Can't get it working

[Marten-Reehorst]

I have a backup file 1703299151437-AUTO.backup that was created today and I'm trying to decrypt it. I've downloaded the git directory and called (command followed by output)

java -jar colornote-decrypt.jar 0000 < 1703299151437-AUTO.backup > notes.json

Exception in thread "main" java.io.IOException: javax.crypto.IllegalBlockSizeException: last block incomplete in decryption
    at java.base/javax.crypto.CipherInputStream.getMoreData(CipherInputStream.java:128)
    at java.base/javax.crypto.CipherInputStream.read(CipherInputStream.java:242)
    at java.base/javax.crypto.CipherInputStream.read(CipherInputStream.java:219)
    at ColorNoteBackupDecrypt.decrypt(ColorNoteBackupDecrypt.java:92)
    at ColorNoteBackupDecrypt.main(ColorNoteBackupDecrypt.java:46)
Caused by: javax.crypto.IllegalBlockSizeException: last block incomplete in decryption
    at org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher.engineDoFinal(Unknown Source)
    at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2085)
    at java.base/javax.crypto.CipherInputStream.getMoreData(CipherInputStream.java:125)
    ... 4 more

Based on the other recently "Issue" raised by johnhe4, I also tried java -jar colornote-decrypt.jar 0000 28 < 1703299151437-AUTO.backup > notes.json

which exited without error. However, the notes.json that was produced only contains hexadecimal numbers (where I believe it should have contained some human readable JSON). Anyone any idea for what I could try?

[olejorgenb]

The 28 number is an offset into the file. If I recall correctly '28' was determined experimentally.

The result does contain some junk. But should mostly be valid ascii/utf8 IIRC. But it could be that the program you use get confused by the invalid bytes. Did you simply cat it? Did you try the cleanup scripts?

It is not impossible they have changed the format though. It's 7 years since I did the decompilation exercise. Maybe they've added compression? I would check what file notes.json say.

[EpicVoyage]

I have just run this successfully from a fresh Colornote backup.

$ java -jar ColorNote-backup-decryptor/colornote-decrypt.jar 0000 28 < 1703495612796-AUTO.backup > notes.json

$ ./ColorNote-backup-decryptor/fixup-v3 notes.json test.json

The original output file before the cleanup script (notes.json) is messy, but does contain JSON. What text editor are you viewing this file in? Does it have an automatic HEX mode for unrecognized binary files?

[Marten-Reehorst]

Thanks!

My bad. I thought the output should be human readable as a text file. I thought the cleanup scripts acted on things like comma's and that therefore my file should contain them. Opening the file with an editor that correctly recognizes the HEX format I see the real content.

The cleanup scripts don't work though. v3 gives: "Expecting value: line 25 column 1 (char 64822)" v1 and v2 take forever and I canceled them since I assumed they had hanged somehow. (Or are these supposed to take very long?)

[olejorgenb]

I see that v2 and v2 expects the input on stdin, while v3 take the filename as an argument 🤦‍♂️

I don't remember much of the cleanup stuff, but I think each version corresponds to a version of the colornote format and I would expect the offset to correspond with the "version"

I would see how line 25 looks. Probably some yunk that need removing

[Marten-Reehorst]

Thanks for the help!

The following works:

java -jar colornote-decrypt.jar 0000 28 < file-AUTO.backup | ./fixup-v2 > notes.json

The output still seems to require some work to turn the output in a JSON that is easily read by other things but I'm sure I can now extract everything I need.

[gicta]

2024 and this library just SAVED MY @$$ - I had to install Azul Zulu OpenJDK to get around the ridiculous security in Oracle's JRE (facepalm), but after that, jar cranked through and produced fugly json, as promised! I will work on cleaning it up, but having years of my life go up in vapor in 3 seconds - this was an amazing recovery!! Thank you @olejorgenb and crew (and @Marten-Reehorst for a post in 2023 that gave me hope this could still work!)