Comments (10)
inktomi
commented on June 1, 2024
I'm torn on even really keeping this open. It's valid to throw ClassCastException if the value of a key is not a number according to SharedPreferences, butI feel like it would be less likely to actually happen as above since the values are not written to Strings before saving and so you won't be actually saving "null".
from secure-preferences.
cermakcz
commented on June 1, 2024
This seems like the same issue as #32.
From what Scott said, it seems like it's not about actually passing null to putInt, but more like putInt internally fails during encryption and stores null instead, which is a real problem.
from secure-preferences.
mkaarthick
commented on June 1, 2024
Any workaround?
from secure-preferences.
cermakcz
commented on June 1, 2024
Actually my problem wasn't that null was written, but that the key used for encrypting/decrypting changed, thus it wasn't possible to decrypt the value, null was returned and ClassCastException was raised. The key changed because it was salted with ANDROID_ID, which changed, even though it shouldn't. I don't know why it did, or if it was on some rooted device and someone changed it manually. Anyway, the default implementation also uses ANDROID_ID for salt, so keep it in mind.
from secure-preferences.
scottyab
commented on June 1, 2024
Hey @cermakcz , it should get the device's Serial number if that's empty for some reason it falls back to the Android_ID. The serial should stay statis AFAIK, Saying that the Android_ID isn't the most ideal fallback as it'd has been known to change.
@inktomi I guess workaround is for the getInt method to check the type before casting and rather than throw classcast instead return null. I'm also looking at cermakcz@502eee6 proposed change that might help stop this occuring.
from secure-preferences.
gauravniv
commented on June 1, 2024
Hey @scottyab any timeline on the availability of the fix? Sorry to be a bother , but I have been using the library from a long time and the crashes due to this issue are piling up now. As a work around for now I've stopped storing ints and storing strings instead!
from secure-preferences.
oseparovic
commented on June 1, 2024
I'm still seeing this as well on 0.1.4. It's fairly rare though for whatever reason.
This is the relevant section of the stacktrace:
Caused by: java.lang.ClassCastException:
at com.securepreferences.SecurePreferences.getInt (SecurePreferences.java:389)
From the lib source code this happens when return Integer.parseInt(decrypt(encryptedValue)); causes a NumberFormatException.
For performance reasons I've created a singleton out of our secure preferences as running the constructor can be very slow so I want to do that as little as possible:
public static SharedPreferences getSecurePreferencesRef(Context context) {
if (sharedPreferences == null) {
sharedPreferences = new SecurePreferences(context, <key>, <xml>);
}
return sharedPreferences;
}
Any suggestions would be appreciated. I tried updating to v0.1.5 or v0.1.6 from jitpack but installing overtop an existing app with 0.1.4 using either of those new versions reset all of our secure preferences.
from secure-preferences.
gauravniv
commented on June 1, 2024
One possible solution to this is to stop using the getInt method altogether. I have created a wrapper that creates an object for every shared pref int operation, that object holds the default value expected. When reading/writing to prefs just perform a string operation (read and parse to int/ String.valueOf(int) when writing) rather than int, catch the exceptions being thrown yourself, and return default value if exception happens. Worked for me so far!
from secure-preferences.
gauravniv
commented on June 1, 2024
public class IntPreference {
private final SharedPreferences preferences;
private final String key;
private final int integerDefaultValue;
private final String defaultValue;
//using String because of getInt issues mentioned here:
// #37
public IntPreference(final SharedPreferences preferences, final String key) {
this(preferences, key, -1);
}
public IntPreference(
final SharedPreferences preferences,
final String key,
final int defaultValue) {
this.preferences = preferences;
this.key = key;
this.integerDefaultValue = defaultValue;
this.defaultValue = String.valueOf(defaultValue);
}
public void delete() {
preferences.edit().remove(key).apply();
}
public int get() {
int finalData = integerDefaultValue;
String prefData = preferences.getString(key, defaultValue);
try {
finalData = Integer.parseInt(prefData);
} catch (ClassCastException | NumberFormatException | NullPointerException ex) {
Timber.e(ex.getMessage());
}
return finalData;
}
public boolean isSet() {
return preferences.contains(key);
}
public void set(final int value) {
preferences.edit().putString(key, String.valueOf(value)).apply();
}
}
from secure-preferences.
oneHamidreza
commented on June 1, 2024
i've found problem. if your key has digit then this exception happend. just remove digit from your KEY
from secure-preferences.
Related Issues (20)
- Fix getAll method to return the correct value for StringSet. HOT 2
- AndroidQ will no longer support android.preference. HOT 1
- Android 10 - android.preference deprecated HOT 1
- Security alert on our production app on google play console
- Android Canary 3.6 not building HOT 3
- Value can't be saved when put value after clear() and kill app in background. HOT 1
- DeterministicAeadFactory.java line 13
- Flutter HOT 1
- How to use sharedPreference in flutter to stay user loggedin in flutter using a setBool and GetBool HOT 2
- [ERROR:flutter/lib/ui/ui_dart_state.cc(186)] Unhandled Exception: MissingPluginException(No implementation found for method getAll on channel plugins.flutter.io/shared_preferences)
- java.security.KeyStoreException: the master key android-keystore://_androidx_security_master_key_ exists but is unusable
- Create tag 0.1.7 HOT 1
- SecurePreferences.getString() throws java.lang.IllegalStateException HOT 1
- Crashing in API 28 (Android Pie) s== null (DO NOT USE THIS LIBRARY, it is completely broken) HOT 22
- Does this library needs to update the TragetSDKversion to 26? HOT 1
- After upgrade Android OS Version 9 (pie) the values are not stored and retrieved. HOT 5
- all sharedPrefrences remove after app crash's
- Security Scan failed
- securePref.getAll() return map where only values decrypted and keys encrypted HOT 1
- After updating to Android Q, i am not able to retrieve the data from the Secure preferences? HOT 10
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from secure-preferences.