tink: InvalidProtocolBufferException (Protocol message contained an invalid tag (zero))
In my Android app, I see this exception happening on one device:
Protocol message contained an invalid tag (zero)., com.google.crypto.tink.shaded.protobuf.InvalidProtocolBufferException
Related code where the exception happens (Kotlin code from my Flutter plugin):
.
.
.
"encryptString" -> {
uiScope.launch {
try {
var encryptedDataBase64String: String? = null
withContext(Dispatchers.IO) {
initializeTink()
val applicationId = call.argument<String>("applicationId")
?: throw IllegalArgumentException("applicationId")
val keySetName = call.argument<String>("keySetName")
?: throw IllegalArgumentException("keySetName")
val dataString = call.argument<String>("data")
?: throw IllegalArgumentException("data")
val passwordString = call.argument<String>("password")
val data = dataString.toByteArray(Charsets.UTF_8)
val password = passwordString!!.toByteArray(Charsets.UTF_8)
val keySetHandle = getOrGenerateNewKeysetHandle(applicationContext!!, applicationId, keySetName)
val aead = keySetHandle.getPrimitive(Aead::class.java)
val encryptedData = aead.encrypt(data, password)
encryptedDataBase64String = Base64.encodeToString(encryptedData, Base64.DEFAULT)
}
result.success(encryptedDataBase64String)
} catch (e: Exception) {
Log.e(LOG_TAG, "Exception", e)
result.error(
"Exception",
e.localizedMessage ?: e.message ?: "$e", "$e")
}
}
}
Tink 1.4.0 Device: Huawei P20 / Android 10
This is an user device so I cannot reproduce it myself (I see this from Crashlytics).
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Reactions: 20
- Comments: 15 (4 by maintainers)
Commits related to this issue
- Temp fix for bug in androidx.security https://github.com/google/tink/issues/413 — committed to mirfatif/PermissionManagerX by mirfatif 3 years ago
+1
This has also been reported on the issue tracker (under androidx.security-crypto), but stack traces show Tink is in fact generating the exception when reading encrypted content.
https://issuetracker.google.com/issues/164901843 https://issuetracker.google.com/issues/168238828 https://issuetracker.google.com/issues/167701944 https://issuetracker.google.com/issues/168238828
So far, I’ve only seen reports of crashes on Android 9 & 10.
The issue tracker reports are all related to
security-crypto:1.1.0-alpha02. For me, downgrading to `1.1.0-alpha01’ makes the problem go away. There was a change in the Tink dependency between these two versions:1.1.0-alpha01->tink-android:1.4.0-rc21.1.0-alpha02->tink-android:1.4.0So my conclusion is something broke or regressed between 1.4.0-rc2 and the stable release. Hopefully that helps narrowing down the cause. Meanwhile, if you’re experiencing this crash, it may be a consideration to use 1.4.0-rc2 instead.
androidx.security:security-crypto:1.1.0-alpha03still has this issueDon’t know if this solves the issue for you all, but apparently changing the
fileNameonEncryptedSharedPreferences.createcall to something different solved the problem to me.In my case the issue appeared after updating the crypto version from
1.0.0-rc04to1.1.0-alpha03(I had to extend support to Lollipop). So seems that, with the new version, the old sharedPreferences saved on the phone (working as for1.0.0-rc04on Android M+ devices) was not readable anymore. Here the idea of changing the filename, so I ignore any existing shared preferences (that’s acceptable with the app I’m working on, and it’s way better than crash on launch) and start reading/writing on a new one.androidx.security:security-crypto:1.1.0-alpha04has been released. I haven’t tried it myself since it requirestargetSdk 33, but I will do it as soon as I get a chance to updatetargetSdk.There is a chance that
alpha04fixes this.