search

samuel-lucas6 / Kryptor

A simple, modern, and secure encryption and signing tool that aims to be a better version of age and Minisign.
https://www.kryptor.co.uk
GNU General Public License v3.0
414 stars 33 forks source link

🐛 Bug: Interactively created passphrase does not work. #44

Closed umitseyhan75 closed 2 years ago

umitseyhan75 commented 2 years ago

Description

Interactively created passphrase does not work. Neither when it is pasted nor typed by hand.

Steps to reproduce

  1. Use kryptor -e -p -n [File Name] to encrypt.
  2. Press Enter to create auto passphrase.
  3. Use kryptor -d [File Name] command to decrypt.
  4. Type by hand or paste the automatically created passphrase when asked.

Expected behaviour

Successfully decrypt the file.

Screenshot

https://user-images.githubusercontent.com/43583375/173881961-90746dd8-988a-481f-8825-1ffb5d6ac898.mp4

Platform info

samuel-lucas6 commented 2 years ago

Thank you for the video!

It seems you encrypted the file with a password but tried to decrypt with your encryption private key. The password for the encrypted file was not the same as the password protecting your private key, leading to an error.

What you did at the end was the right approach. Encrypted files don't reveal which method (password, keyfile, password + keyfile, or encryption private key) was used for encryption. Therefore, you have to specify what you did like so:

// Default encryption private key (stored in %USERPROFILE%/.kryptor)
$ kryptor -d file.txt
// Non-default encryption private key (not in %USERPROFILE%/.kryptor)
$ kryptor -d -x:"encryption.private" file.txt
// Password
$ kryptor -d -p file.txt
or
$ kryptor -d -p:"password" file.txt

Those earlier attempts said 'Decrypting private key...' instead of 'Deriving encryption key from password...'. That was a more recent change to try to make things clearer. However, 'Enter your password' is the same for password and private key decryption, which is understandably confusing, just convenient code wise. I can look into improving that.

I hope that helps. Let me know if you have any questions.

umitseyhan75 commented 2 years ago

kryptor -d -p [File Name] worked. kryptor -d -p:"passphrase" [File Name] probably would work either.

But yes, I see a confusing approach here. Kryptor assumes I encrypted the file with private key when decrypting without letting me know.

kryptor -d [File Name] should've worked.

samuel-lucas6 commented 2 years ago

kryptor -d [File Name] should've worked.

The problem is there's no way for anybody but you to know what you did to encrypt the file. That's by design to reveal minimal information. In other words, it's not possible for that to work in all cases. It either has to default to password-based encryption or private key based encryption.