canShowMessageCenter is returning false

[theAdmiralNelson]

We have a react native android app that's been working well with Apptentive until recently. When we make the call to canShowMessageCenter(), it always returns as false.

These are the support libraries we are using:

    implementation "com.android.support:support-compat:27.1.1"
    implementation "com.android.support:support-core-utils:27.1.1"
    implementation "com.android.support:support-core-ui:27.1.1"
    implementation "com.android.support:support-media-compat:27.1.1"
    implementation "com.android.support:appcompat-v7:27.1.1"
    implementation "com.android.support:cardview-v7:27.1.1"
    implementation "com.android.support:design:27.1.1

And our code where we call the method looks like this:

    @ReactMethod
    public void showMessageCenter() {
        Apptentive.canShowMessageCenter(new Apptentive.BooleanCallback() {
            @Override
            public void onFinish(boolean canShowMessageCenter) {
                if (canShowMessageCenter) {
                    Apptentive.showMessageCenter(getReactApplicationContext());
                }
            }
        });
    }

Any help diagnosing why it always returns as false would be much appreciated!

[weeeBox]

Hi @theAdmiralNelson,

We support React Native so you don't need to write your own wrappers: https://github.com/apptentive/apptentive-react-native

It would be helpful if you can send us device logs.

[theAdmiralNelson]

Wow! Thanks for getting back to me so soon. So, I was trying to capture the logs around the button being clicked earlier, but after searching the logs further up, these are the logs around the register event. Looks like our key is corrupted. I'll write up another ticket if I have any trouble getting that resolved. Thanks for the quick reply!

2018-11-20 18:15:47.002 29666-29666/com.thekrazycouponlady.kcl.debug I/Apptentive: Registering Apptentive Android SDK 5.3.2
2018-11-20 18:15:47.032 1383-1383/? D/TrustyKeymaster: Device received get_key_characteristics
2018-11-20 18:15:47.033 1383-1383/? E/TrustyKeymaster: calling trusty_keymaster_call insize 191 msg size 195
2018-11-20 18:15:47.033 1383-1383/? E/TrustyKeymaster: Received 4 byte response
2018-11-20 18:15:47.033 1383-1383/? E/TrustyKeymaster: Error: Response of size 4 contained error code -33
2018-11-20 18:15:47.039 29666-29666/com.thekrazycouponlady.kcl.debug E/Apptentive: [SECURITY] Exception while resolving secret key for alias '<HIDDEN>'. Encryption might not work correctly!
2018-11-20 18:15:47.039 29666-29666/com.thekrazycouponlady.kcl.debug E/Apptentive: Failed to obtain information about key
2018-11-20 18:15:47.054 29666-29666/com.thekrazycouponlady.kcl.debug E/Apptentive: java.security.UnrecoverableKeyException: Failed to obtain information about key
     Caused by: com.apptentive.android.sdk.encryption.EncryptionException: Can't decrypt data: key is corrupted
        at ...

[weeeBox]

@theAdmiralNelson, do you test using emulator or device?

[theAdmiralNelson]

@weeeBox, both, but those logs are from an emulator. A user reported this issue, and we've seen it on both emulator and device. I can get you logs from a device if that's helpful.

[weeeBox]

Which device/OS version do you use for testing? Do you have the latest Android build tools installed?

[theAdmiralNelson]

We have a couple of devices. We have an old Galaxy S6 that's on 7.0 and a Pixel 2 running 9.0. The Galaxy works great when calling canShowMessageCenter(). The Pixel 2, not so much. The logs from the emulator was a Pixel 2 on 8.1. Here's the weird bit, I just tried running the same code on a Pixel 2 emulator running 9.0. No problems, message center pops up beautifully. And we were on 28.0.2 with build tools. I just updated to 28.0.3 before running these tests.

[weeeBox]

We saw some issues with Android KeyChain with build tools 28.0.2

[theAdmiralNelson]

Okay, good to know. After narrowing it down further, it seems the issue is related to the difference between debug and release builds. Will update with more info. Hopefully the answer to fix.

[theAdmiralNelson]

I recant what I said earlier. The debug and release builds are only reacting differently because the release build runs quicker. This seems to be a timing issue. It's a 50/50 chance or less that when we register our app, the process goes through. After updating build tools and support libraries, the issue still persists. Not sure what else we can do. Thanks again for your time!

[weeeBox]

Thanks for the additional info. Were you able to see the issue in the "quicker" release build or "slower" debug build?

[theAdmiralNelson]

The release build would intermittently have the 'corrupted key'. I just switched over to your RN library. Seems to eliminate the issue, but more testing will tell. Thanks again for all of your time. Super prompt responses!

[weeeBox]

Thanks @theAdmiralNelson, we'll take a close look at release configuration.

[weeeBox]

@theAdmiralNelson, starting SDK 5.3.3 we forcing the legacy Android KeyStore API 18 on new client installs.

[szymonnn]

@weeeBox Hi there, I don't want to open new issue as I think that mine is connected with this one. I work on native Android app and Message Center stopped working on this device:

Apptentive SDK: 5.3.3 Device Model: SM-G960F Android OS Version: 8.0.0 Android OS API Level: 26 Locale: polski (Polska)

I catched some logs and it looks like there is some encryption problem.

E: java.security.InvalidKeyException: Failed to unwrap key
    at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineUnwrap(AndroidKeyStoreCipherSpiBase.java:682)
    at javax.crypto.Cipher.unwrap(Cipher.java:2121)
    at com.apptentive.android.sdk.encryption.resolvers.KeyResolver18.unwrapSymmetricKey(KeyResolver18.java:219)
    at com.apptentive.android.sdk.encryption.resolvers.KeyResolver18.loadSymmetricKey(KeyResolver18.java:133)
    at com.apptentive.android.sdk.encryption.resolvers.KeyResolver18.resolveSymmetricKey(KeyResolver18.java:86)
    at com.apptentive.android.sdk.encryption.resolvers.KeyResolver18.resolveKey(KeyResolver18.java:66)
    at com.apptentive.android.sdk.encryption.SecurityManager.resolveMasterKey(SecurityManager.java:79)
    at com.apptentive.android.sdk.encryption.SecurityManager.init(SecurityManager.java:45)
    at com.apptentive.android.sdk.ApptentiveInternal.<init>(ApptentiveInternal.java:169)
    at com.apptentive.android.sdk.ApptentiveInternal.createInstance(ApptentiveInternal.java:238)
    at com.apptentive.android.sdk.Apptentive.register(Apptentive.java:129)
    at pl.q2p.app.app.App.setupApptentive(App.java:54)
    at pl.q2p.app.app.App.onCreate(App.java:30)
    at android.app.Instrumentation.callApplicationOnCreate(Instrumentation.java:1125)
    at android.app.ActivityThread.handleBindApplication(ActivityThread.java:6062)
    at android.app.ActivityThread.-wrap1(Unknown Source:0)
    at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1764)
    at android.os.Handler.dispatchMessage(Handler.java:105)
    at android.os.Looper.loop(Looper.java:164)
    at android.app.ActivityThread.main(ActivityThread.java:6944)
    at java.lang.reflect.Method.invoke(Native Method)
    at com.android.internal.os.Zygote$MethodAndArgsCaller.run(Zygote.java:327)
    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1374)
Caused by: javax.crypto.IllegalBlockSizeException
    at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:519)
    at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineUnwrap(AndroidKeyStoreCipherSpiBase.java:680)
    ... 22 more
Caused by: android.security.KeyStoreException: Unknown error
    at android.security.KeyStore.getKeyStoreException(KeyStore.java:1137)
    at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224)
    at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
    ... 23 more

Any help appreciated!

[weeeBox]

Hey @szymonnn,

Sorry for the issue. We're working close with Google to resolve it.

[szymonnn]

@weeeBox any update?

[weeeBox]

Google is pretty slow on responses. They claim that the issue mostly affects OEM devices. We're planning to make encryption optional for the next SDK release.

[szymonnn]

@weeeBox as I read Apptentive SDK release notes it seems that problem shouldn't exist in version v5.2.0 (v5.3.0 Improved SDK security with encryption and KeyStore). Can you confirm that?

[vasgit]

@szymonnn I have the same problem in v5.3.3. I currently forced use v5.3.0, it not has problem with Message Center. @weeeBox I am also waiting for the update

[weeeBox]

@szymonnn, we forced the legacy KeyStore API 18 in 5.3.3 which appeared to be more stable than modern API 23. This issue is really hard to reproduce and Google wants more details and devices logs. We are working on an SDK update which would make encryption optional.

[weeeBox]

@szymonnn, @theAdmiralNelson, starting 5.4.0, on-device storage encryption is optional. Please, update your installations.