Tusk icon indicating copy to clipboard operation
Tusk copied to clipboard
verified publisher icon subdavis

Big Argon2 memory setting causes "Incorrect password or keyfile" error

Open MalcolmEvershed opened this issue 7 years ago • 6 comments

Bug report

Steps to reproduce - current behaviour

dbs.zip

  1. Try to unlock test-bad.kdbx using the password password and Tusk will give the error Incorrect password or keyfile. The KDBX is configured to use Argon2 with 8 iterations, 128MB of memory, parallelism of 8.
  2. Try to unlock test-good.kdbx using the password password and Tusk will take a while, but it will be able to unlock the database. The KDBX is configured to use Argon2 with 8 iterations, 64MB of memory, parallelism of 8. It differs from test-bad.kdbx by requiring less memory.

What is the expected behaviour

test-bad.kdbx should have been able to be unlocked. Or, a better error message should have been shown, perhaps "out of memory" or something suggesting that the memory setting of the file was too high.

Additional remarks

This is on a Chromebook with 2GB of RAM. MemFree: 440332 kB, MemAvailable: 764108 kB.

KeePass clients on Android devices with only 1GB of RAM are able to open test-bad.kdbx.

Environment

Operating System: Chrome OS 69.0.3497.120 (Official Build) (64-bit)

Browser vendor and version: Google Chrome

Storage Provider: File System

MalcolmEvershed avatar Oct 24 '18 22:10 MalcolmEvershed

Million Dollar Question:

Can you open it with app.keeweb.info?

I'll check when I get to a computer, but this will tell us if it's My fault or the Argon2 wasm library's fault.

subdavis avatar Oct 24 '18 22:10 subdavis

It opens successfully with app.keeweb.info. It takes a while after entering the password, but eventually succeeds.

With Tusk, after entering the password, an error is returned right away.

MalcolmEvershed avatar Oct 24 '18 22:10 MalcolmEvershed

That's good news. Thanks for the report.

subdavis avatar Oct 24 '18 22:10 subdavis

That's good news. Thanks for the report.

I still expereince this exact error!

Solverz-0 avatar Apr 03 '19 19:04 Solverz-0

Also experiencing the same error with a pass + key database with the following configuration:

  • AES 256-bit Encryption
  • Argon2 Key Derivation
  • 9 Transformation rounds
  • 128MiB Memory usage
  • 4 threads

The same database can be opened in Keeweb (also takes a few spins to unlock, but always successful).

gowon avatar Apr 10 '19 06:04 gowon

Im finding that the extension on FF despite setting 'until browser exits', each time click on icon there is a 4 second delay while 'unlocking ???.kbxc' which is a dropbox file.

bigalgeorge avatar Oct 05 '19 01:10 bigalgeorge