fix: BAD_DECRYPT Exception on invalid cipher

[M123-dev]

What

• Fixes: PlatformException: PlatformException(Exception encountered, read, javax.crypto.BadPaddingException: error:1e000065:C... #1121
• Fixes: Infinite account loading spinner because the app can't access the credentials anymore #1311

[codecov-commenter]

Codecov Report

Merging #1730 (1a27153) into develop (2ea0da3) will decrease coverage by 0.59%.
The diff coverage is 0.64%.

@@            Coverage Diff             @@
##           develop   #1730      +/-   ##
==========================================
- Coverage     8.86%   8.26%   -0.60%     
==========================================
  Files          161     165       +4     
  Lines         6623    7148     +525     
==========================================
+ Hits           587     591       +4     
- Misses        6036    6557     +521     

Impacted Files	Coverage Δ
...h_app/lib/cards/category_cards/abstract_cache.dart	0.00% <0.00%> (ø)
...p/lib/cards/category_cards/asset_cache_helper.dart	0.00% <0.00%> (ø)
...p/lib/cards/category_cards/raster_async_asset.dart	0.00% <0.00%> (ø)
...oth_app/lib/cards/category_cards/raster_cache.dart	0.00% <0.00%> (ø)
..._app/lib/cards/category_cards/svg_async_asset.dart	0.00% <0.00%> (ø)
...smooth_app/lib/cards/category_cards/svg_cache.dart	0.00% <0.00%> (ø)
...t_cards/knowledge_panels/knowledge_panel_card.dart	0.00% <0.00%> (ø)
...t_cards/knowledge_panels/knowledge_panel_page.dart	0.00% <0.00%> (ø)
...knowledge_panels/knowledge_panel_summary_card.dart	0.00% <ø> (ø)
...s/knowledge_panels/knowledge_panel_table_card.dart	0.00% <0.00%> (ø)
... and 54 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 19e3560...1a27153. Read the comment docs.

[teolemon]

Could you add a comment here on the kind of exception it was (SSL related, possibly on old devices ?)

[M123-dev]

Added a comment

[monsieurtanuki]

Hi @M123-dev!
I think it's not fair to just bypass the exception. What are we supposed to do with "less fortunate" users? Shouldn't we store the user/password in DaoString instead, as a fallback? Shouldn't we have detected that issue previously when the user stored the user/password: it probably didn't work either at that moment.
Any idea of the root cause of this crash? (there's no "issue" by the way).

[M123-dev]

Heyyy @monsieurtanuki, the API used in the secure storage package was introduced in android 4.3 (Now around 10 years old), I think we have a lot more other problems on these version. The error occured to me when I had the app installed via the PlayStore and then installed it via USB Debugging from my PC (for running in debug mode). After that it fails what's good in terms of security. But if we know that such a case meight happen we don't need to throw a exeption but just handle it. But because it's a security and not feature related bug there is no way of knowing it in advance.

#1121 #1311

[monsieurtanuki]

Hi @M123-dev!

I didn't know what you mentioned was possible; when I develop in Android/java the app refuses to install a debug apk on a release apk and so on. That doesn't work that way with flutter, fair enough.

The general idea is good: in those strange cases just display "you have been logged out", remove the credentials and that's it.

The timing is not good though: adding a Scaffold (for the Snackbar) is not a good solution, as we've already experienced bugs because of embedded Scaffolds. Please call the Snackbar somewhere else.

[monsieurtanuki]

@M123-dev Not convinced either by your latest change. That's tricky...
Let's say that only naughty boys like you may experience that "logged out" exception: what about just printing a log? And moving the code back to main.dart?

[M123-dev]

Sure @monsieurtanuki

[monsieurtanuki]

Not await? Btw as it's in the init part and we do that only once, do we have to notify the listeners in mountCredentials? I don't think so, as it's dangerous to notify while building a Widget.

[M123-dev]

no await intended, since the credentials are not needed directly after start, this can run when there is time for that. Because of that that little more efford with the provider

[monsieurtanuki]

Not convinced. All we do in mountCredentials is get the credentials from the dao and put them in static. Quick and easy.
OK, technically you are allowed not to wait until it finishes and use the provider for the refresh, but:

• hey, it's init time, let's init once and for all
• the notifylistener will trigger a display refresh just because you didn't want to spend 20 milliseconds awaiting
• not everything we do is strictly needed at init time - we also set the query country, which is useless as we haven't queried anything yet
• btw mountCredentials could be called much earlier, in _init1 or _init2

[M123-dev]

Just applied your suggestions, my first approach was to completely remove the provider, but looking into it again we should keep it to properly reflect logins from for example the login card.

[M123-dev]

@monsieurtanuki just saw the stats on Sentry, looks like I'm really the only one with the problem 😆