Support for Bitwarden Argon2id
0 vote
Hello Devolutions forum community,
Recently, we wanted to change the Key Derivation Function in Bitwarden to Argon2id (sorry, it's in German).
However, we quickly discovered, that the Bitwarden integration in the Remote Desktop Manager does not seem to support Argon2id yet.
In the application's logs, I could find the following error-entry:
PasswordManagerAccess.Common.CryptoException: MAC doesn't match. The vault is most likely corrupted. bei PasswordManagerAccess.Bitwarden.CipherString.DecryptAes256CbcHmacSha256(Byte[] key) bei PasswordManagerAccess.Bitwarden.CipherString.Decrypt(Byte[] key) bei PasswordManagerAccess.Bitwarden.Client.DecryptVault(Vault vault, Byte[] key) bei PasswordManagerAccess.Bitwarden.Client.OpenVaultCliApi(String clientId, String clientSecret, String password, String deviceId, String baseUrl, IRestTransport transport) bei PasswordManagerAccess.Bitwarden.Vault.Open(ClientInfoCliApi clientInfo, String baseUrl) bei Devolutions.RemoteDesktopManager.Managers.BitwardenManager.InitializeAPIKey(String clientId, String clientSecret, String password, String customUrl, Boolean isSilent) ------------------------ extended stack ------------------------ bei Devolutions.RemoteDesktopManager.Managers.LogManager.LogError(Exception e) bei Devolutions.RemoteDesktopManager.Managers.BitwardenManager.InitializeAPIKey(String clientId, String clientSecret, String password, String customUrl, Boolean isSilent) bei Devolutions.RemoteDesktopManager.Business.CredentialBitwardenResolver.Execute(Connection credConnection, Connection owner, CredentialRepositoryDestination destination) bei Devolutions.RemoteDesktopManager.Managers.CredentialTypeManager.ResolveCredentials(Connection connectionCredential, Connection owner, CredentialRepositoryDestination destination, CredentialResolveMode credentialResolveMode, Boolean resolveSensitive) bei Devolutions.RemoteDesktopManager.Managers.CredentialTypeManager.GetCredentialResolved(Connection connection, String credentialConnectionID, CredentialRepositoryDestination destination, CredentialResolveMode credentialResolveMode, Connection inheritingConnection, OpenConnectionParameter openConnectionParameters, CredentialsResult credentialsResult) bei Devolutions.RemoteDesktopManager.Managers.CredentialTypeManager.PrepareCredentials(Connection connection, String credentialConnectionID, CredentialRepositoryDestination destination, String privateVaultSearchString, CredentialResolveMode credentialResolveMode, Connection inheritingConnection, OpenConnectionParameter openConnectionParameters, CredentialsResult credentialsResult) bei Devolutions.RemoteDesktopManager.Managers.ConnectionManager.Prepare(Connection connection, Boolean applyCredentials, Boolean applyAlternate, Boolean applyVPN, Boolean copy, Boolean applyOverrideCredentials, Boolean isOverrideCredentials, CredentialResolveMode credentialResolveMode, OpenConnectionParameter openConnectionParameters, CredentialsResult credentialsResult, Boolean isClosing) bei Devolutions.RemoteDesktopManager.Managers.ConnectionManager.OpenConnection(Connection connection, OpenConnectionParameter parameter) bei Devolutions.RemoteDesktopManager.Managers.ConnectionManager.OpenConnections(Connection[] connectionList, OpenConnectionParameter parameter) bei Devolutions.RemoteDesktopManager.Managers.ActionManager.DoOpenConnection(Connection[] currentConnections, OpenConnectionMode openConnectionMode, IConnectionSource source, Dictionary`2 openingAttributes) bei Devolutions.RemoteDesktopManager.Managers.ActionManager.OpenConnections(Connection[] currentConnections, OpenConnectionMode openConnectionMode, IConnectionSource source, Boolean checkOpenedConnection) bei Devolutions.RemoteDesktopManager.Frames.ConnectionViews.FreConnectionTreeListView.OpenOnDoubleClick(Boolean isEmbedded) bei Devolutions.RemoteDesktopManager.Frames.ConnectionViews.FreConnectionTreeListView.<>c__DisplayClass225_0.<OnDoubleClick>b__0() bei Devolutions.RemoteDesktopManager.Managers.ThreadManager.PushTimer_Tick(Object sender, EventArgs e) bei System.Windows.Forms.Timer.OnTick(EventArgs e) bei System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message& m) bei System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam) bei System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg) bei System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg) bei System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr dwComponentID, Int32 reason, Int32 pvLoopData) bei System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context) bei System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context) bei Devolutions.RemoteDesktopManager.Program.Main(String[] args)
Would it be possible to add support for it if Argon2id is the issue?
In case you need any further information, feel free to contact me.
Thanks in advance,
Tristan Rienow
grafik.png
All Comments (7)
Hello Tristan,
Thank you for contacting us.
I have moved your request to the feature request section, the engineering will have a look at it next week, since it is a Holiday for us today.
Best regards,
Richard Boisvert
Hello Richard,
Thank you very much and enjoy your holiday!
-Tristan
Hello,
I also have contacted the developer in charge of the Bitwarden implementation. This is definitively something we will try to do if it's possible.
Regards
David Hervieux
Hi David.
Any news regarding this topic?
Thanks!
Hello,
Argon2id support for Bitwarden will be available with our next minor version (2023.2.20), we are hoping to release it this week.
Regards,
Hubert Mireault
Thank you very much for your support, it works flawlessly.
-Tristan
Glad to hear it. If you need anything else, let us know.
Regards,
Hubert Mireault