- edited description
com.nimbusds.jose.JOSEException: android.security.KeyStoreException: Invalid operation handle
Hello,
I’m using the dependency: api 'com.nimbusds:nimbus-jose-jwt:9.20'
I have sometimes the following exception, when I try to achieve a lot of process (just a process executing network call and signing data with a key.) in a async way:
com.nimbusds.jose.JOSEException: android.security.KeyStoreException: Invalid operation handle
at com.nimbusds.jose.crypto.ECDSASigner.sign(ECDSASigner.java:181)
at com.nimbusds.jose.JWSObject.sign(JWSObject.java:311)
.....
aused by: java.security.SignatureException: android.security.KeyStoreException: Invalid operation handle
at android.security.keystore2.AndroidKeyStoreSignatureSpiBase.engineSign(AndroidKeyStoreSignatureSpiBase.java:332)
at java.security.Signature$Delegate.engineSign(Signature.java:1418)
at java.security.Signature.sign(Signature.java:739)
at com.nimbusds.jose.crypto.ECDSASigner.sign(ECDSASigner.java:177)
... 38 more
Caused by: android.security.KeyStoreException: Invalid operation handle
at android.security.KeyStore2.getKeyStoreException(KeyStore2.java:356)
at android.security.KeyStoreOperation.handleExceptions(KeyStoreOperation.java:78)
at android.security.KeyStoreOperation.finish(KeyStoreOperation.java:127)
at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer$MainDataStream.finish(KeyStoreCryptoOperationChunkedStreamer.java:228)
at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:181)
at android.security.keystore2.AndroidKeyStoreSignatureSpiBase.engineSign(Andr
The ECDSASigner class is considered as thread-safe, so I don’t understand what is it happening here. Is it possible there is a conflict at some point if two processes are trying to sign content with the same key at the exact same time?
Do you have any idea ?
Thank you,
Comments (2)
-
reporter -
The ECDSASigner class is thread-safe (it has a single field - the PrivateKey hande), but whether the code further down the stack, in your case the Android JCA provider is or isn’t thread-safe, I can’t tell.
My suggestion is ask in some Android cryptography forum for advice and come back here if you are able to get an answer.
- Log in to comment