Master Password Issue after updating to 2.50
A lightweight and easy-to-use password manager
Brought to you by:
dreichl
Menu
▾
▴
#2128 Master Password Issue after updating to 2.50
Hi,
since the update to 2.50, I am unable to unlock my database when using MacOS (wine64).
The password works fine with the same database on Windows machines (across versions) as well as when using 2.49 (or below) on MacOS. This issue is reproducible in the sense that re-installing 2.49 fixes the issue and 2.50 introduces the issue again. The issue is independent of the used database. Any other binaries or the wine version remain unchanged.
Is there any way that you can still provide support (e.g., based on any made changes from 2.49 to 2.50 that might impair the compatibility)? Do you have any suggestions on configuration files that might be the reason for this behavior?
Creating a new database when using 2.49 and unlocking it on 2.50 fails. A new database created with 2.50 can only be unlocked on 2.50. Older versions (2.49 and below) raise a wrong password message as well. So far, I have only tested password-based databases.
Thanks for your support and any hints that you might have.
This is likely to be due to the change in AES-KDF to improve speed. Something in Wine doesn't work as expected and causes en/decrypt to work differently.
Stick to 2.48 on the Mac until this has been sorted.
cheers, Paul
This is a bug in Wine.
You can follow it here:
https://bugs.winehq.org/show_bug.cgi?id=52457
As a workaround (until the Wine developers have fixed it), you can turn off the KeePass option 'Use native library for faster key transformations' (in 'Tools' → 'Options' → tab 'Security').
Thanks and best regards,
Dominik
Thanks for the quick support, following-up on it, and filing the bug report.
I can confirm that turning off the option resolves the issues.
KeePass 2.51 and 1.40.1 will be released in about 2-3 weeks. As the Wine developers have not fixed the bug 52457 yet, I've now added a workaround in KeePass. Both KeePass 2.x and 1.x now detect whether they're currently running on Wine, and if so, use a slightly different approach for computing AES-KDF (resulting in correct keys, negligibly slower).
Here are the latest development snapshots for testing:
KeePass 2.x: https://keepass.info/filepool/KeePass_220414_2.zip
KeePass 1.x: https://keepass.info/filepool/KeePass_220414_1.zip
Thanks and best regards,
Dominik
Please excuse my late reply. I was on vacation.
Thanks for following up and adapting KeePass accordingly. I can confirm that the databases can be opened as intended (regardless of the setting concerning the native library).
FYI: The wine bug were fixed in 7.17.
Great; thanks for the info!