SudoPlz
commented
2 years ago - Have you found any workarounds? i.e clear that alias entry from the keychain when that error occurs?
Open WilliamAlexander opened 3 years ago
SudoPlz
commented
2 years ago SudoPlz
commented
2 years ago 
WilliamAlexander
commented
2 years ago
- Also have you noticed that it only happens on certain versions of react-native-keychain, but not on others? cc @WilliamAlexander
On "react-native-keychain": "^8.0.0", at the mo. Happens now and again. Thinking about moving to expo securestore at some point. https://docs.expo.dev/versions/latest/sdk/securestore/
SudoPlz
commented
2 years ago Thanks for the answer @WilliamAlexander. We're investigating what it would take to move to securestore as well.
WilliamAlexander
commented
2 years ago Thanks for the answer @WilliamAlexander. We're thinking of moving to securestore as well.
That's interesting. I was curious if any data I have in the keystores using this npm will be retrievable using the expo npm. I'd be interested to know if you do decide to take this approach.
I like expo npm packages (not cli as it's too bulky) and they are well maintained
SudoPlz
commented
2 years ago @oblador hey Joel, I'm wondering if you're aware of the issue above, and if there are plans on fixing it.
lauriharpf
commented
2 years ago On "react-native-keychain": "^8.0.0", at the mo.
Also seeing the Could not decrypt data with alias: error on 8.0.0. This issue and #430 might be related, #430 mentions Could not encrypt data with alias.
Considering patching react-native-keychain with https://www.npmjs.com/package/patch-package in our project by applying https://github.com/mattermost/mattermost-mobile/blob/master/patches/react-native-keychain%2B8.0.0.patch , which introduces a cache for the keychain.
lauriharpf
commented
2 years ago Considering patching react-native-keychain with https://www.npmjs.com/package/patch-package in our project by applying https://github.com/mattermost/mattermost-mobile/blob/master/patches/react-native-keychain%2B8.0.0.patch , which introduces a cache for the keychain.
Patched. The Could not decrypt data with alias errors still appear even with the patch. I don't currently have enough data to say if the patch affects the frequency of the errors, but at least it doesn't completely eliminate the error.
savv
commented
2 years ago Just FYI - we saw this error on a Google Pixel 4a running Android 12.
Versions:
"react-native": "0.68.2",
"react-native-keychain": "8.1.1",
kreonjr
commented
2 years ago We have had had multiple users report this happening pretty often on Android. The ones that also reported device and api were:
Google Pixel 3 API 28 Motorola G Power, android ver. 11
"react-native": "0.66.1",
"react-native-keychain": "8.1.1"Patch suggestion attempted but didn't work on our Google Pixel 2 API 30 test device.
ilyagru
commented
2 years ago Having the exact same issue! Is there a workaround?
Only Android and mostly Samsung devices.
"react-native": "0.69.2",
"react-native-keychain": "^8.1.1",
nicwise
commented
2 years ago related to https://github.com/oblador/react-native-keychain/issues/567 I think :(
viLeeKorn
commented
1 year ago faced the same issue on S22, Pixel 7, Xiaomi Redmi Note 9 Pro
"react-native": "0.68.2",
"react-native-keychain": "^8.0.0",
aliza-khu
commented
1 year ago Is there any workaround for this? Then please share.
davidecarpini
commented
1 year ago any updates on this?
c-goettert
commented
1 year ago We are now seeing this more often as well, one of our users stated it happened after upgrading his Samsung (S21+) to the latest android version.
lucasftcruz
commented
1 year ago The same issue here, Could not decrypt data with alias: for the devices below all running Android 13:
SM-G990E SM-G998B SM-G991U SM-G996B SM-G991B Pixel 4a
Ernst2106
commented
1 year ago I have the same issue with XUMM My device: SM-G991B/DS Last update: today (18 October)
Error message: "Could not decrypt data with alias: xumm-realm-key: java.security. InvalidKeyException: Keystore operation failed".
Is there a fix for this issue?
seanquinn
commented
1 year ago Also getting reports from users of this error in the last week 👍
Frans-L
commented
1 year ago We have also started to see crash reports from our customers with the Samsung SM-G991B.
Does anyone know any workaround?
TwistedMinda
commented
1 year ago Same here, Samsung SM-G991B is the problem.
Using latest version : react-native-keychain 8.1.2
Seems to appear more frequently than before without any specific change from our side
yberstad
commented
1 year ago @TwistedMinda, we have seen a sudden increase of this error the last few days, starting to pick up on the 11th of October. Could it be that Samsung is rolling out a security fix that makes this issue worse? @TwistedMinda, are you able to reproduce it?
These are the devices we are experience this on:
TwistedMinda
commented
1 year ago @yberstad No we don't have access to the specific device to reproduce. Can't confirm 11th either, we're seeing an urge from 19th, but we don't have many users with the problem. I don't think I can help more as we really don't have a lot of occurences. I can only confirm that it is becoming more frequent, with no apparent change coming from us!
I think a Samsung update is the most straightfoward reason, what else could have changed?
No user complained either. We'll keep an eye on it 👀
yberstad
commented
1 year ago @TwistedMinda, thanks for your quick response.
We are starting to get customer complaints regarding this, so we'll try to investigate further.
If we find workaround I'll let you know.
Ernst2106
commented
1 year ago I can confirm that it happened straight after installing Samsung's latest update (including security patch 1 October 2023) on my Galaxy S21 5G. I have preliminary 'solved' the issue by resetting Xumm's app data and re-importing my wallets. Xumm now functions normally. This solution would appear suboptimal to me, however.
TwistedMinda
commented
1 year ago Good to know, thanks for reporting! So that's a good news, it means the bug only happens once, when the data are already on the device, and further resetting the values don't cause problems. So supposedly the update messed up a specific space in memory, but only at installation time... Right?
Of course the need to reset app data depends on the implementation of catching the underyling error. We have a fallback in case of this error that doesn't block the user, so they don't need to reset app data.
bpeltonc
commented
1 year ago I will add this isn't happening only on Samsung devices. I have tons of Sentry reports of this error with Pixel devices. I wonder if anybody can confirm this same error doesn't occur with the Expo Secure Store library? I'm considering using that instead as well, but I don't know it's just this library.
joarkosberg
commented
1 year ago Also experiencing this, only on samsung phones per now.
androideveloper
commented
1 year ago Seeing spike on our end, mostly the samsung devices mentioned above.
kamalesh100
commented
1 year ago Exactly the same issue with 100% Samsung Galaxy devices for now. This integration is not on Prod for now though tested with various Android devices, only the Samsung error logs have been seen.
alexandrius
commented
1 year ago For anyone who wants to reproduce. You gotta have affected device. I have Galaxy S21 FE - which is also affected.
G990EXXS7EWH5.What I found so far. KeyMaster seems to be updated to V4. KeyMaster considers the key need to be updated - whatever it means. The update fails for no understandable (at least to me) reason. The error originates here.
Any input is highly appreciated
androideveloper
commented
1 year ago Hi @alexandrius ! Thanks for sharing this! Have you tried the encrypt operation?
alexandrius
commented
1 year ago @androideveloper Can you please clarify what do you mean? Are you asking if encrypt still works?
androideveloper
commented
1 year ago Yes! I guess it fails as well
alexandrius
commented
1 year ago @androideveloper I haven't tried but I think it will go through since it deletes previous master key. Seems like the Keys can be damaged and it's somehow related to hardware Exynos 2100 in my case
N3TC4T
commented
1 year ago @TwistedMinda @Ernst2106 @yberstad @lucasftcruz @c-goettert
Samsung just released another update yesterday and I can confirm it fixes the issue.
androideveloper
commented
1 year ago @N3TC4T the security patch level in the picture is still Oct 1 though 🤔 did they release multiple patches for October?
matt-alice
commented
1 year ago Same concern - I only downloaded the latest security update 2 days ago while trying to reproduce the issue (Galaxy A32 5G). My security update is dated October 24th, but I think it means "downloaded October 24th". The patch itself was from August 2023.
Are there other patches for October?
alexandrius
commented
1 year ago @matt-alice there are patches from october, however I don't think the patch was faulty but rather crappy Samsung code on top of it
N3TC4T
commented
1 year ago the security patch level in the picture is still Oct 1 though 🤔 did they release multiple patches for October?
@androideveloper it's another update, which has been released yesterday.
mhv1
commented
1 year ago Seems to be that updates are rolled out at different times depending on the region and under these really confusing version numbers.
I did find a page were you can see the list of releases currently available for a specific model in a specific region. For example, my affected device model number is: Galaxy S21 FE 5G (SM-G990B2), Googling that + "updates", I get the following site in the results:
https://doc.samsungmobile.com/SM-G990B2/EUX/doc.html
The "EUX" part in the URL denotes the region. Looking at the release date (and not at "Security patch level") looks like the latest patch that fixes the issue (i.e., something released yesterday) is not yet available in Europe.
hugoalvares
commented
1 year ago We're getting a JSON parse error when parsing a stored JSON string from Keychain.
It seems that the cause is that there are invalid characters being added to the JSON string (not sure if at the start or end).
Here's a workaround that we're using for now:
JSON.parse(tokens.substring(tokens.indexOf('{'), tokens.lastIndexOf('}') + 1))
bpeltonc
commented
1 year ago I will add this isn't happening only on Samsung devices. I have tons of Sentry reports of this error with Pixel devices. I wonder if anybody can confirm this same error doesn't occur with the Expo Secure Store library? I'm considering using that instead as well, but I don't know it's just this library.
In case anybody is curious, I'm no longer having any trouble with this, or any error at all, after migrating to Expo Secure Store. It does appear to be related to the way this library interacts with the native APIs and not the native APIs themselves.
alexandrius
commented
1 year ago @bpeltonc this library is fine. By moving to expo-secure-store you just recreated all the keys. Recreating keys is what "fixed" the problem.
Tejesh-Duvvuru
commented
1 year ago Hi, do we have any solution to resolve this error.
Ernst2106
commented
1 year ago Samsung released a new update, which fixes this issue
Tejesh-Duvvuru
commented
1 year ago Hi, @Ernst2106, we are using an open-source version of Android 10 and Android 6. We are encountering this error.
filipef101
commented
1 year ago Hi, @Ernst2106, we are using an open-source version of Android 10 and Android 6. We are encountering this error.
Maybe needs an update?
argenkiwi
commented
1 year ago There is a known and outstanding issue and the suggested workaround is to recreate the keys as @alexandrius suggested.
danibonilha
commented
11 months ago Also having users experiencing this issue on Pixel 5 - Android 14, but not all of them. Was anyone able to reproduce this issue on an emulator ? Or found any other workaround to decrypt the data and migrate it without losing it ?
Now and again I get the error: "Could not decrypt data with alias: "
Happens when I call Keychain.getGenericPassword() I don't use a service when calling Keychain.setGenericPassword (it uses the package name as default in Android).
Out of over 5k users, it happens for around 20 users (so far). 99% of the devices are Samsung. Tried myself on a Samsung phone and I cannot recreate.
Not sure if related to the user:
I'll eventually update the react-native-keychain package but holding off as it might cause further issues in this field
"react-native": "0.64.0", "react-native-keychain": "^6.2.0"