android
android copied to clipboard
Unlock fails if biometric authentication is enabled and the password was changed using a different device
Please agree to the following
- [X] I have searched existing issues for duplicates
- [X] I agree to follow this project's Code of Conduct
Summary
Unlock fails if biometric authentication is enabled and the password was changed using a different device
System Setup
- Android: x
- Cryptomator: 1.6.0-beta4 but also 1.5.x
Cloud Type
No response
Steps to Reproduce
- Add a vault on device a
- Setup biometric authentication for this vault on device a
- Change the password of this vault on device b
- Unlock vault on device a
Expected Behavior
The user should be notified that the vault password has changed in the background. Furthermore the user should be asked to provide the new password which in return will update the stored ciphertext for this vault. If the user don't want to provide the new vault password, biometric authentication will be deactivated for this vault.
Actual Behavior
A toast with "Wrong password" is displayed.
Reproducibility
Always
Relevant Log Output
org.cryptomator.debug D/GetUnverifiedVaultConfigUseCase: started 12ce4b31
org.cryptomator.debug D/ActivityLifecycle: onStart org.cryptomator.presentation.ui.activity.UnlockVaultActivity@6eb5105
org.cryptomator.debug I/ActivityLifecycle: onResume org.cryptomator.presentation.ui.activity.UnlockVaultActivity@6eb5105
org.cryptomator.debug D/ActivityLifecycle: onResumeFragments org.cryptomator.presentation.ui.activity.UnlockVaultActivity@6eb5105
org.cryptomator.debug D/PresenterLifecycle: resume org.cryptomator.presentation.presenter.UnlockVaultPresenter@2535512
org.cryptomator.debug D/GetUnverifiedVaultConfigUseCase: finished 12ce4b31
org.cryptomator.debug D/BackgroundTasks: type:1 all:2 register@ org.cryptomator.domain.usecases.vault.PrepareUnlockUseCase$Launcher#run:70
org.cryptomator.debug D/PrepareUnlockUseCase: started 12ce4b2f
org.cryptomator.debug D/BiometricAuthentication: Show biometric auth prompt
org.cryptomator.debug D/PrepareUnlockUseCase: finished 12ce4b2f
org.cryptomator.debug D/BackgroundTasks: type:0 all:1 unregister@ org.cryptomator.domain.usecases.vault.GetUnverifiedVaultConfigUseCase$Launcher$1#onComplete:72
org.cryptomator.debug D/BackgroundTasks: type:0 all:0 unregister@ org.cryptomator.domain.usecases.vault.PrepareUnlockUseCase$Launcher$1#onComplete:81
org.cryptomator.debug D/BiometricAuthentication: Authentication finished successfully
org.cryptomator.debug D/BackgroundTasks: type:1 all:1 register@ org.cryptomator.domain.usecases.vault.UnlockVaultUsingMasterkeyUseCase$Launcher#run:85
org.cryptomator.debug D/UnlockVaultUsingMasterkeyUseCase: started 12ce4b2d
org.cryptomator.debug D/UnlockVaultUsingMasterkeyUseCase: failed 12ce4b2d
org.cryptomator.debug D/ExceptionHandler: Unexpected error
org.cryptomator.cryptolib.api.InvalidPassphraseException
at org.cryptomator.cryptolib.common.MasterkeyFileAccess.unlock(MasterkeyFileAccess.java:147)
at org.cryptomator.cryptolib.common.MasterkeyFileAccess.load(MasterkeyFileAccess.java:131)
at org.cryptomator.data.cloud.crypto.MasterkeyCryptoCloudProvider$UnlockTokenImpl.getKeyFile(MasterkeyCryptoCloudProvider.kt:290)
at org.cryptomator.data.cloud.crypto.MasterkeyCryptoCloudProvider.unlock(MasterkeyCryptoCloudProvider.kt:97)
at org.cryptomator.data.cloud.crypto.CryptoCloudFactory.unlock(CryptoCloudFactory.java:68)
at org.cryptomator.data.repository.CloudRepositoryImpl.unlock(CloudRepositoryImpl.java:110)
at org.cryptomator.domain.usecases.vault.UnlockVaultUsingMasterkey.execute(UnlockVaultUsingMasterkey.java:42)
at org.cryptomator.domain.usecases.vault.UnlockVaultUsingMasterkeyUseCase$Launcher$2.call(UnlockVaultUsingMasterkeyUseCase.java:117)
at org.cryptomator.domain.usecases.vault.UnlockVaultUsingMasterkeyUseCase$Launcher$2.call(UnlockVaultUsingMasterkeyUseCase.java:111)
at io.reactivex.internal.operators.flowable.FlowableFromCallable.subscribeActual(FlowableFromCallable.java:39)
at io.reactivex.Flowable.subscribe(Flowable.java:14935)
at io.reactivex.Flowable.subscribe(Flowable.java:14882)
at io.reactivex.internal.operators.flowable.FlowableSubscribeOn$SubscribeOnSubscriber.run(FlowableSubscribeOn.java:82)
at io.reactivex.internal.schedulers.ExecutorScheduler$ExecutorWorker$BooleanRunnable.run(ExecutorScheduler.java:288)
at io.reactivex.internal.schedulers.ExecutorScheduler$ExecutorWorker.run(ExecutorScheduler.java:253)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
at java.lang.Thread.run(Thread.java:923)
ErrorCode: 3B21:AK7S
2021-09-23 15:23:08.498 21175-21175/org.cryptomator.debug W/Message: Wrong password
Anything else?
To recover from this problem you need to disable and enable again the biometric authentication for this vault in Cryptomator settings.
If the password is changed on device a, the ciphertext is changed as well so this problem only happens when the vault password is changed on a different device.