Troubleshooting GPG Decryption in Android Password Store

[sukhmancs]

Description:

I've experimented with different snapshot versions of the Android password store, yet despite entering the correct password, I'm consistently encountering a "wrong password" error message. Furthermore, I've imported my private key via the settings menu, specifically navigating through settings > pgp_settings > key_manager.

Steps to Reproduce:

1. Install the Android Password Store snapshot version (e.g., 2.0.0-SNAPSHOT).
2. Open the Password Store application.
3. Navigate to settings > pgp_settings > key_manager.
4. Import the private key.
5. Enter the correct password for the private key.
6. Observe the "wrong password" error message.

Expected Behavior:

• I should be able to successfully access the Password Store by entering the correct password.
• Importing the private key via the settings menu should enable access to the store without encountering a "wrong password" error message.

Actual Behavior:

• Despite entering the correct password, I am consistently getting "wrong password" error message.
• Importing the private key does not resolve the issue, and the error persists.

Additional Information:

• This issue has been replicated across multiple snapshot versions of the Android Password Store.

Environment:

• Operating System: Android
• Password Store Version: 2.0.0-SNAPSHOT
• Android Version: 9
• Device: Galaxy S8
• Debug Logging Enabled: Yes

Logs:

• Log file capturing the issue has been attached and can be found here.

Attachments:

• Log File: log.txt

Note: Please let me know if any additional information is required or if further testing is necessary to diagnose and resolve this issue effectively.

[msfjarvis]

I need a log to see what is happening https://docs.passwordstore.app/docs/users/reporting-bugs

[chee-zaram]

@sukhmancs Hi. Please, could you be kind enough to say how you fixed your issue? I'm running into the same issue of wrong password on APS and can't find any resources on it.

[msfjarvis]

@chee-zaram the answer is linked in the top post itself: #2966 (comment)

[chee-zaram]

Hi @msfjarvis, thanks for your response. I definitely see that. I just don't know how to go about it, hence my plea for a little guidance.

[msfjarvis]

Remove it from the key by following https://unix.stackexchange.com/questions/697579/gpg-failing-with-no-error-for-one-of-my-encrypted-files then pass init <keyid> to re-encrypt all files.

[chee-zaram]

Thank you so much. It worked.

[msfjarvis]

org.bouncycastle.openpgp.PGPKeyValidationException: Message is encrypted using a 'Symmetrically Encrypted Data' (SED) packet, which enables certain types of attacks. A 'Symmetrically Encrypted Integrity Protected' (SEIP) packet should be used instead.

According to the logs your files are still using AEAD, you might need to re-encrypt them after removing AEAD from the key.