Unlock fails if biometric authentication is enabled and the password was changed using a different device

[SailReal]

Please agree to the following

• [X] I have searched existing issues for duplicates
• [X] I agree to follow this project's Code of Conduct

Summary

Unlock fails if biometric authentication is enabled and the password was changed using a different device

System Setup

- Android: x
- Cryptomator: 1.6.0-beta4 but also 1.5.x

Cloud Type

No response

Steps to Reproduce

1. Add a vault on device a
2. Setup biometric authentication for this vault on device a
3. Change the password of this vault on device b
4. Unlock vault on device a

Expected Behavior

The user should be notified that the vault password has changed in the background. Furthermore the user should be asked to provide the new password which in return will update the stored ciphertext for this vault. If the user don't want to provide the new vault password, biometric authentication will be deactivated for this vault.

Actual Behavior

A toast with "Wrong password" is displayed.

Reproducibility

Always

Relevant Log Output

org.cryptomator.debug D/GetUnverifiedVaultConfigUseCase: started 12ce4b31
org.cryptomator.debug D/ActivityLifecycle: onStart org.cryptomator.presentation.ui.activity.UnlockVaultActivity@6eb5105
org.cryptomator.debug I/ActivityLifecycle: onResume org.cryptomator.presentation.ui.activity.UnlockVaultActivity@6eb5105
org.cryptomator.debug D/ActivityLifecycle: onResumeFragments org.cryptomator.presentation.ui.activity.UnlockVaultActivity@6eb5105
org.cryptomator.debug D/PresenterLifecycle: resume org.cryptomator.presentation.presenter.UnlockVaultPresenter@2535512
org.cryptomator.debug D/GetUnverifiedVaultConfigUseCase: finished 12ce4b31
org.cryptomator.debug D/BackgroundTasks: type:1 all:2 register@ org.cryptomator.domain.usecases.vault.PrepareUnlockUseCase$Launcher#run:70
org.cryptomator.debug D/PrepareUnlockUseCase: started 12ce4b2f
org.cryptomator.debug D/BiometricAuthentication: Show biometric auth prompt
org.cryptomator.debug D/PrepareUnlockUseCase: finished 12ce4b2f
org.cryptomator.debug D/BackgroundTasks: type:0 all:1 unregister@ org.cryptomator.domain.usecases.vault.GetUnverifiedVaultConfigUseCase$Launcher$1#onComplete:72
org.cryptomator.debug D/BackgroundTasks: type:0 all:0 unregister@ org.cryptomator.domain.usecases.vault.PrepareUnlockUseCase$Launcher$1#onComplete:81
org.cryptomator.debug D/BiometricAuthentication: Authentication finished successfully
org.cryptomator.debug D/BackgroundTasks: type:1 all:1 register@ org.cryptomator.domain.usecases.vault.UnlockVaultUsingMasterkeyUseCase$Launcher#run:85
org.cryptomator.debug D/UnlockVaultUsingMasterkeyUseCase: started 12ce4b2d
org.cryptomator.debug D/UnlockVaultUsingMasterkeyUseCase: failed 12ce4b2d
org.cryptomator.debug D/ExceptionHandler: 			Unexpected error
    org.cryptomator.cryptolib.api.InvalidPassphraseException
        at org.cryptomator.cryptolib.common.MasterkeyFileAccess.unlock(MasterkeyFileAccess.java:147)
        at org.cryptomator.cryptolib.common.MasterkeyFileAccess.load(MasterkeyFileAccess.java:131)
        at org.cryptomator.data.cloud.crypto.MasterkeyCryptoCloudProvider$UnlockTokenImpl.getKeyFile(MasterkeyCryptoCloudProvider.kt:290)
        at org.cryptomator.data.cloud.crypto.MasterkeyCryptoCloudProvider.unlock(MasterkeyCryptoCloudProvider.kt:97)
        at org.cryptomator.data.cloud.crypto.CryptoCloudFactory.unlock(CryptoCloudFactory.java:68)
        at org.cryptomator.data.repository.CloudRepositoryImpl.unlock(CloudRepositoryImpl.java:110)
        at org.cryptomator.domain.usecases.vault.UnlockVaultUsingMasterkey.execute(UnlockVaultUsingMasterkey.java:42)
        at org.cryptomator.domain.usecases.vault.UnlockVaultUsingMasterkeyUseCase$Launcher$2.call(UnlockVaultUsingMasterkeyUseCase.java:117)
        at org.cryptomator.domain.usecases.vault.UnlockVaultUsingMasterkeyUseCase$Launcher$2.call(UnlockVaultUsingMasterkeyUseCase.java:111)
        at io.reactivex.internal.operators.flowable.FlowableFromCallable.subscribeActual(FlowableFromCallable.java:39)
        at io.reactivex.Flowable.subscribe(Flowable.java:14935)
        at io.reactivex.Flowable.subscribe(Flowable.java:14882)
        at io.reactivex.internal.operators.flowable.FlowableSubscribeOn$SubscribeOnSubscriber.run(FlowableSubscribeOn.java:82)
        at io.reactivex.internal.schedulers.ExecutorScheduler$ExecutorWorker$BooleanRunnable.run(ExecutorScheduler.java:288)
        at io.reactivex.internal.schedulers.ExecutorScheduler$ExecutorWorker.run(ExecutorScheduler.java:253)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
        at java.lang.Thread.run(Thread.java:923)
    
    			ErrorCode: 3B21:AK7S
2021-09-23 15:23:08.498 21175-21175/org.cryptomator.debug W/Message: Wrong password

Anything else?

To recover from this problem you need to disable and enable again the biometric authentication for this vault in Cryptomator settings.

If the password is changed on device a, the ciphertext is changed as well so this problem only happens when the vault password is changed on a different device.