Expo-在Android 8.1.0上重新安装App后访问Keystore时出错
[英]Expo - error accessing Keystore after re-installation of App on Android 8.1.0
问题描述
When we uninstall and re-install our standalone app, we're getting the following exception thrown in the logs when we try to access the Android Keystore again via Expo.SecureStore: 
当我们卸载并重新安装独立应用程序时,当我们尝试通过Expo.SecureStore再次访问Android Keystore时,日志中将引发以下异常:
10-12 15:56:37.716 1793 1887 I ReactNativeJS: { [Error: Could not decrypt the item in SecureStore]
10-12 15:56:37.716 1793 1887 I ReactNativeJS: framesToPop: 1,
10-12 15:56:37.716 1793 1887 I ReactNativeJS: code: 'E_SECURESTORE_DECRYPT_ERROR',
10-12 15:56:37.716 1793 1887 I ReactNativeJS: line: 148,
10-12 15:56:37.716 1793 1887 I ReactNativeJS: column: 1889,
10-12 15:56:37.716 1793 1887 I ReactNativeJS: sourceURL: '/data/user/0/com.trinet.mobilev7/files/30.0.0/cached-bundle-experience-%40trinet%2Fmobilev7-737969915-30.0.0' }
The current workaround is to go into Device Settings > Apps & Notifications > See All Apps > Our App > Clear Data. 当前的解决方法是进入“设备设置”>“应用和通知”>“查看所有应用”>“我们的应用”>“清除数据”。 However, we require our device UUID to be cached in the Keystore (we're using to identify devices in our backend for our Push Notification service) so that it persists between re-installations. 但是,我们要求将设备UUID缓存在Keystore中(我们正在使用它来标识推送通知服务的后端设备),以便在重新安装之间保持不变。 This works fine on other versions of Android (and also iOS) except 8.1.0. 在8.1.0以外的其他版本的Android(以及iOS)上,此功能都可以正常运行。
The following devices are giving errors: 以下设备出现错误:
- Nexus 5X Nexus 5X
- Samsung S9 三星S9
- Xiaomi 小蜜
Is there any fix that can be done using the Expo SDK to fix this or will we have to wait till the next version of Expo for a fix? 使用Expo SDK可以解决此问题吗?还是要等到下一版本的Expo才能解决此问题?
2 个解决方案
解决方案1
0 2018-10-15 16:07:39
I looked at the AOSP source. 我查看了AOSP的来源。 AFAICT the code to remove the keystore entries associated with an app when that app is removed has been there since ~2013 (which is around when Android started providing the keystore service). 自2013年以来,一直存在用于删除与该应用程序关联的密钥库条目的代码(自Android以来(大约在Android开始提供密钥库服务时))。 See the method removeKeystoreDataIfNeeded() in PackageManagerService . 请参见PackageManagerService的方法removeKeystoreDataIfNeeded() 。
Just common sense wise, it doesn't make much sense to retain keystore entries created by an app when that app is removed. 只是常识,在删除应用程序时保留由该应用程序创建的密钥库条目并没有多大意义。
we require our device UUID to be cached in the Keystore
Android is constantly making improvements to prevent apps from doing just that. Android不断进行改进,以防止应用程序执行此操作。 As a regular app, you should not be able to track a device across installs of your app. 作为常规应用程序,您不应能够跨应用程序安装跟踪设备。 You should not be able, and ethically you should not try. 您不应该这样做,从道德上讲,您不应该尝试。 A user has the right to "be forgotten" by your app if they uninstall your app. 如果用户卸载了应用,则有权将其“遗忘”。 If you want to re-associate your app your system should have some sort of login that makes it an explicit choice by the user to re-associate with your system. 如果您想重新关联您的应用程序,您的系统应该具有某种登录名,这使用户可以明确选择重新登录到您的系统。 You can read more about that here: https://developer.android.com/training/articles/user-data-ids 您可以在这里阅读有关此内容的更多信息: https : //developer.android.com/training/articles/user-data-ids
解决方案2
0 2019-05-19 07:59:40
Try clearing residual data on your mobile device. 尝试清除移动设备上的残留数据。 Mist probably you have stored something by running your app and it isn't cleared at the time of uninstall. 薄雾很可能是您通过运行应用程序存储的内容,并且在卸载时不会清除。
Clear not just cache, but residual data as well. 不仅清除缓存,还清除残留数据。
Hope this helps. 希望这可以帮助。 :) :)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.