-
Notifications
You must be signed in to change notification settings - Fork 73
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Not working on Android Xiaomi MI A1 #55
Comments
Not sure it is related to the plugin but more to the device itself. But it is true that this is happening a lot on Android devices. The only thing that seems to make it work is to screen lock the device and unlock using pin (not biometrics). Does anybody have better solution than that ? |
I have already tried setting unlock using pin but it is still not working... |
While i am not using this plugin anymore and the stacktrace i will post is old, it should give some insight in the issue. If i remember correctly (i have a Mi A1 here if needed), the issue was the following combination:
In this case, Crypho's original plugin failed with following stacktrace:
I suspect the issue is on firmware level, and because Mi A1 is an 'obsolete' phone, the bug is unlikely to be fixed on HW level. If someone has some demo application source code i can build with current version of this plugin, i am willing to test out if it is still the case. |
@faugusztin yeah it seems to be a recurrent issue with low price brand phones. Did you find any plugin that could replace this one? This plugin have been the core of lot of issues we have, so we are really considering moving out of it. |
Unfortunately my answer won't help you - we reconsidered if we really needed secure storage (we did not), so we just save the few client side settings in JSON file (as local storage in browser could be wiped if disk space is an issue). You could still keep using this plugin on compatible phones, and via phone model detection add an alternative, maybe a bit less secure storage (like the JSON file i mentioned above) for phones with issues. Unless there is a magic combination of settings which could make this plugin work on Mi A1, that is your best alternative. |
More detailed description of what happens (created a minimal case by creating a new cordova project, adding the secure storage plugin to it, then adding the android platform, adding the "Create a namespaced storage." example from the documentation to www/js/index.js of the default Cordova project).
In code it runs like this:
Then i tried to use a different alias (to generate new keys) and with the following options:
Same result. As i said, i suspect a firmware bug on Xiaomi Mi A1, which somehow breaks RSA decryption (or the keys) in case fingerprint unlock is enabled. Without fingerprint unlock, the code works just fine. |
The only alternative to consider on plugin's side is to have a list of devices which are not compatible with userAuthenticationRequired setting, and for those drop those two settings (setUserAuthenticationRequired and setUserAuthenticationValidityDurationSeconds) in https://github.com/mibrito707/cordova-plugin-secure-storage-echo/blob/master/src/android/RSA.java#L48. Without those two settings, there keys work fine for the encryption test, but obviously do not trigger the need for secure unlock and do not get invalidated in case of security modifications, like enrolling a new fingerprint or disabling the secure lock, which is a drawback. On other side, at least it would make the plugin usable on those devices. |
Thanks @faugusztin, I opted for another way and designed a solution to remove the plugin as well. I tried to upgrade it and use the setUserAuthenticationValidityDurationSeconds up to 1 month, it got somehow worse... so better moving out of this than keeping it. |
On Xiaomi MI A1 the plugin is still not working.
The constructor
new cordova.plugins.SecureStorage()
fails with error:The text was updated successfully, but these errors were encountered: