seiichiro0185
commented
1 year ago Thanks for the Report, I can reproduce this behaviour. I'll have a look at it.
Closed kosmonautpirx closed 1 year ago
seiichiro0185
commented
1 year ago Thanks for the Report, I can reproduce this behaviour. I'll have a look at it.
seiichiro0185
commented
1 year ago So I had some time to look at this, and since this is the second time the Javascript-based crypto routines broke, I have now switched to OpenSSL-Based routines in C++ for encrypted file import and export.
This unfortunately means the new import/export is not compatible with old exported files, since I also used the opportunity to switch to sha256 for key derivation instead of md5.
I have provided some testbuilds here: https://cloud.s-brand.de/s/JikNJjQWF8gHrpi - if you don't find any major problems I'll create a proper release soon.
Btw. the Command for decrypting the new files with openssl is now openssl enc -d -a -aes-256-cbc -in sailotp_20230219.aes
seiichiro0185
commented
1 year ago Hint for converting Export-Files from SailOTP prior to 1.11.0 (the Version with reworked Export/Import): An old Export-File 'sailotp_old.aes' can be converted with the following commandline:
openssl enc -d -a -A -md md5 -aes-256-cbc -in sailotp_old.aes -k 'original_passphrase' | openssl enc -a -aes-256-cbc -out sailotp_new.aes
Enter passphrase for the new file twice. The resulting "sailotp_new.aes"-File can then be imported in SailOTP Version 1.11.0 and greater.
kosmonautpirx
commented
1 year ago Got it working by the rpm provided, aarch64. Thanks for the file, import went well, looks good. Thanks for the hint with convert call also.
One more idea: Now the note "openssl enc -d -a -A -md md5 -aes-256-cbc -in
seiichiro0185
commented
1 year ago Thanks for testing and reporting back. Yes, the old decryption command does not work anymore because of the switch to sha256 instead of md5. The new command is also shown in the text on the export page in Sailotp. Since it seems to work so far I'll proceed to release the new version to harbour and openrepos.
kosmonautpirx
commented
1 year ago Thanks fpor release, found it. Working for me, will close it here therefore.
With update to sailfish v4.5.0.16, import functionality became not working anymore, unfortunately.
Proceeding: Export to a file, import same file right again
Expected: Content of file exported is imported successfully
Observed: No content is imported, an error message is presented (similar to "Error, please check password")
Reproduce: Always
Notes: Tested with exported file of previous 4.4.0.72 as well as exported on same/current 4.5.0.16. Import in 4.4.0.72 worked before, no check of import there of 4.5.0.16 exported file currently. May be checked in case, however.
Openssl check reported on example file
openssl enc -d -a -A -d -md md5 -aes-256-cbc -in sailotp_20230212.aes enter aes-256-cbc decryption password: *** WARNING : deprecated key derivation used. Using -iter or -pbkdf2 would be better. {�����>��(��N��Ҏ���hs5X#e:=�ֳc��DcQ���9�� �=$ �3x��yZ %�9}��,f�|�\����Qa�0/C�%���� �x��Fb� bad decrypt 139935080666944:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:crypto/evp/evp_enc.c:612: �V�SsU�G���dyH��ϰ�iwd.<qa��z� �H�^ޤ;���\\�Yk���G��Similar file content in 4.4.0.72 worked before
openssl enc -d -a -A -d -md md5 -aes-256-cbc -in sailotp_20230212.aes enter aes-256-cbc decryption password: *** WARNING : deprecated key derivation used. Using -iter or -pbkdf2 would be better. {"app":"sailotp","otplist":[{"a.s.o.