Clear keys when possibly legacy RSA

QuantozTechnology · Feb 20, 2024 · 0f1f487 · 0f1f487
1 parent b3ff839
commit 0f1f487
Showing 1 changed file with 13 additions and 0 deletions.
diff --git a/mobile/src/utils/hooks/useDeviceVerification.ts b/mobile/src/utils/hooks/useDeviceVerification.ts
@@ -55,13 +55,26 @@ export function useDeviceVerification(shouldVerify: boolean) {
       let pubKey = await SecureStore.getItemAsync("publicKey");
       let privKey = await SecureStore.getItemAsync("privateKey");
 
+      // If the keys are longer than 64 characters, they are most likely RSA keys, so we clear them
+      if (privKey && privKey?.length > 64) {
+        console.log(
+          "Clearing keys from SecureStore as they are most likely RSA keys"
+        );
+
+        await SecureStore.deleteItemAsync("privateKey");
+        privKey = null;
+        await SecureStore.deleteItemAsync("publicKey");
+        pubKey = null;
+      }
+
       if (!pubKey || !privKey) {
         const keys = generateKeys();
         pubKey = keys.pubKey;
         privKey = keys.privKey;
 
         await storeKeys(pubKey, privKey, null);
       }
+
       const verificationResult = await verifyDevice({ publicKey: pubKey });
       // Handle the case where the API response is not as expected, so we don't run into errors
       try {