Open jesuscc1993 opened 6 months ago
It looks like the IllegalBlockSizeException
might be a separate issue rising from setting
{
accessControl: ACCESS_CONTROL.BIOMETRY_CURRENT_SET,
accessible: ACCESSIBLE.WHEN_PASSCODE_SET_THIS_DEVICE_ONLY,
}
as keychain options when setting/getting the password, which was a change done to prevent a similar issue on iOS so you can ignore that bit for this ticket since it's not strictly related
(Copy-pasted from a third party report; probably can't clarify or provide more details. See "context" at the bottom for more info).
Context on this issue
We've been reported this vulnerability on our RN app, but the issue is on this library. All the devs on the project are web devs (most just frontend, me included) and we have no native background, so it's been hard to address the issue. I tried applying the suggested steps (or as much as I could understand from them, rather), following [this comment](https://github.com/oblador/react-native-keychain/issues/336#issuecomment-1192633216), but I get a `javax.crypto.IllegalBlockSizeException` and I have not been able to figure out how to get past that. I found some matches looking up the exception but I lack the basic knowledge required to even begin to understand them. I'll keep looking into this because we have to fix it, but I'm anything but hopeful.