"Could not decrypt the item in SecureStore" and rewriting the encryption keys

orteidni · February 10, 2021, 7:33am

Hello! This is a follow-up question to the issue described in https://github.com/expo/expo/issues/1459

SecureStore is saving the data as encrypted to the local storage and keeping the encryption keys in the Android keychain. To my understanding the following problem occurs on a reinstall situation where the encryption keys in the keychain become corrupted or the mechanism to decrypt the data using the keys does not work anymore because of missing data from the previous installation.

In the GitHub conversation the best solution (as I saw it) was to catch the error on getItemAsync and delete the item that we were not able to fetch. My question: is it sufficient to overwrite (setItemAsync) the corrupted data with the same key or should you first delete the data (deleteItemAsync)?

orteidni · February 11, 2021, 5:11pm

After a small test group result; it seems that setItemAsync is enough to replace the “broken” encryption key and to persist the saved and encrypted data (with the same key). To answer my original question: yes.

system · March 13, 2021, 5:12pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Could not decrypt the item in SecureStore Expo SDK	2	1785	June 17, 2018
SecureStore - Error: Set value has encountered an error Expo SDK	7	1215	September 13, 2017
Expo 30 Stand Alone app - error decrypting Keystore on a few Android devices running Android 8.1.0 Expo SDK	4	1084	November 6, 2018
Issue accessing Keystore on Android 8.1.0 after app re-installation Expo SDK	1	556	October 29, 2018
Expo SecureStore custom encyption Expo SDK	1	313	September 22, 2019

"Could not decrypt the item in SecureStore" and rewriting the encryption keys

Related Topics