SecureStore - Error: Set value has encountered an error

Hey there,

Have been using SecureStore to store some key information (which is already encrypted, but belt and braces…). Works great on iOS - but on Android, I’m getting a problem during a call to SecureStore.setValueWithKeyAsync(value, key). This function has already worked once in this code block, so I know it works. The key is good and follows the rules. The value is a blob of encrypted junk from CryptoJS.AES toString’d.

The message is simply “Set value has encountered an error.” Any thoughts? Should I just bail and use AsyncStorage when on Android?

-pete

Just a bump: same issue here with the same error on Android (iOS is fine though).

Hey Nick, I ended up encrypting and using AsyncStore on Android. Drag to have to be checking Platform.OS in this kind of code, though.

Thanks, Pete! Glad you found a workaround. I believe we have a fix for this coming in SDK 21.

Thanks for the update re: fix, @thetc. Do you have an estimated time of arrival for SDK21?

-pete

Always depends on how quick the Apple review goes, but hopefully next week.

Gotcha - thanks.

Say, @thetc, is there a security writeup of the SecureStore anywhere that allows someone to understand just how secure it is? The docs talk about an device/app/installation specific key - but practically how difficult would it be to crack it based on a compromised phone, or copy of phone backup data, or…? Has anyone done an analysis of each of the platforms?

Thanks,
pete

Hi @yarrumretep, if you’d like to learn more about SecureStore, reading the code is the best way:

Android: https://github.com/expo/expo/blob/master/android/expoview/src/main/java/versioned/host/exp/exponent/modules/api/SecureStoreModule.java
iOS: https://github.com/expo/expo/blob/master/ios/Exponent/Versioned/Modules/Api/EXSecureStore.m