Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

java.security.ProviderException: Failed to generate attestation certificate chain. #107

Closed
double2double opened this issue Jul 25, 2021 · 12 comments
Closed

java.security.ProviderException: Failed to generate attestation certificate chain. #107

double2double opened this issue Jul 25, 2021 · 12 comments
Labels
bug Something isn't working upstream

Comments

@double2double
Copy link

I just installed GrapheneOS and tried to verify the installation with the bundelt Auditor app (version 27).
This gave me the following error: java.security.ProviderException: Failed to generate attestation certificate chain.

I tried multiple things already:

  • Re-install the latest public build of google android.
  • Installed CalyxOS.
  • Multiple re-installations of GrapheneOS.

I'm also not able to set up the remote attestation service with this phone.
Below this text, you can find the a part of the log generated by adb. I replaced the attestation_key by XX, because I don't know if I can share this key in public.

Thanks for your response!

07-22 10:20:02.056  1068  1743 I Camera2ClientBase: Closed Camera 0. Client was: app.attestation.auditor (PID 3463, UID 10132)
07-22 10:20:02.056  1068  1743 I Camera3-Device: disconnectImpl: E
07-22 10:20:02.088  3463  3463 D AttestationActivity: onActivityResult 2 -1
07-22 10:20:02.088  3463  3463 D AttestationActivity: received random challenge: 65 binary bytes logged here as base64 (ArKM/Vss0E4xPRKKwFjZ+XtHn9hapb7+hzp0YCIBBXd3sQbGph/nc1JoKMpreZZiFbKnilSk6UJc67Xw4v45jiQ=)
07-22 10:20:02.115  3463  4784 D GenerateAttestationService: intent service started
07-22 10:20:02.117  1193  1193 I keystore: del USRPKEY_fresh_attestation_key 10132
07-22 10:20:02.118  1193  1193 I keystore: del USRSKEY_fresh_attestation_key 10132
07-22 10:20:02.119  1193  1193 I keystore: del USRCERT_fresh_attestation_key 10132
07-22 10:20:02.119  1193  1193 I keystore: del CACERT_fresh_attestation_key 10132
07-22 10:20:02.123  1193  1193 I keystore: del USRPKEY_persistent_attestation_key_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 10132
07-22 10:20:02.123  1193  1193 I keystore: del USRSKEY_persistent_attestation_key_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 10132
07-22 10:20:02.124  1193  1193 I keystore: del USRCERT_persistent_attestation_key_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 10132
07-22 10:20:02.124  1193  1193 I keystore: del CACERT_persistent_attestation_key_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 10132
07-22 10:20:02.126   618   635 D libnos_transport: Calling app 2 with params 0x0000
07-22 10:20:02.128   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:02.145   618   635 I chatty  : uid=1064(hsm) Binder:618_1 identical 3 lines
07-22 10:20:02.151   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:02.160   618   635 D libnos_transport: App 2 inspection status=0x00000000 reply_len=0 protocol=1 flags=0x0000
07-22 10:20:02.161   618   635 D libnos_transport: Send app 2 command data (34 bytes)
07-22 10:20:02.162   618   635 D libnos_transport: Send app 2 go command 0x00020000
07-22 10:20:02.163   618   635 D libnos_transport: Polling app 2
07-22 10:20:02.192   618   635 D libnos_transport: App 2 polled=14 status=0x80000000 reply_len=0 flags=0x0000
07-22 10:20:02.192   618   635 D libnos_transport: App 2 returning 0x0
07-22 10:20:02.193   618   635 D libnos_transport: Calling app 2 with params 0x0001
07-22 10:20:02.195   618   635 D libnos_transport: App 2 inspection status=0x00000000 reply_len=0 protocol=1 flags=0x0000
07-22 10:20:02.196   618   635 D libnos_transport: Send app 2 command data (71 bytes)
07-22 10:20:02.196   618   635 D libnos_transport: Send app 2 go command 0x00020001
07-22 10:20:02.197   618   635 D libnos_transport: Polling app 2
07-22 10:20:02.227   618   635 D libnos_transport: App 2 polled=14 status=0x80000000 reply_len=1671 flags=0x0000
07-22 10:20:02.227   618   635 D libnos_transport: Read app 2 reply data (1671 bytes)
07-22 10:20:02.239   618   635 D libnos_transport: App 2 returning 0x0
07-22 10:20:02.250   618   635 D libnos_transport: Calling app 2 with params 0x0004
07-22 10:20:02.252   618   635 D libnos_transport: App 2 inspection status=0x00000000 reply_len=0 protocol=1 flags=0x0000
07-22 10:20:02.252   618   635 D libnos_transport: Send app 2 command data (1542 bytes)
07-22 10:20:02.263   618   635 D libnos_transport: Send app 2 go command 0x00020004
07-22 10:20:02.263   618   635 D libnos_transport: Polling app 2
07-22 10:20:02.271   618   635 D libnos_transport: App 2 polled=4 status=0x80000000 reply_len=76 flags=0x0000
07-22 10:20:02.272   618   635 D libnos_transport: Read app 2 reply data (76 bytes)
07-22 10:20:02.273   618   635 D libnos_transport: App 2 returning 0x0
07-22 10:20:02.277   618   635 D libnos_transport: Calling app 2 with params 0x0002
07-22 10:20:02.279   618   635 D libnos_transport: App 2 inspection status=0x00000000 reply_len=0 protocol=1 flags=0x0000
07-22 10:20:02.279   618   635 D libnos_transport: Send app 2 command data (1542 bytes)
07-22 10:20:02.290   618   635 D libnos_transport: Send app 2 go command 0x00020002
07-22 10:20:02.291   618   635 D libnos_transport: Polling app 2
07-22 10:20:02.303   618   635 D libnos_transport: App 2 polled=6 status=0x80000000 reply_len=129 flags=0x0000
07-22 10:20:02.303   618   635 D libnos_transport: Read app 2 reply data (129 bytes)
07-22 10:20:02.304   618   635 D libnos_transport: App 2 returning 0x0
07-22 10:20:02.305   622   622 I android.hardware.keymaster@4.1-service.citadel: Batch attestation requested.
07-22 10:20:02.305   618   635 D libnos_transport: Calling app 2 with params 0x0005
07-22 10:20:02.307   618   635 D libnos_transport: App 2 inspection status=0x00000000 reply_len=0 protocol=1 flags=0x0000
07-22 10:20:02.307   618   635 D libnos_transport: Send app 2 command data (1706 bytes)
07-22 10:20:02.319   618   635 D libnos_transport: Send app 2 go command 0x00020005
07-22 10:20:02.319   618   635 D libnos_transport: Polling app 2
07-22 10:20:02.351   618   635 D libnos_transport: App 2 poll=16 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.383   618   635 D libnos_transport: App 2 poll=32 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.415   618   635 D libnos_transport: App 2 poll=48 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.447   618   635 D libnos_transport: App 2 poll=64 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.479   618   635 D libnos_transport: App 2 poll=80 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.511   618   635 D libnos_transport: App 2 poll=96 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.544   618   635 D libnos_transport: App 2 poll=112 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.577   618   635 D libnos_transport: App 2 poll=128 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.596  1094  1182 I ThermalEngine: ACTION: CPU - Setting CPU[6] to 2
07-22 10:20:02.609   618   635 D libnos_transport: App 2 poll=144 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.641   618   635 D libnos_transport: App 2 poll=160 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.673   618   635 D libnos_transport: App 2 poll=176 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.705   618   635 D libnos_transport: App 2 poll=192 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.738   618   635 D libnos_transport: App 2 poll=208 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.770   618   635 D libnos_transport: App 2 poll=224 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.802   618   635 D libnos_transport: App 2 poll=240 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.804   618   633 D libnos_transport: Calling app 0 with params 0x0200
07-22 10:20:02.835   618   635 D libnos_transport: App 2 poll=256 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.837   618   633 D libnos_transport: App 0 inspection status=0x00000000 reply_len=0 protocol=1 flags=0x0000
07-22 10:20:02.837   618   633 D libnos_transport: Send app 0 command data (0 bytes)
07-22 10:20:02.837   618   633 D libnos_transport: Send app 0 go command 0x00000200
07-22 10:20:02.837   618   633 D libnos_transport: Polling app 0
07-22 10:20:02.872   618   633 D libnos_transport: App 0 poll=16 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:02.911   618   633 D libnos_transport: App 0 poll=32 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:03.034   618   633 D libnos_transport: App 0 poll=48 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:03.051   618   635 D libnos_transport: App 2 poll=272 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:03.199   618   633 D libnos_transport: App 0 poll=64 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:03.236   618   635 D libnos_transport: App 2 poll=288 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:03.354   618   633 D libnos_transport: App 0 poll=80 status=0x00000000 reply_len=0 flags=0x0001
07-22 10:20:03.415   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.415   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.421   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.421   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.427   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.429   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.432   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.435   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.438   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.441   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.444   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.447   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.450   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.454   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.457   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.461   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.463   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.466   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.469   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.472   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.475   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.479   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.481   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.485   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.487   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.491   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.493   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.497   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.499   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.504   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.505   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.510   618   633 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.510   618   635 E libnos_datagram: can't send spi message: Try again
07-22 10:20:03.519   618   633 E libnos_transport: App 0 just stopped working
07-22 10:20:03.520   618   633 D libnos_transport: App 0 returning 0x2
07-22 10:20:03.523   618   635 D libnos_transport: App 2 poll=304 status=0x00000000 reply_len=0 flags=0x0000
07-22 10:20:03.523   618   635 E libnos_transport: App 2 just stopped working
07-22 10:20:03.524   618   635 D libnos_transport: App 2 returning 0x2
07-22 10:20:03.525   622   622 E android.hardware.keymaster@4.1-service.citadel: StartAttestKey : request failed with status: APP_ERROR_INTERNAL
07-22 10:20:03.531  1193  1193 I keystore: del USRPKEY_persistent_attestation_key_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 10132
07-22 10:20:03.533  1193  1193 I keystore: del USRCERT_persistent_attestation_key_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 10132
07-22 10:20:03.534  1193  1193 I keystore: del CACERT_persistent_attestation_key_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 10132
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: attestation generation error
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: java.io.IOException: java.security.ProviderException: Failed to generate attestation certificate chain
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: 	at c.a.a.f.g(Unknown Source:16)
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: 	at c.a.a.f.h(:4)
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: 	at app.attestation.auditor.GenerateAttestationService.onHandleIntent(Unknown Source:73)
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: 	at android.app.IntentService$ServiceHandler.handleMessage(IntentService.java:77)
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: 	at android.os.Handler.dispatchMessage(Handler.java:106)
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: 	at android.os.Looper.loop(Looper.java:223)
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: 	at android.os.HandlerThread.run(HandlerThread.java:67)
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: Caused by: java.security.ProviderException: Failed to generate attestation certificate chain
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: 	at android.security.keystore.AndroidKeyStoreKeyPairGeneratorSpi.getAttestationChain(AndroidKeyStoreKeyPairGeneratorSpi.java:611)
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: 	at android.security.keystore.AndroidKeyStoreKeyPairGeneratorSpi.createCertificateChain(AndroidKeyStoreKeyPairGeneratorSpi.java:498)
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: 	at android.security.keystore.AndroidKeyStoreKeyPairGeneratorSpi.generateKeyPair(AndroidKeyStoreKeyPairGeneratorSpi.java:475)
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: 	at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:727)
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: 	at c.a.a.f.g(Unknown Source:9)
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: 	... 6 more
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: Caused by: android.security.KeyStoreException: Unknown error
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: 	at android.security.KeyStore.getKeyStoreException(KeyStore.java:1301)
07-22 10:20:03.536  3463  4784 E GenerateAttestationService: 	... 11 more
07-22 10:20:03.536   618   635 D libnos_transport: Calling app 2 with params 0x0007
07-22 10:20:03.539   618   635 D libnos_transport: App 2 inspection status=0x00000000 reply_len=0 protocol=1 flags=0x0000
07-22 10:20:03.539   618   635 D libnos_transport: Send app 2 command data (1542 bytes)
07-22 10:20:03.541  3463  3463 D AttestationActivity: onActivityResult 0 0
@thestinger
Copy link
Member

It appears to be a genuine failure by the hardware. Did you have Android 12 installed? It's known to cause issues by updating the Titan M firmware to a newer version which cannot be downgraded. You likely won't be able to have various features tied to it working until Android 12 in that case.

@thestinger thestinger added bug Something isn't working upstream labels Jul 25, 2021
@thestinger
Copy link
Member

i.e. pretty sure this is essentially a bug in Android 12: they didn't properly support downgrading

@double2double
Copy link
Author

I got the phone refurbished. So I have no idea about the prior software. For now I'll try to update to the latest android 12 beta 3. Afterwards I'll try to install GOS again. Thanks for your response.

@thestinger
Copy link
Member

Try verifying with Auditor on the Android 12 Beta. It will probably work. Once you go back to either Android 11 (stock) or GrapheneOS, it will presumably be broken again.

@double2double
Copy link
Author

I just installed the latest android release (12 beta 3) but the same error persists.
Below you can find the relevant debug information

07-27 11:19:12.228  1761  2218 W InputManager-JNI: Input channel object '3b3d2ab app.attestation.auditor/app.attestation.auditor.QRScannerActivity (client)' was disposed without first being removed with the input manager!
07-27 11:19:13.288   690   721 E keystore2:     0: While generating Key without explicit attestation key.
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: attestation generation error
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: java.io.IOException: java.security.ProviderException: Failed to generate key pair.
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at c.a.a.f.g(Unknown Source:16)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at c.a.a.f.h(:4)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at app.attestation.auditor.GenerateAttestationService.onHandleIntent(Unknown Source:73)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at android.app.IntentService$ServiceHandler.handleMessage(IntentService.java:78)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at android.os.Handler.dispatchMessage(Handler.java:106)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at android.os.Looper.loopOnce(Looper.java:201)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at android.os.Looper.loop(Looper.java:288)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at android.os.HandlerThread.run(HandlerThread.java:67)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: Caused by: java.security.ProviderException: Failed to generate key pair.
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at android.security.keystore2.AndroidKeyStoreKeyPairGeneratorSpi.generateKeyPairHelper(AndroidKeyStoreKeyPairGeneratorSpi.java:601)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at android.security.keystore2.AndroidKeyStoreKeyPairGeneratorSpi.generateKeyPair(AndroidKeyStoreKeyPairGeneratorSpi.java:526)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:727)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at c.a.a.f.g(Unknown Source:9)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	... 7 more
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: Caused by: android.security.KeyStoreException: Unknown error
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at android.security.KeyStore2.getKeyStoreException(KeyStore2.java:356)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at android.security.KeyStoreSecurityLevel.handleExceptions(KeyStoreSecurityLevel.java:57)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at android.security.KeyStoreSecurityLevel.generateKey(KeyStoreSecurityLevel.java:145)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	at android.security.keystore2.AndroidKeyStoreKeyPairGeneratorSpi.generateKeyPairHelper(AndroidKeyStoreKeyPairGeneratorSpi.java:568)
07-27 11:19:13.294 19691 19776 E GenerateAttestationService: 	... 10 more
07-27 11:19:13.298 19691 19691 D AttestationActivity: onActivityResult 0 0

This log differs from the log on the latest GOS. The line "E keystore2: 0: While generating Key without explicit attestation key." may suggest that I don't have a valid key stored in the Titan ship? I have now idea how these kind of things are implemented.
Can it be that this phone was repaired once, and some components are not compatible with each other?

@enterth
Copy link

enterth commented Aug 19, 2021

Same Issue Here with a second hand phone. Did you figure it out ? @double2double

@double2double
Copy link
Author

Hi @enterth I was not able to fix this yet. For now, I have updated the phone to android 12 beta, but the error persists. Maybe the phone has been serviced with non official parts? I don't however have any idea how/if this could affect the attestation.
Any help is still welcome.

@thestinger
Copy link
Member

Have you tried verifying it locked with Android 12 Beta?

@double2double
Copy link
Author

I just checked the bootloader in Fastboot Mode. Fastboot reports that the bootloader is locked (green text).
If I compare two devices, one with a working attestation, and one without, I can spot some differences on the fastboot screen:

  • Bootloader version is different (one devices has been updated to android 12 beta)
  • Baseband version
  • Serial number
  • EMMC (on the non-working phone this reports 64GB Micron, on the working phone this reports 64GB SKHynix)
  • Boot-slot (this is just a coincidence)

@thestinger
Copy link
Member

Bootloader version is different

This should get downgraded back to the older version when you move back to Android 11. It likely won't work properly if you have a mix of Android 11 and Android 12 firmware.

@enterth
Copy link

enterth commented Aug 20, 2021

@double2double "I got the phone refurbished" this is what makes me think that the hardware is questionable.

I also bought a refurbished phone (from Asia). I highly suspect that some parts have been changed and this is the reason why I'm unable to communicate with key storage.

I was thinking that maybe the motherboard has been changed and maybe keys inside titan chips are simply not created because this is probably done when the phone goes out from the Google factory.

I have tested auditor app on 2 other Google pixel 3a / 3a XL and there are no errors.

I'm really surprised that a Pixel Phone without those keys still able to boot up and show no errors.

I have sent back the phone and I'll buy another pixel 3a.

@iNorman77
Copy link

iNorman77 commented Aug 20, 2021 via email

@1fexd 1fexd mentioned this issue Aug 9, 2022
Closed
@GrapheneOS GrapheneOS deleted a comment from 1fexd Aug 9, 2022
@GrapheneOS GrapheneOS deleted a comment Aug 9, 2022
@GrapheneOS GrapheneOS deleted a comment from 1fexd Aug 9, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working upstream
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@thestinger @double2double @enterth @iNorman77