Secure Hardware Detection Fails on Android After Upgrading to Flutter 3.35.4 (onSecureHardwareNotAvailable Triggered Always)

[danielsotelotasgroup]

Describe the bug
After upgrading Flutter and freeRASP, the onSecureHardwareNotAvailable callback is triggered on all Android devices, even on hardware where it previously worked correctly.
With Flutter 3.7.9 and freeRASP 6.3.0, this callback was not triggered, and secure hardware was detected properly.
However, on Flutter 3.35.4 (or newer) with freeRASP 6.3.0 or 7.3.0, the callback always fires, indicating that secure hardware is missing even when the device actually has it.

To Reproduce

1. Create or use a Flutter project using version 3.35.4.
2. Install and configure freeRASP (tested with versions 6.3.0 and 7.3.0).
3. Run the app on a physical Android device or emulator.
4. Notice that onSecureHardwareNotAvailable is triggered every time.

Expected behavior
The expected behavior is that onSecureHardwareNotAvailable should only fire when the Android device truly lacks secure hardware.
In previous versions (Flutter 3.7.9 + freeRASP 6.3.0), detection worked correctly.
Consistent secure hardware detection is expected regardless of the Flutter version.

Screenshots
(Not applicable at the moment; the issue is visible in callback logs.)

Please complete the following information:
Device: Samsung SM-A256B, Xiaomi 22081212UG, Google Pixel 8 emulator (sdk_gphone64_arm64)
OS version: Android 12 / Android 14 / Android 15 / Android 16
Version of freeRASP: tested 6.3.0 and 7.3.0
Flutter version: 3.35.4 (problematic), 3.7.9 (working as expected)

Additional context
The issue occurs in Android devices and in both debug and release modes and is reproducible across multiple brands and models.
Even running older freeRASP versions on the new Flutter version still produces the issue, suggesting that a change in Flutter (possibly in the Android keystore/security APIs) may be affecting freeRASP’s secure hardware detection.

[tompsota]

Hi @danielsotelotasgroup,

Thanks for the report. We did not observe such behavior before, but we will try to reproduce the issue and get back to you.

In the meantime, could you clarify following:

• When you ran the app with the new Flutter version, did you run it on a all the devices mentioned above? Or only some of them?
• If you ran it only on some of the devices, can you specify on which? Please also add the Android version of the device(s) and whether it is real device or an emulator.

Finally, it is expected that you get onSecureHardwareNotAvailable on emulators, as those usually do not have KeyStore available.

Best,
Tomas from Talsec

[danielsotelotasgroup]

Hi @tompsota

These are the real devices we use for testing:

Samsung SM-A256B: Android 16,
Samsung SM-A356B: Android 16,
Xiaomi 22081212UG: Android 15,
Realme RMX2155: Android 12.

These are the emulator we use for testing:
Google Pixel 8 emulator (sdk_gphone64_arm64): Android 14.

Thanks,
Daniel