Avoid crashes from unknown exceptions on lockscreen key migration. #6780

jmartinesp · 2022-08-09T08:33:48Z

Type of change

Feature
Bugfix
Technical
Other :

Content

Fixes #6769 .

Motivation and context

During lockscreen biometric key migrations, both UserNotAuthenticatedException and KeyPermanentlyInvalidatedException were caught, but there are many other possible exceptions that can be thrown. If any exceptions are thrown, we'll catch them, disable biometric authentication, then show pin code authentication.

Screenshots / GIFs

Tests

Install a version < 1.4.31 (1.4.27 maybe?).
Make sure you have biometric authentication enabled on your device.
Enable biometric auth in Settings > Security and Privacy > Protect access. You'll need to enable pin code auth, then biometric one.
Close the app.
Disable biometric authentication on your device (delete all fingerprints, disable face unlock, etc.).
Upgrade to this version and launch the app.

If the app doesn't crash, everything is fine. Biometric authentication should be disabled in this case too.

Tested devices

Physical
Emulator
OS version(s): 12, 11.

Checklist

Changes has been tested on an Android device or Android emulator with API 21
UI change has been tested on both light and dark themes
Accessibility has been taken into account. See https://github.com/vector-im/element-android/blob/develop/CONTRIBUTING.md#accessibility
Pull request is based on the develop branch
Pull request includes a new file under ./changelog.d. See https://github.com/vector-im/element-android/blob/develop/CONTRIBUTING.md#changelog
Pull request includes screenshots or videos if containing UI changes
Pull request includes a sign off
You've made a self review of your PR
If you have modified the screen flow, or added new screens to the application, you have updated the test UiAllScreensSanityTest.allScreensTest()

ouchadam · 2022-08-09T09:59:44Z

...ain/java/im/vector/app/features/pin/lockscreen/crypto/migrations/MissingSystemKeyMigrator.kt

+            }.onFailure { e ->
+                Timber.e(e, "Could not automatically create biometric key. Biometric authentication will be disabled.")
+                systemKeyStoreCrypto.deleteKey()
+                vectorPreferences.setUseBiometricToUnlock(false)


does this mean we've fallen back to prompting for a pin?

Yes. It's not a great solution, but I can see no alternative. If the migration fails, that's because the key is no longer valid and biometric auth won't work anyway even if the key exists.