Issue with expo-secure-store on SDK 34

Expo SDK
1

After upgraded to SDK 34, I have an issue on a Samsung A7 phone with Android 9. On other phones I’ve tested no issue. If I install the app from my beta-channel on Google Play and try to login, nothing happens when clicking the button. But if I then close the app, delete App data from the Android settings, open the app and try to login in again, it’s working as expected. One of the things happening when clicking the login-button is using the expo-secure-store.

I’ve attacked the phone to my computer and fetched the log using Logcat, trying to identify the difference between the to executions. I found this section in the log from:

2019-07-31 19:39:18.831 3594-3594/? W/keymaster_tee: [WRN]start nwd_get_key_characteristics
2019-07-31 19:39:18.833 3594-3594/? W/keymaster_tee: [WRN]ret OK PARAMS: A32 P0 P1 B32 P1 AR1 S256 2019.07.31,19:39:18.314 
2019-07-31 19:39:18.838 3594-3594/? W/keymaster_tee: [WRN]start nwd_get_key_characteristics
2019-07-31 19:39:18.840 3594-3594/? W/keymaster_tee: [WRN]ret OK PARAMS: A32 P0 P1 B32 P1 AR1 S256 2019.07.31,19:39:18.314 
2019-07-31 19:39:18.841 3594-3594/? W/keymaster_tee: [WRN]start nwd_get_key_characteristics
2019-07-31 19:39:18.843 3594-3594/? W/keymaster_tee: [WRN]ret OK PARAMS: A32 P0 P1 B32 P1 AR1 S256 2019.07.31,19:39:18.314 
2019-07-31 19:39:18.843 3594-3594/? W/keymaster_tee: [WRN]begin req PARAMS: A32 B32 P1 
2019-07-31 19:39:18.849 3594-3594/? W/keymaster_tee: [WRN]Returning with error: -30
2019-07-31 19:39:18.849 3594-3594/? W/keymaster2_mdfpp: exit finish function, returned -30
2019-07-31 19:39:18.849 3884-3884/? W/keystore: finish : hidlCb error -30
2019-07-31 19:39:18.851 10809-11082/? W/ExpoSecureStore: javax.crypto.AEADBadTagException
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:517)
        at javax.crypto.Cipher.doFinal(Cipher.java:2055)
        at expo.modules.securestore.SecureStoreModule$AESEncrypter.decryptItem(SecureStoreModule.java:433)
        at expo.modules.securestore.SecureStoreModule.readJSONEncodedItem(SecureStoreModule.java:188)
        at expo.modules.securestore.SecureStoreModule.getItemImpl(SecureStoreModule.java:159)
        at expo.modules.securestore.SecureStoreModule.getValueWithKeyAsync(SecureStoreModule.java:147)
        at java.lang.reflect.Method.invoke(Native Method)
        at org.unimodules.a.c.invokeExportedMethod(ExportedModule.java:97)
        at org.unimodules.adapters.react.NativeModulesProxy.callMethod(NativeModulesProxy.java:117)
        at java.lang.reflect.Method.invoke(Native Method)
        at com.facebook.react.bridge.JavaMethodWrapper.invoke(JavaMethodWrapper.java:372)
        at com.facebook.react.bridge.JavaModuleWrapper.invoke(JavaModuleWrapper.java:158)
        at com.facebook.react.bridge.queue.NativeRunnable.run(Native Method)
        at android.os.Handler.handleCallback(Handler.java:873)
        at android.os.Handler.dispatchMessage(Handler.java:99)
        at com.facebook.react.bridge.queue.MessageQueueThreadHandler.dispatchMessage(MessageQueueThreadHandler.java:29)
        at android.os.Looper.loop(Looper.java:214)
        at com.facebook.react.bridge.queue.MessageQueueThreadImpl$4.run(MessageQueueThreadImpl.java:232)
        at java.lang.Thread.run(Thread.java:764)
     Caused by: android.security.KeyStoreException: Signature/MAC verification failed
        at android.security.KeyStore.getKeyStoreException(KeyStore.java:1168)
        at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224)
        at android.security.keystore.AndroidKeyStoreAuthenticatedAESCipherSpi$BufferAllOutputUntilDoFinalStreamer.doFinal(AndroidKeyStoreAuthenticatedAESCipherSpi.java:373)
        at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
        at javax.crypto.Cipher.doFinal(Cipher.java:2055) 
        at expo.modules.securestore.SecureStoreModule$AESEncrypter.decryptItem(SecureStoreModule.java:433) 
        at expo.modules.securestore.SecureStoreModule.readJSONEncodedItem(SecureStoreModule.java:188) 
        at expo.modules.securestore.SecureStoreModule.getItemImpl(SecureStoreModule.java:159) 
        at expo.modules.securestore.SecureStoreModule.getValueWithKeyAsync(SecureStoreModule.java:147) 
        at java.lang.reflect.Method.invoke(Native Method) 
        at org.unimodules.a.c.invokeExportedMethod(ExportedModule.java:97) 
        at org.unimodules.adapters.react.NativeModulesProxy.callMethod(NativeModulesProxy.java:117) 
        at java.lang.reflect.Method.invoke(Native Method) 
        at com.facebook.react.bridge.JavaMethodWrapper.invoke(JavaMethodWrapper.java:372) 
        at com.facebook.react.bridge.JavaModuleWrapper.invoke(JavaModuleWrapper.java:158) 
        at com.facebook.react.bridge.queue.NativeRunnable.run(Native Method) 
        at android.os.Handler.handleCallback(Handler.java:873) 
        at android.os.Handler.dispatchMessage(Handler.java:99) 
        at com.facebook.react.bridge.queue.MessageQueueThreadHandler.dispatchMessage(MessageQueueThreadHandler.java:29) 
        at android.os.Looper.loop(Looper.java:214) 
        at com.facebook.react.bridge.queue.MessageQueueThreadImpl$4.run(MessageQueueThreadImpl.java:232) 
        at java.lang.Thread.run(Thread.java:764)

And the log from the working execution looks like this:

2019-07-31 19:36:52.867 3594-3594/? W/keymaster_tee: [WRN]start nwd_generate_key
2019-07-31 19:36:52.870 3594-3594/? W/keymaster_tee: [WRN]ret OK PARAMS: A32 P0 P1 B32 P1 AR1 S256 2019.07.31,19:36:52.868 
2019-07-31 19:36:52.886 3594-3594/? W/keymaster_tee: [WRN]start nwd_get_key_characteristics
2019-07-31 19:36:52.887 3594-3594/? W/keymaster_tee: [WRN]ret OK PARAMS: A32 P0 P1 B32 P1 AR1 S256 2019.07.31,19:36:52.868 
2019-07-31 19:36:52.895 3594-3594/? W/keymaster_tee: [WRN]start nwd_get_key_characteristics
2019-07-31 19:36:52.897 3594-3594/? W/keymaster_tee: [WRN]ret OK PARAMS: A32 P0 P1 B32 P1 AR1 S256 2019.07.31,19:36:52.868 
2019-07-31 19:36:52.899 3594-3594/? W/keymaster_tee: [WRN]start nwd_get_key_characteristics
2019-07-31 19:36:52.901 3594-3594/? W/keymaster_tee: [WRN]ret OK PARAMS: A32 P0 P1 B32 P1 AR1 S256 2019.07.31,19:36:52.868 
2019-07-31 19:36:52.901 3594-3594/? W/keymaster_tee: [WRN]begin req PARAMS: A32 B32 P1 
2019-07-31 19:36:52.909 3884-3884/? W/keystore: ENTER remove operation from uid 10223

Does anyone knows thats the issue here? I’m using Expo 34.0.3 and expo-secure-store 6.0.0.

2

Issues seems to be gone after upgraded to with newest SDK 34 (34.0.4)

3

Personally I would love to know what the difference is between 34.0.3 and 34.0.4. I can’t find any documentation on the release.

4

The versioning is a little confusing to me (are you talking about the version of the expo package? The latest SDK 34 tag in the expo/react-native repository is sdk-34.0.1) so I find it hard to answer that question :slight_smile: but here are recent changes to the expo package on the sdk-34 branch:

2019-08-08 09:47:20 - Publish expo-branch
2019-08-06 23:12:06 - Update packages (expo@34.0.4)
2019-08-06 15:30:32 - [expo-branch] First 3rd party library unimodule wrapper! (#5165)
2019-07-31 20:56:48 - Allow expo sdk users to clean up old abiVersion js bundles (#4851)
2019-07-30 19:43:23 - Update packages (expo@34.0.3)

So there doesn’t seem to be anything in there related to secure store.

Also there’s nothing recent in the expo-secure-store package.

The only change in the expo/react-native repository between sdk-34.0.0 and sdk-34.0.1 is:

2019-07-23 08:41:02 - [ios13] Add support for Xcode 11's unused attribute

:man_shrugging:

Maybe one of the Expo team members can clarify if there’s anything I’ve missed.

EDIT: See also the CHANGELOG.md from the sdk-34 branch.

5

I have a similar issue. I had an error in using SecureStore or the rendering order was a mess.
here is my suedo code.

componentDidMount = async () => {
  alert('1')
  let OOO = await SecureStore.getItemAsync("OOO.OO.OOO.OOOOOOO");
  alert('2')
  let XXX = await SecureStore.getItemAsync("XXX.XX.XXX.XXX");
}
// I expected 1,2, but 2,1 came out.

I’m using SecureStore 6.0.0 & EXPO sdk 34.0.3 too. maybe it’s because of an error in the middle of SecureStore.

6

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.