keeweb/kdbxweb

KdbxError: bad derived key

perry-mitchell opened this issue · 3 comments

perry-mitchell commented

Hi! I'm trying to implement argon2 support using the npm library argon2, and am now getting the following error:

{ [KdbxError: Error Unsupported: bad derived key]
  name: 'KdbxError',
  code: 'Unsupported',
  message: 'Error Unsupported: bad derived key' }

I have the following code so far:

const nodeArgon2 = require("argon2");
const toBuffer = require("typedarray-to-buffer");

function argon2(password, salt, memory, iterations, length, parallelism, type, version) {
    return nodeArgon2.hash(toBuffer(password), {
        salt: toBuffer(salt),
        type,
        memoryCost: memory,
        hashLength: length,
        parallelism,
        version,
        timeCost: iterations
    }).then(out => {
        return Buffer.from(out);
    });
}

module.exports = {
    argon2
};

I can't make light of the example in the test folder as it doesn't particularly describe any of the values going to and fro. I believe I've got the input from KdbxWeb to argon2 cracked, I'm getting a valid hash:

$argon2d$v=19$m=131072,t=4,p=4$uuJR7sfQapC2usfQxd9eOkyc0DgPsZ1bELHXbOPnz/I$4euUHLZOxByaffEIRQyvvfNE82B0wc7S709eniV1cGU

But it seems the return value is not correct. Would you be able to point out what the result from the implemented argon2 method should be? I'd also love documentation on the input parameters to that argon2 function (I could add jsdoc comments to your test file if you'd like). Thanks!

antelle commented

Hi! Looks like you're returning an encoded value instead of hash, hash is always a fixed length value. That's where the error is generated:

kdbxweb/lib/format/kdbx-format.js

Line 326 in cda07f1

if (!encKey || encKey.byteLength !== 32) {

For example: https://antelle.net/argon2-browser/

Encoded: $argon2d$v=19$m=1024,t=1,p=1$c29tZXNhbHQ$Li5eBf5XrCz0cuzQRe9oflYqmA/VAzmzichw4ZYrvEU
↑ that's not what you need
Hash: 2e2e5e05fe57ac2cf472ecd045ef687e562a980fd50339b389c870e1962bbc45
↑ the value you need
perry-mitchell commented

Thanks @antelle - I guess that's sha-256? Unfortunately there's not a lot of docs around this feature (providing argon2), and I think having some clear instructions might benefit future integrations - just a suggestion.

antelle commented

It's not SHA, it's... Argon2. Added a bit more docs to the readme.