search

kryptco / krypton-android

DEPRECATED Krypton turns your Android device into a U2F Authenticator: strong, unphishable 2FA.
https://krypt.co
Other
202 stars 50 forks source link

App crashes with UnsupportedOperationException #86

Closed silvester747 closed 6 years ago

silvester747 commented 6 years ago

The Kryptonite app suddenly stopped working completely for me. It directly crashes when starting it or when trying to approve an SSH session. In logcat I see the following crash:

10-26 11:45:05.425  1857  1857 E AndroidRuntime: FATAL EXCEPTION: main
10-26 11:45:05.425  1857  1857 E AndroidRuntime: Process: co.krypt.kryptonite, PID: 1857
10-26 11:45:05.425  1857  1857 E AndroidRuntime: java.lang.RuntimeException: Unable to start receiver co.krypt.kryptonite.policy.NoAuthReceiver: java.lang.UnsupportedOperationException
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at android.app.ActivityThread.handleReceiver(ActivityThread.java:3072)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at android.app.ActivityThread.-wrap18(ActivityThread.java)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1580)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at android.os.Handler.dispatchMessage(Handler.java:102)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at android.os.Looper.loop(Looper.java:154)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at android.app.ActivityThread.main(ActivityThread.java:6186)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at java.lang.reflect.Method.invoke(Native Method)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:889)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:779)
10-26 11:45:05.425  1857  1857 E AndroidRuntime: Caused by: java.lang.UnsupportedOperationException
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at java.security.KeyStoreSpi.engineGetEntry(KeyStoreSpi.java:482)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at java.security.KeyStore.getEntry(KeyStore.java:1323)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at co.krypt.kryptonite.crypto.RSAKeyManager.keyExists(RSAKeyManager.java:146)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at co.krypt.kryptonite.crypto.KeyManager.loadMeRSAOrEdKeyPair(KeyManager.java:31)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at co.krypt.kryptonite.silo.Silo.respondToRequest(Silo.java:461)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at co.krypt.kryptonite.policy.Policy.onAction(Policy.java:91)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at co.krypt.kryptonite.policy.NoAuthReceiver.onReceive(NoAuthReceiver.java:17)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    at android.app.ActivityThread.handleReceiver(ActivityThread.java:3065)
10-26 11:45:05.425  1857  1857 E AndroidRuntime:    ... 8 more

I am not sure whether I can reinstall it without having to set up new keys again?

kcking commented 6 years ago

Thank you for reporting -- uninstalling the app would delete your key pair and require you to generate a new one, but I also don't think it would fix the issue.

Which type of SSH key did you generate? (RSA or Ed25519) Also which version of Android are you running and on which model of phone?

silvester747 commented 6 years ago

Ah, then I will not do that yet.

I generated an RSA key, if I remember correctly.

Running Android 7.1.2 on OnePlus One. LineageOS 14.1-20171023-NIGHTLY-bacon

silvester747 commented 6 years ago

My phone is rooted, so if that helps I can investigate deeper. Just tell me what to look for.

kcking commented 6 years ago

Do you know which version of LineageOS you updated from? LineageOS has had some keystore issues in the past such as here: https://jira.lineageos.org/browse/BUGBASH-590 but if we narrow down the version that caused the regression we can give them a more accurate report.

silvester747 commented 6 years ago

I am updating every week. My problems started 2 or 3 weeks ago, I just did not get around to checking the crash log earlier :-(. Now I think of it, there was another 2-factor app that had similar issues and I had to relink that one as well.

kcking commented 6 years ago

I just tested lineageos 2017-11-07 nightly (Android 7.1.2) on a Nexus 5 with an RSA key pair and everything is working. Have you tried updating to the latest nightly?

silvester747 commented 6 years ago

I fixed it by deleting all app data. So I had to generate a new key. It seems like somehow the key got lost (maybe a linageos bug). The kryptonite app was having issues handling the fact that the key was not available. Probably it should give a useful error message and allow you to generate a new key.

silvester747 commented 6 years ago

It started failing again, but now without crashing. Instead I respond using the app and simply nothing happens. The same if I try to pair: the pc never gets the response.

In logcat I do see this familiar error again when trying to use ssh authentication:

12-28 16:54:02.381 I/FirebaseCrash(31716): Sending crashes
12-28 16:54:02.388 W/System.err(31716): co.krypt.kryptonite.exception.CryptoException
12-28 16:54:02.388 W/System.err(31716):         at co.krypt.kryptonite.crypto.RSAKeyManager.keyExists(RSAKeyManager.java:184)
12-28 16:54:02.388 W/System.err(31716):         at co.krypt.kryptonite.crypto.KeyManager.loadMeRSAOrEdKeyPair(KeyManager.java:31)
12-28 16:54:02.388 W/System.err(31716):         at co.krypt.kryptonite.silo.Silo.respondToRequest(Silo.java:480)
12-28 16:54:02.388 W/System.err(31716):         at co.krypt.kryptonite.policy.Policy.onAction(Policy.java:91)
12-28 16:54:02.388 W/System.err(31716):         at co.krypt.kryptonite.policy.NoAuthReceiver.onReceive(NoAuthReceiver.java:17)
12-28 16:54:02.389 W/System.err(31716):         at android.app.ActivityThread.handleReceiver(ActivityThread.java:3065)
12-28 16:54:02.389 W/System.err(31716):         at android.app.ActivityThread.-wrap18(ActivityThread.java)
12-28 16:54:02.389 W/System.err(31716):         at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1580)
12-28 16:54:02.389 W/System.err(31716):         at android.os.Handler.dispatchMessage(Handler.java:102)
12-28 16:54:02.389 W/System.err(31716):         at android.os.Looper.loop(Looper.java:154)
12-28 16:54:02.389 W/System.err(31716):         at android.app.ActivityThread.main(ActivityThread.java:6186)
12-28 16:54:02.389 W/System.err(31716):         at java.lang.reflect.Method.invoke(Native Method)
12-28 16:54:02.389 W/System.err(31716):         at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:889)
12-28 16:54:02.389 W/System.err(31716):         at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:779)

I think it started again after installing the 18 December version of LineageOS 14.1. Is it possible that this is an issue in LineageOS? Is it losing my RSA keys in its keyring somehow? If that is the case I will try and follow up with LineageOS instead.

kcking commented 6 years ago

Yes it seems that LineageOS doesn't migrate keys in the AndroidKeystore correctly... one workaround would be to use an Ed25519 key (which you can select by clicking the key type on the generation screen). Ed25519 keys are stored in Preferences and it seems that LineageOS does migrate Preferences correctly between upgrades.

silvester747 commented 6 years ago

Thanks. I will search the LineageOS jira for bugs related to this, or add a new one if it is open again. Now I am trying with an ed25519 key.

kcking commented 6 years ago

Closing for now -- I have personally been testing LineageOS successfully. Please let us know if you run into anything else!