fix: Wrap ProviderException as CryptoException to enable key recovery on Android 12+

Author: utkrishtsahu

auth0/src/main/java/com/auth0/android/authentication/storage/CryptoUtil.java

@@ -344,10 +344,8 @@ byte[] RSADecrypt(byte[] encryptedInput) throws IncompatibleDeviceException, Cry
             cipher.init(Cipher.DECRYPT_MODE, privateKey, OAEP_SPEC);
             return cipher.doFinal(encryptedInput);
         } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException
-                | InvalidAlgorithmParameterException | ProviderException e) {
+                | InvalidAlgorithmParameterException e) {
             /*
-             * This exceptions are safe to be ignored:
-             *
              * - NoSuchPaddingException:
              *      Thrown if PKCS1Padding is not available. Was introduced in API 1.
              * - NoSuchAlgorithmException:
@@ -357,16 +355,22 @@ byte[] RSADecrypt(byte[] encryptedInput) throws IncompatibleDeviceException, Cry
              *      Thrown if the given key is inappropriate for initializing this cipher.
              * - InvalidAlgorithmParameterException:
              *      Thrown if the OAEP parameters are invalid or unsupported.
-             * - ProviderException:
-             *      Thrown on Android 12+ (Keystore2) when the key's padding restriction is
-             *      incompatible with the cipher transformation (e.g. a PKCS1-restricted key
-             *      initialised with an OAEP spec). On Android < 12 this surfaces as
-             *      InvalidKeyException instead.
              *
              * Read more in https://developer.android.com/reference/javax/crypto/Cipher
              */
             Log.e(TAG, "The device can't decrypt input using a RSA Key.", e);
             throw new IncompatibleDeviceException(e);
+        } catch (ProviderException e) {
+            /*
+             * On Android 12+ (Keystore2), a padding mismatch throws ProviderException
+             * instead of InvalidKeyException. This is a KEY incompatibility (stale PKCS1
+             * key with OAEP cipher), not a DEVICE incompatibility. Wrapping as CryptoException
+             * allows the caller to fall through to key regeneration.
+             */
+            Log.e(TAG, "RSA key padding mismatch detected (Android 12+ Keystore2).", e);
+            deleteAESKeys();
+            throw new CryptoException(
+                    "The RSA key's padding mode is incompatible with the current cipher.", e);
         } catch (IllegalArgumentException | IllegalBlockSizeException | BadPaddingException e) {
             /*
              * Any of this exceptions mean the encrypted input is somehow corrupted and cannot be recovered.
@@ -401,10 +405,8 @@ byte[] RSAEncrypt(byte[] decryptedInput) throws IncompatibleDeviceException, Cry
             cipher.init(Cipher.ENCRYPT_MODE, certificate.getPublicKey(), OAEP_SPEC);
             return cipher.doFinal(decryptedInput);
         } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException
-                | InvalidAlgorithmParameterException | ProviderException e) {
+                | InvalidAlgorithmParameterException e) {
             /*
-             * This exceptions are safe to be ignored:
-             *
              * - NoSuchPaddingException:
              *      Thrown if PKCS1Padding is not available. Was introduced in API 1.
              * - NoSuchAlgorithmException:
@@ -414,16 +416,22 @@ byte[] RSAEncrypt(byte[] decryptedInput) throws IncompatibleDeviceException, Cry
              *      Thrown if the given key is inappropriate for initializing this cipher.
              * - InvalidAlgorithmParameterException:
              *      Thrown if the OAEP parameters are invalid or unsupported.
-             * - ProviderException:
-             *      Thrown on Android 12+ (Keystore2) when the key's padding restriction is
-             *      incompatible with the cipher transformation (e.g. a PKCS1-restricted key
-             *      initialised with an OAEP spec). On Android < 12 this surfaces as
-             *      InvalidKeyException instead.
              *
              * Read more in https://developer.android.com/reference/javax/crypto/Cipher
              */
             Log.e(TAG, "The device can't encrypt input using a RSA Key.", e);
             throw new IncompatibleDeviceException(e);
+        } catch (ProviderException e) {
+            /*
+             * On Android 12+ (Keystore2), a padding mismatch throws ProviderException
+             * instead of InvalidKeyException. This is a KEY incompatibility (stale PKCS1
+             * key with OAEP cipher), not a DEVICE incompatibility. Wrapping as CryptoException
+             * allows the caller to fall through to key regeneration.
+             */
+            Log.e(TAG, "RSA key padding mismatch detected (Android 12+ Keystore2).", e);
+            deleteAESKeys();
+            throw new CryptoException(
+                    "The RSA key's padding mode is incompatible with the current cipher.", e);
         } catch (IllegalBlockSizeException | BadPaddingException e) {
             /*
              * They really should not be thrown at all since padding is requested in the transformation.
@@ -479,10 +487,12 @@ private byte[] attemptPKCS1Migration(byte[] encryptedAESBytes) {
 
         } catch (BadPaddingException | IllegalBlockSizeException e) {
             Log.e(TAG, "PKCS1 decryption failed. Data may be corrupted.", e);
-        } catch (KeyStoreException | CertificateException | IOException | 
+        } catch (KeyStoreException | CertificateException | IOException |
                  NoSuchAlgorithmException | UnrecoverableEntryException |
                  NoSuchPaddingException | InvalidKeyException e) {
             Log.e(TAG, "Migration failed due to key access error.", e);
+        } catch (ProviderException e) {
+            Log.e(TAG, "PKCS1 migration failed: key padding incompatible (Android 12+ Keystore2).", e);
         } catch (CryptoException e) {
             Log.e(TAG, "Failed to re-encrypt AES key with OAEP.", e);
         }
@@ -617,7 +627,8 @@ private byte[] tryMigrateLegacyAESKey() {
             Log.d(TAG, "Legacy AES key migrated successfully");
             return decryptedAESKey;
         } catch (CryptoException | NoSuchPaddingException | NoSuchAlgorithmException | InvalidKeyException |
-                 BadPaddingException | IllegalBlockSizeException | IllegalArgumentException e) {
+                 BadPaddingException | IllegalBlockSizeException | IllegalArgumentException |
+                 ProviderException e) {
             Log.e(TAG, "Could not migrate legacy AES key. Will generate new key.", e);
             deleteAESKeys();
             return null;

auth0/src/test/java/com/auth0/android/authentication/storage/CryptoUtilTest.java

@@ -1944,9 +1944,9 @@ public void shouldGenerateNewKeyWhenMigrationFails() throws Exception {
     }
 
     @Test
-    public void shouldWrapProviderExceptionFromCipherInitInRSADecryptAsIncompatibleDevice() {
-        Assert.assertThrows("The device is not compatible with the CryptoUtil class",
-                IncompatibleDeviceException.class, () -> {
+    public void shouldWrapProviderExceptionFromCipherInitInRSADecryptAsCryptoException() {
+        Assert.assertThrows("The RSA key's padding mode is incompatible with the current cipher.",
+                CryptoException.class, () -> {
                     PrivateKey privateKey = PowerMockito.mock(PrivateKey.class);
                     KeyStore.PrivateKeyEntry privateKeyEntry = PowerMockito.mock(KeyStore.PrivateKeyEntry.class);
                     doReturn(privateKey).when(privateKeyEntry).getPrivateKey();
@@ -1962,9 +1962,9 @@ public void shouldWrapProviderExceptionFromCipherInitInRSADecryptAsIncompatibleD
     }
 
     @Test
-    public void shouldWrapProviderExceptionFromCipherInitInRSAEncryptAsIncompatibleDevice() {
-        Assert.assertThrows("The device is not compatible with the CryptoUtil class",
-                IncompatibleDeviceException.class, () -> {
+    public void shouldWrapProviderExceptionFromCipherInitInRSAEncryptAsCryptoException() {
+        Assert.assertThrows("The RSA key's padding mode is incompatible with the current cipher.",
+                CryptoException.class, () -> {
                     PublicKey publicKey = PowerMockito.mock(PublicKey.class);
                     Certificate certificate = PowerMockito.mock(Certificate.class);
                     doReturn(publicKey).when(certificate).getPublicKey();

sample/src/main/java/com/auth0/sample/DatabaseLoginFragment.kt

@@ -2,6 +2,7 @@ package com.auth0.sample
 
 import android.os.Bundle
 import android.os.CancellationSignal
+import android.util.Log
 import android.view.LayoutInflater
 import android.view.View
 import android.view.ViewGroup
@@ -50,6 +51,11 @@ import java.util.concurrent.Executors
  */
 class DatabaseLoginFragment : Fragment() {
 
+    companion object {
+        private const val TAG = "Auth0CrashRepro"
+        private const val SDK_VERSION = "3.13.0 (OAEP)"
+    }
+
     private val scope = "openid profile email read:current_user update:current_user_metadata"
 
     private val account: Auth0 by lazy {
@@ -122,6 +128,8 @@ class DatabaseLoginFragment : Fragment() {
         inflater: LayoutInflater, container: ViewGroup?, savedInstanceState: Bundle?
     ): View {
         val binding = FragmentDatabaseLoginBinding.inflate(inflater, container, false)
+        binding.tvSdkVersion.text = "SDK: $SDK_VERSION"
+        Log.i(TAG, "=== App started with SDK version: $SDK_VERSION ===")
         binding.btLogin.setOnClickListener {
             val email = binding.textEmail.text.toString()
             val password = binding.textPassword.text.toString()
@@ -215,39 +223,70 @@ class DatabaseLoginFragment : Fragment() {
     }
 
     private suspend fun dbLoginAsync(email: String, password: String) {
+        Log.i(TAG, ">>> dbLoginAsync() called with email=$email")
         try {
             val result =
                 authenticationApiClient.login(email, password, "Username-Password-Authentication")
                     .validateClaims()
                     .addParameter("scope", scope)
                     .addParameter("audience", audience)
                     .await()
-            credentialsManager.saveCredentials(result)
+            Log.i(TAG, ">>> dbLoginAsync SUCCESS - got credentials for ${result.user.name}")
+            Log.i(TAG, ">>> Calling credentialsManager.saveCredentials()...")
+            try {
+                credentialsManager.saveCredentials(result)
+                Log.i(TAG, ">>> credentialsManager.saveCredentials() OK")
+            } catch (e: Exception) {
+                Log.e(TAG, ">>> credentialsManager.saveCredentials() FAILED", e)
+            }
+            Log.i(TAG, ">>> Calling secureCredentialsManager.saveCredentials()...")
+            try {
+                secureCredentialsManager.saveCredentials(result)
+                Log.i(TAG, ">>> secureCredentialsManager.saveCredentials() OK")
+            } catch (e: Exception) {
+                Log.e(TAG, ">>> secureCredentialsManager.saveCredentials() FAILED", e)
+            }
             Snackbar.make(
                 requireView(),
                 "Hello ${result.user.name}",
                 Snackbar.LENGTH_LONG
             )
                 .show()
         } catch (error: AuthenticationException) {
+            Log.e(TAG, ">>> dbLoginAsync FAILED", error)
             Snackbar.make(requireView(), error.getDescription(), Snackbar.LENGTH_LONG).show()
         }
     }
 
     private fun dbLogin(email: String, password: String) {
+        Log.i(TAG, ">>> dbLogin() called with email=$email")
         authenticationApiClient.login(email, password, "Username-Password-Authentication")
             .validateClaims()
             .addParameter("scope", scope)
             .addParameter("audience", audience)
-            //Additional customization to the request goes here
             .start(object : Callback<Credentials, AuthenticationException> {
                 override fun onFailure(error: AuthenticationException) {
+                    Log.e(TAG, ">>> dbLogin FAILED", error)
                     Snackbar.make(requireView(), error.getDescription(), Snackbar.LENGTH_LONG)
                         .show()
                 }
 
                 override fun onSuccess(result: Credentials) {
-                    credentialsManager.saveCredentials(result)
+                    Log.i(TAG, ">>> dbLogin SUCCESS - got credentials for ${result.user.name}")
+                    Log.i(TAG, ">>> Calling credentialsManager.saveCredentials()...")
+                    try {
+                        credentialsManager.saveCredentials(result)
+                        Log.i(TAG, ">>> credentialsManager.saveCredentials() OK")
+                    } catch (e: Exception) {
+                        Log.e(TAG, ">>> credentialsManager.saveCredentials() FAILED", e)
+                    }
+                    Log.i(TAG, ">>> Calling secureCredentialsManager.saveCredentials()...")
+                    try {
+                        secureCredentialsManager.saveCredentials(result)
+                        Log.i(TAG, ">>> secureCredentialsManager.saveCredentials() OK")
+                    } catch (e: Exception) {
+                        Log.e(TAG, ">>> secureCredentialsManager.saveCredentials() FAILED", e)
+                    }
                     Snackbar.make(
                         requireView(),
                         "Hello ${result.user.name}",
@@ -258,14 +297,28 @@ class DatabaseLoginFragment : Fragment() {
     }
 
     private fun webAuth() {
+        Log.i(TAG, ">>> webAuth() called - starting browser login")
         WebAuthProvider.login(account)
             .withScheme(getString(R.string.com_auth0_scheme))
             .withAudience(audience)
             .withScope(scope)
             .start(requireContext(), object : Callback<Credentials, AuthenticationException> {
                 override fun onSuccess(result: Credentials) {
-                    credentialsManager.saveCredentials(result)
-                    secureCredentialsManager.saveCredentials(result)
+                    Log.i(TAG, ">>> webAuth SUCCESS - got credentials for ${result.user.name}")
+                    Log.i(TAG, ">>> Calling credentialsManager.saveCredentials()...")
+                    try {
+                        credentialsManager.saveCredentials(result)
+                        Log.i(TAG, ">>> credentialsManager.saveCredentials() OK")
+                    } catch (e: Exception) {
+                        Log.e(TAG, ">>> credentialsManager.saveCredentials() FAILED", e)
+                    }
+                    Log.i(TAG, ">>> Calling secureCredentialsManager.saveCredentials()...")
+                    try {
+                        secureCredentialsManager.saveCredentials(result)
+                        Log.i(TAG, ">>> secureCredentialsManager.saveCredentials() OK")
+                    } catch (e: Exception) {
+                        Log.e(TAG, ">>> secureCredentialsManager.saveCredentials() FAILED", e)
+                    }
                     Snackbar.make(
                         requireView(),
                         "Hello ${result.user.name}",
@@ -274,6 +327,7 @@ class DatabaseLoginFragment : Fragment() {
                 }
 
                 override fun onFailure(error: AuthenticationException) {
+                    Log.e(TAG, ">>> webAuth FAILED", error)
                     val message =
                         if (error.isCanceled)
                             "Browser was closed"

sample/src/main/res/layout/fragment_database_login.xml

@@ -46,6 +46,22 @@
             app:layout_constraintStart_toStartOf="parent"
             app:layout_constraintTop_toBottomOf="@+id/textEmail" />
 
+        <TextView
+            android:id="@+id/tvSdkVersion"
+            android:layout_width="match_parent"
+            android:layout_height="wrap_content"
+            android:layout_marginTop="4dp"
+            android:gravity="center"
+            android:padding="8dp"
+            android:background="#FFEB3B"
+            android:text="SDK Version: ..."
+            android:textSize="14sp"
+            android:textStyle="bold"
+            android:textColor="#000000"
+            app:layout_constraintEnd_toEndOf="parent"
+            app:layout_constraintStart_toStartOf="parent"
+            app:layout_constraintTop_toTopOf="parent" />
+
         <TextView
             android:id="@+id/textView"
             android:layout_width="wrap_content"
@@ -58,7 +74,7 @@
             app:layout_constraintBottom_toTopOf="@+id/textEmail"
             app:layout_constraintEnd_toEndOf="parent"
             app:layout_constraintStart_toStartOf="parent"
-            app:layout_constraintTop_toTopOf="parent" />
+            app:layout_constraintTop_toBottomOf="@+id/tvSdkVersion" />
 
         <TextView
             android:id="@+id/textView3"