[Bug]: Keystore issue, won't allow data restore on rooted devices.

[ThatAnnoyingVegan]

Guidelines

• I have encountered this bug in the latest release of AstraCrypt.
• I have searched the issue tracker for open and closed issues that are similar to the bug report I want to file, without success.
• This issue contains only one bug.

Describe the bug

1. Install AstraCrypt.
2. Add some files to it.
3. Backup the app data (requires root access) I use Neobackup.
4. Now delete AstraCrypt, and restore the backed up data and app.
5. Upon opening AstraCrypt crashes immediately.

Crash log
javax.crypto.AEADBadTagException
at android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:611)
at javax.crypto.Cipher.doFinal(Cipher.java:2114)
at W2.a.b(SourceFile:33)
at M2.k.d(SourceFile:36)
at H5.b.a(SourceFile:26)
at K5.k.a(SourceFile:364)
at K5.j.q(SourceFile:13)
at U6.a.o(SourceFile:9)
at o7.G.run(SourceFile:115)
at F0.e0.g0(SourceFile:7)
at F0.d0.run(SourceFile:3)
at android.os.Handler.handleCallback(Handler.java:942)
at android.os.Handler.dispatchMessage(Handler.java:99)
at android.os.Looper.loopOnce(Looper.java:201)
at android.os.Looper.loop(Looper.java:288)
at android.app.ActivityThread.main(ActivityThread.java:7918)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:550)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:936)
Suppressed: t7.e: [F0.F0@d1dfaed, T.g@8863d22, q0{Cancelling}@21493b3, e0@7359d70]
Caused by: android.security.KeyStoreException: Signature/MAC verification failed (internal Keystore code: -30 message: In KeystoreOperation::finish

Caused by:
0: In finish: KeyMint::finish failed.
1: Error::Km(ErrorCode(-30))) (public error code: 10 internal Keystore code: -30)
at android.security.KeyStore2.getKeyStoreException(KeyStore2.java:369)
at android.security.KeyStoreOperation.handleExceptions(KeyStoreOperation.java:78)
at android.security.KeyStoreOperation.finish(KeyStoreOperation.java:128)
at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer$MainDataStream.finish(KeyStoreCryptoOperationChunkedStreamer.java:228)
at android.security.keystore2.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:181)
at android.security.keystore2.AndroidKeyStoreAuthenticatedAESCipherSpi$BufferAllOutputUntilDoFinalStreamer.doFinal(AndroidKeyStoreAuthenticatedAESCipherSpi.java:396)
at android.security.keystore2.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:603)
... 18 more

Expected behaviour

Keystore is redundant IMO, because AstraCrypt already would have a master key set by the users.

AstraCrypt Version

v2.1.0

Device + OS

PocoPhone F1, Android 13.1

OS Modifications

No

Last Known Working AstraCrypt Version (If Any)

No response

Additional Information

No response

[gromif]

Hi! That's actually the intended behaviour. AstraCrypt protects user data not only by encrypting files but also by ensuring that keys are securely stored in hardware (when available). It would be a security issue if encryption keys were explicitly exposed inside application data.

The Android Keystore system is used to store master keys that encrypt keystores within the application data, which are then used to encrypt user data. Keys from the Android Keystore can't be exported by root apps (presumably), especially if a dedicated hardware chip is used. If a user uninstalls the app or erases its storage, the OS will wipe the Keystore subsystem for AstraCrypt.

Authentication is optional and disabled by default. Instead, the app relies on hardware/software security mechanisms. By default, authentication only verifies the correct password by comparing hashes (i.e., it’s not involved in the encryption process). Users can optionally bind their password to the entire encryption chain:

1. Master key in the Android Keystore
2. Keystore inside application data
3. Database (file info, folder structure, notes, etc.)
4. Settings
5. Files/Notes

Instead of modifying the current encryption logic, it would be better to open a separate feature request for implementing an Android Keystore backup/restore mechanism. I'll leave this issue open because the app should properly handle the absence of master keys.

[gromif]

Actually, it would be even better to have several options for that. Implementing such functionality will require an optional authentication setup process. So, there should be an initial setup process that allows users to configure the application's security the way they want.