Open mihaelaLo opened 4 years ago
Something is weird, I keep getting the same error from CipherStorageKeystoreRsaEcb even if I select AES specifically
resetGenericPassword({ service: key, storage: 'AES' })
setGenericPassword('user', value, { service: key, storage: 'AES' })
getGenericPassword({service: key, storage: 'AES' })
and it seems also selected at one point in logs:
2020-07-16 18:42:37.530 9258-9331/com.app.myapp D/RNKeychainManager: Selected storage: CipherStorageKeystoreRsaEcb
2020-07-16 18:42:37.533 954-954/? I/keystore: del USRPKEY_warmingUp 10520
2020-07-16 18:42:37.533 954-954/? I/keystore: del USRCERT_warmingUp 10520
2020-07-16 18:42:37.534 954-954/? I/keystore: del CACERT_warmingUp 10520
2020-07-16 18:42:37.581 9258-9331/com.app.myapp E/KeyStore: generateKeyInternal failed on response -6
2020-07-16 18:42:37.582 954-954/? I/keystore: del USRPKEY_warmingUp 10520
2020-07-16 18:42:37.582 954-954/? I/keystore: del USRSKEY_warmingUp 10520
2020-07-16 18:42:37.582 954-954/? I/keystore: del USRCERT_warmingUp 10520
2020-07-16 18:42:37.582 954-954/? I/keystore: del CACERT_warmingUp 10520
2020-07-16 18:42:37.583 9258-9331/com.app.myapp W/CipherStorageBase: StrongBox security storage is not available.
java.security.ProviderException: Failed to generate key pair
at android.security.keystore.AndroidKeyStoreKeyPairGeneratorSpi.generateKeystoreKeyPair(AndroidKeyStoreKeyPairGeneratorSpi.java:514)
at android.security.keystore.AndroidKeyStoreKeyPairGeneratorSpi.generateKeyPair(AndroidKeyStoreKeyPairGeneratorSpi.java:470)
at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:727)
at com.oblador.keychain.cipherStorage.CipherStorageKeystoreRsaEcb.generateKey(CipherStorageKeystoreRsaEcb.java:256)
at com.oblador.keychain.cipherStorage.CipherStorageBase.tryGenerateStrongBoxSecurityKey(CipherStorageBase.java:444)
at com.oblador.keychain.cipherStorage.CipherStorageBase.generateKeyAndStoreUnderAlias(CipherStorageBase.java:391)
at com.oblador.keychain.KeychainModule.internalWarmingBestCipher(KeychainModule.java:173)
at com.oblador.keychain.KeychainModule.lambda$NuQDyTTfZc67dTNiVeEDbYNRCJw(Unknown Source:0)
at com.oblador.keychain.-$$Lambda$KeychainModule$NuQDyTTfZc67dTNiVeEDbYNRCJw.run(Unknown Source:2)
at java.lang.Thread.run(Thread.java:919)
Caused by: android.security.KeyStoreException: Unsupported key size
at android.security.KeyStore.getKeyStoreException(KeyStore.java:1303)
at android.security.keystore.AndroidKeyStoreKeyPairGeneratorSpi.generateKeystoreKeyPair(AndroidKeyStoreKeyPairGeneratorSpi.java:514)
at android.security.keystore.AndroidKeyStoreKeyPairGeneratorSpi.generateKeyPair(AndroidKeyStoreKeyPairGeneratorSpi.java:470)
at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:727)
at com.oblador.keychain.cipherStorage.CipherStorageKeystoreRsaEcb.generateKey(CipherStorageKeystoreRsaEcb.java:256)
at com.oblador.keychain.cipherStorage.CipherStorageBase.tryGenerateStrongBoxSecurityKey(CipherStorageBase.java:444)
at com.oblador.keychain.cipherStorage.CipherStorageBase.generateKeyAndStoreUnderAlias(CipherStorageBase.java:391)
at com.oblador.keychain.KeychainModule.internalWarmingBestCipher(KeychainModule.java:173)
at com.oblador.keychain.KeychainModule.lambda$NuQDyTTfZc67dTNiVeEDbYNRCJw(Unknown Source:0)
at com.oblador.keychain.-$$Lambda$KeychainModule$NuQDyTTfZc67dTNiVeEDbYNRCJw.run(Unknown Source:2)
at java.lang.Thread.run(Thread.java:919)
2020-07-16 18:42:37.585 954-954/? I/keystore: del USRPKEY_warmingUp 10520
2020-07-16 18:42:37.585 954-954/? I/keystore: del USRSKEY_warmingUp 10520
2020-07-16 18:42:37.586 954-954/? I/keystore: del USRCERT_warmingUp 10520
2020-07-16 18:42:37.586 954-954/? I/keystore: del CACERT_warmingUp 10520
2020-07-16 18:42:37.680 9258-9334/com.app.myapp D/RNKeychainManager: Probe cipher storage: CipherStorageFacebookConceal
2020-07-16 18:42:37.680 9258-9334/com.app.myapp D/RNKeychainManager: Probe cipher storage: CipherStorageKeystoreAesCbc
2020-07-16 18:42:37.680 9258-9334/com.app.myapp D/RNKeychainManager: Probe cipher storage: CipherStorageKeystoreRsaEcb
2020-07-16 18:42:37.680 9258-9334/com.app.myapp D/RNKeychainManager: Selected storage: CipherStorageKeystoreAesCbc
Hi, I've played around with the example file on Pixel 4 and the following setting works for me.
await Keychain.setGenericPassword(email, accessToken, {
accessControl: null,
securityLevel: Keychain.SECURITY_LEVEL.ANY,
storage: Keychain.STORAGE_TYPE.FB,
});
I am storing the accessToken and refreshToken information. Retrieving them fails on android with the below problem. All works ok on iOS. Also downgrading to version ^4.0.5 solves the problem on Android also.
This happens only on some devices, but I am able to constantly reproduce it on Pixel 4.