Open xinwu-yui opened 2 months ago
After obtaining the master key, I ran the decryption of the token using idea. The above figure shows an error, which means that the encrypted token is likely to be incorrect, resulting in decryption failure
Same symptoms for me.
I have backups created using the 2.0.4 version, that cannot be restored on my new phone. I did not investigate logcat debugs, but the symptoms are the same: entering the correct password results in zero tokens appearing.
See also:
This app has lost my faith. Using a known-unstable serialisation format for critical long-term backup means I no longer trust the developers to know what they are doing.
I you'll excuse me, I now need to manually recover 15 accounts that I thought were safely backed up. (As the saying goes: it's not a backup until you've confirmed a restore is possible, sigh)
Edit to add: I am currently trialing FreeOTP+, a maintained fork with working backups (and better logo support), as well as Aegis. Aegis can actually import FreeOTP+ backups!
didn't debug- but experiencing the exact same behavior for restore -- enter correct password, nothing happens
I started using version 2.0.2. I added a few tokens to my phone. Exporting backups can be successful. However, I imported it on another phone and entered the correct password. After that, nothing happened (it should have been an error). Therefore, I debugged and found that there was no problem decrypting the masterkey. But when decrypting each token, an error is directly reported.
javax.crypto.AEADBadTagException: error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT at java.lang.reflect.Constructor.newInstance0(Native Method) at java.lang.reflect.Constructor.newInstance(Constructor.java:343) at com.android.org.conscrypt.OpenSSLAeadCipher.throwAEADBadTagExceptionIfAvailable(OpenSSLAeadCipher.java:320) at com.android.org.conscrypt.OpenSSLAeadCipher.doFinalInternal(OpenSSLAeadCipher.java:371) at com.android.org.conscrypt.OpenSSLCipher.engineDoFinal(OpenSSLCipher.java:374) at javax.crypto.Cipher.doFinal(Cipher.java:2056) at org.fedorahosted.freeotp.encryptor.EncryptedKey.decrypt(EncryptedKey.java:59) at org.fedorahosted.freeotp.TokenPersistence.restore(TokenPersistence.java:209) at org.fedorahosted.freeotp.main.Adapter.restoreTokens(Adapter.java:265) at org.fedorahosted.freeotp.main.Activity$5.onClick(Activity.java:404) at androidx.appcompat.app.AlertController$ButtonHandler.handleMessage(AlertController.java:167) at android.os.Handler.dispatchMessage(Handler.java:106) at android.os.Looper.loopOnce(Looper.java:201) at android.os.Looper.loop(Looper.java:288) at android.app.ActivityThread.main(ActivityThread.java:7872) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:548) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:936)
It is worth noting that. The error reported by entering the wrong password and restoring is the same. May I ask if it is because the key used for encryption during export was incorrect.
Please resolve it as soon as possible. I can debug it on my end. I can provide support.