[BUG] Incorrect password for unlocking password store but password is correct

[SpyHoodle]

Describe the bug

Can't decrypt/access passwords due to an incorrect password given, however I am definitely giving the correct password for my GPG key.

Here is the log.txt.

Steps to reproduce

Steps to reproduce the behavior:

1. Have a standard gpg key imported with a passphrases
2. Press on a password store entry
3. It simply says "Password" - so I enter the password for my GPG key
4. The password I enter is incorrect

Expected behavior

Typed password should be correct and it should let me decrypt the password store entry.

Screenshots

No response

Device information

• Device: Google Pixel 7
• OS: GrapheneOS
• App version: Snapshot 2.0.0 11be4cf

Additional context

• .gpg-id matches the id of my gpg key
• The gpg key is imported as ascii armored and was imported fine

[msfjarvis]

We need to improve diagnostics reporting for this but the password isn't incorrect, the real reason is this:

org.pgpainless.exception.MessageNotIntegrityProtectedException: Message is encrypted using a 'Symmetrically Encrypted Data' (SED) packet, which enables certain types of attacks. A 'Symmetrically Encrypted Integrity Protected' (SEIP) packet should be used instead.

Our PGP library rejected your store file for security reasons. I haven't checked in detail so I don't have a mitigation I can share at the moment, I'll have to circle back for that once I have some time.

[msfjarvis]

Running pass init <key id from .gpg-id> will re-encrypt your entire store using your currently installed GnuPG version which should get rid of all outdated encryption.

[SpyHoodle]

I did this, it did nothing on my password-store, but when i tried to reclone the repo I couldn't use the ssh key I generated with the app because it was asking for a password, but it was bio-metrically locked.

So I tried to reinstall the app and delete all data and now whenever I try to generate an ssh key with the app I get this stack trace error. There is also no way to import an ssh key anymore, so I can't get my password store repository now.

Exception: NullKeyException
Message: keyType was null

java.lang.RuntimeException: java.lang.reflect.InvocationTargetException
	at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:558)
	at com.android.internal.os.ExecInit.main(ExecInit.java:49)
	at com.android.internal.os.RuntimeInit.nativeFinishInit(Native Method)
	at com.android.internal.os.RuntimeInit.main(RuntimeInit.java:355)
Caused by: java.lang.reflect.InvocationTargetException
	at java.lang.reflect.Method.invoke(Native Method)
	at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:548)
	... 3 more
Caused by: app.passwordstore.ssh.utils.NullKeyException: keyType was null
	at app.passwordstore.ssh.SSHKeyManager.keyType(SSHKeyManager.kt:58)
	at app.passwordstore.ui.sshkeygen.SshKeyGenActivity$$ExternalSyntheticLambda0.onClick(R8$$SyntheticClass:16)
	at android.view.View.performClick(View.java:7506)
	at com.google.android.material.button.MaterialButton.performClick(MaterialButton.java:10)
	at android.view.View.performClickInternal(View.java:7483)
	at android.view.View.-$$Nest$mperformClickInternal(Unknown Source:0)
	at android.view.View$PerformClick.run(View.java:29357)
	at android.os.Handler.handleCallback(Handler.java:942)
	at android.os.Handler.dispatchMessage(Handler.java:99)
	at android.os.Looper.loopOnce(Looper.java:201)
	at android.os.Looper.loop(Looper.java:288)
	at android.app.ActivityThread.main(ActivityThread.java:7891)
	... 5 more

I get this when using the generate ssh key pair function or just try and clone the repo with SSH key pressed as the authentication method.

[msfjarvis]

Seems like a regression from #2450, I'll have to investigate after work.

[msfjarvis]

The SSH bug is indeed a regression from the PR, I've feature flagged that code for now. The new snapshot is building as I'm typing this and it should become available in the next 10 or so minutes.

[SpyHoodle]

SSH key generation works now, however I still get the same wrong password error, even after pass init <key id from .gpg-id>.

[msfjarvis]

Something in your GPG setup is generating insecure, symmetrically encrypted files. Password Store can neither "repair" nor accept these files so it's a dead end. Closing as a wontfix.

[SpyHoodle]

I think I might know the issue - PGPainless doesn't seem to support AEAD if I'm not mistaken, and all my encrypted passwords encrypted by gpg on a computer seem to have AEAD. Whereas the packets generated by android password store (so pgpainless) are using MDC instead - which is older and less secure I believe.

This is why I think PGPainless doesn't detect it, and thinks there's no integrity protection at all.

I moved from the openkeychain version of APS for something similar to only older keys being supported too. Everything about AEAD seems stale on the pgpainless repo, so it doesn't seem like I'm going to be able to use APS any time soon.

[VictorVSa]

I have no idea about cryptography, I'm here to drop my 2 cents because I was having the same issue.

I just created a new GPG key with gpg --full-generate-key, choosing this time (9) ECC (sign and encrypt) and then (4) NIST P-384, re-encrypted all current passwords with pass init <KEY ID> with the ID I saw in gpg --list-secret-keys --keyid-format=long (the one from the sec line, pushed the changes with pass git push, exported new GPG key with gpg --export-secret-keys <KEY ID OF ssb> private.asc, cleaned Password Store to start fresh with the new GPG key and updated repo.

Hope it helps someone!