android.security.KeyStoreException: Invalid operation handle

[DenBond7]

[STACK_TRACE]
com.flowcrypt.email.util.exception.ManualHandledException: Handled manually:
        at com.flowcrypt.email.util.exception.ExceptionUtil.handleError(ExceptionUtil.java:88)
        at com.flowcrypt.email.security.SecurityStorageConnector.init(SecurityStorageConnector.java:106)
        at com.flowcrypt.email.security.SecurityStorageConnector.<init>(SecurityStorageConnector.java:36)
        at com.flowcrypt.email.js.JsInBackgroundManager$JsRunnable.run(JsInBackgroundManager.java:190)
        at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:423)
        at java.util.concurrent.FutureTask.run(FutureTask.java:237)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588)
        at java.lang.Thread.run(Thread.java:818)
Caused by: javax.crypto.IllegalBlockSizeException
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:486)
        at javax.crypto.Cipher.doFinal(Cipher.java:1502)
        at com.flowcrypt.email.security.KeyStoreCryptoManager.decryptWithRSA(KeyStoreCryptoManager.java:253)
        at com.flowcrypt.email.security.KeyStoreCryptoManager.initAesSecretKeySpec(KeyStoreCryptoManager.java:271)
        at com.flowcrypt.email.security.KeyStoreCryptoManager.<init>(KeyStoreCryptoManager.java:100)
        at com.flowcrypt.email.security.SecurityUtils.getPrivateKeysInfo(SecurityUtils.java:40)
        at com.flowcrypt.email.security.SecurityStorageConnector.init(SecurityStorageConnector.java:99)
        ... 7 more
Caused by: android.security.KeyStoreException: Invalid operation handle
        at android.security.KeyStore.getKeyStoreException(KeyStore.java:665)
        at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.update(KeyStoreCryptoOperationChunkedStreamer.java:132)
        at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:217)
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:473)
        ... 13 more
javax.crypto.IllegalBlockSizeException
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:486)
        at javax.crypto.Cipher.doFinal(Cipher.java:1502)
        at com.flowcrypt.email.security.KeyStoreCryptoManager.decryptWithRSA(KeyStoreCryptoManager.java:253)
        at com.flowcrypt.email.security.KeyStoreCryptoManager.initAesSecretKeySpec(KeyStoreCryptoManager.java:271)
        at com.flowcrypt.email.security.KeyStoreCryptoManager.<init>(KeyStoreCryptoManager.java:100)
        at com.flowcrypt.email.security.SecurityUtils.getPrivateKeysInfo(SecurityUtils.java:40)
        at com.flowcrypt.email.security.SecurityStorageConnector.init(SecurityStorageConnector.java:99)
        at com.flowcrypt.email.security.SecurityStorageConnector.<init>(SecurityStorageConnector.java:36)
        at com.flowcrypt.email.js.JsInBackgroundManager$JsRunnable.run(JsInBackgroundManager.java:190)
        at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:423)
        at java.util.concurrent.FutureTask.run(FutureTask.java:237)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588)
        at java.lang.Thread.run(Thread.java:818)
Caused by: android.security.KeyStoreException: Invalid operation handle
        at android.security.KeyStore.getKeyStoreException(KeyStore.java:665)
        at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.update(KeyStoreCryptoOperationChunkedStreamer.java:132)
        at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:217)
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:473)
        ... 13 more
android.security.KeyStoreException: Invalid operation handle
        at android.security.KeyStore.getKeyStoreException(KeyStore.java:665)
        at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.update(KeyStoreCryptoOperationChunkedStreamer.java:132)
        at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:217)
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:473)
        at javax.crypto.Cipher.doFinal(Cipher.java:1502)
        at com.flowcrypt.email.security.KeyStoreCryptoManager.decryptWithRSA(KeyStoreCryptoManager.java:253)
        at com.flowcrypt.email.security.KeyStoreCryptoManager.initAesSecretKeySpec(KeyStoreCryptoManager.java:271)
        at com.flowcrypt.email.security.KeyStoreCryptoManager.<init>(KeyStoreCryptoManager.java:100)
        at com.flowcrypt.email.security.SecurityUtils.getPrivateKeysInfo(SecurityUtils.java:40)
        at com.flowcrypt.email.security.SecurityStorageConnector.init(SecurityStorageConnector.java:99)
        at com.flowcrypt.email.security.SecurityStorageConnector.<init>(SecurityStorageConnector.java:36)
        at com.flowcrypt.email.js.JsInBackgroundManager$JsRunnable.run(JsInBackgroundManager.java:190)
        at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:423)
        at java.util.concurrent.FutureTask.run(FutureTask.java:237)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588)
        at java.lang.Thread.run(Thread.java:818)

[DenBond7]

ref https://mail.google.com/mail/u/0/#inbox/16292fdf4e865eef

[DenBond7]

It looks like a platform bug. I'm closing it.
https://stackoverflow.com/questions/39859579/how-come-i-cannot-perform-multiple-keystore-cipher-decryptions-on-samsung-s6-and

I have not found "Invalid operation handle" in the source code.

https://github.com/aosp-mirror/platform_frameworks_base/blob/bde42b56b84fb2f184f83f2a00fb00a1bd4db22e/keystore/java/android/security/KeyStore.java#L600

[DenBond7]

https://mail.google.com/mail/u/0/#search/label%3Awork-flowcrypt-crashes+label%3Aunread+IllegalBlockSizeException/FMfcgxwBVqQBGhtqlVLJgJffStXngvKp

Huawei Mate 20

[DenBond7]

https://mail.google.com/mail/u/0/#search/label%3Awork-flowcrypt-crashes+label%3Aunread+IllegalBlockSizeException/FMfcgxwBVgsZwbdnLZbNPljLLFFmVPlZ
Samsung Galaxy S7(SM-G935F)

[f4grx]

Hello,

In my app, the combo "IllegalBlockSizeException" caused by "android.security.KeyStoreException: Invalid operation handle" happens because the Cipher classes used with Keystore keys are not thread safe.

-Synchronizing only calls to doFinal() did not help
-Synchronizing the whole cipher operation, from Cipher.getInstance() to doFinal worked.

[DenBond7]

Hello @f4grx
Could you provide more details?

1. Android version

2. Device model

3. Is that a custom ROM?

[f4grx]

I tested on 3 of my phones:
Galaxy Note 2 (SVH-E250S) with lineage os 14, so yes, custom, android is 7.1.2
Pixel 2 with android 9
Galaxy S4 Mini with kitkat

So it may be quite common. I did not test other phones but I am reasonably sure most of them have the same issues.

[tomholub]

@DenBond7 I think @f4grx was trying to say that as an Android developer he encountered the same issue when developing his own app too.

And the solution was to synchronize the whole cipher operation, from Cipher.getInstance() to doFinal to be done on a single thread.

[DenBond7]

I think @f4grx was trying to say that as an Android developer he encountered the same issue when developing his own app too.

@tomholub I understood it. I just need more details. Info about devices is very useful.
For example, here @Unlimity says that Samsung's Cipher maybe is not thread-safe.

[f4grx]

Yes, this is the page that gave me the idea of Cipher synchronization.

But who really provides this implementation? Is it really Samsung? I may have seen mentions of BouncyCastle. The Pixel2 is made by HTC and lineage possibly don't use any Samsung code.

[DenBond7]

@f4grx

lineage possibly don't use any Samsung code.

We have one more issue like this. Some devices with LineageOS have a problem with encryption/decryption.

Unfortunately, I don't have any devices with LineageOS yet. But I have Nexus 4(I know it's an old device :)) and I'm going to install LineageOS. Then I'll be able to test the app.

[DenBond7]

@f4grx @tomholub

But I have Nexus 4(I know it's an old device :)) and I'm going to install LineageOS. Then I'll be able to test the app.

I've tested the app on different versions of LineageOs. Unfortunately, I've received no errors. The app works well. So I still can't reproduce such errors.

I've made the decryption block as synchronized. I hope these changes will solve the problem (or give me more details)