Stack Overflow
Stack Overflow

Questions tagged [android-keystore]

The Android system requires that all installed applications be digitally signed with a certificate whose private key is held by the application's developer. "Android keystore" may also refer to Android Keystore System, introduced in API level 18, which allows storing cryptographic keys securely within an app.

Android requires that all apps be digitally signed with a certificate before they can be installed. Android uses this certificate to identify the author of an app, and the certificate does not need to be signed by a certificate authority. Android apps often use self-signed certificates. The app developer holds the certificate's private key.

"Android keystore" may also refer to Android Keystore System, introduced in API level 18, which allows storing cryptographic keys securely within an app.

Useful links

882 questions
20
votes
1 answer

UnrecoverableKeyException Failed to obtain information about private key, KeyStoreException: Invalid key blob

In our app we've been having issues with data in the Android Keystore suddenly becoming inaccessible. The specific exception we're seeing is here: java.security.UnrecoverableKeyException: Failed to obtain information about private key at…
jinaud
  • 211
  • 1
  • 5
20
votes
3 answers

Android Key Store - Name of Organizational Unit

I have developed a nice Android application with PhoneGap build. But now I am unable to upload it to google playstore for signing issue. After playing with Google, I got a way to sign it using keystore tool. Everything is fine. But it is asking…
Md Abeer Hussain
  • 351
  • 1
  • 2
  • 10
20
votes
4 answers

Signing apk with .p12

I am going to update my client's app which is available on Google PlayStore. And I have only a .p12 file with password, not .keystore file. I am wondering if it's possible to publish the updated version to Google PlayStore. Sorry for basic question.…
Joey
  • 2,774
  • 2
  • 25
  • 32
19
votes
2 answers

KeyStoreException: Signature/MAC verification failed when trying to decrypt

I am trying to create a simple Kotlin object that wraps access to the app's shared preferences, by encrypting content before saving it. Encrypting seems to work OK, but when I try to decrypt, I get an javax.crypto.AEADBadTagException, which triggers…
Thomas Debouverie
  • 213
  • 2
  • 5
19
votes
0 answers

AndroidKeyStore KeyPairGenerator Crashes On Small Number of Devices

My application only targets Android 6.0+. In my application I generate a RSA key in the AndroidKeyStore with the following: KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore"); kpg.initialize(new…
kspearrin
  • 8,280
  • 9
  • 41
  • 68
19
votes
5 answers

How to set a custom keystore for debugging in eclipse for android

I have a custom keystore that I use for signing my apk. now I want to use the same keystore for debugging. when I go to eclipse->windows->preferences->android->build and set my custom key store I get "Keystore was tampered with, or password was…
user2234091
  • 193
  • 1
  • 1
  • 4
18
votes
6 answers

A problem occurred evaluating project ':app'. > path may not be null or empty string. path='null'

Iam facing error while iam trying to run flutter. D:\fluttapp\testbuild>flutter run Launching lib/main.dart on Google Pixel 2 XL in debug mode... Initializing gradle... 2.1s Resolving dependencies... * Error…
Bhanu Prakash Reddy
  • 181
  • 1
  • 1
  • 4
18
votes
1 answer

How do I generate a "Keystore" for Google Play?

I am trying to figure out the Byzantine process for uploading an app to Google Play. I'm using Phonegap's Applaud system for generating my app, and in order for me to create a "release build", I need to have generated a "Keystore". However, when I…
Questioner
  • 6,379
  • 15
  • 51
  • 87
17
votes
9 answers

Error after Fingerprint touched on Samsung phones: android.security.KeyStoreException: Key user not authenticated

My app uses Android 6.0 Fingerprint API to protect AES key in the Android KeyStore. The stored key can be used only when user is authenticated by fingerprint sensor because the KeyGenParameterSpec is initialized with…
petrsyn
  • 4,678
  • 3
  • 38
  • 47
17
votes
2 answers

"ERROR: Cannot recover key" When Exporting Signed Android App with Existing Keystore

I have an existing keystore with a password and a few keys with different passwords inside for the different apps I have exported and uploaded to Google Play. Now I have recently imported one of the app's projects, did some significant modifications…
Dzhuneyt
  • 7,039
  • 11
  • 56
  • 108
15
votes
1 answer

Possible Benefit to Signing Different Android Apps With Different Keystore/Alias

First Question I understand the benefits of signing all your Android apps with the same key - data sharing, etc. - and the fact that this is recommended by Google. My thought is that there may be one big reason for it to be advantageous to sign each…
Absurd Ninja
  • 153
  • 7
14
votes
0 answers

Android 10 android.security.keymaster.ExportResult.resultCode NullPointerException crash

My app is getting single crashes reports from Android 10 users only. This is the stacktrace: Fatal Exception: java.lang.NullPointerException: Attempt to read from field 'int android.security.keymaster.ExportResult.resultCode' on a null object…
Grabiarz
  • 141
  • 5
14
votes
3 answers

What Is the Difference Between isInsideSecureHardware() and isUserAuthenticationRequirementEnforcedBySecureHardware()?

Android 6.0+ has a KeyInfo class to get info on a key saved in the AndroidKeyStore. On the KeyInfo class, we have isInsideSecureHardware() and isUserAuthenticationRequirementEnforcedBySecureHardware() methods. We also have…
CommonsWare
  • 910,778
  • 176
  • 2,215
  • 2,253
14
votes
2 answers

Usage of software/hardware-backed Android Keystore and possible security/usability drawbacks

I'm currently looking at the possibilities of storing/using secrets keys in an Android application. I've found Nikolay Elenkov's blog very helpful regarding this topic and I've learnt a lot of things about the Android keystore and some…
sgable
  • 311
  • 2
  • 8
13
votes
1 answer

Android KeyStoreException Unknown Error

I am trying to decrypt encrypted text after the user is authenticated by the Android M Fingerprint API. I have been mostly trying to follow the Android Security samples, and the examples provided in the KeyGenParameterSpec documentation. I have been…
Bryan
  • 13,244
  • 9
  • 62
  • 114
1 2
3
58 59