can not restore from backup

[xinwu-yui]

I started using version 2.0.2. I added a few tokens to my phone. Exporting backups can be successful. However, I imported it on another phone and entered the correct password. After that, nothing happened (it should have been an error). Therefore, I debugged and found that there was no problem decrypting the masterkey. But when decrypting each token, an error is directly reported.

javax.crypto.AEADBadTagException: error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT at java.lang.reflect.Constructor.newInstance0(Native Method) at java.lang.reflect.Constructor.newInstance(Constructor.java:343) at com.android.org.conscrypt.OpenSSLAeadCipher.throwAEADBadTagExceptionIfAvailable(OpenSSLAeadCipher.java:320) at com.android.org.conscrypt.OpenSSLAeadCipher.doFinalInternal(OpenSSLAeadCipher.java:371) at com.android.org.conscrypt.OpenSSLCipher.engineDoFinal(OpenSSLCipher.java:374) at javax.crypto.Cipher.doFinal(Cipher.java:2056) at org.fedorahosted.freeotp.encryptor.EncryptedKey.decrypt(EncryptedKey.java:59) at org.fedorahosted.freeotp.TokenPersistence.restore(TokenPersistence.java:209) at org.fedorahosted.freeotp.main.Adapter.restoreTokens(Adapter.java:265) at org.fedorahosted.freeotp.main.Activity$5.onClick(Activity.java:404) at androidx.appcompat.app.AlertController$ButtonHandler.handleMessage(AlertController.java:167) at android.os.Handler.dispatchMessage(Handler.java:106) at android.os.Looper.loopOnce(Looper.java:201) at android.os.Looper.loop(Looper.java:288) at android.app.ActivityThread.main(ActivityThread.java:7872) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:548) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:936)

It is worth noting that. The error reported by entering the wrong password and restoring is the same. May I ask if it is because the key used for encryption during export was incorrect.

Please resolve it as soon as possible. I can debug it on my end. I can provide support.

[xinwu-yui]

After obtaining the master key, I ran the decryption of the token using idea. The above figure shows an error, which means that the encrypted token is likely to be incorrect, resulting in decryption failure

[juleskers]

Same symptoms for me.

I have backups created using the 2.0.4 version, that cannot be restored on my new phone.
I did not investigate logcat debugs, but the symptoms are the same: entering the correct password results in zero tokens appearing.

See also:

• Why is import/export still suggested when it doesn't work? #395 Why is import/export still suggested if it doesn't work
• Import not working #367 import not working
• Revise backup format to not consist of serialized Java objects #381 revise backup format not to use Java serialised objects
  • note: java serialisation is not guaranteed to be long-term stable, so this was a terrible implementation idea to begin with

This app has lost my faith. Using a known-unstable serialisation format for critical long-term backup means I no longer trust the developers to know what they are doing.

I you'll excuse me, I now need to manually recover 15 accounts that I thought were safely backed up.
(As the saying goes: it's not a backup until you've confirmed a restore is possible, sigh)

Edit to add: I am currently trialing FreeOTP+, a maintained fork with working backups (and better logo support), as well as Aegis. Aegis can actually import FreeOTP+ backups!

[BeeGrech]

didn't debug- but experiencing the exact same behavior for restore -- enter correct password, nothing happens