bad decrypt error when opening vault.

[mikeslattery]

vault = LastPass::Vault.open_remote uername, password, secondfactor

Causes:

OpenSSL::Cipher::CipherError: bad decrypt
    lib/lastpass/parser.rb:282:in `final'
    lib/lastpass/parser.rb:282:in `decode_aes256'
    lib/lastpass/parser.rb:249:in `decode_aes256_cbc_plain'
    lib/lastpass/parser.rb:206:in `decode_aes256_plain_auto'
    lib/lastpass/parser.rb:44:in `block in parse_ACCT'
    lib/lastpass/parser.rb:37:in `open'
    lib/lastpass/parser.rb:37:in `parse_ACCT'
    lib/lastpass/vault.rb:58:in `block in parse_accounts'
    lib/lastpass/vault.rb:54:in `each'
    lib/lastpass/vault.rb:54:in `parse_accounts'
    lib/lastpass/vault.rb:41:in `initialize'
    lib/lastpass/vault.rb:22:in `new'
    lib/lastpass/vault.rb:22:in `open'
    lib/lastpass/vault.rb:11:in `open_remote'

However, the lastpass-cli utility works fine.

[detunized]

Sorry for delayed response. I was on vacation. Does this error reproduce every time? Are you willing to put some effort into tracking this down with my help? I cannot just reproduce this with my account and I won't be asking for your credentials obviously. If you're interested I'd take it private (detunized@gmail.com) and give you some hints what would be nice to dump. Thanks for reporting this BTW.

[mikeslattery]

Yes, every time. I'm running on xubuntu 14.04, Ruby 1.9.3, OpenSSL 1.0.1f, and v1.4.0 of lastpass-ruby. It appears that authentication is successful, including a 2nd factor, but fetching data fails. You want me to try on Windows and/or a different version of Ruby or OpenSSL? What are you using?

I can put some time in this weekend. I'll email you.

[mikeslattery]

This only happens when using 2nd factor as the 3rd argument. I'm using the Google Authenticator Android app. I'm providing the code it displays as the 3rd argument to open_remote(). I expect that if you used Google Authenticator you would experience the same symptoms.pp

Everything works great if I only supply username + password (on an account that doesn't require 2nd factor)

[detunized]

Could you try to disable GAuth on this account and try to log in without it? I'm pretty sure it has nothing to do with that, unless the "one time password" code is incorrect. GAuth in no way changes the data that is received from the LP server. I'm using it with GAuth enabled on my account and everything works fine.

Do you have any shared folders in this account?

[CGamesPlay]

I'm encountering this issue and am using shared folders on this account. The gem used to work fine but broke within the past few weeks. I'm not sure if anything changed in the LastPass account that would trigger this, but that seems likely. Not sure what it would be.

I have the error in the same place.

[detunized]

@CGamesPlay, I will look into that. I'll try to match my code against their JS. The problem is that I cannot reproduce this on my accounts so I don't really know how to debug this. It's obviously sensitive data, so I cannot go around ask people for their passwords. I see what I can do. Are you willing to try to run an instrumented with debug prints local build of this gem? Maybe we can track it down together.

[CGamesPlay]

Yeah I can run a customized version to help track this down.

[CGamesPlay]

I didn't do a ton of debugging to be sure, but I did notice that a deleting a record with a blank user name and blank password fixed the error on my particular vault. I just added puts name at parser.rb line 44 to help debug.

[detunized]

I tested with the blank username, password and everything else. I don't see any problems. Is it still reproducible on your end? I just discovered this issue open for quite some time, I didn't get any notifications about it. Weird.

[CGamesPlay]

Sorry, I probably should have saved the bad version but I did not. I'll take a closer look if we notice this starts happening again.

[detunized]

Is this still reproducible? I'll close the ticket otherwise.

[detunized]

I'm closing as it's very old. If you see this again, please reopen.