Thanks! Is 6.27.2 available in Play Store? For some reason Google doesn't show the latest version number when visiting the Play Store from a non-Android device..
Thanks. I'll send a PR to fix the V3 format doc.
According to Codex: PwsHeaderTypeV3.java (line 29) maps header field 0x12 / YUBICO to PwsStringUnicodeField. PwsRecordV3.java (line 278) then reads YUBICO as UTF-8 text. PwsStringUnicodeField.java (line 30) decodes raw bytes as UTF-8, and line 62 writes them back as UTF-8. But the C++ core treats that same field as binary: HDR_YUBI_SK == 0x12 PWSfileHeader.h (line 29) says YUBI_SK_LEN = 20 PWSfileV3.cpp (line 877) returns FAILURE if the decrypted HDR_YUBI_SK field length is not exactly 20 bytes....
@jeffharris I received a similar report from a user syncing between Android and Mac. The logging from the core library (same as used on Windows) seems to indicate that the password is verified correctly after which FAILURE error is returned, which seems to point to PWSfileV3.cpp (line 602): malformed HDR_VERSION length, around line 659 malformed HDR_UUID length, around line 679 malformed HDR_YUBI_SK length, around line 878 Could any of these apply?
Here are App Store links for the iOS and Mac versions. Both support Passkeys.
To learn more on passkey support for iOS/Mac: https://support.huvisoft.dev/hc/en-us/articles/33494755659668-Does-pwSafe-support-Passkeys
Indeed. And the design better allow registering more than 1 key (so one more XOR is needed to compensate for key differences) otherwise you'll loose access to the disk if the security key is lost/damaged/whatever.
Building on those ideas, it might be worth considering support for FIDO2 security keys via the hmac-secret extension. A few concrete benefits: Works with any FIDO2 key (YubiKey, SoloKey, Nitrokey, etc.), not tied to proprietary APIs like YubiKey challenge-response The credential/secret remains entirely inside the security key; VeraCrypt only receives a derived value Strong phishing resistance and origin binding: FIDO2 credentials are scoped and protected by the authenticator The protocol is relatively...