8 Aug 2024 |
valentinb102 | Ok that works. I tried the import vault button which gave an error | 13:32:59 |
alexbakker | It's probably best to detect that and automatically refer to the google auth uri importer from your ente auth importer in order to prevent confusion | 13:33:01 |
valentinb102 | Since a custom importer isnt necessary now Im not sure how I should proceed here. | 13:37:54 |
alexbakker | That second export you shared is encrypted, users won't be able to import that without an importer specifically for ente auth | 13:39:15 |
valentinb102 | Ok that sounds like a plan. | 13:41:55 |
valentinb102 | For the unencrypted file I guess there could be some messaging somewhere? | 13:42:24 |
alexbakker | I would suggest doing the following in the new Ente Auth importer: First try to parse the file the user wants to import as JSON. Valid JSON? Proceed trying to decrypt it. Invalid JSON? Automatically try again with the google auth uri importer | 13:44:52 |
| @sim_g:matrix.org left the room. | 15:31:25 |
9 Aug 2024 |
valentinb102 | Alright Im on the decryption portion now. Going by this doc https://github.com/ente-io/ente/blob/65b0a061b79f44af32738777172981a66b098c2e/docs/docs/auth/migration-guides/export.md?plain=1#L44 | 13:47:02 |
valentinb102 | Not entirely sure how I should derive the key | 13:47:48 |
alexbakker | You can take a look at the authenticator pro importer for inspiration | 13:49:08 |
alexbakker | (It uses the same KDF) | 13:49:25 |
valentinb102 | It looks like EncryptedState is what I need to copy over. Should I change the current State static to DecryptedState then? | 14:30:26 |
valentinb102 | The plain text file isnt really decrypted though | 14:35:00 |
valentinb102 | The doc mentions operations limit. Is that iterations or parallelism? | 16:57:20 |
alexbakker | In reply to @valentinb102:matrix.org It looks like EncryptedState is what I need to copy over. Should I change the current State static to DecryptedState then? You should be able to just reuse GoogleAuthUriImporter.State I think | 17:06:28 |
alexbakker | In reply to @valentinb102:matrix.org The doc mentions operations limit. Is that iterations or parallelism? They meant to say iterations, probably | 17:06:51 |
valentinb102 | ok for the memory limit im going by this https://github.com/ente-io/ente/blob/4d8e80041dc65c4d50d26eab076e5ffd9d33da8c/cli/internal/crypto/crypto.go#L57 | 17:50:02 |
valentinb102 | Im assuming I should use withMemoryAsKB with the same memcost/1024 calculation that they are using? | 17:52:31 |
valentinb102 | And right now im getting this error "java.security.InvalidAlgorithmParameterException: Expected IV length of 12 but was 32". Currently Im passing the nonce as the IV | 18:00:01 |
valentinb102 | I think I need to decode from base64 | 18:18:16 |
valentinb102 | I added decode base64 to salt, data and nonce and now I get "java.security.InvalidAlgorithmParameterException: Expected IV length of 12 but was 24" | 18:22:30 |
10 Aug 2024 |
alexbakker | Ah this is a bit unfortunate, it sounds like you're trying to decrypt using AES GCM, but it looks like Ente Auth uses XChaCha20-Poly1305 for encryption, which BouncyCastle (the crypto library Aegis uses) doesn't appear to have support for yet | 10:28:06 |
valentinb102 | Ah gotcha. I figured I was missing something. Is there a library that does support this or is it possible to translate this through another algorithm? | 12:50:59 |
valentinb102 | So I changed SecretKeySpec to ChaCha20 and Cipher to ChaCha20-Poly1305/None/NoPadding now i get "java.security.InvalidAlgorithmParameterException: ChaCha20-Poly1305 nonce must be 12 bytes in length" | 13:11:17 |
valentinb102 | Apparently the X means extended nonce 🤣 | 13:27:00 |
valentinb102 | Theres a PR just for this https://github.com/bcgit/bc-java/pull/957 | 13:30:57 |
valentinb102 | It looks like somebody copied that PR into their code and it worked. I guess that would be too much for this. | 13:36:20 |
14 Aug 2024 |
| Fitik🤍🩵🤍[ENG/RUS/HEB/EPO] changed their display name from Fitik🤍🩵🤍[ENG/RUS/HEB] to Fitik🤍🩵🤍[ENG/RUS/HEB/EPO]. | 01:50:23 |
16 Aug 2024 |
| § set a profile picture. | 17:28:07 |