search

kalinjul / kotlin-multiplatform-oidc

Kotlin Multiplatform OpenIDConnect implementation for Android/iOS
https://kalinjul.github.io/kotlin-multiplatform-oidc/
Apache License 2.0
34 stars 13 forks source link

Exception when reinstalling the app #47

Closed maicol07 closed 4 days ago

maicol07 commented 2 months ago

Hi, when an app is uninstalled and reinstalled I get this exception, probably because Android has restored the previous data cloud backup:

java.lang.RuntimeException: Unable to start activity ComponentInfo{eu.prepsoil.app/eu.prepsoil.app.MainActivity}: javax.crypto.AEADBadTagException
                                                                                                        at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:3946)
                                                                                                        at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:4126)
                                                                                                        at android.app.servertransaction.LaunchActivityItem.execute(LaunchActivityItem.java:108)
                                                                                                        at android.app.servertransaction.TransactionExecutor.executeNonLifecycleItem(TransactionExecutor.java:195)
                                                                                                        at android.app.servertransaction.TransactionExecutor.executeCallbacks(TransactionExecutor.java:157)
                                                                                                        at android.app.servertransaction.TransactionExecutor.execute(TransactionExecutor.java:90)
                                                                                                        at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2544)
                                                                                                        at android.os.Handler.dispatchMessage(Handler.java:107)
                                                                                                        at android.os.Looper.loopOnce(Looper.java:232)
                                                                                                        at android.os.Looper.loop(Looper.java:317)
                                                                                                        at android.app.ActivityThread.main(ActivityThread.java:8501)
                                                                                                        at java.lang.reflect.Method.invoke(Native Method)
                                                                                                        at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:552)
                                                                                                        at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:878)
                                                                                                    Caused by: javax.crypto.AEADBadTagException
                                                                                                        at android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:634)
                                                                                                        at javax.crypto.Cipher.doFinal(Cipher.java:2114)
                                                                                                        at com.google.crypto.tink.integration.android.AndroidKeystoreAesGcm.decryptInternal(AndroidKeystoreAesGcm.java:118)
                                                                                                        at com.google.crypto.tink.integration.android.AndroidKeystoreAesGcm.decrypt(AndroidKeystoreAesGcm.java:101)
                                                                                                        at com.google.crypto.tink.KeysetHandle.decrypt(KeysetHandle.java:919)
                                                                                                        at com.google.crypto.tink.KeysetHandle.readWithAssociatedData(KeysetHandle.java:804)
                                                                                                        at com.google.crypto.tink.KeysetHandle.read(KeysetHandle.java:785)
                                                                                                        at com.google.crypto.tink.integration.android.AndroidKeysetManager$Builder.readMasterkeyDecryptAndParseKeyset(AndroidKeysetManager.java:381)
                                                                                                        at com.google.crypto.tink.integration.android.AndroidKeysetManager$Builder.build(AndroidKeysetManager.java:297)
                                                                                                        at androidx.security.crypto.EncryptedSharedPreferences.create(EncryptedSharedPreferences.java:169)
                                                                                                        at androidx.security.crypto.EncryptedSharedPreferences.create(EncryptedSharedPreferences.java:130)
                                                                                                        at org.publicvalue.multiplatform.oidc.tokenstore.AndroidEncryptedPreferencesSettingsStore.<init>(AndroidEncryptedPreferencesSettingsStore.kt:18)
                                                                                                        at org.publicvalue.multiplatform.oidc.tokenstore.AndroidSettingsTokenStore.<init>(AndroidSettingsTokenStore.kt:11)
                                                                                                        at eu.prepsoil.app.MainActivity.onCreate(MainActivity.kt:35)
                                                                                                        at android.app.Activity.performCreate(Activity.java:8767)
                                                                                                        at android.app.Activity.performCreate(Activity.java:8745)
                                                                                                        at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1519)
                                                                                                        at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:3928)
                                                                                                        at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:4126) 
                                                                                                        at android.app.servertransaction.LaunchActivityItem.execute(LaunchActivityItem.java:108) 
                                                                                                        at android.app.servertransaction.TransactionExecutor.executeNonLifecycleItem(TransactionExecutor.java:195) 
                                                                                                        at android.app.servertransaction.TransactionExecutor.executeCallbacks(TransactionExecutor.java:157) 
                                                                                                        at android.app.servertransaction.TransactionExecutor.execute(TransactionExecutor.java:90) 
                                                                                                        at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2544) 
                                                                                                        at android.os.Handler.dispatchMessage(Handler.java:107) 
                                                                                                        at android.os.Looper.loopOnce(Looper.java:232) 
                                                                                                        at android.os.Looper.loop(Looper.java:317) 
                                                                                                        at android.app.ActivityThread.main(ActivityThread.java:8501) 
                                                                                                        at java.lang.reflect.Method.invoke(Native Method) 
                                                                                                        at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:552) 
                                                                                                        at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:878) 
                                                                                                    Caused by: android.security.KeyStoreException: Signature/MAC verification failed (internal Keystore code: -30 message: system/security/keystore2/src/operation.rs:852: KeystoreOperation::finish

                                                                                                    Caused by:
                                                                                                        0: system/security/keystore2/src/operation.rs:428: Finish failed.
                                                                                                        1: Error::Km(r#VERIFICATION_FAILED)) (public error code: 10 internal Keystore code: -30)
                                                                                                        at android.security.KeyStore2.getKeyStoreException(KeyStore2.java:416)
                                                                                                        at android.security.KeyStoreOperation.handleExceptions(KeyStoreOperation.java:79)
                                                                                                        at android.security.KeyStoreOperation.finish(KeyStoreOperation.java:132)
                                                                                                        at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer$MainDataStream.finish(KeyStoreCryptoOperationChunkedStreamer.java:228)
                                                                                                        at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:181)
                                                                                                        at android.security.keystore2.AndroidKeyStoreAuthenticatedAESCipherSpi$BufferAllOutputUntilDoFinalStreamer.doFinal(AndroidKeyStoreAuthenticatedAESCipherSpi.java:396)
2024-05-09 16:51:07.723 24201-24201 AndroidRuntime          eu.prepsoil.app                      E      at android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:626)
                                                                                                        ... 30 more

Thanks

kalinjul commented 2 months ago

Thanks for reporting! I guess we should exclude the token store data from backup by default, see https://developer.android.com/guide/topics/data/autobackup#IncludingFiles.

The encrypted preferences file is named"${context.packageName}.auth", so you may want to try exclude it from backup in your app for testing.