What is expected?
after setting a password for backups, it should work
What does happen instead?
No encrypted backup possible
That is strange, I just tried it on my phone and it worked. Could you get me a logcat?
I'm not at home the next days and i dont have root. Can i create a log?
Sadly I don't think so. All methods I know require root or access to a PC with adb on it.
Here the log:
andotp.txt
Thanks, I will have a look on Monday (I'm not at home over the weekend).
Seems like a KeyStore error again ...
Currently the backup password is stored encrypted with a key from the KeyStore to keep it save.
I will have to figure something else out for the next version but I really don't have an idea on how to do this better. Any hints are welcome.
I see two ways of doing this:
And the quick and dirty fix would be to manually ask the user to enter a backup password just in case the loading from the KeyStore fails (or no password is set in the settings). I'll need some opinions on this.
Use Database Password would be good. As quick fix a manually Input is fine.
Ok I've had some thoughts on this, I'll note them down both to make sure I dont forget andfor anyone to point out any mistakes.
So this issue occurs because the keystone fails to give a reliable key (same as issue 16) which means the backup password can't be decrypted
Given that the keystone would be failing in this case it's reasonable to assume the user would be set to use pin/PW encryption, for which the broadcasts aren't supported amyway
Therefore I feel like if the user has set PW/pin as their encryption method we should use this to encrypt anything within the app and never use the keystone, this would also require showing a warning toast/popup if the keystone based backup failed
Sadly LineageOS doesnt fix the keystore problem yet..how is the status for create the password workaround?
Sadly I don't have much time (basically no time at all) to spend on andOTP at the moment (hopefully it will get better soon). Until then you can either use OpenKeychain to create PGP encrypted backups or use plain backups and encrypt them afterwards with a 3rd party app.
@beerisgood I just implemented the manual password entry as fallback. Would you mind testing a build? It would install as separate app so it won't interfere with your existing andOTP installation.
@flocke Sure!
Closed? Also where can i find this build
I closed it because I implemented the password fallback we discussed and I probably won't be changing the encryption of the password in the settings as I want to focus on re-writing the entire app from scratch. Feel free to reopen the issue if something comes up during your tests.
You can find the test build here: https://cloud.shadowice.org/s/ApMBq5jyYkA2t2f (Github won't allow me to upload APK files here).
The fix works great in LineageOS 15.1 (Android 8.1)!
Ah okay. Good News too!