Comments (15)
Indeed, it's a bit of a chicken and egg situation :) It's hard to properly support all of bitwarden's API and features when they don't document any of it.
Thanks for pointing out the js/ts code, though, that sounds straightforward enough. I'll push a branch for @kryptt to try.
from bitw.
Thanks for checking. I'm a bit confused, because supposedly the AesCbc256_B64 cipher does not use a mac/hmac at all, so we should not be validating any mac either. The code would have also errored out earlier if the mac key or cipher mac component were empty. Perhaps your issue is unrelated to the different cipher type.
Anything else you can tell me about your setup or issue? For example, what the format of your cipher strings looks like. I can't debug further without having access to input to reproduce the problem, but I also assume you don't want to give me your encrypted secrets and password. Perhaps you could debug the code yourself, too, since you can reproduce the issue.
@esiqveland were you able to try your setup again? You definitely did have AesCbc256_B64 ciphers, so it would be useful to know if the issue was indeed fixed for you or not :)
from bitw.
I assume you're running into this check here:
Lines 46 to 49 in aa676ad
As you can see earlier in that file, the cipher text is generally in the form ${type}.${iv}|${ct}|${mac}
, so that's what we are trying to parse. I assume your cipher text doesn't look like that. Without disclosing it, what does it look like? Any idea what format it might be in?
Unfortunately, the bitwarden API isn't documented, so the current implementation is partially reverse-engineered.
from bitw.
Ok thanks, that is helpful. The format of the cipher string does not match what you describe, it looks like two strings of base64 separated by a pipe |
: {base64}|{base64}
but I have not verified it.
I might do some debugging and dig out which entry it is.
Is the api json based?
from bitw.
I see now that the cipher text comes from the field SyncData.Profile.Key
:
Line 114 in aa676ad
and is prefixed with 0.
, giving the full value something like: 0.{base64}|{base64}
from bitw.
Thinking about this, maybe the {mac}
is missing from the Key on my account? That would be really weird?
from bitw.
I honestly don't know. It's hard to figure these bugs out because the API has no spec and it's difficult to test all the edge cases against the real server :)
from bitw.
@mvdan I'm currently trying to write an exporter from bw to kdbx and your repository has come useful. Now, for this issue, I believe I've read somewhere that old keys are not encrypted (see https://github.com/bitwarden/browser/blob/f1262147a33f302b5e569f13f56739f05bbec362/src/services/constantsService.js#L13) with AesCbc256_HmacSha256_B64 but with AesCbc256_B64. See https://github.com/bitwarden/jslib/blob/f30d6f8027055507abfdefd1eeb5d9aab25cc601/src/models/domain/cipherString.ts#L71
I've also seen (somewhere...) the key read for older keys, but I can't find it. Here is something related.
https://github.com/bitwarden/jslib/blob/f30d6f8027055507abfdefd1eeb5d9aab25cc601/src/models/domain/symmetricCryptoKey.ts#L35
from bitw.
Thanks, that's a good find. We certainly don't support multiple kinds of keys. If someone wants to work on this, a PR with some sort of unit or integration tests would be welcome.
from bitw.
let decEncKey: ArrayBuffer;
const encKeyCipher = new CipherString(encKey);
if (encKeyCipher.encryptionType === EncryptionType.AesCbc256_B64) {
decEncKey = await this.decryptToBytes(encKeyCipher, key);
} else if (encKeyCipher.encryptionType === EncryptionType.AesCbc256_HmacSha256_B64) {
const newKey = await this.stretchKey(key);
decEncKey = await this.decryptToBytes(encKeyCipher, newKey);
} else {
throw new Error('Unsupported encKey type.');
}
I believe right now you are doing as me and stretching the key. However in the case of @esiqveland the key shouldn't be stretched.
from bitw.
was just tryin bitw and ran into this issue....
from bitw.
@esiqveland reported that changing his password resulted in him getting new cipher strings, which use the format understood by bitw.
His PR above is the ground work towards supporting multiple cipher string formats. Unfortunately, I don't have any valid cipher string in this different format that we could unit test for decryption. If someone can provide that (perhaps with a dummy secret and dummy password), then we'd be able to implement and test it.
from bitw.
I think that's difficult because probably the old keys are like this. So if someone wanted to have a dummy secret/password, they would change their current password and make it stretched.
Given the fact only the stretch part is to be skipped, I think you could try to blind code it and ask @kryptt to test it. No ideal, but could work well enough.
from bitw.
Okay, I've very carefully implemented this, and hopefully in a correct way. I've refactored the crypto code to not depend on global state, and written some table-driven unit tests with dummy keys.
@esiqveland @kryptt could either of you please try the latest master and let me know if it works? If not, then I'd have to investigate what I did wrong, because I assume neither of you wants to give me your keys and passwords :)
from bitw.
Still getting this now:
✦ ❯ bitw dump
Password:
error: decrypt: MAC mismatch
from bitw.
Related Issues (20)
- bitw as a dotfiles secrets store HOT 3
- support dbus service encryption algorithms other than "plain"
- Serve does not detect changes coming from sync HOT 4
- Fails to decrypt returning passwords from organisations: `error: MAC mismatch` HOT 4
- Feature request: Store passwords HOT 5
- Not showing identityurl but apiurl instead HOT 1
- Getting started HOT 2
- Respond to this thread if you'd like the passwords to run the tests HOT 8
- Runtime error on bitw dump HOT 2
- error: could not sync: json: cannot unmarshal array into Go struct field Domains.Domains.EquivalentDomains of type string HOT 4
- 2FA login doesn't work with captchas HOT 17
- Suggestion: Use gosecret HOT 1
- The secrets service is not working HOT 2
- Outdated install instructions HOT 3
- `secret-tool` keeps running into a timeout HOT 1
- Support all 2FA types HOT 1
- Create a release with precompiled binaries
- Segmentation fault when serving HOT 2
- Auto-fill HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bitw.