flutter_secure_storage: 3.1.0: Failed to unwrap key
I did the upgrade to 3.1.0 from 3.0.0. Execution worked just fine, however after cleaning the app data and reinstalling the app this error showed up - which strikes me as odd.
E/FlutterSecureStoragePl(10643): Registration failed
E/FlutterSecureStoragePl(10643): java.security.InvalidKeyException: Failed to unwrap key
E/FlutterSecureStoragePl(10643): at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineUnwrap(AndroidKeyStoreCipherSpiBase.java:682)
E/FlutterSecureStoragePl(10643): at javax.crypto.Cipher.unwrap(Cipher.java:2121)
E/FlutterSecureStoragePl(10643): at com.it_nomads.fluttersecurestorage.ciphers.RSACipher18Implementation.unwrap(RSACipher18Implementation.java:46)
E/FlutterSecureStoragePl(10643): at com.it_nomads.fluttersecurestorage.ciphers.StorageCipher18Implementation.<init>(StorageCipher18Implementation.java:48)
E/FlutterSecureStoragePl(10643): at com.it_nomads.fluttersecurestorage.FlutterSecureStoragePlugin.<init>(FlutterSecureStoragePlugin.java:46)
E/FlutterSecureStoragePl(10643): at com.it_nomads.fluttersecurestorage.FlutterSecureStoragePlugin.registerWith(FlutterSecureStoragePlugin.java:33)
E/FlutterSecureStoragePl(10643): at io.flutter.plugins.GeneratedPluginRegistrant.registerWith(GeneratedPluginRegistrant.java:33)
E/FlutterSecureStoragePl(10643): at de.ffuf.uffl2.MainActivity.onCreate(MainActivity.kt:11)
E/FlutterSecureStoragePl(10643): at android.app.Activity.performCreate(Activity.java:6998)
E/FlutterSecureStoragePl(10643): at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1230)
E/FlutterSecureStoragePl(10643): at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2899)
E/FlutterSecureStoragePl(10643): at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:3046)
E/FlutterSecureStoragePl(10643): at android.app.ActivityThread.-wrap11(Unknown Source:0)
E/FlutterSecureStoragePl(10643): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1688)
E/FlutterSecureStoragePl(10643): at android.os.Handler.dispatchMessage(Handler.java:105)
E/FlutterSecureStoragePl(10643): at android.os.Looper.loop(Looper.java:164)
E/FlutterSecureStoragePl(10643): at android.app.ActivityThread.main(ActivityThread.java:6798)
E/FlutterSecureStoragePl(10643): at java.lang.reflect.Method.invoke(Native Method)
E/FlutterSecureStoragePl(10643): at com.android.internal.os.Zygote$MethodAndArgsCaller.run(Zygote.java:240)
E/FlutterSecureStoragePl(10643): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:767)
E/FlutterSecureStoragePl(10643): Caused by: javax.crypto.IllegalBlockSizeException
E/FlutterSecureStoragePl(10643): at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:519)
E/FlutterSecureStoragePl(10643): at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineUnwrap(AndroidKeyStoreCipherSpiBase.java:680)
E/FlutterSecureStoragePl(10643): ... 19 more
E/FlutterSecureStoragePl(10643): Caused by: android.security.KeyStoreException: Unknown error
E/FlutterSecureStoragePl(10643): at android.security.KeyStore.getKeyStoreException(KeyStore.java:695)
E/FlutterSecureStoragePl(10643): at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224)
E/FlutterSecureStoragePl(10643): at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)
E/FlutterSecureStoragePl(10643): ... 20 more
I/FlutterActivityDelegate(10643): onResume setting current activity to this
Syncing files to device ONEPLUS A3003...
E/flutter (10643): [ERROR:topaz/lib/tonic/logging/dart_error.cc(16)] Unhandled exception:
E/flutter (10643): MissingPluginException(No implementation found for method read on channel plugins.it_nomads.com/flutter_secure_storage)
E/flutter (10643): #0 MethodChannel.invokeMethod (package:flutter/src/services/platform_channel.dart:278:7)
E/flutter (10643): <asynchronous suspension>
E/flutter (10643): #1 FlutterSecureStorage.read (package:flutter_secure_storage/flutter_secure_storage.dart:16:24)
E/flutter (10643): <asynchronous suspension>
E/flutter (10643): #2 AuthService.getAccessToken (package:uffl/network/auth_service.dart:107:37)
E/flutter (10643): <asynchronous suspension>
E/flutter (10643): #3 _RegisterPageState.initState (package:uffl/feature/intro/RegisterPage.dart:42:17)
E/flutter (10643): #4 StatefulElement._firstBuild (package:flutter/src/widgets/framework.dart:3751:58)
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Reactions: 2
- Comments: 19 (5 by maintainers)
As I Understand the issue: Data is stored encrypted in shared prefs. Private key to decrypt the key — in keystore. Shared prefs are restored from backup, but keystore isn’t. So it’s technically impossible to decrypt data , if the key is lost. Another way to handle this — throw exception and let the app delete old data.
I know this issue is closed but after reading both the read.me and this issue it’s not clear to me if my intended use case will work with this package;
Goal
Disabling automatic backup would clearly not be a good idea in this case.
This still happens on v3.1.2 and only in release mode
@ernestomar workaround worked for me. Setting
android:allowBackup="false"application attribute onandroid/app/src/main/AndroidManifest.xml.Ok thanks for the clarification. Catching the exception and then deleting shared prefs data is exactly what we implemented atm.
@geeky-dawood How did you able to solve it, only by disabling backup?
Lol, how dare I call myself a developer.
Disabling the backup for android will prevent the crash, but I was wondering if there is a more suitable approach we can take for when we want to keep the ‘allow backup’ option for Android enabled while also using this plugin?