AEADbadtagexception

[Minneth]

Hi, I'm getting the above exception when I try to get a previous stored value. I'm using the package within a Xamarin.Forms Android app only. The issue appears to happen whenever the app has been re-opened after being closed. Can you please advise?

[sameerkapps]

Can you please provide more details/code? Thanks.

[Just89]

Hello, im currently getting the same exception as described above, on android Oreo and Pie, while using plugin version 2.5.0.

When setting SecureStorageImplementation.StorageType = StorageTypes.AndroidKeyStore; And then calling: CrossSecureStorage.Current.GetValue("keyName"); The following exception occurs:

{Java.Security.GeneralSecurityException: Exception of type 'Java.Security.GeneralSecurityException' was thrown. ---> Java.Lang.Exception: Signature/MAC verification failed --- End of managed Java.Security.GeneralSecurityException stack trace --- javax.crypto.AEADBadTagException at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:517) at javax.crypto.Cipher.doFinal(Cipher.java:2113) at mono.java.lang.RunnableImplementor.n_run(Native Method) at mono.java.lang.RunnableImplementor.run(RunnableImplementor.java:30) at android.os.Handler.handleCallback(Handler.java:873) at android.os.Handler.dispatchMessage(Handler.java:99) at android.os.Looper.loop(Looper.java:193) at android.app.ActivityThread.main(ActivityThread.java:6669) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:493) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:858) Caused by: android.security.KeyStoreException: Signature/MAC verification failed at android.security.KeyStore.getKeyStoreException(KeyStore.java:839) at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224) at android.security.keystore.AndroidKeyStoreAuthenticatedAESCipherSpi$BufferAllOutputUntilDoFinalStreamer.doFinal(AndroidKeyStoreAuthenticatedAESCipherSpi.java:373) at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506) ... 10 more }

When changing to SecureStorageImplementation.StorageType = StorageTypes.PasswordProtectedFile; it does work and the key can be retrieved every time.

[OliverMDr]

Version: 2.5 Android-API: 25

AndroidKeystore Storagetype works for me except in one use case, I get the same exception as @Just89.

It occurs with AutoBackup when doing the following steps:

1. Install Android-Sample-App (in manifest I had to set Target-SDK to API 27) and set value for key XXX in keystore
2. Using Android AutoBackup: adb shell bmgr backupnow com.companyname.SecureStorageSample
3. Uninstall App
4. Reinstall App via adb (Important: With automatic restore enabled in settings --> Backup&reset)
5. Try to get value for key XXX that was stored in step 1 --> AEADBadTagException

Interesting: When clicking on "Has Value" for key XXX it says "Y"es

Edit: Ok I digged a little deeper and found out that HasValue returns Yes because the Preferences File with the key/value pairs is backed up and restored after reinstall. The problem is that the key in the keystore is deleted during uninstall as far as I know. Thus, after reinstall, a new key is generated in keystore and GetValue can not decrypt the value that was encrypted with the previous key.

[Mikilll94]

I think the best solution is just to disable backing up data from Google Drive. You can do this in this way:

It is described better here: https://developer.android.com/guide/topics/data/autobackup#EnablingAutoBackup

On this website it is mentioned that backing up data should not be used for user sensitive data - data which is stored in Secure Storage.

[OliverMDr]

Thanks for your response. I ended up with creating custom backup rules, that exclude the SecureStorage.xml, because I wanted to allow to backup some other not sensitive user settings.

[CollapsedMetal]

I am experiencing same issue on Android regarding Signature/MAC verification failed.

To resolve this issue I followed these steps:

• Set <application android:allowBackup="false" ... > on your AndroidManifest.xml

• Disable automatic restoration on physical device

• Reinstall application

• Re-Enable automatic restoration on physical device.

After doing this, i haven't had issues so far... =)

[dush135]

@OliverMDr do you have the custom backup rules file?

[OliverMDr]

@dush135 See here: https://developer.android.com/guide/topics/data/autobackup#IncludingFiles