Gmscore: java.lang.IllegalArgumentException: cipherSuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is not supported
The SBB app login works (see #854), but after login, no connection to the backend service is possible. Error:
07-04 10:43:34.920 15984 16404 E AndroidRuntime: FATAL EXCEPTION: AsyncTask #3
07-04 10:43:34.920 15984 16404 E AndroidRuntime: Process: ch.sbb.mobile.android.b2c, PID: 15984
07-04 10:43:34.920 15984 16404 E AndroidRuntime: java.lang.RuntimeException: An error occurred while executing doInBackground()
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at android.os.AsyncTask$3.done(AsyncTask.java:354)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at java.util.concurrent.FutureTask.finishCompletion(FutureTask.java:383)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at java.util.concurrent.FutureTask.setException(FutureTask.java:252)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at java.util.concurrent.FutureTask.run(FutureTask.java:271)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:245)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at java.lang.Thread.run(Thread.java:764)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: Caused by: java.lang.IllegalArgumentException: cipherSuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 is not supported.
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at org.conscrypt.NativeCrypto.checkEnabledCipherSuites(NativeCrypto.java:1082)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at org.conscrypt.SSLParametersImpl.setEnabledCipherSuites(SSLParametersImpl.java:221)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at org.conscrypt.ConscryptFileDescriptorSocket.setEnabledCipherSuites(ConscryptFileDescriptorSocket.java:730)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.ConnectionSpec.apply(SourceFile:5)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.OkHttpClient$1.apply(SourceFile:1)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.connection.ConnectionSpecSelector.configureSecureSocket(SourceFile:6)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.connection.RealConnection.connectTls(SourceFile:6)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.connection.RealConnection.establishProtocol(SourceFile:9)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.connection.RealConnection.connect(SourceFile:15)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.connection.StreamAllocation.findConnection(SourceFile:36)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.connection.StreamAllocation.findHealthyConnection(SourceFile:1)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.connection.StreamAllocation.newStream(SourceFile:6)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.connection.ConnectInterceptor.intercept(SourceFile:5)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:10)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:1)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.cache.CacheInterceptor.intercept(SourceFile:22)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:10)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:1)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.http.BridgeInterceptor.intercept(SourceFile:22)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:10)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(SourceFile:9)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:10)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:1)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.RealCall.getResponseWithInterceptorChain(SourceFile:13)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at okhttp3.RealCall.execute(SourceFile:8)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at ch.sbb.spc.E$b.a(SourceFile:3)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at ch.sbb.spc.E$b.doInBackground(SourceFile:1)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at android.os.AsyncTask$2.call(AsyncTask.java:333)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: at java.util.concurrent.FutureTask.run(FutureTask.java:266)
07-04 10:43:34.920 15984 16404 E AndroidRuntime: ... 4 more
I'm not entirely sure if this needs to be / can be fixed in microG. If this error doesn't have anything to do with microG, feel free to close this issue.
tobru
All 10 comments
Hmm... @mar-v-in this may be fixed by bumping the conscrypt dependency to version 2.1.0? consycrypt 2.1.0 includes a fix regarding ChaCha20 and refactoring of OpenSSLCipher.
Not at home to test it, though.
Nanolx
on 4 Jul 2019
This should be fixed in 06c8b765ba6862857b77b5866d17f4e69fa955ac.
Can you try out with https://microg.org/dl/GmsCore-v0.2.8.17785-4-06c8b76.apk please?
mar-v-in
on 5 Jul 2019
This seems like fragile code since it will likely need to change when NativeCrypto changes. If this is already from a static initializer in NativeCrypto anyway, would it be invoked if NativeCrypto is loaded by the class loader? I think it would be good to prevent code duplication if possible. (I haven't actually tried this, so I'm probably completely wrong...)
voidstarstar
on 5 Jul 2019
@voidstarstar I agree that the code duplication isn't perfect and this needs to be tested with every update of Conscrypt. The problem is that the existing static initializer relies on its on library loading code that doesn't work in our case. It would also be possible to modify the class loader and linker such that the library loading code would work, but this would probably be similarly ugly and hard to make it compatible with all android versions.
mar-v-in
on 5 Jul 2019
Ah, that's a shame. Thanks for the explanation. I assume you're talking about NativeCryptoJni for initializing the JNI libraries.
Yea, it looks like things might get a bit messy unless we fully support the native code stuff, so your approach seems reasonable.
voidstarstar
on 5 Jul 2019
Can you try out with https://microg.org/dl/GmsCore-v0.2.8.17785-4-06c8b76.apk please?
I'll do that as soon as possible and provide feedback here. Thanks for your work!
tobru
on 5 Jul 2019
@mar-v-in I can confirm that this is fixed in the preview build, login to SBB now _fully_ works! Thanks a lot for all the effort!
tobru
on 6 Jul 2019
:+1: this fixes the same crash i had with Uber
benwaffle
on 7 Jul 2019
This should be fixed in 06c8b76.
Can you try out with https://microg.org/dl/GmsCore-v0.2.8.17785-4-06c8b76.apk please?
Can confirm this fixed the issue. Also fixed the eBay app which crashed on start.
omyno
on 16 Jul 2019
I confirm that this fix also Garmin Connect application.
Thanks !
be-neth
on 23 Jul 2019
Related issues
mar-v-in
路
3Comments
dos1
路
4Comments
corneliusroemer
路
5Comments
fredddii
路
6Comments
ale5000-git
路
4Comments
Most helpful comment
This should be fixed in 06c8b765ba6862857b77b5866d17f4e69fa955ac.
Can you try out with https://microg.org/dl/GmsCore-v0.2.8.17785-4-06c8b76.apk please?