[AC-5961] Ti.Identity.Keychain read error in Android

GitHub Issue	n/a
Type	Bug
Priority	n/a
Status	Resolved
Resolution	Not Our Bug
Resolution Date	2019-01-08T21:40:56.000+0000
Affected Version/s	Appcelerator Studio 4.5.0
Fix Version/s	n/a
Components	Titanium SDK & CLI
Labels	android, keychain-access
Reporter	Christian Moss
Assignee	Shak Hossain
Created	2018-10-10T04:57:12.000+0000
Updated	2019-01-09T14:16:38.000+0000

Description

The Ti.Identity.Keychain module throws an error when reading a keychain item. It seems the error is thrown when the text is too long. Steps to reproduce {noformat} var keychainItem = globals.identity.createKeychainItem({ identifier: "myIdentifier" }); keychainItem.addEventListener('save', function(e) { if (e.success == 1) { keychainItem.read(); } }); keychainItem.addEventListener('read', function(e) { console.error("keychain read error", e); }); keychainItem.save("my very long string that isn't really that long but it long enough to cause the issue"); {noformat} error {noformat} no value is returned {"type":"read","source":{"accessControlMode":0,"accessibilityMode":0,"identifier":"myIdentifier","cipher":"AES/CBC/PKCS7Padding","apiName":"ti.touchid.KeychainItem","bubbleParent":true,"_events":{"save":{},"read":{}}},"identifier":"myIdentifier","error":null,"bubbles":false,"success":false,"code":-1,"cancelBubble":false} {noformat}

Comments

Rakhi Mitro 2018-11-29

Hello [~cmoss], Thanks for reporting this. Which's your module version? Can you please test this on 7.5.0.GA again and let us know how it goes. It would be helpful if you can share your complete console log, test steps to reproduce this and environment details here.

Christian Moss 2018-12-08

Hi @Rakhi Mitro yes same on 7.5.0.GA

   var keychainItem = Identity.createKeychainItem({
   		identifier: "myIdentifierNew"
   	});
   
   	keychainItem.addEventListener('save', function(e) {
   
   		if (e.success == 1) {
   			console.log("Keychain saved");
   			keychainItem.read();
   
   		}
   	});
   
   	keychainItem.addEventListener('read', function(e) {
   		if (e.success == 1) {
   			console.log(e.value);
   
   		} else {
   			console.error("keychain read error", e);
   		}
   
   	});
   
   	keychainItem.save("my very long string that isn't really that long but it long enough to cause the issue");

shows error

   [ERROR] keychain read error {"type":"read","source":{"accessControlMode":0,"accessibilityMode":0,"identifier":"myIdentifierNew","cipher":"AES/CBC/PKCS7Padding","apiName":"ti.touchid.KeychainItem","bubbleParent":true,"_events":{"save":{},"read":{}}},"identifier":"myIdentifierNew","error":null,"bubbles":false,"success":false,"code":-1,"cancelBubble":false}

if you change the string ti something short it works heres some info of my environment

   Operating System
     Name                        = Mac OS X
     Version                     = 10.14
     Architecture                = 64bit
     # CPUs                      = 4
     Memory                      = 16.0GB
   
   Node.js
     Node.js Version             = 9.4.0
     npm Version                 = 6.4.1
   
   Appcelerator CLI
     Installer                   = 4.2.13
     Core Package                = 7.0.8
   
   Titanium CLI
     CLI Version                 = 5.1.1
     node-appc Version           = 0.2.44
   
   Titanium SDKs
     7.5.0.GA
       Version                   = 7.5.0
       Install Location          = /Users/a/Library/Application Support/Titanium/mobilesdk/osx/7.5.0.GA
       Platforms                 = iphone, android
       git Hash                  = 2e5a7423d0
       git Timestamp             = 11/15/2018 21:52
       node-appc Version         = 0.2.47
    
   Mac OS X
     Command Line Tools          = installed
   
   Intel® Hardware Accelerated Execution Manager (HAXM)
     Installed                   = yes
     Memory Limit                = 6 GB
   
   Java Development Kit
     Version                     = 1.8.0_131
     Java Home                   = /Library/Java/JavaVirtualMachines/jdk1.8.0_131.jdk/Contents/Home
   
   Genymotion
     Path                        = /Applications/Genymotion.app/Contents/MacOS
     Genymotion Executable       = /Applications/Genymotion.app/Contents/MacOS/genymotion
     Genymotion Player           = /Applications/Genymotion.app/Contents/MacOS/player.app/Contents/MacOS/player
     Home                        = /Users/a/.Genymobile/Genymotion
   
   VirtualBox
     Executable                  = /Applications/VirtualBox.app/Contents/MacOS/VBoxManage
     Version                     = 5.0.10r104061
   
   Android SDK
     Android Executable          = not found
     ADB Executable              = /Users/a/Library/Android/sdk/platform-tools/adb
     SDK Path                    = /Users/a/Library/Android/sdk
   
   Android NDK
     NDK Path                    = /Users/a/Library/Android/android-ndk-r10e
     NDK Version                 = r10e (64-bit)

tested on a android x86emulator 8.1.0

Sharif AbuDarda 2018-12-08

Hello, This is not our issue, this is most likely a native Android keystore issue, this issue is mentioned in this [post| https://stackoverflow.com/questions/27320610/how-can-i-use-the-android-keystore-to-securely-store-arbitrary-strings], Look into the comment by Alamgir Mand. There is nothing we can do about this right now. Thanks.
Christian Moss 2018-12-11

no problem Actually I ended up making myu own module and learnt more about how keystores differ on iOS on Android on iOS you can store large amounts of data such as json strings etc, however on android it generates keys which are storedi n the keystore and is just meant to store keys that you use to encrypt data which is stored in user preferences. so I assume the error is because im storing something larger than a 32/128 bit key etc however I think the ti identity api/docs doesnt reflect this or make it clear so maybe good to mention it as a cavaet?
Rakhi Mitro 2018-12-12

Thanks for your feedback.[~cmoss].

JSON Source