Migrating LegacySecureStorage on Android doesn't work

[ssbssb-cmd]

Description

Followed the steps here to migrate entries from Xamarin SecureStorage into MAUI SecureStorage, but it is always returning null

https://learn.microsoft.com/en-us/dotnet/maui/migration/secure-storage?view=net-maui-8.0

Steps to Reproduce

1. Create new Xamarin App
2. Add Xamarin.Essentials
3. Save a token:

                await SecureStorage.SetAsync("oauth_token", "secret-oauth-token-value");

4. Create a new MAUI app

5. Copy paste the code from https://learn.microsoft.com/en-us/dotnet/maui/migration/secure-storage?view=net-maui-8.0, creating new classes for AndroidKeyStore, LegacySecureStorage, KeyChain

6. Try and retrieve the token

        string token = await LegacySecureStorage.GetAsync("oauth_token");

On Android It is returning null

Link to public reproduction project repository

No response

Version with bug

8.0.6 SR1

Is this a regression from previous behavior?

Not sure, did not test other versions

Last version that worked well

Unknown/Other

Affected platforms

Android

Affected platform versions

No response

Did you find any workaround?

Not yet

Relevant log output

No response

[sb111111111]

Hey - has anyone else experienced this? or found any workaround

[ssbssb-cmd]

Hi all - anyone else facing this? Am blocked with migrating from xamarin to MAUI at the moment and struggling to work out how to investigate this further or fix

[IainS1986]

Seen a similar thing I think.

One thing that I'm not sure about, the example code for migration in the AndroidKeyStore code has a call to

LegacySecureStorage.RemoveAll();
This will fire in the first 'Get' call to get a single key (the first decrypt).

This seems - odd. Surely its going to clear all saved secure storage keys the moment you try and get 1, so only the first might work? 🤷

[de-preut]

I'm also currently working in the migration of old SecureStorage items to MAUI and see the same incorrect behaviour. I'm not sure if I missed an important step, but I followed the linked documentation and it's still not working.

[de-preut]

@ssbssb-cmd I think I found a solution! Based on a comment here (jfversluis/Plugin.Maui.FormsMigration#1 (comment)) I created a signing key for my debug configuration (I followed https://learn.microsoft.com/en-us/dotnet/maui/android/deployment/publish-cli?view=net-maui-8.0) and signed the Xamarin.Forms based app as well as the MAUI based app with the same keystore...and it worked!

[IainS1986]

If you're migrating an android app surely you need to be signing it with the same key, otherwise you're not going to be able to upload to the playstore or install and update over the top?

[de-preut]

If you're migrating an android app surely you need to be signing it with the same key, otherwise you're not going to be able to upload to the playstore or install and update over the top?

yeah, that's true. But (at least in my case) we had the issue in an unsigned debug build as a proof-of-concept if the migration is working. Therefore I was just not aware that even this build needs to be signed already

[ssbssb-cmd]

@ssbssb-cmd I think I found a solution! Based on a comment here (jfversluis/Plugin.Maui.FormsMigration#1 (comment)) I created a signing key for my debug configuration (I followed https://learn.microsoft.com/en-us/dotnet/maui/android/deployment/publish-cli?view=net-maui-8.0) and signed the Xamarin.Forms based app as well as the MAUI based app with the same keystore...and it worked!

OK great - i will give it a go! Did you have to do it via command line? Or is there someway within Visual Studio Mac to sign the debug package with the prod key?