diff --git a/src/src/com/microsoft/aad/adal/StorageHelper.java b/src/src/com/microsoft/aad/adal/StorageHelper.java
index 489b2ffdb..d477532a7 100644
--- a/src/src/com/microsoft/aad/adal/StorageHelper.java
+++ b/src/src/com/microsoft/aad/adal/StorageHelper.java
@@ -31,9 +31,6 @@
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.io.UnsupportedEncodingException;
-import java.lang.reflect.Constructor;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
 import java.math.BigInteger;
 import java.security.DigestException;
 import java.security.GeneralSecurityException;
@@ -47,7 +44,6 @@
 import java.security.UnrecoverableKeyException;
 import java.security.cert.CertificateException;
 import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.InvalidKeySpecException;
 import java.util.Calendar;
 import java.util.Date;
 import java.util.Locale;
@@ -450,6 +446,16 @@ final synchronized private SecretKey getSecretKeyFromAndroidKeyStore() throws IO
             if (encryptedKey == null || encryptedKey.length == 0) {
                 throw new UnrecoverableKeyException("Couldn't find encrypted key in file");
             }
+            
+            // Check if the retrieved keypair is empty. With the current limitation of 
+            // AndroidKeyStore, there is possibility that the alias is not wiped but 
+            // the key data is wiped, if this is the case, the retrieved keypair will
+            // be empty, and when we use the private key to do unwrap, we'll encounter 
+            // IllegalArgumentException
+            if (mKeyPair.getPrivate() == null || mKeyPair.getPrivate().getEncoded().length == 0) {
+                throw new UnrecoverableKeyException("Retrieved private key is empty.");
+            }
+            
             sSecretKeyFromAndroidKeyStore = unwrap(wrapCipher, encryptedKey);
             Logger.v(TAG, "Finished reading SecretKey");
         } catch (GeneralSecurityException | IOException ex) {