Bitwarden crashing on biometric unlock

[shivangc22]

Steps To Reproduce

1. Open Bitwarden and log in with your account.
2. Enable biometric unlock.
3. Exit Bitwarden and open the app again.
4. Try to unlock the app using biometrics

Expected Result

My vault should unlock.

Actual Result

The app is crashing.

Screenshots or Videos

No response

Additional Context

Might be similar to 4651 & 4650 perhaps?

Anyway, here's a logcat I captured about the crash as well:

FATAL EXCEPTION: main Process: com.x8bit.bitwarden, PID: 20692 javax.crypto.BadPaddingException at android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:630) at javax.crypto.Cipher.doFinal(Cipher.java:2074) at a8.A0.R(Unknown Source:113) at J8.O.invokeSuspend(Unknown Source:43) at Jb.a.resumeWith(Unknown Source:7) at ec.K.run(Unknown Source:109) at ec.X.d0(Unknown Source:23) at ec.l.o(Unknown Source:80) at ec.l.s(Unknown Source:2) at gc.l.a(Unknown Source:6) at gc.j.I(Unknown Source:84) at gc.j.g(Unknown Source:56) at gc.j.p(Unknown Source:107) at Q8.d.i(Unknown Source:2) at J8.x.invoke(Unknown Source:116) at S8.d.invoke(Unknown Source:11) at ma.b.F(Unknown Source:15) at c.o.run(Unknown Source:246) at android.os.Handler.handleCallback(Handler.java:959) at android.os.Handler.dispatchMessage(Handler.java:100) at android.os.Looper.loopOnce(Looper.java:282) at android.os.Looper.loop(Looper.java:387) at android.app.ActivityThread.main(ActivityThread.java:9505) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:600) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1005) Suppressed: kotlinx.coroutines.internal.DiagnosticCoroutineContextException: [t0{Cancelling}@9b8c38, Dispatchers.Main.immediate] Caused by: android.security.KeyStoreException: Invalid argument (internal Keystore code: -38 message: system/security/keystore2/src/operation.rs:847: KeystoreOperation::finish Caused by: 0: system/security/keystore2/src/operation.rs:428: Finish failed. 1: Error::Km(r#INVALID_ARGUMENT)) (public error code: 10 internal Keystore code: -38) at android.security.KeyStore2.getKeyStoreException(KeyStore2.java:416) at android.security.KeyStoreOperation.handleExceptions(KeyStoreOperation.java:79) at android.security.KeyStoreOperation.finish(KeyStoreOperation.java:132) at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer$MainDataStream.finish(KeyStoreCryptoOperationChunkedStreamer.java:228) at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:181) at android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:624) ... 25 more

Build Version

2025.1.1 (Play Store)

What server are you connecting to?

US

Self-host Server Version

No response

Environment Details

• Device: OnePlus 11
• Android version: 15
• OxygenOS Version: CPH2447_15.0.0.401(EX01V30P01)

Issue Tracking Info

• I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.

[bitwarden-bot]

Thank you for your report! We've added this to our internal board for review.
ID: PM-17812

[vuongvan]

I have the same problem. Here is my crash log

[fessmm]

I can confirm. Same issue on Samsung Galaxy S24 Ultra with latest oneui 7 beta 3.

[Krychaz]

Thanks everyone for providing all the details and logs. This has been passed to our Engineering team

[ohaucke]

I have a similar issue, as soon as i add a second account and enable "Unlock with Biometrics" for it.

Steps to reproduce

• Add Account "Account-A"
• Enable "Unlock with Biometrics" for "Account-A"
• Add Account "Account-B"
• Enable "Unlock with Biometrics" for "Account-B"
• Lock the vaults/restart the app

Result

Try to unlock "Account-A" with my fingerprint = crash
Try to unlock "Account-B" with my fingerprint = Error message

An error has occurred.
We were unable to process your request. Please try again or contact us.

As soon as i remove "Unlock with Biometrics" from one account and reconfigure it for the other one, it works (for that specific account).

Build Version

2025.1.1 (19728) (Play Store)

Environment Details

• Device: OnePlus 11 5G
• Android version: 15
• OxygenOS Version: CPH_2449_15.0.0.203(EX01)

[kslcsdalsadg]

Issue still present at 2025.1.2.

Partial Workarround:

• Enter the app
• Use master password to login instead of fingerprint
• Access to settings then disable then re-enable fingerprint access

In any case, issue returns when active account changes.

[shivangc22]

Can recreate what @kslcsdalsadg said. Issue is temporarily fixed if I login using master password and re-enable unlock using biometrics, and this works. However, for users with two accounts (like me), it's causing issues.

[ndesgranges]

On my Samsung Galaxy S22 the issue also occurs with only one account. Re-enabling doesn't fix it. Crashes on fingerprint unlock.

Tried with a fresh install after clearing data and adding a single account.

Reverting to 2025.1.0 fixed the issue

[Br33ce]

So, why is this closed? Unfortunately I've got the same problem.

[ndesgranges]

@SaintPatrck Could you please reopen this ?

[3rico]

Same here, have the same problem, with the exact behavior as described by @ohaucke
I'm using Xiaomi Redmi note pro 11 android 13 hyperos1. 0.4

[jehammon]

I am also experiencing the same issue, and I have the latest version from Google Play installed. Why is this BUG closed? Or better yet, when will this fix be available?

[parcelcat]

Pull request #4696 is supposed to resolve this issue. I assume it was closed for this reason.

[ndesgranges]

I believe you are right, ignore my request to reopen this issue. I assumed this PR was in the last release (mainly because it was released after the PR was merged). It is NOT.

So for anyone reading this, please wait for the next release.

[3rico]

I believe you are right, ignore my request to reopen this issue. I assumed this PR was in the last release (mainly because it was released after the PR was merged). It is NOT.

So for anyone reading this, please wait for the next release.

Looking forward to the next update with the fix

[colinardo]

Fix finally included in release 2025.2.0

PM-17968: Create unique secret keys per user and handle decoding error by @david-livefront in #4696

[ndesgranges]

Just tried 2025.2.0 On my Samsung galaxy S22, it is not fixed on my side. The app still crashes on biometric unlock. (It now also crashes when enabling biometrics after disabling)

of course I tried with fresh install and no data/cache

Could this be re-opened please ?

[phoropter]

This is happening to me on 2025.2.0 only in my work profile bitwarden when trying to enable biometrics. I'm on GrapheneOS and used shelter to clone the app over to my work profile. Here is the log:

crash

type: crash
osVersion: google/husky/husky:15/BP1A.250305.019/2025030800:user/release-keys
userType: profile.managed
package: com.x8bit.bitwarden:19883, targetSdk 35
process: com.x8bit.bitwarden
processUptime: 20723 + 296 ms
installer: net.typeblog.shelter

javax.crypto.IllegalBlockSizeException
	at android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:634)
	at javax.crypto.Cipher.doFinal(Cipher.java:2074)
	at y7.A.o(Unknown Source:103)
	at aa.h0.invokeSuspend(Unknown Source:43)
	at Xb.a.resumeWith(Unknown Source:7)
	at sc.J.run(Unknown Source:109)
	at sc.W.c0(Unknown Source:23)
	at sc.k.o(Unknown Source:80)
	at sc.k.p(Unknown Source:2)
	at uc.j.a(Unknown Source:6)
	at uc.h.G(Unknown Source:69)
	at uc.h.g(Unknown Source:56)
	at uc.h.l(Unknown Source:107)
	at V8.d.i(Unknown Source:2)
	at aa.W.invoke(Unknown Source:118)
	at K9.j.invoke(Unknown Source:51)
	at X8.e.invoke(Unknown Source:11)
	at va.b.A(Unknown Source:15)
	at i.l.run(Unknown Source:280)
	at android.os.Handler.handleCallback(Handler.java:991)
	at android.os.Handler.dispatchMessage(Handler.java:102)
	at android.os.Looper.loopOnce(Looper.java:232)
	at android.os.Looper.loop(Looper.java:317)
	at android.app.ActivityThread.main(ActivityThread.java:8973)
	at java.lang.reflect.Method.invoke(Native Method)
	at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:591)
	at com.android.internal.os.ExecInit.main(ExecInit.java:50)
	at com.android.internal.os.RuntimeInit.nativeFinishInit(Native Method)
	at com.android.internal.os.RuntimeInit.main(RuntimeInit.java:369)
	Suppressed: kotlinx.coroutines.internal.DiagnosticCoroutineContextException: [s0{Cancelling}@6b4de5f, Dispatchers.Main.immediate]
Caused by: android.security.KeyStoreException: Key user not authenticated (internal Keystore code: -26 message: system/security/keystore2/src/operation.rs:835: KeystoreOperation::update

Caused by:
    0: system/security/keystore2/src/operation.rs:392: Update failed.
    1: Error::Km(r#KEY_USER_NOT_AUTHENTICATED)) (public error code: 2 internal Keystore code: -26)
	at android.security.KeyStore2.getKeyStoreException(KeyStore2.java:428)
	at android.security.KeyStoreOperation.handleExceptions(KeyStoreOperation.java:79)
	at android.security.KeyStoreOperation.update(KeyStoreOperation.java:118)
	at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer$MainDataStream.update(KeyStoreCryptoOperationChunkedStreamer.java:222)
	at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer.update(KeyStoreCryptoOperationChunkedStreamer.java:156)
	at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:179)
	at android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:624)
	... 28 more

[ohaucke]

I've just tested it on my OnePlus 11 5G (CPH2449_15.0.0.600(EX01)) with Version 2025.2.0 (19883) and for me it's working.

First i added biometric login for the second account (first account already had it actived) - works without any isssues
For testing purposes i've disabled biometric login on both accounts, closed everything, started and added biometric to both accounts again - works without any issues

[perseity]

Tested with Pixel 8, Android 15, Bitwarden 2025.2.0 (current on gplay)
Works, but had to relog both accounts and set biometrics again. No biggie though.

[SaintPatrck]

Thank you for providing crash details, @phoropter. We've identified the cause of the crash and hope to have a fix in the next release. I'll go ahead and re-open this issue for visibility.