Seen "android.security.KeyStoreException: Invalid user authentication validity duration" during testing on Nexus 6p #5
Comments
Couldn't reproduce this on the nexus 5 on Android 6.0 with pin based authentication (unlike the fingerprint based auth I was trying on the nexus 6p. |
This is still reproducible on a Nexus 6P running Android 7.0. The crash happens in all my apps which use the KeyStore provider 😞 |
On MiA1 running Android O, the request key guard action, runs in a loop and is not able to confirm credential. tryEncrypt() always fails with UserNotAuthenticatedException. |
Hey @Gopinathp , I am facing the same issue. Were you able to fix it somehow? |
Unfortunately the Android Keystore System API is not well specified on what parameters are valid an what not, so you are at the mercy of the KeyMaster HAL implementation (See this similar issue where setting a high value crashes: https://issuetracker.google.com/issues/73483926). Setting a value of 5 sec probably won't make much practical sense, since 5 seconds is a extremely short amount of time and any delay will break the process. Nevertheless, there is not much you can do, it is, with many things Android, trail&error because of the high fragmentation. As a side node: AFAIK Google Pay uses a delay of 20 minutes, so I guess this should work on most devices. |
This sample has been deprecated/archived (check README for more information on newer samples related to this technology). As recommended by GitHub, we are closing all issues and pull requests. |
When we change the AUTHENTICATION_DURATION_SECONDS variable (which represents the user authentication validity duration - in seconds) in MainActivity.java to a low value like 5 and keep calling TryEncrypt repeatedly by exiting the app and coming back to it repeatedly on a nexus 6p, the following Runtime Exception is seen intermittently:
Steps to reproduce:
Other notes
The text was updated successfully, but these errors were encountered: