Expo 30 Stand Alone app - error decrypting Keystore on a few Android devices running Android 8.1.0


#1

When we uninstall and re-install our standalone app and then try to access the Android 8.1.0 Keystore, we’re getting the following exception thrown in the logs:

10-12 15:56:37.716  1793  1887 I ReactNativeJS: { [Error: Could not decrypt the item in SecureStore]
10-12 15:56:37.716  1793  1887 I ReactNativeJS:   framesToPop: 1,
10-12 15:56:37.716  1793  1887 I ReactNativeJS:   code: 'E_SECURESTORE_DECRYPT_ERROR',
10-12 15:56:37.716  1793  1887 I ReactNativeJS:   line: 148,
10-12 15:56:37.716  1793  1887 I ReactNativeJS:   column: 1889,
10-12 15:56:37.716  1793  1887 I ReactNativeJS:   sourceURL: '/data/user/0/com.trinet.mobilev7/files/30.0.0/cached-bundle-experience-%40trinet%2Fmobilev7-737969915-30.0.0' }

The current workaround is to go into Device Settings > Apps & Notifications > See All Apps > Our App > Clear Data. However, we require our device UUID to be cached in the Keystore (we’re using to identify devices in our backend for our Push Notification service) so that it persists between re-installations. This works fine on other versions of Android (and also iOS) except 8.1.0.

The following devices are giving errors:

  • Nexus 5X
  • Samsung S9
  • Xiaomi

Is there any fix that can be done using the Expo SDK to fix this or will we have to wait till the next version of Expo for a fix?


#2

SecureStore stores encrypted data, and it uses the Android Keystore to securely store the encryption/decryption keys, but it does not store data in the Keystore. This is what allows it to store larger pieces of data that won’t fit in the Keystore, plus the Keystore is for keys.

Generally Google has been moving to make Android more secure, so if this changed in an OS update, it could be that uninstalling an app now clears the keystore, whereas before it didn’t.


#3

@ide
This error seems to be specific to android 8.1.
Is there a way to persist data across multiple re-installations of the app?
I tried writing it into the file system but it seems to wipe off the data from internal storage on app uninstallation. Is there a way to store data into the external storage of the device?
If not, is there any other unique-identifier of the device that I can use that would remain constant when the app is reinstalled? Like for instance IMEI ?


#4

Solved this by using uuid/v5 and generating a custom UUID based on Login ID + Device Model.


closed #5

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.