A cryptography library and a SharedPreferences wrapper for Android that encrypts the content with 256 bit AES encryption. The Encryption key is securely stored in device's KeyStore.
562
stars
97
forks
source link
Concurrency issue when decrypting/encrypting by keystore keys #46
there's a concurrency issue while decrypting/encrypting something by keystore keys at the same time like below. So I added some code fragments that you can test it and added synchronization and retry logic to resolve the issue. Please review it seriously.
It is my app's most serious issue.
you can calibrate sleep time in retry logic. It seems like just 1 nano seconds also works like charm...
2018-12-27 14:12:20.278 14509-14624/devliving.online.securedpreferencestoresample W/System.err: javax.crypto.IllegalBlockSizeException
2018-12-27 14:12:20.278 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:519)
2018-12-27 14:12:20.278 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at javax.crypto.Cipher.doFinal(Cipher.java:1736)
2018-12-27 14:12:20.278 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.encryptAES(EncryptionManager.java:404)
2018-12-27 14:12:20.278 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.encrypt(EncryptionManager.java:245)
2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.tryEncrypt(EncryptionManager.java:178)
2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.encrypt(EncryptionManager.java:290)
2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at devliving.online.securedpreferencestore.SecuredPreferenceStore$Editor.putString(SecuredPreferenceStore.java:299)
2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at devliving.online.securedpreferencestoresample.MainActivity.saveData(MainActivity.java:161)
2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at devliving.online.securedpreferencestoresample.MainActivity$3$1.run(MainActivity.java:84)
2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at java.lang.Thread.run(Thread.java:764)
2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: Caused by: android.security.KeyStoreException: Invalid operation handle
2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at android.security.KeyStore.getKeyStoreException(KeyStore.java:1137)
2018-12-27 14:12:20.280 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.update(KeyStoreCryptoOperationChunkedStreamer.java:132)
2018-12-27 14:12:20.280 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:217)
2018-12-27 14:12:20.280 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
2018-12-27 14:12:20.280 14509-14624/devliving.online.securedpreferencestoresample W/System.err: ... 9 more (edited)
there's a concurrency issue while decrypting/encrypting something by keystore keys at the same time like below. So I added some code fragments that you can test it and added synchronization and retry logic to resolve the issue. Please review it seriously. It is my app's most serious issue. you can calibrate sleep time in retry logic. It seems like just 1 nano seconds also works like charm...
2018-12-27 14:12:20.278 14509-14624/devliving.online.securedpreferencestoresample W/System.err: javax.crypto.IllegalBlockSizeException 2018-12-27 14:12:20.278 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:519) 2018-12-27 14:12:20.278 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at javax.crypto.Cipher.doFinal(Cipher.java:1736) 2018-12-27 14:12:20.278 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.encryptAES(EncryptionManager.java:404) 2018-12-27 14:12:20.278 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.encrypt(EncryptionManager.java:245) 2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.tryEncrypt(EncryptionManager.java:178) 2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at devliving.online.securedpreferencestore.EncryptionManager.encrypt(EncryptionManager.java:290) 2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at devliving.online.securedpreferencestore.SecuredPreferenceStore$Editor.putString(SecuredPreferenceStore.java:299) 2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at devliving.online.securedpreferencestoresample.MainActivity.saveData(MainActivity.java:161) 2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at devliving.online.securedpreferencestoresample.MainActivity$3$1.run(MainActivity.java:84) 2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at java.lang.Thread.run(Thread.java:764) 2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: Caused by: android.security.KeyStoreException: Invalid operation handle 2018-12-27 14:12:20.279 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at android.security.KeyStore.getKeyStoreException(KeyStore.java:1137) 2018-12-27 14:12:20.280 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.update(KeyStoreCryptoOperationChunkedStreamer.java:132) 2018-12-27 14:12:20.280 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:217) 2018-12-27 14:12:20.280 14509-14624/devliving.online.securedpreferencestoresample W/System.err: at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506) 2018-12-27 14:12:20.280 14509-14624/devliving.online.securedpreferencestoresample W/System.err: ... 9 more (edited)