doy / rbw

unofficial bitwarden cli
https://git.tozt.net/rbw
Other
671 stars 89 forks source link

Decryption failed on long Ciphertexts #185

Open therealchfkch opened 5 months ago

therealchfkch commented 5 months ago

Note that i include the rbw library in my app, so is is not really an issue for the CLI, i hope it is okay to raise an issue under these circumstances.

I recently created a custom field with a long cipher (a PGP Private key), which breaks the library with the following message: thread 'main' panicked at /home/roman/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rbw-1.10.2/src/locked.rs:41:19: ArrayVec: capacity exceeded in extend/from_iter note: run withRUST_BACKTRACE=1environment variable to display a backtrace The respective line which crashes is: https://github.com/doy/rbw/blob/f0b79695ca1c65b6e9510f30a88683220b9e5eb6/src/locked.rs#L41

I am on the latest (1.10.2) version. My Browser extension and the Linux desktop client can decrypt it. The rbw CLI can also decrypt it if i use rbw get <ENTRYNAME> --raw

The cipher length is 18888. Not sure this is correct though.

therealchfkch commented 5 months ago

I am using the library from this piece of code here: https://codeberg.org/Chfkch/bitritter/src/commit/8a6191e2048d5298b8d967a5c1072c58656b8cd2/src/util/mod.rs#L198

It is my first app in Rust, so keep that in mind ;)

doy commented 5 months ago

yeah, currently encrypted fields are limited to 4kb, because we go through a lot of effort to make sure that decrypted data isn't copied, or persisted in memory after it's freed, or swapped to disk, or things like that, and it's a lot harder to enforce those kinds of properties with dynamically sized chunks of memory. i'd be open to revisiting how this works, but it would probably be a pretty finicky change unfortunately/: