Closed Susurrus closed 3 years ago
Thanks for reporting this! I am thinking about how to help in debugging this, since the issue is likely related to your database and you probably will not be willing to share this together with the key. Can you provide a minimal reproducible example with anything confidential removed?
In a nutshell, the KDBX format consists of a header and a data (aka payload) part, both under various layers of encryption. The Hmac block stream is used to verify the integrity of the main payload before decryption. See the linked KDBX format docs section "Improved Data Authentication" for details on how it is supposed to work.
According to the description of the Hmac Block stream, the block size is definitely 4 bytes (32 bits) and little endian. I rather worry that some other corruption has occurred, so debugging this will probably amount to tracing the raw binary data and checking if it makes sense.
I just tried to reproduce this today, and everything worked fine. I wonder if this was an error introduced by KeepassDX that was fixed in an update and since I've opened and resaved the "corrupted" one, it was fixed automatically. Anyways, since I can't reproduce this, going ahead and closing it.
I ran into an issue decrypting my .kdbx file using
keepass-diff
and was told to report it here as I believe It's in issue atsrc/hmac_block_stream.rs:21
. Full backtrace follows:I didn't see any binary within this library to assist with testing and verifying keepass files, but KeePassXC 2.6.4 can open it successfully, so I assume that there is an issue in this library. I can do some Rust coding, so can contribute here if it'll help, though I don't know this library or the keepass format very well. Any suggestions for where to start to try to debug this? Given the size of this value, I'm wondering if there's a byte-order issue with the indexing here.
Originally reported in Narigo/keepass-diff#32.