LasttPass seems to have changed something which broke this code.

[RobThree]

LastPass seems to have changed something recently - according to the date on this post it was changed today. The post reads:

About password iterations

Sep 21, 2023 To increase the security of your master password, LastPass utilizes a stronger-than-typical version of Password-Based Key Derivation Function (PBKDF2). At its most basic, PBKDF2 is a “password-strengthening algorithm” that makes it difficult for a computer to check that any 1 password is the correct master password during a compromising attack. LastPass utilizes the PBKDF2 function implemented with SHA-256 to turn your master password into your encryption key. LastPass performs a customizable number of rounds of the function to create the encryption key, before a single additional round of PBKDF2 is done to create your login hash. The entire process is conducted client-side. The resulting login hash is what is communicated with LastPass. LastPass uses the hash to verify that you are entering the correct master password when logging in to your account. LastPass also performs a large number of rounds of PBKDF2 server-side. This implementation of PBKDF2 client-side and server-side ensures that the two pieces of your data – the part that’s stored offline locally and the part that’s stored online on LastPass servers – are thoroughly protected. The default minimum number of password iterations is 600,000 rounds (for new accounts and those who update their existing iteration count). LastPass allows you to [customize the number of rounds](https://support.lastpass.com/s/document-item?bundleId=lastpass&topicId=LastPass/change-password-iterations.html&_LANG=enus) performed during the client-side encryption process in your Account Settings. **Remember:** All new users added via the LastPass API have the default password iterations value of 600,000 rounds. If desired and/or if [permitted via policy](https://support.lastpass.com/s/document-item?bundleId=lastpass&topicId=LastPass/policy_manage_hash_password_iteration.html&_LANG=enus), users can increase their password iterations value within their Account Settings. **Attention:** LastPass Free users who have selected "Mobile" as their active device type can still change their password iterations by logging in from a desktop (via the [LastPass website](https://lastpass.com/?ac=1) or the LastPass browser extension), and they will not be required to switch their active device type. Upon login, select **Dismiss** or close out of the "0 device switches left" messaging, then navigate to your Account Settings to update.

However, my guess is that LastPass changed something else as well (which may not be very relevant to the average user). But this project (and the one this project borrows some code from) are currently broken. Decryption of the file fails: System.Security.Cryptography.CryptographicException: Padding is invalid and cannot be removed.

I have contacted LastPass with the following inquiry:

Hi, Besides the number of PBKDF2 iterations, has something else changed as well? My 2FA CLI Client (https://github.com/RobThree/2FACLIClient) no longer works. I'm guessing something has changed with the PKCS7 padding or the Ciphermode has changed or something... The relevant code can be viewed here: https://github.com/RobThree/2FACLIClient/blob/c7545559c2c7dc88bfd1726510054422842ffb3e/2FA/LastPassMFABackupDownloader.cs#L59 I would appreciate it if you could tell me IF something changed and I'd appreciate it even more if you could tell me WHAT has changed. Thank you very much! Kind regards, ...

A short investigation into the LastPass browser extension showed this:

I have tried all combinations of CipherMode.CBC / CipherMode.ECB and PaddingMode.PKCS7 / PaddingMode.PKCS7 but none of them seemed to work. For now I'm a little too busy to dive deeper; I'm hoping for the community to have some pointers, tips or maybe even the solution?

[RobThree]

Wait... this is new, isn't it?

[RobThree]

Hmmm, looking at it today it "suddenly" works with CipherMode.CBC / PaddingMode.PKCS7. I'm not sure if somehow I messed up last time I tried or the downloaded blob was - at the time - somehow encrypted differently / incorrectly but either way: it works now! 👍