-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
onSecureHardwareNotAvailable false positives with freeRASP 6.0.0 #77
Comments
Hello @olexale , thank you for reporting this issue! We are looking into it at this moment. Kind regards, |
Hi @olexale, We located one bug regarding this issue, but it only occurs on Android 12 and 13. For API 31 and above, we used this new flag that should indicate whether the device has a hardware keystore. The flag return value is not consistent with the KeyInfo#getSecurityLevel() that we used before. We reverted this change, and the bug should be fixed. For API 30 and below, the functionality remains the same. We are still using the same method KeyInfo#isInsideSecureHardware(). I tried to look into the logs for any outliers, and my first assumption is that the device you mentioned does not have hardware-backed keystore. Unfortunately, I wasn't able to find any official list or documentation that would support this hypothesis, and we do not have this device available to test it.
Best regards, |
Hello @msikyna, We will give it a try soon. I'll get back to you with the results. Kind regards, |
Hello @olexale , Kind regards, |
Hello @msikyna, Thanks for getting back! I don't see this error in recent logs, so I assume it is fixed. Best regards, |
Describe the bug
We are getting many
onSecureHardwareNotAvailable
callbacks on Android with freeRASP 6.0.0 on devices that work fine with freeRASP 5.0.4. I assume they are false positives caused by some changes in the latest update.To Reproduce
Upgrade to freeRASP 6, run the app.
Expected behavior
freeRASP doesn't trigger this event.
Please complete the following information:
The text was updated successfully, but these errors were encountered: