Skip to content

🐞Bug with encryption  #58

Description

@Fi5t

I faced a strange bug when tried to work with two instances of this shared preferences. I use Tink as an encryption engine with your library and want to show you some unexcepted behavior when they work together.

P.S. Sorry for the Kotlin :D

        try {
            TinkConfig.register()
        } catch (e: GeneralSecurityException) {
            throw RuntimeException(e)
        }

        val keysetHandle = AndroidKeysetManager.Builder()
            .withSharedPref(this, KEYSET_NAME, PREFERENCE_FILE)
            .withKeyTemplate(AeadKeyTemplates.AES256_GCM)
            .withMasterKeyUri(MASTER_KEY_URI)
            .build()
            .keysetHandle

        val aead = AeadFactory.getPrimitive(keysetHandle)

        val bpInstance1 = BinaryPreferencesBuilder(this)
            .name("main_file")
            .valueEncryption(TinkValueEncryption(aead, "good_data".toByteArray()))
            .build()

        val bpInstance2 = BinaryPreferencesBuilder(this)
            .name("main_file")
            .valueEncryption(TinkValueEncryption(aead, "bad_data".toByteArray()))
            .build()

        bpInstance1.edit {
            putString("my_key", "bug")
        }

        val result = bpInstance2.getString("my_key", "no bug")

I expect to see "GeneralSecurityException" or "no_bug" in the result variable, but I see "bug" there. It's wrong behavior, because I set the different associated data for each instance. Any ideas?

I've prepared a repository to reproduce this bug. Please, check it out and tell me where I was wrong =)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions