Closed steinjak closed 4 years ago
We are planning to implement our own workaround which would involve detecting the specific mac check failed error, clearing the saved keys, and then requiring the user to log back in. Obviously having the plugin re-encrypt using the new cipher mode would be preferred.
That would be the ideal solution, indeed. Thanks for getting back to me so quickly, and have a nice day!
I have no control over this repo and would not be the person to implement this change. I just happened to have the same issue. Suggest you try and speak with the maintainer.
Aha, I didn't catch that you weren't involved with this repo.
Hey @steinjak & @hvaughan3 thanks for reporting this and your inputs, really appreciated. Currently there is a PR that partially fix this issue #36 can you double check it and probable even contribute? In the meantime, I asked the author to add some documentation on how to use.
Are there any updates regarding this issue/PR? For the time being; I've forked this repo and reverted the Chipher-mode back to CCM, because we can't wait for the release of the mentioned PR.
We are looking into using this plugin as a replacement for
cordova-plugin-secure-storage
for an app that is currently in production and have been so for a while, in order to support android 10 devices. Unfortunately, as the AES cipher mode has changed in this fork, this would break existing clients having stored credentials encrypted with the old plugin.Would it be possible to provide an upgrade path somehow, or at least a "backwards compatibility" flag? Perhaps it should be noted in the README?
The change in question is in the commit fd10aa624979e4bf5a323556c523f3c56035c6af - "Changed AES encryption mode for API 19 compatibility" as part of PR #17 and related to issue #23