decrypt-otpauth-files icon indicating copy to clipboard operation
decrypt-otpauth-files copied to clipboard

Published 20 hours ago verified publisher icon CooperRS

Decrypt isn't working for new version

Open hmarrao opened this issue 6 years ago • 7 comments

I'm currently unable to decrypt my db file.

the AES part is complaining about length not being in a 16*X block.

I don't know if db as some extra metadata or the decrypt options changed.

Can you help me decrypting my db file¿?

hmarrao avatar Oct 29 '19 04:10 hmarrao

Hey there!

I just updated the crypto library used by this tool. Can you try again with the current master HEAD (Commit 2b71b602388e4901ec98998e470d87590709a94f)? I hope my update fixed this issue :)

Best regards, Roland

CooperRS avatar Nov 09 '19 16:11 CooperRS

Hi Roland, thx for the reply.

Im still getting the same problem:

Traceback (most recent call last):
  File "decrypt_otpauth.py", line 324, in <module>
    cli()
  File "/home/sp82254/.local/share/virtualenvs/decrypt-otpauth-files-JiRYvIvc/lib/python3.7/site-packages/click/core.py", line 722, in __call__
    return self.main(*args, **kwargs)
  File "/home/sp82254/.local/share/virtualenvs/decrypt-otpauth-files-JiRYvIvc/lib/python3.7/site-packages/click/core.py", line 697, in main
    rv = self.invoke(ctx)
  File "/home/sp82254/.local/share/virtualenvs/decrypt-otpauth-files-JiRYvIvc/lib/python3.7/site-packages/click/core.py", line 1066, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/home/sp82254/.local/share/virtualenvs/decrypt-otpauth-files-JiRYvIvc/lib/python3.7/site-packages/click/core.py", line 895, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/home/sp82254/.local/share/virtualenvs/decrypt-otpauth-files-JiRYvIvc/lib/python3.7/site-packages/click/core.py", line 535, in invoke
    return callback(*args, **kwargs)
  File "decrypt_otpauth.py", line 278, in decrypt_backup
    data = AES.new(key, AES.MODE_CBC, iv).decrypt(encrypted_otpauth_backup.read())
  File "/home/sp82254/.local/share/virtualenvs/decrypt-otpauth-files-JiRYvIvc/lib/python3.7/site-packages/Crypto/Cipher/_mode_cbc.py", line 246, in decrypt
    raise ValueError("Data must be padded to %d byte boundary in CBC mode" % self.block_size)
ValueError: Data must be padded to 16 byte boundary in CBC mode

Im currently using OTP Auth 2.13.5 (504)

hmarrao avatar Nov 10 '19 06:11 hmarrao

Updated to OTP Auth 2.16.1 (701) but got the same result.

hmarrao avatar Nov 10 '19 06:11 hmarrao

Hmm, to me it seems like either the backup is not properly formatted or the Python Crypto library is broken.

Did you already try to recreate the virtual environment 8containing the dependencies) using piping --rm followed by a pipenv install?

Updated to OTP Auth 2.16.1 (701) but got the same result.

Updated to OTP Auth 2.16.1 means you installed that version of OTP Auth and re-created the backup with it?

CooperRS avatar Nov 10 '19 09:11 CooperRS

same error:

    raise ValueError("Data must be padded to %d byte boundary in CBC mode" % self.block_size)
ValueError: Data must be padded to 16 byte boundary in CBC mode

my otpauthdb doesn't have the proper block size ... it doesn't match a multiple of 16 as the one in your examples ...

hmarrao avatar Dec 12 '19 19:12 hmarrao

I'm also having problems with v2.17.4 (937) on macOS when using 2b71b602388e4901ec98998e470d87590709a94f. The traceback says:

$ pipenv run python decrypt_otpauth.py decrypt_account --encrypted-otpauth-account ./accounts.otpauthdb 
Password for export file ./accounts.otpauthdb: 
Traceback (most recent call last):
  File "decrypt_otpauth.py", line 324, in <module>
    cli()
  File "/Users/foo/.local/share/virtualenvs/decrypt-otpauth-files-FMj1ZqW9/lib/python3.7/site-packages/click/core.py", line 722, in __call__
    return self.main(*args, **kwargs)
  File "/Users/foo/.local/share/virtualenvs/decrypt-otpauth-files-FMj1ZqW9/lib/python3.7/site-packages/click/core.py", line 697, in main
    rv = self.invoke(ctx)
  File "/Users/foo/.local/share/virtualenvs/decrypt-otpauth-files-FMj1ZqW9/lib/python3.7/site-packages/click/core.py", line 1066, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/Users/foo/.local/share/virtualenvs/decrypt-otpauth-files-FMj1ZqW9/lib/python3.7/site-packages/click/core.py", line 895, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/Users/foo/.local/share/virtualenvs/decrypt-otpauth-files-FMj1ZqW9/lib/python3.7/site-packages/click/core.py", line 535, in invoke
    return callback(*args, **kwargs)
  File "decrypt_otpauth.py", line 223, in decrypt_account
    archive = archiver.Unarchive(data).top_object()
  File "/Users/foo/.local/share/virtualenvs/decrypt-otpauth-files-FMj1ZqW9/lib/python3.7/site-packages/bpylist/archiver.py", line 255, in top_object
    self.unpack_archive_header()
  File "/Users/foo/.local/share/virtualenvs/decrypt-otpauth-files-FMj1ZqW9/lib/python3.7/site-packages/bpylist/archiver.py", line 174, in unpack_archive_header
    plist = bplist.parse(self.input)
RuntimeError: invalid header for bplist

Because it's so easy to accidentally delete items in the app (because the edit function is overloaded, and is used for both deletion and inspection activities), backups and exports are really important and are currently not recoverable outside of the app itself.

todd-a-jacobs avatar Jan 21 '21 22:01 todd-a-jacobs

I'm also having problems with v2.17.4 (937) on macOS when using 2b71b60. The traceback says:

$ pipenv run python decrypt_otpauth.py decrypt_account --encrypted-otpauth-account ./accounts.otpauthdb 
Password for export file ./accounts.otpauthdb: 
Traceback (most recent call last):
  File "decrypt_otpauth.py", line 324, in <module>
    cli()
  File "/Users/foo/.local/share/virtualenvs/decrypt-otpauth-files-FMj1ZqW9/lib/python3.7/site-packages/click/core.py", line 722, in __call__
    return self.main(*args, **kwargs)
  File "/Users/foo/.local/share/virtualenvs/decrypt-otpauth-files-FMj1ZqW9/lib/python3.7/site-packages/click/core.py", line 697, in main
    rv = self.invoke(ctx)
  File "/Users/foo/.local/share/virtualenvs/decrypt-otpauth-files-FMj1ZqW9/lib/python3.7/site-packages/click/core.py", line 1066, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/Users/foo/.local/share/virtualenvs/decrypt-otpauth-files-FMj1ZqW9/lib/python3.7/site-packages/click/core.py", line 895, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/Users/foo/.local/share/virtualenvs/decrypt-otpauth-files-FMj1ZqW9/lib/python3.7/site-packages/click/core.py", line 535, in invoke
    return callback(*args, **kwargs)
  File "decrypt_otpauth.py", line 223, in decrypt_account
    archive = archiver.Unarchive(data).top_object()
  File "/Users/foo/.local/share/virtualenvs/decrypt-otpauth-files-FMj1ZqW9/lib/python3.7/site-packages/bpylist/archiver.py", line 255, in top_object
    self.unpack_archive_header()
  File "/Users/foo/.local/share/virtualenvs/decrypt-otpauth-files-FMj1ZqW9/lib/python3.7/site-packages/bpylist/archiver.py", line 174, in unpack_archive_header
    plist = bplist.parse(self.input)
RuntimeError: invalid header for bplist

Because it's so easy to accidentally delete items in the app (because the edit function is overloaded, and is used for both deletion and inspection activities), backups and exports are really important and are currently not recoverable outside of the app itself.

I've been able to fix this issue (kinda), I changed the password from 40+ characters to 19 and it seems to be working completely fine now.

rc0j avatar Feb 10 '21 11:02 rc0j