search

EOSIO / eosio-android-keystore-signature-provider

Pluggable signature provider for EOSIO SDK for Java using Android's Keystore
https://eosio.github.io/eosio-android-keystore-signature-provider/
MIT License
9 stars 11 forks source link

The library doesn't work in multithread mode #15

Open MYKEYADMIN opened 5 years ago

MYKEYADMIN commented 5 years ago

Due to Android KeyStore is not thread-safe, So the sign method will throw exceptions when invoked by multithread usage.

Exceptions

one.block.eosiojavaandroidkeystoresignatureprovider.errors.AndroidKeyStoreSigningError: java.security.SignatureException: android.security.KeyStoreException: Invalid operation handle
at one.block.eosiojavaandroidkeystoresignatureprovider.EosioAndroidKeyStoreUtility$Companion.sign(EosioAndroidKeyStoreUtility.kt:214)
at one.block.eosiojavaandroidkeystoresignatureprovider.EosioAndroidKeyStoreUtility.sign(Unknown Source:2)
at com.mykey.test.kotelin.TestActivity.sign(TestActivity.java:35)
at com.mykey.test.kotelin.TestActivity.access$000(TestActivity.java:15)
at com.mykey.test.kotelin.TestActivity$1.run(TestActivity.java:26)
at java.lang.Thread.run(Thread.java:764)
Caused by: java.security.SignatureException: android.security.KeyStoreException: Invalid operation handle
at android.security.keystore.AndroidKeyStoreSignatureSpiBase.engineUpdate(AndroidKeyStoreSignatureSpiBase.java:273)
at java.security.Signature$Delegate.engineUpdate(Signature.java:1358)
at java.security.Signature.update(Signature.java:915)
at java.security.Signature.update(Signature.java:888)
at one.block.eosiojavaandroidkeystoresignatureprovider.EosioAndroidKeyStoreUtility$Companion.sign(EosioAndroidKeyStoreUtility.kt:210)
... 5 more
Caused by: android.security.KeyStoreException: Invalid operation handle
at android.security.KeyStore.getKeyStoreException(KeyStore.java:695)
at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.update(KeyStoreCryptoOperationChunkedStreamer.java:132)
at android.security.keystore.AndroidKeyStoreSignatureSpiBase.engineUpdate(AndroidKeyStoreSignatureSpiBase.java:271)
... 9 more

How to reproduce?


EosioAndroidKeyStoreUtility.generateAndroidKeyStoreKey("Test");

for (int i = 1; i < 100; i++) {
    new Thread(new Runnable() {
        @Override
        public void run() {
            sign();
        }
    }).start();
}

private void sign() {
    try {
        String unsignedData = "UnSignedMsg";
        byte[] signature = EosioAndroidKeyStoreUtility.sign(unsignedData.getBytes(), "Test", null, null);
        String str = new String(Hex.encode(signature));
        Log.e("MYKEY", "signature:" + str);
    } catch (Exception e) {
        e.printStackTrace();
        Log.e("MYKEY", "error");
    }
}

Will provide one pull request soon.

anguyenqd commented 5 years ago

Thanks for your effort to solve the issue. We will review your PR.