Android Biometric unlock - App crash/Error message

gean · February 6, 2025, 12:48pm

Hey there,
today i added a second account to my bitwarden app on android and activated “Unlock with Biometrics” for it.

Account-A (added last year + “Unlock with Biometrics” active)
Account-B (added today + “Unlock with Biometrics” activated)

When i lock both accounts/restart the app and try to unlock Account-A with my fingerprint, the app crashes and when i try to unlock Account-B with my fingerprint, it shows me an error:

An error has occurred.
We were unable to process your request. Please try again or contact us.

As soon as i remove “Unlock with Biometrics” from one account and reconfigure it for the other one, it works (for that one account).

Android version: 15 (OxygenOS 15.0)
Bitwarden App version: 2025.1.1 (19728)

Has anyone else problems like that?

Nail1684 · February 6, 2025, 5:28pm

There is a recent bug report about crashes in combination with biometric unlock:

github.com/bitwarden/android

Bitwarden crashing on biometric unlock

opened 01:10PM - 31 Jan 25 UTC

shivangc22

bug

### Steps To Reproduce 1. Open Bitwarden and log in with your account. 2. Enabl…e biometric unlock. 3. Exit Bitwarden and open the app again. 4. Try to unlock the app using biometrics ### Expected Result My vault should unlock. ### Actual Result The app is crashing. ### Screenshots or Videos _No response_ ### Additional Context Might be similar to [4651](https://github.com/bitwarden/android/issues/4651) & [4650](https://github.com/bitwarden/android/issues/4650) perhaps? Anyway, here's a logcat I captured about the crash as well: `FATAL EXCEPTION: main Process: com.x8bit.bitwarden, PID: 20692 javax.crypto.BadPaddingException at android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:630) at javax.crypto.Cipher.doFinal(Cipher.java:2074) at a8.A0.R(Unknown Source:113) at J8.O.invokeSuspend(Unknown Source:43) at Jb.a.resumeWith(Unknown Source:7) at ec.K.run(Unknown Source:109) at ec.X.d0(Unknown Source:23) at ec.l.o(Unknown Source:80) at ec.l.s(Unknown Source:2) at gc.l.a(Unknown Source:6) at gc.j.I(Unknown Source:84) at gc.j.g(Unknown Source:56) at gc.j.p(Unknown Source:107) at Q8.d.i(Unknown Source:2) at J8.x.invoke(Unknown Source:116) at S8.d.invoke(Unknown Source:11) at ma.b.F(Unknown Source:15) at c.o.run(Unknown Source:246) at android.os.Handler.handleCallback(Handler.java:959) at android.os.Handler.dispatchMessage(Handler.java:100) at android.os.Looper.loopOnce(Looper.java:282) at android.os.Looper.loop(Looper.java:387) at android.app.ActivityThread.main(ActivityThread.java:9505) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:600) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1005) Suppressed: kotlinx.coroutines.internal.DiagnosticCoroutineContextException: [t0{Cancelling}@9b8c38, Dispatchers.Main.immediate] Caused by: android.security.KeyStoreException: Invalid argument (internal Keystore code: -38 message: system/security/keystore2/src/operation.rs:847: KeystoreOperation::finish Caused by: 0: system/security/keystore2/src/operation.rs:428: Finish failed. 1: Error::Km(r#INVALID_ARGUMENT)) (public error code: 10 internal Keystore code: -38) at android.security.KeyStore2.getKeyStoreException(KeyStore2.java:416) at android.security.KeyStoreOperation.handleExceptions(KeyStoreOperation.java:79) at android.security.KeyStoreOperation.finish(KeyStoreOperation.java:132) at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer$MainDataStream.finish(KeyStoreCryptoOperationChunkedStreamer.java:228) at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:181) at android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:624) ... 25 more` ### Build Version 2025.1.1 (Play Store) ### What server are you connecting to? US ### Self-host Server Version _No response_ ### Environment Details - Device: OnePlus 11 - Android version: 15 - OxygenOS Version: CPH2447_15.0.0.401(EX01V30P01) ### Issue Tracking Info - [x] I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.

You could add your details there for the bug fixing.

gean · February 6, 2025, 7:19pm

Thanks for info, posted my details there

Tom_Franciosi · February 28, 2025, 4:07pm

I encountered this exact problem yesterday. Discovered that if I set one account to PIN and the other to Biometric it would not crash on me. Not an ideal solution but a decent workaround.

Nail1684 · March 1, 2025, 11:24pm

@Tom_Franciosi Good workaround! – I looked into that GitHub issue Bitwarden crashing on biometric unlock · Issue #4659 · bitwarden/android · GitHub again (it’s the one I posted a few posts above) - and it seems this Pull Request PM-17968: Create unique secret keys per user and handle decoding error by david-livefront · Pull Request #4696 · bitwarden/android · GitHub should solve this issue - and it should be incorporated into the next releases.