Project

General

Profile

Actions

Bug #14060

closed

Auto Config Backup prints a confusing decryption error when using the wrong key

Added by Jordan G almost 2 years ago. Updated over 1 year ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Auto Configuration Backup
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
23.05
Release Notes:
Default
Affected Version:
Affected Architecture:
All

Description

Enable auto config backup from the menu after entering (any) password, save, then disable (uncheck) "Enable ACB" and save on settings tab. Go to restore tab and enter a device key from different system and click submit. Backups are visible from device which key originated, "Restore this revision" and "show info" buttons do not produce desired effect. Attempting to restore produces the following output, we have identified that the initial SHA256 value in the latter part of the returned error is consistent across devices
<SHA256 values do not match, cannot restore. 116b898ea650a7cb25b3822c3709051ae25d27ce320b5bb8cab6a9e002b87860>


Files

ACBunder50characters.png (94.6 KB) ACBunder50characters.png Jordan G, 03/01/2023 09:45 PM
ACBunder50characters1.png (145 KB) ACBunder50characters1.png Jordan G, 03/01/2023 09:45 PM
Actions #1

Updated by Jim Pingle almost 2 years ago

  • Status changed from New to In Progress
  • Assignee set to Jim Pingle
  • Target version set to 2.7.0
  • Private changed from Yes to No
  • Plus Target Version set to 23.05
  • Affected Plus Version changed from 23.05 to 23.01

It just can't decrypt the config because it isn't using the right encryption key. If you set the correct key then you can view and restore from the other system. Though the error checking isn't reporting that properly, so it could be improved there.

I have a fix.

Actions #2

Updated by Jim Pingle almost 2 years ago

  • Status changed from In Progress to Feedback
  • % Done changed from 0 to 100
Actions #3

Updated by Jordan G almost 2 years ago

that looks better, when I do the same thing I get the following now with that patch applied to 23.01
__
The following input errors were detected:

Could not decrypt config.xml. Check the encryption key and try again: Could not decrypt. Different encryption key?__
Actions #4

Updated by Georgiy Tyutyunnik almost 2 years ago

Tested on:
Version 23.01-RELEASE (amd64)
built on Fri Feb 10 20:06:33 UTC 2023
FreeBSD 14.0-CURRENT

patch resolves the issue

Actions #5

Updated by Jim Pingle over 1 year ago

  • Status changed from Feedback to Resolved
Actions #6

Updated by Jim Pingle over 1 year ago

  • Project changed from pfSense Packages to pfSense
  • Subject changed from Auto Config Backup - decrypted config.xml is under 50 characters to Auto Config Backup prints a confusing decryption error when using the wrong key
  • Category changed from AutoConfigBackup to Auto Configuration Backup
  • Affected Plus Version deleted (23.01)
  • Release Notes set to Default
Actions

Also available in: Atom PDF