Closed joarkosberg closed 7 months ago
@lucasftcruz Thanks!
@lucasftcruz Just want to note that those 2 issues are different from newer Samsung issues
traced to cipher.init(Cipher.DECRYPT_MODE, key, iv); java.security.InvalidKeyException: Keystore operation failed seems all stored data in Samsung is broken now
Full stacktrace is this:
com.oblador.keychain.exceptions.CryptoFailedException: Could not encrypt data with alias:
at com.oblador.keychain.cipherStorage.CipherStorageKeystoreAesCbc.encrypt(CipherStorageKeystoreAesCbc.java:122)
at com.oblador.keychain.KeychainModule.setGenericPassword(KeychainModule.java:224)
at com.oblador.keychain.KeychainModule.setGenericPasswordForOptions(KeychainModule.java:253)
at java.lang.reflect.Method.invoke(Native Method)
at com.facebook.react.bridge.JavaMethodWrapper.invoke(JavaMethodWrapper.java:372)
at com.facebook.react.bridge.JavaModuleWrapper.invoke(JavaModuleWrapper.java:188)
at com.facebook.jni.NativeRunnable.run(Native Method)
at android.os.Handler.handleCallback(Handler.java:942)
at android.os.Handler.dispatchMessage(Handler.java:99)
at com.facebook.react.bridge.queue.MessageQueueThreadHandler.dispatchMessage(MessageQueueThreadHandler.java:27)
at android.os.Looper.loopOnce(Looper.java:226)
at android.os.Looper.loop(Looper.java:313)
at com.facebook.react.bridge.queue.MessageQueueThreadImpl$4.run(MessageQueueThreadImpl.java:228)
at java.lang.Thread.run(Thread.java:1012)
Caused by: java.security.InvalidKeyException: Keystore operation failed
at android.security.keystore2.KeyStoreCryptoOperationUtils.getInvalidKeyException(KeyStoreCryptoOperationUtils.java:130)
at android.security.keystore2.KeyStoreCryptoOperationUtils.getExceptionForCipherInit(KeyStoreCryptoOperationUtils.java:154)
at android.security.keystore2.AndroidKeyStoreCipherSpiBase.ensureKeystoreOperationInitialized(AndroidKeyStoreCipherSpiBase.java:345)
at android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineInit(AndroidKeyStoreCipherSpiBase.java:177)
at javax.crypto.Cipher.tryTransformWithProvider(Cipher.java:2985)
at javax.crypto.Cipher.tryCombinations(Cipher.java:2892)
at javax.crypto.Cipher$SpiAndProviderUpdater.updateAndGetSpiAndProvider(Cipher.java:2797)
at javax.crypto.Cipher.chooseProvider(Cipher.java:774)
at javax.crypto.Cipher.init(Cipher.java:1144)
at javax.crypto.Cipher.init(Cipher.java:1085)
at com.oblador.keychain.cipherStorage.CipherStorageBase$IV.lambda$static$0(CipherStorageBase.java:544)
at com.oblador.keychain.cipherStorage.CipherStorageBase$IV$$ExternalSyntheticLambda0.initialize(Unknown Source:0)
at com.oblador.keychain.cipherStorage.CipherStorageBase.encryptString(CipherStorageBase.java:353)
at com.oblador.keychain.cipherStorage.CipherStorageKeystoreAesCbc.encryptString(CipherStorageKeystoreAesCbc.java:263)
at com.oblador.keychain.cipherStorage.CipherStorageKeystoreAesCbc.encrypt(CipherStorageKeystoreAesCbc.java:118)
... 13 more
Caused by: android.security.KeyStoreException: Invalid key blob (internal Keystore code: -33 message: In create_operation: Failed to begin operation. 10032
Caused by:
0: In KeystoreSecurityLevel::upgrade_keyblob_if_required_with.
1: In utils::upgrade_keyblob_if_required_with: Calling km_op.
2: Error::Km(ErrorCode(-33))) (public error code: 10 internal Keystore code: -33)
at android.security.KeyStore2.getKeyStoreException(KeyStore2.java:418)
at android.security.KeyStoreSecurityLevel.createOperation(KeyStoreSecurityLevel.java:123)
at android.security.keystore2.AndroidKeyStoreCipherSpiBase.ensureKeystoreOperationInitialized(AndroidKeyStoreCipherSpiBase.java:340)
... 25 more
Hi, any updates ?
In our application, this issue also began to arise frequently. At Sentry, we see that most often this problem occurs among Samsung users, but there are also cases with Honor, Huawei and ZTE. The most common version of Android is 13, and 10 is also present.
Also I found one interesting thing in docs https://github.com/oblador/react-native-keychain#configuring-the-android-specific-behavior. Maybe it helps.
Versions
RN: 0.72.5 react-native-keychain: 8.1.1
Error
For me the error went died down after the update from Samsung. So seems to be fixed at their side.
@ViktorOsadchyi Have you seen a increase in the error, or is it going down?
@joarkosberg the number of users with this issue is not increasing. But new events are appearing. I'll probably have to wait until they update the version.
New patch from Samsung automatically fixed it for us.
We have started to see this issue again with Samsung Galaxy S24 Ultra devices. Are others experiencing the same problem?
Suspect that this is the reason: https://www.sammobile.com/news/galaxy-s24-june-2024-security-update-europe
Just got this on my S24 as well, shortly after installing the June security update. Tested on my S21 after installing the June security update and was not able to reproduce it.
This might not be related to this library, but I am opening a issue to discuss, in case it is or others are facing the same problem.
Description
From the latest OS update on Samsung phones (October 2023), a lot of devices has started failing encrypting and decrypting with the library. It is only Samsung phones on the newest OS, and it fails every time.
Versions
RN: 0.72.5 React-native-keychain: 8.1.2
Error
Could not decrypt data with alias:
andCould not encrypt data with alias: