A cryptography library and a SharedPreferences wrapper for Android that encrypts the content with 256 bit AES encryption. The Encryption key is securely stored in device's KeyStore.
While encryption / decryption works on 5.x and 6.x series, on a S7 with 7.x I get this exception while decoding with getBytes. Data amount less than 32K works without issues, but whenever I try with larger data I get this (see below). Then I tried to write chunked byte buffers (split a large byte buffer into multiple 32K buffers) but the problem remains the same.
02-12 18:35:49.786 9791-10394/xx.myapplication W/System.err: javax.crypto.AEADBadTagException
02-12 18:35:49.787 9791-10394/xx.myapplication W/System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:517)
02-12 18:35:49.787 9791-10394/xx.myapplication W/System.err: at javax.crypto.Cipher.doFinal(Cipher.java:2056)
02-12 18:35:49.787 9791-10394/xx.myapplication W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.decryptAES(EncryptionManager.java:422)
02-12 18:35:49.787 9791-10394/xx.myapplication W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.decrypt(EncryptionManager.java:266)
02-12 18:35:49.787 9791-10394/xx.myapplication W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.tryDecrypt(EncryptionManager.java:211)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.decrypt(EncryptionManager.java:310)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at devliving.online.securedpreferencestore.SecuredPreferenceStore.getString(SecuredPreferenceStore.java:116)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at devliving.online.securedpreferencestore.SecuredPreferenceStore.getBytes(SecuredPreferenceStore.java:184)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at xx.myapplication.utils.WebService$4.then(WebService.java:206)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at xx.myapplication.utils.WebService$4.then(WebService.java:197)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.Task$15.run(Task.java:917)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.BoltsExecutors$ImmediateExecutor.execute(BoltsExecutors.java:105)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.Task.completeAfterTask(Task.java:908)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.Task.continueWithTask(Task.java:715)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.Task.continueWithTask(Task.java:726)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.Task$13.then(Task.java:818)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.Task$13.then(Task.java:806)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.Task$15.run(Task.java:917)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607)
02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at java.lang.Thread.run(Thread.java:762)
02-12 18:35:49.789 9791-10394/xx.myapplication W/System.err: Caused by: android.security.KeyStoreException: Signature/MAC verification failed
02-12 18:35:49.789 9791-10394/xx.myapplication W/System.err: at android.security.KeyStore.getKeyStoreException(KeyStore.java:1097)
02-12 18:35:49.789 9791-10394/xx.myapplication W/System.err: at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224)
02-12 18:35:49.789 9791-10394/xx.myapplication W/System.err: at android.security.keystore.AndroidKeyStoreAuthenticatedAESCipherSpi$BufferAllOutputUntilDoFinalStreamer.doFinal(AndroidKeyStoreAuthenticatedAESCipherSpi.java:373)
02-12 18:35:49.789 9791-10394/xx.myapplication W/System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
02-12 18:35:49.789 9791-10394/xx.myapplication W/System.err: ... 20 more
While encryption / decryption works on 5.x and 6.x series, on a S7 with 7.x I get this exception while decoding with getBytes. Data amount less than 32K works without issues, but whenever I try with larger data I get this (see below). Then I tried to write chunked byte buffers (split a large byte buffer into multiple 32K buffers) but the problem remains the same.
02-12 18:35:49.786 9791-10394/xx.myapplication W/System.err: javax.crypto.AEADBadTagException 02-12 18:35:49.787 9791-10394/xx.myapplication W/System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:517) 02-12 18:35:49.787 9791-10394/xx.myapplication W/System.err: at javax.crypto.Cipher.doFinal(Cipher.java:2056) 02-12 18:35:49.787 9791-10394/xx.myapplication W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.decryptAES(EncryptionManager.java:422) 02-12 18:35:49.787 9791-10394/xx.myapplication W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.decrypt(EncryptionManager.java:266) 02-12 18:35:49.787 9791-10394/xx.myapplication W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.tryDecrypt(EncryptionManager.java:211) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.decrypt(EncryptionManager.java:310) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at devliving.online.securedpreferencestore.SecuredPreferenceStore.getString(SecuredPreferenceStore.java:116) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at devliving.online.securedpreferencestore.SecuredPreferenceStore.getBytes(SecuredPreferenceStore.java:184) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at xx.myapplication.utils.WebService$4.then(WebService.java:206) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at xx.myapplication.utils.WebService$4.then(WebService.java:197) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.Task$15.run(Task.java:917) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.BoltsExecutors$ImmediateExecutor.execute(BoltsExecutors.java:105) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.Task.completeAfterTask(Task.java:908) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.Task.continueWithTask(Task.java:715) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.Task.continueWithTask(Task.java:726) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.Task$13.then(Task.java:818) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.Task$13.then(Task.java:806) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at bolts.Task$15.run(Task.java:917) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607) 02-12 18:35:49.788 9791-10394/xx.myapplication W/System.err: at java.lang.Thread.run(Thread.java:762) 02-12 18:35:49.789 9791-10394/xx.myapplication W/System.err: Caused by: android.security.KeyStoreException: Signature/MAC verification failed 02-12 18:35:49.789 9791-10394/xx.myapplication W/System.err: at android.security.KeyStore.getKeyStoreException(KeyStore.java:1097) 02-12 18:35:49.789 9791-10394/xx.myapplication W/System.err: at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224) 02-12 18:35:49.789 9791-10394/xx.myapplication W/System.err: at android.security.keystore.AndroidKeyStoreAuthenticatedAESCipherSpi$BufferAllOutputUntilDoFinalStreamer.doFinal(AndroidKeyStoreAuthenticatedAESCipherSpi.java:373) 02-12 18:35:49.789 9791-10394/xx.myapplication W/System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506) 02-12 18:35:49.789 9791-10394/xx.myapplication W/System.err: ... 20 more