeyStore"
)
keyGenerator.init(specBuilder.build())
keyGenerator.generateKey()

Expected Behavior: The key should be generated successfully without any exceptions.

Actual Behavior: The key generation fails with the java.security.ProviderException.

1 Like
2

Same issue with Samsung s10 lite (Android version 12)

 Fatal Exception: java.security.ProviderException: Keystore key generation failed
       at android.security.keystore2.AndroidKeyStoreKeyGeneratorSpi.engineGenerateKey(AndroidKeyStoreKeyGeneratorSpi.java:429)
       at javax.crypto.KeyGenerator.generateKey(KeyGenerator.java:612)
       at com.lock.BioHelper.generateSecretKey(BioHelper.kt:88)
       at com.lock.BioHelper.setupBiometric(BioHelper.kt:62)
3

Hello
Please report the issue to the Samsung developer support channel.