Platforms(Android/iOS/web/all): Android
Hi all! We recently updated our app from Expo 43 to Expo 48, and we also updated the expo-secure-store package from version 11.3.0 to 12.1.1. However, after releasing the new version, we started encountering ‘Could not encrypt/decrypt the value for SecureStore’ errors on Android devices running Android 12 and 13 on standalone production build. Some users receiving this error even on a new phone with freshly installed new app.
Trace:
app:///index.android.bundle in Error: Could not encrypt
In App
app:///index.android.bundle in promiseMethodWrapper at line 1:219591
In App
app:///index.android.bundle in anonymous at line 1:675774
In App
app:///index.android.bundle in getItemAsync$ at line 1:1701464
In App
app:///index.android.bundle in call
In App
app:///index.android.bundle in tryCatch at line 1:233336
Same issue here. Found on Android standalone app only (at least Android 12). Interestingly, the problem exhibits itself on a newly installed app and it can be fixed by clear app cache and open the app again.
Packages Version
expo 48.0.20
expo-secure-store 12.1.1
Stacktrace
2023-08-14 00:16:34.977 26021-26078 ExpoSecureStore pid-26021 W javax.crypto.AEADBadTagException
at android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:611)
at javax.crypto.Cipher.doFinal(Cipher.java:2056)
at expo.modules.securestore.SecureStoreModule$AESEncrypter.lambda$decryptItem$1(SecureStoreModule.java:466)
at expo.modules.securestore.SecureStoreModule$AESEncrypter$$ExternalSyntheticLambda0.run(Unknown Source:2)
at expo.modules.securestore.AuthenticationHelper.handleEncryptionCallback(AuthenticationHelper.kt:86)
at expo.modules.securestore.AuthenticationHelper$defaultCallback$1.checkAuthentication(AuthenticationHelper.kt:73)
at expo.modules.securestore.SecureStoreModule$AESEncrypter.decryptItem(SecureStoreModule.java:464)
at expo.modules.securestore.SecureStoreModule.readJSONEncodedItem(SecureStoreModule.java:205)
at expo.modules.securestore.SecureStoreModule.getItemImpl(SecureStoreModule.java:177)
at expo.modules.securestore.SecureStoreModule.getValueWithKeyAsync(SecureStoreModule.java:165)
at java.lang.reflect.Method.invoke(Native Method)
at expo.modules.core.ExportedModule.invokeExportedMethod(ExportedModule.java:98)
at expo.modules.adapters.react.NativeModulesProxy.callMethod(NativeModulesProxy.java:178)
at expo.modules.kotlin.defaultmodules.NativeModulesProxyModule$definition$lambda$1$$inlined$AsyncFunction$1.invoke(ObjectDefinitionBuilder.kt:387)
at expo.modules.kotlin.defaultmodules.NativeModulesProxyModule$definition$lambda$1$$inlined$AsyncFunction$1.invoke(ObjectDefinitionBuilder.kt:248)
at expo.modules.kotlin.functions.AsyncFunctionWithPromiseComponent.callUserImplementation$expo_modules_core_release(AsyncFunctionWithPromiseComponent.kt:19)
at expo.modules.kotlin.functions.AsyncFunction$attachToJSObject$2$1.invokeSuspend(AsyncFunction.kt:69)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
at android.os.Handler.handleCallback(Handler.java:938)
at android.os.Handler.dispatchMessage(Handler.java:99)
at android.os.Looper.loopOnce(Looper.java:210)
at android.os.Looper.loop(Looper.java:299)
at android.os.HandlerThread.run(HandlerThread.java:67)
Caused by: android.security.KeyStoreException: Signature/MAC verification failed
at android.security.KeyStore2.getKeyStoreException(KeyStore2.java:356)
at android.security.KeyStoreOperation.handleExceptions(KeyStoreOperation.java:78)
at android.security.KeyStoreOperation.finish(KeyStoreOperation.java:127)
at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer$MainDataStream.finish(KeyStoreCryptoOperationChunkedStreamer.java:228)
at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:181)
at android.security.keystore2.AndroidKeyStoreAuthenticatedAESCipherSpi$BufferAllOutputUntilDoFinalStreamer.doFinal(AndroidKeyStoreAuthenticatedAESCipherSpi.java:396)
at android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:603)
at javax.crypto.Cipher.doFinal(Cipher.java:2056)
at expo.modules.securestore.SecureStoreModule$AESEncrypter.lambda$decryptItem$1(SecureStoreModule.java:466)
at expo.modules.securestore.SecureStoreModule$AESEncrypter$$ExternalSyntheticLambda0.run(Unknown Source:2)
at expo.modules.securestore.AuthenticationHelper.handleEncryptionCallback(AuthenticationHelper.kt:86)
at expo.modules.securestore.AuthenticationHelper$defaultCallback$1.checkAuthentication(AuthenticationHelper.kt:73)
at expo.modules.securestore.SecureStoreModule$AESEncrypter.decryptItem(SecureStoreModule.java:464)
at expo.modules.securestore.SecureStoreModule.readJSONEncodedItem(SecureStoreModule.java:205)
at expo.modules.securestore.SecureStoreModule.getItemImpl(SecureStoreModule.java:177)
at expo.modules.securestore.SecureStoreModule.getValueWithKeyAsync(SecureStoreModule.java:165)
at java.lang.reflect.Method.invoke(Native Method)
at expo.modules.core.ExportedModule.invokeExportedMethod(ExportedModule.java:98)
at expo.modules.adapters.react.NativeModulesProxy.callMethod(NativeModulesProxy.java:178)
at expo.modules.kotlin.defaultmodules.NativeModulesProxyModule$definition$lambda$1$$inlined$AsyncFunction$1.invoke(ObjectDefinitionBuilder.kt:387)
at expo.modules.kotlin.defaultmodules.NativeModulesProxyModule$definition$lambda$1$$inlined$AsyncFunction$1.invoke(ObjectDefinitionBuilder.kt:248)
at expo.modules.kotlin.functions.AsyncFunctionWithPromiseComponent.callUserImplementation$expo_modules_core_release(AsyncFunctionWithPromiseComponent.kt:19)
at expo.modules.kotlin.functions.AsyncFunction$attachToJSObject$2$1.invokeSuspend(AsyncFunction.kt:69)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
at android.os.Handler.handleCallback(Handler.java:938)
at android.os.Handler.dispatchMessage(Handler.java:99)
at android.os.Looper.loopOnce(Looper.java:210)
at android.os.Looper.loop(Looper.java:299)
at android.os.HandlerThread.run(HandlerThread.java:67)