search cancel

Login failed with /auth/oauth/v2/token route with MAG SDK 2.0 and 2.1 and Android 10 and Android 11


Article ID: 228531


Updated On:


CA API Gateway


Here are the versions that we had problems during the migration

Version of Gateway v10 – CR04 (Problem observed in CR03 and also after applying CR04)

OTK Version 4.4.1

Version MAG 4.2.1

Problem :

Login failed when consuming /auth/oauth/v2/token route with MAG SDK 2.0 and 2.1 and Android 10 and 11.

NOTE: For Android minor versions and any iPhone version works without problems.

Error caught in Android DEBUG (full log attached):

2021-10-28 19:12:27.172 29981-30213/? E/MAS: Unable to post to Handshake failed Unable to post to Handshake failed

Caused by: SSL handshake aborted: ssl=0xb8f02818: Failure in SSL library, usually a protocol error

error:04000044:RSA routines:OPENSSL_internal:internal error (external/conscrypt/common/src/jni/main/cpp/conscrypt/ 0xd07a8543:0x00000000)

Gateway logs:

Below are some links identified for the same error we had: 4090-918f-724aa6a810aa




Release : 10.1

Component : API GATEWAY


Ref : DE508974

After Gateway 10 CR03, RSA-PSS support has been added in the Gateway but for Android 10 and above, we have missed it in our SDK. We need to enable ENCRYPTION_PADDING_NONE to support the same for Android 10 and above.

Apart from that, Android SDK 29 and above has started supporting TLS 1.3. As our gateway has the support for TLS 1.3, MAS SDK does not have that. So we enhanced it to support the TLS 1.3 protocol.

For the devices which are running below Android SDK 29(means Android 9 or below devices), they don't support TLS 1.3. In that case, we should enable TLS 1.2 and TLS 1.3 both on the gateway.

It basically add the support for ENCRYPTION_PADDING_NONE



Fix provided (DE520331)



These two generated from the same branch and has the same fix.

- you  can add the mas storage in the lib folder as well and use.