search

awslabs / aws-mobile-appsync-sdk-android

Android SDK for AWS AppSync.
https://docs.amplify.aws/sdk/api/graphql/q/platform/android/
Apache License 2.0
105 stars 58 forks source link

AWSKeyValueStore: Error during encryption key generation or key loading #137

Closed watanabethais closed 5 years ago

watanabethais commented 5 years ago

I'm using Authentication in my App with Drop-In Auth and I can't login.

Error:

E/AWSKeyValueStore: Error in decrypting data. 
    javax.crypto.AEADBadTagException
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:517)
        at javax.crypto.Cipher.doFinal(Cipher.java:2056)
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.decrypt(AWSKeyValueStore.java:347)
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.get(AWSKeyValueStore.java:205)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.readCachedTokens(CognitoUser.java:2228)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:939)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5.run(CognitoUser.java:683)
        at java.lang.Thread.run(Thread.java:776)
     Caused by: android.security.KeyStoreException: Signature/MAC verification failed
        at android.security.KeyStore.getKeyStoreException(KeyStore.java:678)
        at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224)
        at android.security.keystore.AndroidKeyStoreAuthenticatedAESCipherSpi$BufferAllOutputUntilDoFinalStreamer.doFinal(AndroidKeyStoreAuthenticatedAESCipherSpi.java:373)
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
        at javax.crypto.Cipher.doFinal(Cipher.java:2056) 
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.decrypt(AWSKeyValueStore.java:347) 
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.get(AWSKeyValueStore.java:205) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.readCachedTokens(CognitoUser.java:2228) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:939) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5.run(CognitoUser.java:683) 
        at java.lang.Thread.run(Thread.java:776) 
E/AWSKeyValueStore: Error in decrypting data. 
    javax.crypto.AEADBadTagException
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:517)
        at javax.crypto.Cipher.doFinal(Cipher.java:2056)
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.decrypt(AWSKeyValueStore.java:347)
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.get(AWSKeyValueStore.java:205)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.readCachedTokens(CognitoUser.java:2230)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:939)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5.run(CognitoUser.java:683)
        at java.lang.Thread.run(Thread.java:776)
     Caused by: android.security.KeyStoreException: Signature/MAC verification failed
        at android.security.KeyStore.getKeyStoreException(KeyStore.java:678)
        at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224)
        at android.security.keystore.AndroidKeyStoreAuthenticatedAESCipherSpi$BufferAllOutputUntilDoFinalStreamer.doFinal(AndroidKeyStoreAuthenticatedAESCipherSpi.java:373)
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
        at javax.crypto.Cipher.doFinal(Cipher.java:2056) 
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.decrypt(AWSKeyValueStore.java:347) 
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.get(AWSKeyValueStore.java:205) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.readCachedTokens(CognitoUser.java:2230) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:939) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5.run(CognitoUser.java:683) 
        at java.lang.Thread.run(Thread.java:776) 
E/AWSKeyValueStore: Error in decrypting data. 
    javax.crypto.AEADBadTagException
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:517)
        at javax.crypto.Cipher.doFinal(Cipher.java:2056)
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.decrypt(AWSKeyValueStore.java:347)
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.get(AWSKeyValueStore.java:205)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.readCachedTokens(CognitoUser.java:2232)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:939)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5.run(CognitoUser.java:683)
        at java.lang.Thread.run(Thread.java:776)
     Caused by: android.security.KeyStoreException: Signature/MAC verification failed
        at android.security.KeyStore.getKeyStoreException(KeyStore.java:678)
        at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224)
        at android.security.keystore.AndroidKeyStoreAuthenticatedAESCipherSpi$BufferAllOutputUntilDoFinalStreamer.doFinal(AndroidKeyStoreAuthenticatedAESCipherSpi.java:373)
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
        at javax.crypto.Cipher.doFinal(Cipher.java:2056) 
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.decrypt(AWSKeyValueStore.java:347) 
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.get(AWSKeyValueStore.java:205) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.readCachedTokens(CognitoUser.java:2232) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:939) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5.run(CognitoUser.java:683) 
        at java.lang.Thread.run(Thread.java:776) 
I/AWSKeyValueStore: Detected Android API Level = 24
    Using keyAlias = CognitoIdentityProviderDeviceCache.ap-northeast-********.null.aesKeyStoreAlias
I/AWSKeyValueStore: Creating the AWSKeyValueStore with key for sharedPreferences = CognitoIdentityProviderDeviceCache.ap-northeast--********.null
E/CognitoUserPoolsSignInProvider: Failed to login.
    com.amazonaws.mobileconnectors.cognitoidentityprovider.exceptions.CognitoInternalErrorException: Failed to authenticate user
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:955)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5.run(CognitoUser.java:683)
        at java.lang.Thread.run(Thread.java:776)
     Caused by: com.amazonaws.services.cognitoidentityprovider.model.InvalidParameterException: Missing required parameter REFRESH_TOKEN (Service: AmazonCognitoIdentityProvider; Status Code: 400; Error Code: InvalidParameterException; Request ID: fdc0e623-54fc-11e9-a5e3-5745901bbdf6)
        at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
        at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
        at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
        at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.invoke(AmazonCognitoIdentityProviderClient.java:5953)
        at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.initiateAuth(AmazonCognitoIdentityProviderClient.java:4127)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.refreshSession(CognitoUser.java:2324)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:948)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5.run(CognitoUser.java:683) 
        at java.lang.Thread.run(Thread.java:776) 
I/HwPointEventFilter: do not support AFT because of no config
E/IdentityManager: SignInProviderResultAdapter.onError(): Amazon Cognito Your User Pools provider error. Failed to authenticate user
    com.amazonaws.mobileconnectors.cognitoidentityprovider.exceptions.CognitoInternalErrorException: Failed to authenticate user
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:955)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5.run(CognitoUser.java:683)
        at java.lang.Thread.run(Thread.java:776)
     Caused by: com.amazonaws.services.cognitoidentityprovider.model.InvalidParameterException: Missing required parameter REFRESH_TOKEN (Service: AmazonCognitoIdentityProvider; Status Code: 400; Error Code: InvalidParameterException; Request ID: fdc0e623-54fc-11e9-a5e3-5745901bbdf6)
        at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
        at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
        at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
        at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.invoke(AmazonCognitoIdentityProviderClient.java:5953)
        at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.initiateAuth(AmazonCognitoIdentityProviderClient.java:4127)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.refreshSession(CognitoUser.java:2324)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:948)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5.run(CognitoUser.java:683) 
        at java.lang.Thread.run(Thread.java:776) 
E/SignInActivity: Sign-in with Amazon Cognito Your User Pools caused an error.
    com.amazonaws.mobile.auth.core.signin.ProviderAuthException: com.amazonaws.mobileconnectors.cognitoidentityprovider.exceptions.CognitoInternalErrorException: Failed to authenticate user
        at com.amazonaws.mobile.auth.core.IdentityManager$SignInProviderResultAdapter.onError(IdentityManager.java:484)
        at com.amazonaws.mobile.auth.userpools.CognitoUserPoolsSignInProvider$4.onFailure(CognitoUserPoolsSignInProvider.java:365)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5$3.run(CognitoUser.java:705)
        at android.os.Handler.handleCallback(Handler.java:761)
        at android.os.Handler.dispatchMessage(Handler.java:98)
        at android.os.Looper.loop(Looper.java:156)
        at android.app.ActivityThread.main(ActivityThread.java:6595)
        at java.lang.reflect.Method.invoke(Native Method)
        at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:942)
        at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:832)
     Caused by: com.amazonaws.mobileconnectors.cognitoidentityprovider.exceptions.CognitoInternalErrorException: Failed to authenticate user
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:955)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5.run(CognitoUser.java:683)
        at java.lang.Thread.run(Thread.java:776)
     Caused by: com.amazonaws.services.cognitoidentityprovider.model.InvalidParameterException: Missing required parameter REFRESH_TOKEN (Service: AmazonCognitoIdentityProvider; Status Code: 400; Error Code: InvalidParameterException; Request ID: fdc0e623-54fc-11e9-a5e3-5745901bbdf6)
        at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
        at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
        at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
        at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.invoke(AmazonCognitoIdentityProviderClient.java:5953)
        at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.initiateAuth(AmazonCognitoIdentityProviderClient.java:4127)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.refreshSession(CognitoUser.java:2324)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:948)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5.run(CognitoUser.java:683) 
        at java.lang.Thread.run(Thread.java:776) 
E/DefaultSignInResultHandler: Sign-in with Amazon Cognito Your User Pools failed.
    com.amazonaws.mobileconnectors.cognitoidentityprovider.exceptions.CognitoInternalErrorException: Failed to authenticate user
    com.amazonaws.mobile.auth.core.signin.ProviderAuthException: com.amazonaws.mobileconnectors.cognitoidentityprovider.exceptions.CognitoInternalErrorException: Failed to authenticate user
        at com.amazonaws.mobile.auth.core.IdentityManager$SignInProviderResultAdapter.onError(IdentityManager.java:484)
        at com.amazonaws.mobile.auth.userpools.CognitoUserPoolsSignInProvider$4.onFailure(CognitoUserPoolsSignInProvider.java:365)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5$3.run(CognitoUser.java:705)
        at android.os.Handler.handleCallback(Handler.java:761)
        at android.os.Handler.dispatchMessage(Handler.java:98)
        at android.os.Looper.loop(Looper.java:156)
        at android.app.ActivityThread.main(ActivityThread.java:6595)
        at java.lang.reflect.Method.invoke(Native Method)
        at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:942)
        at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:832)
     Caused by: com.amazonaws.mobileconnectors.cognitoidentityprovider.exceptions.CognitoInternalErrorException: Failed to authenticate user
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:955)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5.run(CognitoUser.java:683)
        at java.lang.Thread.run(Thread.java:776)
     Caused by: com.amazonaws.services.cognitoidentityprovider.model.InvalidParameterException: Missing required parameter REFRESH_TOKEN (Service: AmazonCognitoIdentityProvider; Status Code: 400; Error Code: InvalidParameterException; Request ID: fdc0e623-54fc-11e9-a5e3-5745901bbdf6)
        at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
        at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
        at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
        at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.invoke(AmazonCognitoIdentityProviderClient.java:5953)
        at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.initiateAuth(AmazonCognitoIdentityProviderClient.java:4127)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.refreshSession(CognitoUser.java:2324)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:948)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5.run(CognitoUser.java:683) 
        at java.lang.Thread.run(Thread.java:776) 

Environment(please complete the following information):

Device Information (please complete the following information):

Additional context When I clear the memory and cache of the App in Application Settings in my device works, but when uninstalling and installing the App, the error comes back.

mutablealligator commented 5 years ago

@watanabethais Sorry for the inconvenience caused.

From the stacktrace, I could see that loading the refresh token from the cache (SharedPreferences) failed because we couldn't successfully decrypt the data.

From the exception messages you have posted, I can see this happening when the key used for encryption cannot be loaded from the keystore or the IV used for encrypting the data is not the right IV or IV is null.

Do you see any exception messages in Logcat such as 

"Error in accessing the Android KeyStore."
"AndroidKeyStore contains keyAlias " ?
watanabethais commented 5 years ago

@kvasukib Thank you for your quick response!

I found these exceptions before the error in decrypting data:

2019-04-03 08:24:56.007 4398-4398/? I/art: Rejecting re-init on previously-failed class java.lang.Class<android.support.v4.view.ViewCompat$OnUnhandledKeyEventListenerWrapper>: java.lang.NoClassDefFoundError: Failed resolution of: Landroid/view/View$OnUnhandledKeyEventListener;
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.support.v4.view.ViewCompat.setBackground(android.view.View, android.graphics.drawable.Drawable) (ViewCompat.java:2341)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.support.v7.widget.ActionBarContainer.<init>(android.content.Context, android.util.AttributeSet) (ActionBarContainer.java:62)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at java.lang.Object java.lang.reflect.Constructor.newInstance0!(java.lang.Object[]) (Constructor.java:-2)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at java.lang.Object java.lang.reflect.Constructor.newInstance(java.lang.Object[]) (Constructor.java:430)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.view.View android.view.LayoutInflater.createView(java.lang.String, java.lang.String, android.util.AttributeSet) (LayoutInflater.java:656)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.view.View android.view.LayoutInflater.createViewFromTag(android.view.View, java.lang.String, android.content.Context, android.util.AttributeSet, boolean) (LayoutInflater.java:798)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.view.View android.view.LayoutInflater.createViewFromTag(android.view.View, java.lang.String, android.content.Context, android.util.AttributeSet) (LayoutInflater.java:738)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.view.LayoutInflater.rInflate(org.xmlpull.v1.XmlPullParser, android.view.View, android.content.Context, android.util.AttributeSet, boolean) (LayoutInflater.java:869)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.view.LayoutInflater.rInflateChildren(org.xmlpull.v1.XmlPullParser, android.view.View, android.util.AttributeSet, boolean) (LayoutInflater.java:832)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.view.View android.view.LayoutInflater.inflate(org.xmlpull.v1.XmlPullParser, android.view.ViewGroup, boolean) (LayoutInflater.java:518)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.view.View android.view.LayoutInflater.inflate(int, android.view.ViewGroup, boolean) (LayoutInflater.java:426)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.view.View android.view.LayoutInflater.inflate(int, android.view.ViewGroup) (LayoutInflater.java:377)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.view.ViewGroup android.support.v7.app.AppCompatDelegateImpl.createSubDecor() (AppCompatDelegateImpl.java:607)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.support.v7.app.AppCompatDelegateImpl.ensureSubDecor() (AppCompatDelegateImpl.java:518)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.support.v7.app.AppCompatDelegateImpl.setContentView(int) (AppCompatDelegateImpl.java:466)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.support.v7.app.AppCompatActivity.setContentView(int) (AppCompatActivity.java:140)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void jp.ewind.inspectiontraining.activity.AuthenticationActivity.onCreate(android.os.Bundle) (AuthenticationActivity.java:36)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.app.Activity.performCreate(android.os.Bundle) (Activity.java:6910)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.app.Instrumentation.callActivityOnCreate(android.app.Activity, android.os.Bundle) (Instrumentation.java:1123)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.app.Activity android.app.ActivityThread.performLaunchActivity(android.app.ActivityThread$ActivityClientRecord, android.content.Intent) (ActivityThread.java:2749)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.app.ActivityThread.handleLaunchActivity(android.app.ActivityThread$ActivityClientRecord, android.content.Intent, java.lang.String) (ActivityThread.java:2867)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.app.ActivityThread.-wrap12(android.app.ActivityThread, android.app.ActivityThread$ActivityClientRecord, android.content.Intent, java.lang.String) (ActivityThread.java:-1)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.app.ActivityThread$H.handleMessage(android.os.Message) (ActivityThread.java:1570)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.os.Handler.dispatchMessage(android.os.Message) (Handler.java:105)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.os.Looper.loop() (Looper.java:156)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.app.ActivityThread.main(java.lang.String[]) (ActivityThread.java:6595)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at java.lang.Object java.lang.reflect.Method.invoke!(java.lang.Object, java.lang.Object[]) (Method.java:-2)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run() (ZygoteInit.java:942)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void com.android.internal.os.ZygoteInit.main(java.lang.String[]) (ZygoteInit.java:832)
2019-04-03 08:24:56.007 4398-4398/? I/art: Caused by: java.lang.ClassNotFoundException: Didn't find class "android.view.View$OnUnhandledKeyEventListener" on path: DexPathList[[zip file "/data/app/jp.ewind.inspectiontraining-2/base.apk"],nativeLibraryDirectories=[/data/app/jp.ewind.inspectiontraining-2/lib/arm64, /data/app/jp.ewind.inspectiontraining-2/base.apk!/lib/arm64-v8a, /system/lib64, /vendor/lib64, /system/vendor/lib64, /product/lib64]]
2019-04-03 08:24:56.007 4398-4398/? I/art:     at java.lang.Class dalvik.system.BaseDexClassLoader.findClass(java.lang.String) (BaseDexClassLoader.java:56)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at java.lang.Class java.lang.ClassLoader.loadClass(java.lang.String, boolean) (ClassLoader.java:380)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at java.lang.Class java.lang.ClassLoader.loadClass(java.lang.String) (ClassLoader.java:312)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.support.v4.view.ViewCompat.setBackground(android.view.View, android.graphics.drawable.Drawable) (ViewCompat.java:2341)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.support.v7.widget.ActionBarContainer.<init>(android.content.Context, android.util.AttributeSet) (ActionBarContainer.java:62)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at java.lang.Object java.lang.reflect.Constructor.newInstance0!(java.lang.Object[]) (Constructor.java:-2)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at java.lang.Object java.lang.reflect.Constructor.newInstance(java.lang.Object[]) (Constructor.java:430)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.view.View android.view.LayoutInflater.createView(java.lang.String, java.lang.String, android.util.AttributeSet) (LayoutInflater.java:656)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.view.View android.view.LayoutInflater.createViewFromTag(android.view.View, java.lang.String, android.content.Context, android.util.AttributeSet, boolean) (LayoutInflater.java:798)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.view.View android.view.LayoutInflater.createViewFromTag(android.view.View, java.lang.String, android.content.Context, android.util.AttributeSet) (LayoutInflater.java:738)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.view.LayoutInflater.rInflate(org.xmlpull.v1.XmlPullParser, android.view.View, android.content.Context, android.util.AttributeSet, boolean) (LayoutInflater.java:869)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.view.LayoutInflater.rInflateChildren(org.xmlpull.v1.XmlPullParser, android.view.View, android.util.AttributeSet, boolean) (LayoutInflater.java:832)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.view.View android.view.LayoutInflater.inflate(org.xmlpull.v1.XmlPullParser, android.view.ViewGroup, boolean) (LayoutInflater.java:518)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.view.View android.view.LayoutInflater.inflate(int, android.view.ViewGroup, boolean) (LayoutInflater.java:426)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.view.View android.view.LayoutInflater.inflate(int, android.view.ViewGroup) (LayoutInflater.java:377)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.view.ViewGroup android.support.v7.app.AppCompatDelegateImpl.createSubDecor() (AppCompatDelegateImpl.java:607)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.support.v7.app.AppCompatDelegateImpl.ensureSubDecor() (AppCompatDelegateImpl.java:518)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.support.v7.app.AppCompatDelegateImpl.setContentView(int) (AppCompatDelegateImpl.java:466)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.support.v7.app.AppCompatActivity.setContentView(int) (AppCompatActivity.java:140)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void jp.ewind.inspectiontraining.activity.AuthenticationActivity.onCreate(android.os.Bundle) (AuthenticationActivity.java:36)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.app.Activity.performCreate(android.os.Bundle) (Activity.java:6910)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.app.Instrumentation.callActivityOnCreate(android.app.Activity, android.os.Bundle) (Instrumentation.java:1123)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at android.app.Activity android.app.ActivityThread.performLaunchActivity(android.app.ActivityThread$ActivityClientRecord, android.content.Intent) (ActivityThread.java:2749)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.app.ActivityThread.handleLaunchActivity(android.app.ActivityThread$ActivityClientRecord, android.content.Intent, java.lang.String) (ActivityThread.java:2867)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.app.ActivityThread.-wrap12(android.app.ActivityThread, android.app.ActivityThread$ActivityClientRecord, android.content.Intent, java.lang.String) (ActivityThread.java:-1)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.app.ActivityThread$H.handleMessage(android.os.Message) (ActivityThread.java:1570)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.os.Handler.dispatchMessage(android.os.Message) (Handler.java:105)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.os.Looper.loop() (Looper.java:156)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void android.app.ActivityThread.main(java.lang.String[]) (ActivityThread.java:6595)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at java.lang.Object java.lang.reflect.Method.invoke!(java.lang.Object, java.lang.Object[]) (Method.java:-2)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run() (ZygoteInit.java:942)
2019-04-03 08:24:56.007 4398-4398/? I/art:     at void com.android.internal.os.ZygoteInit.main(java.lang.String[]) (ZygoteInit.java:832)
2019-04-03 08:24:56.050 1691-1907/? W/qti_sensors_hal: timestampCalc: Adjusting timestamp for rollover: 1035542022833113, -2
2019-04-03 08:24:56.090 1691-1907/? W/qti_sensors_hal: timestampCalc: Adjusting timestamp for rollover: 1035542089971785, -2
2019-04-03 08:24:56.097 4398-4398/? I/art: Rejecting re-init on previously-failed class java.lang.Class<com.amazonaws.mobile.client.AWSMobileClient$2$2>: java.lang.NoClassDefFoundError: Failed resolution of: Lcom/amazonaws/mobileconnectors/cognitoauth/handlers/AuthHandler;
2019-04-03 08:24:56.097 4398-4398/? I/art:     at java.lang.Runnable com.amazonaws.mobile.client.AWSMobileClient._initialize(android.content.Context, com.amazonaws.mobile.config.AWSConfiguration, com.amazonaws.mobile.client.Callback) (AWSMobileClient.java:444)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void com.amazonaws.mobile.client.AWSMobileClient.initialize(android.content.Context, com.amazonaws.mobile.config.AWSConfiguration, com.amazonaws.mobile.client.Callback) (AWSMobileClient.java:436)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void com.amazonaws.mobile.client.AWSMobileClient.initialize(android.content.Context, com.amazonaws.mobile.client.Callback) (AWSMobileClient.java:431)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void jp.ewind.inspectiontraining.activity.AuthenticationActivity.onCreate(android.os.Bundle) (AuthenticationActivity.java:43)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.app.Activity.performCreate(android.os.Bundle) (Activity.java:6910)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.app.Instrumentation.callActivityOnCreate(android.app.Activity, android.os.Bundle) (Instrumentation.java:1123)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at android.app.Activity android.app.ActivityThread.performLaunchActivity(android.app.ActivityThread$ActivityClientRecord, android.content.Intent) (ActivityThread.java:2749)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.app.ActivityThread.handleLaunchActivity(android.app.ActivityThread$ActivityClientRecord, android.content.Intent, java.lang.String) (ActivityThread.java:2867)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.app.ActivityThread.-wrap12(android.app.ActivityThread, android.app.ActivityThread$ActivityClientRecord, android.content.Intent, java.lang.String) (ActivityThread.java:-1)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.app.ActivityThread$H.handleMessage(android.os.Message) (ActivityThread.java:1570)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.os.Handler.dispatchMessage(android.os.Message) (Handler.java:105)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.os.Looper.loop() (Looper.java:156)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.app.ActivityThread.main(java.lang.String[]) (ActivityThread.java:6595)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at java.lang.Object java.lang.reflect.Method.invoke!(java.lang.Object, java.lang.Object[]) (Method.java:-2)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run() (ZygoteInit.java:942)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void com.android.internal.os.ZygoteInit.main(java.lang.String[]) (ZygoteInit.java:832)
2019-04-03 08:24:56.097 4398-4398/? I/art: Caused by: java.lang.ClassNotFoundException: Didn't find class "com.amazonaws.mobileconnectors.cognitoauth.handlers.AuthHandler" on path: DexPathList[[zip file "/data/app/jp.ewind.inspectiontraining-2/base.apk"],nativeLibraryDirectories=[/data/app/jp.ewind.inspectiontraining-2/lib/arm64, /data/app/jp.ewind.inspectiontraining-2/base.apk!/lib/arm64-v8a, /system/lib64, /vendor/lib64, /system/vendor/lib64, /product/lib64]]
2019-04-03 08:24:56.097 4398-4398/? I/art:     at java.lang.Class dalvik.system.BaseDexClassLoader.findClass(java.lang.String) (BaseDexClassLoader.java:56)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at java.lang.Class java.lang.ClassLoader.loadClass(java.lang.String, boolean) (ClassLoader.java:380)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at java.lang.Class java.lang.ClassLoader.loadClass(java.lang.String) (ClassLoader.java:312)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at java.lang.Runnable com.amazonaws.mobile.client.AWSMobileClient._initialize(android.content.Context, com.amazonaws.mobile.config.AWSConfiguration, com.amazonaws.mobile.client.Callback) (AWSMobileClient.java:444)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void com.amazonaws.mobile.client.AWSMobileClient.initialize(android.content.Context, com.amazonaws.mobile.config.AWSConfiguration, com.amazonaws.mobile.client.Callback) (AWSMobileClient.java:436)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void com.amazonaws.mobile.client.AWSMobileClient.initialize(android.content.Context, com.amazonaws.mobile.client.Callback) (AWSMobileClient.java:431)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void jp.ewind.inspectiontraining.activity.AuthenticationActivity.onCreate(android.os.Bundle) (AuthenticationActivity.java:43)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.app.Activity.performCreate(android.os.Bundle) (Activity.java:6910)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.app.Instrumentation.callActivityOnCreate(android.app.Activity, android.os.Bundle) (Instrumentation.java:1123)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at android.app.Activity android.app.ActivityThread.performLaunchActivity(android.app.ActivityThread$ActivityClientRecord, android.content.Intent) (ActivityThread.java:2749)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.app.ActivityThread.handleLaunchActivity(android.app.ActivityThread$ActivityClientRecord, android.content.Intent, java.lang.String) (ActivityThread.java:2867)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.app.ActivityThread.-wrap12(android.app.ActivityThread, android.app.ActivityThread$ActivityClientRecord, android.content.Intent, java.lang.String) (ActivityThread.java:-1)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.app.ActivityThread$H.handleMessage(android.os.Message) (ActivityThread.java:1570)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.os.Handler.dispatchMessage(android.os.Message) (Handler.java:105)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.os.Looper.loop() (Looper.java:156)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void android.app.ActivityThread.main(java.lang.String[]) (ActivityThread.java:6595)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at java.lang.Object java.lang.reflect.Method.invoke!(java.lang.Object, java.lang.Object[]) (Method.java:-2)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run() (ZygoteInit.java:942)
2019-04-03 08:24:56.097 4398-4398/? I/art:     at void com.android.internal.os.ZygoteInit.main(java.lang.String[]) (ZygoteInit.java:832)

About the Android KeyStore in Logcat:

2019-04-03 08:24:56.102 4398-4435/? I/AWSKeyValueStore: Detected Android API Level = 24
2019-04-03 08:24:56.102 4398-4435/? I/AWSKeyValueStore: Using keyAlias = com.amazonaws.mobile.client.aesKeyStoreAlias
2019-04-03 08:24:56.111 4398-4398/? I/HwSecImmHelper: mSecurityInputMethodService is null
2019-04-03 08:24:56.112 4398-4435/? I/AWSKeyValueStore: Creating the AWSKeyValueStore with key for sharedPreferences = com.amazonaws.mobile.client
2019-04-03 08:24:56.114 4398-4435/? I/AWSKeyValueStore: Detected Android API Level = 24
2019-04-03 08:24:56.114 4398-4435/? I/AWSKeyValueStore: Using keyAlias = com.amazonaws.android.auth.aesKeyStoreAlias
2019-04-03 08:24:56.117 4398-4435/? I/AWSKeyValueStore: Creating the AWSKeyValueStore with key for sharedPreferences = com.amazonaws.android.auth
2019-04-03 08:24:56.118 4398-4398/? I/HwPointEventFilter: do not support AFT because of no config
2019-04-03 08:24:56.146 4398-4435/? I/AWSKeyValueStore: Detected Android API Level = 24
2019-04-03 08:24:56.146 4398-4435/? I/AWSKeyValueStore: Using keyAlias = com.amazonaws.android.auth.aesKeyStoreAlias
2019-04-03 08:24:56.149 4398-4435/? I/AWSKeyValueStore: Creating the AWSKeyValueStore with key for sharedPreferences = com.amazonaws.android.auth
2019-04-03 08:24:56.160 696-696/? E/keymaster1_device: Finish send cmd failed
2019-04-03 08:24:56.160 696-696/? E/keymaster1_device: ret: 0
2019-04-03 08:24:56.160 696-696/? E/keymaster1_device: resp->status: -30

Am I missing some library in my project? That's weird because a few weeks ago everything was working normally.

mutablealligator commented 5 years ago

@watanabethais Thank you for the logs. I couldn't spot any occurrence of key load/create failing. Can you describe how have you configured your app for authentication?

What are the libraries you are depending on in your app for accomplishing authentication? Can you post a sample code snippet?

Have you tried running your app on other emulators besides API 24? Is the issue consistently reproducible on other API levels as well?

minbi commented 5 years ago

Hi,

We just SDK release 2.12.7 which should help make the error more clear. This is not a fix, but should help @kvasukib solve the issue.

watanabethais commented 5 years ago

@kvasukib @minbi After testing with Emulator in API 24 instead of my Android device, only the ClassNotFound error appeared and I logged in normally.

So I decided to restart my device and the decrypting error is now gone... sorry for causing this trouble!! Now I can normally log in, but the ClassNotFoundException still appears in API levels 24, 26 and 28.

2019-04-03 11:08:51.618 10293-10293/jp.ewind.inspectiontraining I/CognitoUserPoolsSignInProvider: Logged in. com.amazonaws.mobileconnectors.cognitoidentityprovider.tokens.CognitoIdToken@de9406f
2019-04-03 11:08:51.622 10293-10293/jp.ewind.inspectiontraining I/SignInActivity: Sign-in with Amazon Cognito Your User Pools succeeded.
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art: Rejecting re-init on previously-failed class java.lang.Class<com.amazonaws.mobile.client.AWSMobileClient$7$1>: java.lang.NoClassDefFoundError: Failed resolution of: Lcom/amazonaws/mobileconnectors/cognitoauth/handlers/AuthHandler;
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at java.lang.Runnable com.amazonaws.mobile.client.AWSMobileClient._getTokens(com.amazonaws.mobile.client.Callback, boolean) (AWSMobileClient.java:1439)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at com.amazonaws.mobile.client.results.Tokens com.amazonaws.mobile.client.AWSMobileClient.getTokens(boolean) (AWSMobileClient.java:1434)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at com.amazonaws.mobile.client.UserStateDetails com.amazonaws.mobile.client.AWSMobileClient.getUserStateDetails(boolean) (AWSMobileClient.java:929)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at void com.amazonaws.mobile.client.AWSMobileClient$2$1$1.onResult(com.amazonaws.mobile.client.UserStateDetails) (AWSMobileClient.java:491)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at void com.amazonaws.mobile.client.AWSMobileClient$2$1$1.onResult(java.lang.Object) (AWSMobileClient.java:487)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at void com.amazonaws.mobile.client.internal.InternalCallback.call(java.lang.Object, java.lang.Exception) (InternalCallback.java:75)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at void com.amazonaws.mobile.client.internal.InternalCallback.onResult(java.lang.Object) (InternalCallback.java:62)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at void com.amazonaws.mobile.client.AWSMobileClient$6.run() (AWSMobileClient.java:1366)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at void com.amazonaws.mobile.client.internal.InternalCallback$1.run() (InternalCallback.java:101)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at void java.lang.Thread.run() (Thread.java:776)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art: Caused by: java.lang.ClassNotFoundException: Didn't find class "com.amazonaws.mobileconnectors.cognitoauth.handlers.AuthHandler" on path: DexPathList[[zip file "/data/app/jp.ewind.inspectiontraining-2/base.apk"],nativeLibraryDirectories=[/data/app/jp.ewind.inspectiontraining-2/lib/arm64, /data/app/jp.ewind.inspectiontraining-2/base.apk!/lib/arm64-v8a, /system/lib64, /vendor/lib64, /system/vendor/lib64, /product/lib64]]
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at java.lang.Class dalvik.system.BaseDexClassLoader.findClass(java.lang.String) (BaseDexClassLoader.java:56)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at java.lang.Class java.lang.ClassLoader.loadClass(java.lang.String, boolean) (ClassLoader.java:380)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at java.lang.Class java.lang.ClassLoader.loadClass(java.lang.String) (ClassLoader.java:312)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at java.lang.Runnable com.amazonaws.mobile.client.AWSMobileClient._getTokens(com.amazonaws.mobile.client.Callback, boolean) (AWSMobileClient.java:1439)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at com.amazonaws.mobile.client.results.Tokens com.amazonaws.mobile.client.AWSMobileClient.getTokens(boolean) (AWSMobileClient.java:1434)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at com.amazonaws.mobile.client.UserStateDetails com.amazonaws.mobile.client.AWSMobileClient.getUserStateDetails(boolean) (AWSMobileClient.java:929)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at void com.amazonaws.mobile.client.AWSMobileClient$2$1$1.onResult(com.amazonaws.mobile.client.UserStateDetails) (AWSMobileClient.java:491)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at void com.amazonaws.mobile.client.AWSMobileClient$2$1$1.onResult(java.lang.Object) (AWSMobileClient.java:487)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at void com.amazonaws.mobile.client.internal.InternalCallback.call(java.lang.Object, java.lang.Exception) (InternalCallback.java:75)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at void com.amazonaws.mobile.client.internal.InternalCallback.onResult(java.lang.Object) (InternalCallback.java:62)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at void com.amazonaws.mobile.client.AWSMobileClient$6.run() (AWSMobileClient.java:1366)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at void com.amazonaws.mobile.client.internal.InternalCallback$1.run() (InternalCallback.java:101)
2019-04-03 11:08:51.695 10293-10429/jp.ewind.inspectiontraining I/art:     at void java.lang.Thread.run() (Thread.java:776)

I followed this tutorial for my App. I had to implement a Sign Out method, so I modified the onCreate method in AuthenticationActivity:

@Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_authentication);

        if (AWSMobileClient.getInstance().getConfiguration() != null) {
            UserStateDetails userStateDetails = AWSMobileClient.getInstance().currentUserState();
            showSignInForUser(userStateDetails);

        } else {
            AWSMobileClient.getInstance().initialize(getApplicationContext(), new Callback<UserStateDetails>() {
                @Override
                public void onResult(UserStateDetails userStateDetails) {
                    showSignInForUser(userStateDetails);
                }
                @Override
                public void onError(Exception e) {
                    Log.e(TAG, e.toString());
                }
            });
        }
    }

I'm sorry again about the decrypting issue... and about the ClassNotFoundException, is related to how am I initializing the client?

minbi commented 5 years ago

Hi,

We are looking into a way to silence the ClassNotFoundException, but it is an artifact of optional features that we built into the AWSMobileClient. It should not be a concern in this case.

watanabethais commented 5 years ago

@minbi I got it, thanks!

I'm not having this issue anymore, thank you for your patience!

alphamu commented 5 years ago

Sorry for reigniting this one, however I'm getting this on a Pixel 3 running Android 9 (API 28). I'm using the AWS Mobile SDK version 2.13.2 on Android Studio 3.4 (Kotlin 1.3.21). The issue was happening on 2.13.1, so I upgrade and it made no difference. I've uninstall the app and reinstall it, I've restart the phone and no luck. On some of the emulators I had the same issue that magically disappeared. I originally thought that it may have to do with me having a PIN on the phone, however a second phone a Pixel with the exact same PIN has no issue. The Pixel is also on Android 9. As best I can tell, at the moment the mobile SDK just doesn't like my Pixel 3.

The error comes up when I call initialize. Seems like the SDK can't read from the Keystore? I've traced the error in AndroidKeyStoreCipherSpiBase.java to the line, however I have no idea whats breaking:


output = mMainDataStreamer.doFinal(
  input, inputOffset, inputLen,
  null, // no signature involved
  additionalEntropy);

https://android.googlesource.com/platform/frameworks/base/+/master/keystore/java/android/security/keystore/AndroidKeyStoreCipherSpiBase.java

The error is:

2019-04-23 18:48:33.650 18755-18861/com.my.app.android.staging E/AWSKeyValueStore: Error in decrypting data. 
    javax.crypto.AEADBadTagException
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:517)
        at javax.crypto.Cipher.doFinal(Cipher.java:2055)
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.decrypt(AWSKeyValueStore.java:360)
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.get(AWSKeyValueStore.java:207)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.readCachedTokens(CognitoUser.java:2232)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:940)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getSession(CognitoUser.java:744)
        at com.amazonaws.mobile.client.AWSMobileClient$5.run(AWSMobileClient.java:1108)
        at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
        at java.lang.Thread.run(Thread.java:764)
     Caused by: android.security.KeyStoreException: Signature/MAC verification failed
        at android.security.KeyStore.getKeyStoreException(KeyStore.java:839)
        at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224)
        at android.security.keystore.AndroidKeyStoreAuthenticatedAESCipherSpi$BufferAllOutputUntilDoFinalStreamer.doFinal(AndroidKeyStoreAuthenticatedAESCipherSpi.java:373)
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
        at javax.crypto.Cipher.doFinal(Cipher.java:2055) 
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.decrypt(AWSKeyValueStore.java:360) 
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.get(AWSKeyValueStore.java:207) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.readCachedTokens(CognitoUser.java:2232) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:940) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getSession(CognitoUser.java:744) 
        at com.amazonaws.mobile.client.AWSMobileClient$5.run(AWSMobileClient.java:1108) 
        at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101) 
        at java.lang.Thread.run(Thread.java:764) 
2019-04-23 18:48:33.675 18755-18861/com.sonder.wip.member.android.staging E/AWSKeyValueStore: Error in decrypting data. 
    javax.crypto.AEADBadTagException
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:517)
        at javax.crypto.Cipher.doFinal(Cipher.java:2055)
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.decrypt(AWSKeyValueStore.java:360)
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.get(AWSKeyValueStore.java:207)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.readCachedTokens(CognitoUser.java:2234)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:940)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getSession(CognitoUser.java:744)
        at com.amazonaws.mobile.client.AWSMobileClient$5.run(AWSMobileClient.java:1108)
        at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
        at java.lang.Thread.run(Thread.java:764)
     Caused by: android.security.KeyStoreException: Signature/MAC verification failed
        at android.security.KeyStore.getKeyStoreException(KeyStore.java:839)
        at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224)
        at android.security.keystore.AndroidKeyStoreAuthenticatedAESCipherSpi$BufferAllOutputUntilDoFinalStreamer.doFinal(AndroidKeyStoreAuthenticatedAESCipherSpi.java:373)
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
        at javax.crypto.Cipher.doFinal(Cipher.java:2055) 
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.decrypt(AWSKeyValueStore.java:360) 
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.get(AWSKeyValueStore.java:207) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.readCachedTokens(CognitoUser.java:2234) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:940) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getSession(CognitoUser.java:744) 
        at com.amazonaws.mobile.client.AWSMobileClient$5.run(AWSMobileClient.java:1108) 
        at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101) 
        at java.lang.Thread.run(Thread.java:764) 
2019-04-23 18:48:33.698 18755-18861/com.sonder.wip.member.android.staging E/AWSKeyValueStore: Error in decrypting data. 
    javax.crypto.AEADBadTagException
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:517)
        at javax.crypto.Cipher.doFinal(Cipher.java:2055)
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.decrypt(AWSKeyValueStore.java:360)
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.get(AWSKeyValueStore.java:207)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.readCachedTokens(CognitoUser.java:2236)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:940)
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getSession(CognitoUser.java:744)
        at com.amazonaws.mobile.client.AWSMobileClient$5.run(AWSMobileClient.java:1108)
        at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
        at java.lang.Thread.run(Thread.java:764)
     Caused by: android.security.KeyStoreException: Signature/MAC verification failed
        at android.security.KeyStore.getKeyStoreException(KeyStore.java:839)
        at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224)
        at android.security.keystore.AndroidKeyStoreAuthenticatedAESCipherSpi$BufferAllOutputUntilDoFinalStreamer.doFinal(AndroidKeyStoreAuthenticatedAESCipherSpi.java:373)
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
        at javax.crypto.Cipher.doFinal(Cipher.java:2055) 
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.decrypt(AWSKeyValueStore.java:360) 
        at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.get(AWSKeyValueStore.java:207) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.readCachedTokens(CognitoUser.java:2236) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:940) 
        at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getSession(CognitoUser.java:744) 
        at com.amazonaws.mobile.client.AWSMobileClient$5.run(AWSMobileClient.java:1108) 
        at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101) 
        at java.lang.Thread.run(Thread.java:764) 
alphamu commented 5 years ago

An other thing that is that when I try to login, I get the exception:

com.amazonaws.services.cognitoidentityprovider.model.InvalidParameterException: Missing required parameter REFRESH_TOKEN (Service: AmazonCognitoIdentityProvider; Status Code: 400; Error Code: InvalidParameterException; Request ID: 9a7678ef-65a7-11e9-9950-d3d6fa92759b)

Also the in the android profiler, the request looks like this (this is from a different request):

Accept-Encoding: identity
aws-sdk-invocation-id: 46ee0648-86c1-4826-b219-932ff64f66b2
aws-sdk-retry: 0/0
Content-Type: application/x-amz-json-1.1
User-Agent: aws-sdk-android/2.13.2 Linux/4.9.124-g86541ee-ab5292322 Dalvik/2.1.0/0 en_AU AWSMobileClient
X-Amz-Target: AWSCognitoIdentityProviderService.InitiateAuth
Body:
{"AuthFlow":"REFRESH_TOKEN_AUTH","AuthParameters":{"SECRET_HASH":"126p2b12g3frot41tq7ioqvgi7ejuflop3dus4rjiglv3cno64ll"},"ClientId":"lukajam975bocos9eekajjefj","AnalyticsMetadata":{"AnalyticsEndpointId":"2327fa73-bba6-49fd-922c-49cf4ccae632"},"UserContextData":{"EncodedData":"eyJwYXlsb2FkIjoie1wiY29udGV4dERhdGFcIjp7XCJIYXNTaW1DYXJkXCI6XCJ0cnVlXCIsXCJB\ncHBsaWNhdGlvblZlcnNpb25cIjpcIjMuMC4wIDY4NjBmZmMtU1RBR0lOR1wiLFwiUGxhdGZvcm1c\nIjpcIkFORFJPSURcIixcIkFwcGxpY2F0aW9uVGFyZ2V0U2RrXCI6XCIyOFwiLFwiRGV2aWNlSWRc\nIjpcIjlhY2Q0YjhmLTZjNDYtNDY2ZS05YWMxLWY5ZWJjMGExZTYyMzoxNTU1NTQ0NDE2Mzc0XCIs\nXCJQcm9kdWN0XCI6XCJibHVlbGluZVwiLFwiU2ltQ291bnRyeVwiOlwiYXVcIixcIkNsaWVudFRp\nbWV6b25lXCI6XCIxMDowMFwiLFwiTmV0d29ya1R5cGVcIjpcIjEzXCIsXCJTaW1PcGVyYXRvclwi\nOlwiVGVsc3RyYVwiLFwiRGV2aWNlU2RrVmVyc2lvblwiOlwiMjhcIixcIkJ1aWxkVHlwZVwiOlwi\ndXNlclwiLFwiU2NyZWVuSGVpZ2h0UGl4ZWxzXCI6XCIyMDI4XCIsXCJDYXJyaWVyXCI6XCJUZWxz\ndHJhXCIsXCJEZXZpY2VGaW5nZXJwcmludFwiOlwiZ29vZ2xlXFxcL2JsdWVsaW5lXFxcL2JsdWVs\naW5lOjlcXFwvUFEyQS4xOTA0MDUuMDAzXFxcLzUzMTAyMDQ6dXNlclxcXC9yZWxlYXNlLWtleXNc\nIixcIkFwcGxpY2F0aW9uTmFtZVwiOlwiU29uZGVyXCIsXCJEZXZpY2VCcmFuZFwiOlwiZ29vZ2xl\nXCIsXCJJc05ldHdvcmtSb2FtaW5nXCI6XCJmYWxzZVwiLFwiVGhpcmRQYXJ0eURldmljZUlkXCI6\nXCJhbmRyb2lkX2lkXCIsXCJEZXZpY2VPc1JlbGVhc2VWZXJzaW9uXCI6XCI5XCIsXCJEZXZpY2VM\nYW5ndWFnZVwiOlwiZW5fQVVcIixcIlBob25lVHlwZVwiOlwiMVwiLFwiU2NyZWVuV2lkdGhQaXhl\nbHNcIjpcIjEwODBcIixcIkRldmljZUhhcmR3YXJlXCI6XCJibHVlbGluZVwiLFwiRGV2aWNlTmFt\nZVwiOlwiUGl4ZWwgM1wifSxcInVzZXJuYW1lXCI6XCJhbGlAc29uZGVyYXVzdHJhbGlhLmNvbVwi\nLFwidXNlclBvb2xJZFwiOlwiYXAtc291dGhlYXN0LTJfbzJhQjRTZFRJXCIsXCJ0aW1lc3RhbXBc\nIjpcIjE1NTYwMTA2MTI3MjNcIn0iLCJzaWduYXR1cmUiOiJMa05UXC9zWlwvRDJsQngzTUQyRFJy\ndUppVmdUSWVENnV2UDJSVkVWQkw4RDA9XG4iLCJ2ZXJzaW9uIjoiQU5EUk9JRDIwMTcxMTE0In0=\n"}}

Also noticed this error:

java.lang.NullPointerException: Attempt to invoke virtual method 'org.json.JSONObject com.amazonaws.mobile.config.AWSConfiguration.optJsonObject(java.lang.String)' on a null object reference
        at com.amazonaws.mobile.client.AWSMobileClient.getHostedUIJSONFromJSON(AWSMobileClient.java:636)
        at com.amazonaws.mobile.client.AWSMobileClient.getHostedUIJSON(AWSMobileClient.java:655)
        at com.amazonaws.mobile.client.AWSMobileClient$2.run(AWSMobileClient.java:569)
        at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
        at java.lang.Thread.run(Thread.java:764)

This seems to be a bug, since tracing through the code, I came across this code:


    JSONObject getHostedUIJSONFromJSON(final AWSConfiguration awsConfig) {
        final JSONObject mobileClientJSON = awsConfiguration.optJsonObject("Auth");
        if (mobileClientJSON != null && mobileClientJSON.has("OAuth")) {
            try {
                JSONObject hostedUIJSONFromJSON = mobileClientJSON.getJSONObject("OAuth");

                return hostedUIJSONFromJSON;
            } catch (Exception e) {
                Log.w(TAG, "getHostedUIJSONFromJSON: Failed to read config", e);
            }
        }
        return null;
    }```
Where ` awsConfiguration` has not been initialized when `optJsonObject` is called on it, this throws a NPE which might explain some of the unexpected behaviour.
palpatim commented 5 years ago

I relabeled this for @kvasukib to take a look. I'm not convinced this is the same root cause though, so we may want to open new issues for each of the two problems that @alphamu reported. If we do open new ones, we'll re-close this to avoid confusing the thread.

mutablealligator commented 5 years ago

@alphamu

What kind of screen lock settings the end-user with the device is using? From reading through online about Android KeyStore behavior, there are bugs filed with Android KeyStore with exceptions related to key generation and loading when the screen lock is set to NONE (No screen lock) or SWIPE (A regular swipe would unlock the screen).

Also the same exception could happen if the screen lock mechanism was altered between key generation and loading. For example, changing from a stronger screen lock mechanism to NONE or SWIPE could potentially delete the keys in keystore.

The screen lock mechanism used / transitioned during the occurrence of the exception could potentially inter-play with the key generation and loading. This information would be helpful for further diagnosis.

alphamu commented 5 years ago

Hey Mate, I noticed all that as well. The issue keeps coming up on my personal phone which has a 6-digit pin on it. I also have 2 fingers setup for fingerprint unlock. The phone is a Pixel 3. I've tried unlocking the phone with a pin and with a fingerprint and same issue. I have an older pixel phone with the same setup, and it works fine on there. I'll also add that I also use the Keystone in my app and the code I have is not affected by the same issue ( hat code is very hacky compared to what you guys have, though). My code uses a public and private key to encrypt some text. But I use RSA/PKCS1Padding/NONE.

Let me know if there is some other way I can help.

mutablealligator commented 5 years ago

@alphamu Thank you for the detailed response. I will try to run our integration tests on Pixel 3 device to see if I can reproduce the issue you are encountering. Meanwhile, can you post a code snippet which reproduces the issue?

alphamu commented 5 years ago

The crash occurs on initialize as show below. It may be worth pointing out that I was repeatedly doing the following on the Pixel 3, as well as on other devices: Everything is with custom screens.

I was doing these steps across 3 different devices one at a time. So, 2 other devices may have been logged into the same account at the time.

    private fun initAwsClient() {
        awsClient.initialize(this, AWSConfiguration(this, R.raw.awsconfiguration, BuildConfig.FLAVOR), object : Callback<UserStateDetails> {
            override fun onResult(result: UserStateDetails?) {
                if (result?.userState == UserState.SIGNED_IN) {
                    // Transition to the Home activity
                    // Signed in
                    signedInDoSomething()
                } else {
                    // Display the login screen
                    // Signed out
                    signedOutDoSomething()
                }

            }

            override fun onError(e: java.lang.Exception) {
                Log.e("LoginActivity", e.message, e)
            }
        })
    }

the aws config file is setup a little differently:

{
  "IdentityManager": {
    "Default": {}
  },
  "CognitoUserPool": {
    "Default": {
      "PoolId": "...",
      "AppClientId": "...",
      "AppClientSecret": "...",
      "Region": "ap-southeast-2"
    },
    "prod": {
      "PoolId": "...",
      "AppClientId": "...",
      "AppClientSecret": "...",
      "Region": "ap-southeast-2"
    },
    "staging": {
      "PoolId": "...",
      "AppClientId": "...",
      "AppClientSecret": "...",
      "Region": "ap-southeast-2"
    },
    "dev": {
      "PoolId": "...",
      "AppClientId": "...",
      "AppClientSecret": "...",
      "Region": "ap-southeast-2"
    },
    "local": {
      "PoolId": "...",
      "AppClientId": "...",
      "AppClientSecret": "...",
      "Region": "ap-southeast-2"
    }
  }
}

After roughly 5 days, the issue has gone away on the pixel 3, I can't recall if there was a system update in this time.

jamesatfish commented 5 years ago

We are also seeing this issue with a number of our Android users, mainly with recent Samsung phones.

Users are reporting various login related issues (being unable to authenticate with their credentials, finding that their tokens from an active session cannot be retrieved etc), and all the logs are similar:

E/AWSKeyValueStore( 9955): at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
E/AWSKeyValueStore( 9955): at android.security.keystore.AndroidKeyStoreAuthenticatedAESCipherSpi$BufferAllOutputUntilDoFinalStreamer.doFinal(AndroidKeyStoreAuthenticatedAESCipherSpi.java:373)
E/AWSKeyValueStore( 9955): at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224)
E/AWSKeyValueStore( 9955): at android.security.KeyStore.getKeyStoreException(KeyStore.java:1168)
E/AWSKeyValueStore( 9955): Caused by: android.security.KeyStoreException: Signature/MAC verification failed
E/AWSKeyValueStore( 9955): at java.lang.Thread.run(Thread.java:764)
E/AWSKeyValueStore( 9955): at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$5.run(CognitoUser.java:684)
E/AWSKeyValueStore( 9955): at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getCachedSession(CognitoUser.java:940)
E/AWSKeyValueStore( 9955): at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.readCachedTokens(CognitoUser.java:2236)
E/AWSKeyValueStore( 9955): at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.get(AWSKeyValueStore.java:207)
E/AWSKeyValueStore( 9955): at com.amazonaws.internal.keyvaluestore.AWSKeyValueStore.decrypt(AWSKeyValueStore.java:360)
E/AWSKeyValueStore( 9955): at javax.crypto.Cipher.doFinal(Cipher.java:2055)
E/AWSKeyValueStore( 9955): at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:517)
E/AWSKeyValueStore( 9955): javax.crypto.AEADBadTagException
E/AWSKeyValueStore( 9955): Error in decrypting data.
mutablealligator commented 5 years ago

@jamesatfish Sorry for the inconvenience caused. We are tracking this issue at: https://github.com/aws-amplify/aws-sdk-android/issues/937

I am closing this issue in favor of #937.

VijaySonawane5 commented 1 year ago

We are facing this issue on version 2.52.1 how to resolved it