DEV Community

AJITH KUMAR V
AJITH KUMAR V

Posted on

Android Encrypted Shared Preference access issue from new container

Hello Team,
We have seen an issue related to Android Encrypted Shared Preference access from a different container in Android.
Ours is a custom DPC application, which creates another profile and container in the Android application space. The data will be migrated from personal space to this container during the transition.
In our use case, we create an encrypted shared preference when the application is in the personal space and store some data in it. After the container is created, it migrates the application data from personal space to this new container.
As we know encrypted shared preference is backed with a master key. This master key is accessible, but while trying to get the Encrypted shared preference using the master key, it throws exception like below;
[android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:517),
javax.crypto.Cipher.doFinal(Cipher.java:1794),
com.google.crypto.tink.integration.android.AndroidKeystoreAesGcm.decryptInternal(AndroidKeystoreAesGcm.java:118),
com.google.crypto.tink.integration.android.AndroidKeystoreAesGcm.decrypt(AndroidKeystoreAesGcm.java:101),
com.google.crypto.tink.KeysetHandle.decrypt(KeysetHandle.java:919),
com.google.crypto.tink.KeysetHandle.readWithAssociatedData(KeysetHandle.java:804),
com.google.crypto.tink.KeysetHandle.read(KeysetHandle.java:785),
com.google.crypto.tink.integration.android.AndroidKeysetManager$Builder.readMasterkeyDecryptAndParseKeyset(AndroidKeysetManager.java:381),
com.google.crypto.tink.integration.android.AndroidKeysetManager$Builder.build(AndroidKeysetManager.java:297),
androidx.security.crypto.EncryptedSharedPreferences.create(EncryptedSharedPreferences.java:169),
androidx.security.crypto.EncryptedSharedPreferences.create(EncryptedSharedPreferences.java:130),

Kindly let us know whether this a bug or a security limitation or intended behaviour.

Thank you!

Heroku

Build apps, not infrastructure.

Dealing with servers, hardware, and infrastructure can take up your valuable time. Discover the benefits of Heroku, the PaaS of choice for developers since 2007.

Visit Site

Top comments (0)

Sentry mobile image

Mobile Vitals: A first step to Faster Apps

Slow startup times, UI hangs, and frozen frames frustrate users—but they’re also fixable. Mobile Vitals help you measure and understand these performance issues so you can optimize your app’s speed and responsiveness. Learn how to use them to reduce friction and improve user experience.

Read the guide

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay