Crash when attempting to decrypt after adding new fingerprints

[xxfast]

Steps to reproduce

1. Open the sample app and register at least one value
2. Close the app and head to settings to add additional fingerprints
3. Reopen the sample app and try to read the previously stored value.. and it will crash

A few issues

1. Upon reading the previously stored value, it returns a NEEDS_AUTH instead of an error state, (because new fingerprints was added)
2. If you use any finger other than whats registered, its returns a RECOVERABLE_ERROR and asking users to retry - even though the number of fingerprints had changed
3. And it crashes.. when you try to use any of the registered fingers

Crashlog

2018-10-30 13:24:11.113 26955-26955/com.squareup.whorlwind.sample I/Whorlwind: Failed to decrypt.
    javax.crypto.IllegalBlockSizeException
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:519)
        at javax.crypto.Cipher.doFinal(Cipher.java:1736)
        at com.squareup.whorlwind.FingerprintAuthOnSubscribe$2.onAuthenticationSucceeded(FingerprintAuthOnSubscribe.java:138)
        at android.hardware.fingerprint.FingerprintManager$MyHandler.sendAuthenticatedSucceeded(FingerprintManager.java:1314)
        at android.hardware.fingerprint.FingerprintManager$MyHandler.handleMessage(FingerprintManager.java:1224)
        at android.os.Handler.dispatchMessage(Handler.java:105)
        at android.os.Looper.loop(Looper.java:164)
        at android.app.ActivityThread.main(ActivityThread.java:6938)
        at java.lang.reflect.Method.invoke(Native Method)
        at com.android.internal.os.Zygote$MethodAndArgsCaller.run(Zygote.java:327)
        at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1374)
     Caused by: android.security.KeyStoreException: Key user not authenticated
        at android.security.KeyStore.getKeyStoreException(KeyStore.java:1137)
        at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.update(KeyStoreCryptoOperationChunkedStreamer.java:132)
        at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:217)
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
        at javax.crypto.Cipher.doFinal(Cipher.java:1736) 
        at com.squareup.whorlwind.FingerprintAuthOnSubscribe$2.onAuthenticationSucceeded(FingerprintAuthOnSubscribe.java:138) 
        at android.hardware.fingerprint.FingerprintManager$MyHandler.sendAuthenticatedSucceeded(FingerprintManager.java:1314) 
        at android.hardware.fingerprint.FingerprintManager$MyHandler.handleMessage(FingerprintManager.java:1224) 
        at android.os.Handler.dispatchMessage(Handler.java:105) 
        at android.os.Looper.loop(Looper.java:164) 
        at android.app.ActivityThread.main(ActivityThread.java:6938) 
        at java.lang.reflect.Method.invoke(Native Method) 
        at com.android.internal.os.Zygote$MethodAndArgsCaller.run(Zygote.java:327) 
        at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1374) 

EDIT: ITS A SAMSUNG!!!

[oldergod]

Thanks for reporting; I wasn't able to reproduce the bug. Could you tell me which version of Android you're running that on?

[Rickard80]

This usually happens on Samsung, and sometimes LG phones. It's a bug in their operating system. I think the same thing happens if you remove a fingerprint after installing the app. Here are two models that crashes:

Android: 8.0.0
Manufacturer: samsung
Model: SM-G950F

Android: 8.0.0
Manufacturer: samsung
Model: SM-G930F