Fails to decrypt returning passwords from organisations: `error: MAC mismatch`

[Mic92]

I am using bitwarden_rs. The password login succeeds so the email/password should be correct however it fails to decrypt my password:

$ bitw sync
$ bitw dump
error: MAC mismatch

How can I debug this further?

[Mic92]

The key itself should be also correct since it can decrypt the profile itself: https://github.com/mvdan/bitw/blob/056480d6f3ec7bb51126d4f788f70b31a3c4eb63/main.go#L340

[Mic92]

I changed it to:

diff --git a/main.go b/main.go
index 14bafc8..de575fd 100644
--- a/main.go
+++ b/main.go
@@ -285,9 +285,11 @@ func run(args ...string) (err error) {
            } {
                s, err := decrypt(cipherStr)
                if err != nil {
-                   return err
+                   fmt.Printf("failed to decrypt: %s\n", cipher.ID)
+                   //return err
+               } else {
+                   fmt.Fprintf(w, "%s\t", s)
                }
-               fmt.Fprintf(w, "%s\t", s)
            }
            fmt.Fprintln(w)
        }

Now I see that only some entries cannot be decrypted.

[Mic92]

Ok. I found out that those passwords came from an organisation. I assume the password must be computed differently in this case?

[mvdan]

I have never tried organisations with this tool, so it's not a big surprise that they don't work. Patches are of course welcome.