Merge pull request #18 from contentpass/CHORE-android-8-keystore-api

0x7f · web-flow · commit 8104496816ce · 2026-01-20T10:46:02.000+01:00
Use more reliable API to access KeyStore
diff --git a/README.md b/README.md
@@ -14,7 +14,7 @@
 Our SDK is available on Maven Central.
 
 ```groovy
-implementation 'de.contentpass:contentpass-android:2.2.7'
+implementation 'de.contentpass:contentpass-android:2.2.8'
 ```
 
 Add this to your app's `build.gradle` file's `dependencies` element.
diff --git a/lib/build.gradle.kts b/lib/build.gradle.kts
@@ -58,7 +58,7 @@ kapt {
 extra.apply{
     set("PUBLISH_GROUP_ID", "de.contentpass")
     set("PUBLISH_ARTIFACT_ID", "contentpass-android")
-    set("PUBLISH_VERSION", "2.2.7")
+    set("PUBLISH_VERSION", "2.2.8")
 }
 
 apply("${rootProject.projectDir}/scripts/publish-module.gradle")
diff --git a/lib/src/main/java/de/contentpass/lib/KeyStore.kt b/lib/src/main/java/de/contentpass/lib/KeyStore.kt
@@ -50,18 +50,27 @@ internal class KeyStore(private val context: Context, private val propertyId: St
         if (!keystore.containsAlias(keyPairAlias)) {
             createKeyPair()
         }
-        val pair = try {
-            keystore.getEntry(keyPairAlias, null) as? VendorKeyStore.PrivateKeyEntry
+        val recovered = try {
+            val key = keystore.getKey(keyPairAlias, null) as? PrivateKey
+            val cert = keystore.getCertificate(keyPairAlias)
+            if (key != null && cert != null) {
+                key to cert.publicKey
+            } else {
+                null
+            }
         } catch (e: Exception) {
             null
         } ?: run {
             // Android 8 can throw when the entry is invalidated/corrupted; recreate it.
             keystore.deleteEntry(keyPairAlias)
             createKeyPair()
-            keystore.getEntry(keyPairAlias, null) as VendorKeyStore.PrivateKeyEntry
+            val key = keystore.getKey(keyPairAlias, null) as PrivateKey
+            val cert = keystore.getCertificate(keyPairAlias)
+                ?: throw IllegalStateException("Failed to load keystore certificate after regeneration.")
+            key to cert.publicKey
         }
-        privateKey = pair.privateKey
-        publicKey = pair.certificate.publicKey
+        privateKey = recovered.first
+        publicKey = recovered.second
     }
 
     private fun createKeyPair(): KeyPair {

Original file line number	Diff line number	Diff line change
`@@ -58,7 +58,7 @@ kapt {`
`58`	`58`	`extra.apply{`
`59`	`59`	`set("PUBLISH_GROUP_ID", "de.contentpass")`
`60`	`60`	`set("PUBLISH_ARTIFACT_ID", "contentpass-android")`
`61`		`- set("PUBLISH_VERSION", "2.2.7")`
	`61`	`+ set("PUBLISH_VERSION", "2.2.8")`
`62`	`62`	`}`
`63`	`63`
`64`	`64`	`apply("${rootProject.projectDir}/scripts/publish-module.gradle")`