search

mollyim / mollyim-android

Enhanced and security-focused fork of Signal.
GNU Affero General Public License v3.0
1.37k stars 77 forks source link

Crash during database decryption: Keystore operation failed #332

Closed frumentum closed 3 weeks ago

frumentum commented 4 weeks ago

Is there an existing issue for this?

Bug description

Hi folks, after my phone turned off due to empty battery, I get this error when I try to open Molly. It happens at the end of the decryption phase (I turned on the passphrase based encryption) and it's the same error no matter if I enter the correct or an incorrect passphrase.

Any help is appreciated!

PS: Sorry for not uploading the debug log. As molly does not open I'm not able to open Help->Debug logs.

type: crash
osVersion: google/bluejay/bluejay:14/AP1A.240505.004/2024052100:user/release-keys
package: im.molly.app:142101
process: im.molly.app
processUptime: 4882 + 208 ms
installer: com.android.packageinstaller

java.lang.RuntimeException: An error occurred while executing doInBackground()
    at android.os.AsyncTask$4.done(AsyncTask.java:415)
    at java.util.concurrent.FutureTask.finishCompletion(FutureTask.java:381)
    at java.util.concurrent.FutureTask.setException(FutureTask.java:250)
    at java.util.concurrent.FutureTask.run(FutureTask.java:269)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:644)
    at java.lang.Thread.run(Thread.java:1012)
Caused by: java.lang.AssertionError: java.security.InvalidKeyException: Keystore operation failed
    at org.thoughtcrime.securesms.crypto.PassphraseBasedKdf.hmac(PassphraseBasedKdf.java:121)
    at org.thoughtcrime.securesms.crypto.PassphraseBasedKdf.deriveKey(PassphraseBasedKdf.java:84)
    at org.thoughtcrime.securesms.crypto.MasterSecretUtil.getMasterSecret(MasterSecretUtil.java:163)
    at org.thoughtcrime.securesms.PassphrasePromptActivity$SetMasterSecretTask.doInBackground(PassphrasePromptActivity.java:325)
    at org.thoughtcrime.securesms.PassphrasePromptActivity$SetMasterSecretTask.doInBackground(PassphrasePromptActivity.java:303)
    at android.os.AsyncTask$3.call(AsyncTask.java:394)
    at java.util.concurrent.FutureTask.run(FutureTask.java:264)
    ... 3 more
Caused by: java.security.InvalidKeyException: Keystore operation failed
    at android.security.keystore2.KeyStoreCryptoOperationUtils.getInvalidKeyException(KeyStoreCryptoOperationUtils.java:128)
    at android.security.keystore2.AndroidKeyStoreHmacSpi.ensureKeystoreOperationInitialized(AndroidKeyStoreHmacSpi.java:185)
    at android.security.keystore2.AndroidKeyStoreHmacSpi.engineInit(AndroidKeyStoreHmacSpi.java:107)
    at javax.crypto.Mac.chooseProvider(Mac.java:447)
    at javax.crypto.Mac.init(Mac.java:517)
    at org.thoughtcrime.securesms.crypto.PassphraseBasedKdf.hmac(PassphraseBasedKdf.java:118)
    ... 9 more
Caused by: android.security.KeyStoreException: Invalid key blob (internal Keystore code: -33 message: system/security/keystore2/src/security_level.rs:357: Failed to begin operation.

Caused by:
    0: system/security/keystore2/src/security_level.rs:868
    1: system/security/keystore2/src/utils.rs:417: Calling km_op
    2: Error::Km(r#INVALID_KEY_BLOB)) (public error code: 10 internal Keystore code: -33)
    at android.security.KeyStore2.getKeyStoreException(KeyStore2.java:416)
    at android.security.KeyStoreSecurityLevel.createOperation(KeyStoreSecurityLevel.java:122)
    at android.security.keystore2.AndroidKeyStoreHmacSpi.ensureKeystoreOperationInitialized(AndroidKeyStoreHmacSpi.java:179)
    ... 13 more

molly-log-1717271316255.zip

Steps to reproduce

  1. Open molly (passphrase based encryption has to be enabled)
  2. Enter anything in the passphrase text field

Molly version

v7.8.1-1-FOSS

Android version

Android 14

Device

Google Pixel 6a

Link to debug log

No response

valldrac commented 4 weeks ago

Did you already try a reboot?

frumentum commented 4 weeks ago

Sure. I forgot to mention it. That should always be one of the first steps to try (as learned from it crowd )

valldrac commented 3 weeks ago

I have no idea what it could be then. It's definitely not an app issue, but an issue with the device not being able to use Molly's key stored in the hardware security module. I asked the folks at GrapheneOS, and they don't know what it is either.

Have you modified or tampered the bootloader, the OS, or the app in any way?

frumentum commented 3 weeks ago

Thanks @valldrac for your investigation.

Sounds not like a bug which is easy to be fixed. I didn't modify anything in the OS, the bootloader or the app. Before my phone was shut down due to empty battery, molly was in the background (db decrypted) ready to be used. Maybe that's a necessary hint?!

Is it worth a try to connect via adb and use sudo to access /data/data/im.molly... to see if there is any .lock file which could potentially block molly to access the keystore?

I'd guess a reinstall would solve the problem but in this case I'd lose about 600MB of data. I have a backup of molly from the 31th of May (which was created by Molly's backup feature). How is this backup encrypted and could I restore the backup from a new installed molly?

valldrac commented 3 weeks ago

It is a problem with your device. Molly's encryption key is generated once inside the HSM and securely keep there. Apparently, the key has been corrupted, so the data is unrecoverable.

You will have to delete the app's data (or reinstall Molly) and restore it from the backup. You can follow these instructions:

https://support.signal.org/hc/en-us/articles/360007059752-Backup-and-Restore-Messages#android_restore

There could be an underlying hardware problem, so my advice to you is to make frequent backups from now on.

mazingerbogdanov commented 3 weeks ago

I have the same problem with a different device (Redmi Note 9)

valldrac commented 3 weeks ago

@mazingerbogdanov Sorry for that. We would need to look at the debug log. Before entering the passphrase in Molly, you can share the log in the 3-dots menu at the top of the screen.

mazingerbogdanov commented 3 weeks ago

molly-log-1717578595810.zip

valldrac commented 3 weeks ago

@mazingerbogdanov You may get a crash, but it's totally different from this one. We would have to know when the bug happens to you, and the steps to reproduce it. Please open a new ticket and we'll discuss it.

https://github.com/mollyim/mollyim-android/issues/new/choose

frumentum commented 3 weeks ago

Thanks @valldrac for your time and investigation. As suggested, I deleted the app data and restored the backup. I enabled passphrase encryption again and now it's working fine again. Let's see how long...

frumentum commented 3 weeks ago

Since this bug seems to be not reproducible, let's close it