Play Services crash when using Token2 Fido on Bitwarden web

Pavestone2734

I have Play Services and Play Store installed with network permission enabled for both.
I enable JIT in Vanadium (incognito), then I try to login with the Bitwarden webapp.
After getting to the WebAuthn popup I plug in my Fido key (Token2).
A virtual keyboard popup appears which I can OK but it's a bit glitchy.
At this point either an error appears in Bitwarden or I'm able to proceed to press my key.
After I press my key an error appears in Bitwarden that the authentication took too long or bad credentials or something like that.

This happened to me in multiple profiles.
Play Services also crashed while this was happening:

type: crash
osVersion: google/akita/akita:15/BP1A.250305.019/2025040700:user/release-keys
package: com.google.android.gms:250832035, targetSdk 35
process: com.google.android.gms.ui
processUptime: 8550 + 271 ms
installer: app.grapheneos.apps
GmsCompatConfig version: 156

java.lang.NullPointerException: Attempt to invoke virtual method 'void android.view.View.setVisibility(int)' on a null object reference
	at bnhe.c(:com.google.android.gms@250832035@25.08.32 (260400-731361394):81)
	at bnhe.b(:com.google.android.gms@250832035@25.08.32 (260400-731361394):2)
	at zmv.jZ(:com.google.android.gms@250832035@25.08.32 (260400-731361394):9)
	at jnf.kn(:com.google.android.gms@250832035@25.08.32 (260400-731361394):29)
	at jnf.f(:com.google.android.gms@250832035@25.08.32 (260400-731361394):16)
	at jne.d(:com.google.android.gms@250832035@25.08.32 (260400-731361394):72)
	at jnd.a(:com.google.android.gms@250832035@25.08.32 (260400-731361394):22)
	at jmy.a(:com.google.android.gms@250832035@25.08.32 (260400-731361394):15)
	at jmk.k(:com.google.android.gms@250832035@25.08.32 (260400-731361394):290)
	at jmk.h(:com.google.android.gms@250832035@25.08.32 (260400-731361394):133)
	at jmk.c(:com.google.android.gms@250832035@25.08.32 (260400-731361394):15)
	at ssy.a(:com.google.android.gms@250832035@25.08.32 (260400-731361394):53)
	at ssz.onActivityPostStarted(:com.google.android.gms@250832035@25.08.32 (260400-731361394):10)
	at android.app.Activity.dispatchActivityPostStarted(Activity.java:1636)
	at android.app.Activity.performStart(Activity.java:9214)
	at android.app.ActivityThread.handleStartActivity(ActivityThread.java:4244)
	at android.app.servertransaction.TransactionExecutor.performLifecycleSequence(TransactionExecutor.java:214)
	at android.app.servertransaction.TransactionExecutor.cycleToPath(TransactionExecutor.java:194)
	at android.app.servertransaction.TransactionExecutor.executeLifecycleItem(TransactionExecutor.java:166)
	at android.app.servertransaction.TransactionExecutor.executeTransactionItems(TransactionExecutor.java:101)
	at android.app.servertransaction.TransactionExecutor.execute(TransactionExecutor.java:80)
	at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2782)
	at android.os.Handler.dispatchMessage(Handler.java:109)
	at android.os.Looper.loopOnce(Looper.java:232)
	at android.os.Looper.loop(Looper.java:317)
	at android.app.ActivityThread.main(ActivityThread.java:8973)
	at java.lang.reflect.Method.invoke(Native Method)
	at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:591)
	at com.android.internal.os.ExecInit.main(ExecInit.java:50)
	at com.android.internal.os.RuntimeInit.nativeFinishInit(Native Method)
	at com.android.internal.os.RuntimeInit.main(RuntimeInit.java:369)

fid02

Pavestone2734 This issue seems to have been fixed for me after updating to the Play services version 25.10.36 available in the Alpha channel (App Store > Play services> upper right three dots > Release channel).

Note that releases of Play services in the Alpha channel can be unstable.

GrapheneOS

Pavestone2734 Can you confirm that it's a USB key and you're not trying to use NFC or Bluetooth for it? NFC security keys require manually enabling NFC because sandboxed Play services can't do that and will currently crash trying to do it. Don't think we've seen the issue above before but that's worth considering.

Pavestone2734

Pavestone2734 I have Play Services and Play Store installed with network permission enabled for both.
I enable JIT in Vanadium (incognito), then I try to login with the Bitwarden webapp.
After getting to the WebAuthn popup I plug in my Fido key (Token2).
A virtual keyboard popup appears which I can OK but it's a bit glitchy.
At this point either an error appears in Bitwarden or I'm able to proceed to press my key.
After I press my key an error appears in Bitwarden that the authentication took too long or bad credentials or something like that.

Confirmed steps to reproduce:

Enter credentials into Bitwarden
No Passkeys available popup appears
Plug in my Key
Error in Bitwarden: "The authentication was cancelled or took too long"
Immediately after play services crash
Try reading security key again
Select "Use another device" in popup
Connect your key popup appears
Above that "Allow Google Play services to use "FIDO KB"" popup appears. Press OK
The popup freezes for a second and disappears
Touch key
Bitwarden error "The authentication was cancelled or took too long"

Log:

type: crash
osVersion: google/akita/akita:15/BP1A.250405.007.B1/2025041100:user/release-keys
package: com.google.android.gms:251036035, targetSdk 35
process: com.google.android.gms.ui
processUptime: 11316 + 621 ms
installer: app.grapheneos.apps
GmsCompatConfig version: 156

java.lang.NullPointerException: Attempt to invoke virtual method 'void android.view.View.setVisibility(int)' on a null object reference
	at bolc.c(:com.google.android.gms@251036035@25.10.36 (260400-739992411):81)
	at bolc.b(:com.google.android.gms@251036035@25.10.36 (260400-739992411):2)
	at aaag.jT(:com.google.android.gms@251036035@25.10.36 (260400-739992411):9)
	at jpe.kh(:com.google.android.gms@251036035@25.10.36 (260400-739992411):29)
	at jpe.f(:com.google.android.gms@251036035@25.10.36 (260400-739992411):16)
	at jpd.d(:com.google.android.gms@251036035@25.10.36 (260400-739992411):72)
	at jpc.a(:com.google.android.gms@251036035@25.10.36 (260400-739992411):22)
	at jox.a(:com.google.android.gms@251036035@25.10.36 (260400-739992411):15)
	at joj.k(:com.google.android.gms@251036035@25.10.36 (260400-739992411):290)
	at joj.h(:com.google.android.gms@251036035@25.10.36 (260400-739992411):133)
	at joj.c(:com.google.android.gms@251036035@25.10.36 (260400-739992411):15)
	at tab.a(:com.google.android.gms@251036035@25.10.36 (260400-739992411):53)
	at tac.onActivityPostStarted(:com.google.android.gms@251036035@25.10.36 (260400-739992411):10)
	at android.app.Activity.dispatchActivityPostStarted(Activity.java:1636)
	at android.app.Activity.performStart(Activity.java:9214)
	at android.app.ActivityThread.handleStartActivity(ActivityThread.java:4244)
	at android.app.servertransaction.TransactionExecutor.performLifecycleSequence(TransactionExecutor.java:214)
	at android.app.servertransaction.TransactionExecutor.cycleToPath(TransactionExecutor.java:194)
	at android.app.servertransaction.TransactionExecutor.executeLifecycleItem(TransactionExecutor.java:166)
	at android.app.servertransaction.TransactionExecutor.executeTransactionItems(TransactionExecutor.java:101)
	at android.app.servertransaction.TransactionExecutor.execute(TransactionExecutor.java:80)
	at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2782)
	at android.os.Handler.dispatchMessage(Handler.java:109)
	at android.os.Looper.loopOnce(Looper.java:232)
	at android.os.Looper.loop(Looper.java:317)
	at android.app.ActivityThread.main(ActivityThread.java:8973)
	at java.lang.reflect.Method.invoke(Native Method)
	at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:591)
	at com.android.internal.os.ExecInit.main(ExecInit.java:50)
	at com.android.internal.os.RuntimeInit.nativeFinishInit(Native Method)
	at com.android.internal.os.RuntimeInit.main(RuntimeInit.java:369)

sadillili

Not sure which Token2 key you have, but the latest releases allow disabling the keyboard emulation using their companion app. Try disabling it (it is rarely needed, mainly for HOTP).
Also, try to see if the key works at all using their demo

Pavestone2734

fid02 I updated to that release, nevertheless it doesn't work. When I first enter the key Play Services crash and it displays a generic error in Bitwarden. And everything else is the same after. Albeit I didn't restart my phone or anything jist applied the update. I'll catch it in detail next time.

sadillili I have the most basic T2F2 keys. I would probably need to upgrade in the future but I'm not rich.

fid02

sadillili Not sure which Token2 key you have, but the latest releases allow disabling the keyboard emulation using their companion app. Try disabling it (it is rarely needed, mainly for HOTP).

I can confirm that this workaround works: Play services no longer crashes when "Keyboard Emulation (HID)" is set to disabled. You can find this setting in their companion app by going to the Settings menu.

Pavestone2734

Pavestone2734 And everything else is the same after.

What I meant is everything else happens just like in my parent post. Meaning after play store crash and generic error, the "FIDO KB" popup glitches and I get another error in Bitwarden web.

Pavestone2734

GrapheneOS Can confirm, I'm using the "USB key" option. Also my key(s) don't support NFC.

fid02

I can reproduce the crash when authenticating with non-passkey FIDO using a Token2 PIN+ R2 USB-C key. Sticking it in the USB port while trying to authenticate on account.proton.me: selecting to allow Play services access to the key causes Play services to crash.

Seemingly only occurs when trying to authenticate with non-discoverable credentials?

GrapheneOS 2025040700
Gmscompatconfig 156
Play services 25.10.36

type: crash
osVersion: google/shiba/shiba:15/BP1A.250305.019/2025040700:user/release-keys
package: com.google.android.gms:251036035, targetSdk 35
process: com.google.android.gms.ui
processUptime: 3660 + 271 ms
installer: app.grapheneos.apps
GmsCompatConfig version: 156

java.lang.NullPointerException: Attempt to invoke virtual method 'void android.view.View.setVisibility(int)' on a null object reference
	at bolc.c(:com.google.android.gms@251036035@25.10.36 (260400-739992411):81)
	at bolc.b(:com.google.android.gms@251036035@25.10.36 (260400-739992411):2)
	at aaag.jT(:com.google.android.gms@251036035@25.10.36 (260400-739992411):9)
	at jpe.kh(:com.google.android.gms@251036035@25.10.36 (260400-739992411):29)
	at jpe.f(:com.google.android.gms@251036035@25.10.36 (260400-739992411):16)
	at jpd.d(:com.google.android.gms@251036035@25.10.36 (260400-739992411):72)
	at jpc.a(:com.google.android.gms@251036035@25.10.36 (260400-739992411):22)
	at jox.a(:com.google.android.gms@251036035@25.10.36 (260400-739992411):15)
	at joj.k(:com.google.android.gms@251036035@25.10.36 (260400-739992411):290)
	at joj.h(:com.google.android.gms@251036035@25.10.36 (260400-739992411):133)
	at joj.c(:com.google.android.gms@251036035@25.10.36 (260400-739992411):15)
	at tab.a(:com.google.android.gms@251036035@25.10.36 (260400-739992411):53)
	at tac.onActivityPostStarted(:com.google.android.gms@251036035@25.10.36 (260400-739992411):10)
	at android.app.Activity.dispatchActivityPostStarted(Activity.java:1636)
	at android.app.Activity.performStart(Activity.java:9214)
	at android.app.ActivityThread.handleStartActivity(ActivityThread.java:4244)
	at android.app.servertransaction.TransactionExecutor.performLifecycleSequence(TransactionExecutor.java:214)
	at android.app.servertransaction.TransactionExecutor.cycleToPath(TransactionExecutor.java:194)
	at android.app.servertransaction.TransactionExecutor.executeLifecycleItem(TransactionExecutor.java:166)
	at android.app.servertransaction.TransactionExecutor.executeTransactionItems(TransactionExecutor.java:101)
	at android.app.servertransaction.TransactionExecutor.execute(TransactionExecutor.java:80)
	at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2782)
	at android.os.Handler.dispatchMessage(Handler.java:109)
	at android.os.Looper.loopOnce(Looper.java:232)
	at android.os.Looper.loop(Looper.java:317)
	at android.app.ActivityThread.main(ActivityThread.java:8973)
	at java.lang.reflect.Method.invoke(Native Method)
	at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:591)
	at com.android.internal.os.ExecInit.main(ExecInit.java:50)
	at com.android.internal.os.RuntimeInit.nativeFinishInit(Native Method)
	at com.android.internal.os.RuntimeInit.main(RuntimeInit.java:369)

Pavestone2734

fid02 You can find this setting in their companion app by going to the Settings menu.

My key is not supported.

Molasses

I can confirm that USB Security Keys (U2F & Passkeys) don't work properly right now.

1) Logins and adding/registering USB Security Keys seems to work in all apps that provide support for them.

2) Only adding USB Security Keys to an online account works in Vanadium on my end. Any login attempts into those accounts will fail though.

3) The built-in security key of the Pixel 9 always works perfectly fine in all cases.

Hopefully this can be fixed soon with an updated Version of Sandboxed Play Services.

Pixel 9
GrapheneOS 2025041100
Play Services 25.08.32

fid02

Molasses Are you using a Token2 security key? If not, are you getting an equal crash log as to what the OP posted? And if so, which key model are you using?

Please note that there are many bugs related to FIDO security keys, and that the issues you're raising may or may not be related to the Play services crash that the OP is reporting.

Molasses

fid02

There are no crashes, just generic error messages from the services that I try to log into. The Yubikeys seemingly don't get detected at all when using a Webbrowser to login. The usual Google branded popup doesn't appear at all.

It's overall quite frustrating how poorly Google handles the situation. It's not just the fact that the FIDO Library get's bundled with Play Services instead of being directly included into AOSP. It's such a poor experience compared to how it works on the Apple side...

fid02

Molasses OK, doesn't sound related to the OP. You can see if this solves your issue: https://discuss.grapheneos.org/d/12056-fido2-security-keys-on-grapheneos-a-summary/37

Suggest discussing that issue further in that thread.

Pavestone2734

Is there an exact status regarding this problem, do we know why it's happening? Is this an AOSP, Google Service or GOS issue? When is it expected to be fixed? I tried using the regular Bitwarden app which also didn't work. It's really annoying.