search

mibrito707 / cordova-plugin-secure-storage-echo

Secure storage plugin for Apache Cordova
MIT License
73 stars 73 forks source link

mac check in GCM failed #31

Closed Gamaroff closed 4 years ago

Gamaroff commented 4 years ago

My app used the cordova-plugin-secure-storage plugin. We migrated to cordova-plugin-secure-storage-echo since the old plugin was failing on Android 10.

When running the app the plugin throws an exception when calling:

const storage = await this.secureStorage.create('key_store');
const keys = await storage.get('app_key');

The exception is:

mac check in GCM failed

Any help is much appreciated.

The configuration on my Macbook is:

Ionic:

   Ionic CLI          : 5.4.13 (/usr/local/lib/node_modules/ionic)
   Ionic Framework    : ionic-angular 3.9.4
   @ionic/app-scripts : 3.2.3

Cordova:

   Cordova CLI       : 8.1.2 (cordova-lib@8.1.1)
   Cordova Platforms : android 8.1.0
   Cordova Plugins   : cordova-plugin-ionic-keyboard 2.1.3, (and 24 other plugins)

Utility:

   cordova-res : 0.8.1
   native-run  : 0.3.0

System:

   Android SDK Tools : 26.1.1 (/Users/gamaroff/Library/Android/sdk)
   ios-deploy        : 1.10.0
   NodeJS            : v10.17.0 (/usr/local/Cellar/node@10/10.17.0/bin/node)
   npm               : 6.11.3
   OS                : macOS Mojave
   Xcode             : Xcode 10.2 Build version 10E125
hvaughan3 commented 4 years ago

Seeing the same issue using plain Cordova without Ionic. Only seeing it on certain Android devices (OnePlus for example).

Gamaroff commented 4 years ago

It seems to be because the encryption method changed from GCM to CCM. This means data stored in secure storage on the old plugin is not accessible with this one.

hvaughan3 commented 4 years ago

@Gamaroff Thank you for the reply! I will look into that.

praveenraji2i commented 4 years ago

@hvaughan3 Any update on this? We are also facing same issue here.

Gamaroff commented 4 years ago

I haven't been able to fix it.

hvaughan3 commented 4 years ago

@praveenraji2i We still plan to catch the error, clear the credentials, and have them login again manually so we can resave with the new format. But I have not had a chance to try it yet.

mibrito707 commented 4 years ago

Hey guys, Thanks for reporting it, can you check if this a possible duplicate or related to #34 ? There is a PR opened and pending review to partially fix this.

timbru31 commented 4 years ago

Yes this is a duplicate of #34 (or vice-versa? This one is older, i.e., was the "original"). GCM and CCM modes for AES are not compatible.