Android client crashing on Unlock (works in login), connecting to server with self-signed certs

[alexlucasdev]

Describe the Bug

I'm connecting my Android client to a local network server with self-signed certs. Connecting by IP address or machine name, not FQDN. I can logout/login to the android app just fine, see my passwords, edit things, etc. But for some reason if I lock the app and then attempt to unlock it, I get a crash. Stack trace from ADB is:

2020-09-23 07:40:28.996 7611-7611/? E/AndroidRuntime: FATAL EXCEPTION: main
    Process: com.x8bit.bitwarden, PID: 7611
    android.runtime.JavaProxyThrowable: System.Exception: PBKDF2 iteration minimum is 5000.
      at Bit.Core.Services.CryptoService.MakeKeyAsync (System.String password, System.String salt, System.Nullable`1[T] kdf, System.Nullable`1[T] kdfIterations) [0x00087] in <9706884f9841497fa220cf8cf758b49b>:0 
      at Bit.App.Pages.LockPageViewModel.SubmitAsync () [0x0078a] in <27300ef8bf4f403aa2eec77652b94b93>:0 
      at Bit.App.Pages.LockPage.<Unlock_Clicked>b__17_1 () [0x00067] in <27300ef8bf4f403aa2eec77652b94b93>:0 
...

Steps To Reproduce

1. Environment: Bitwarden_RS server (not sure which server is relevant, but just in case) on local network. mkcert to create self-signed certs. No externally accessible domain name involved.

2. Install Android client, log in to local bitwarden server

3. Add some data, delete some data, sync, observe changes via web client if you want. Verify connection appears fine, user has logged in.

4. Lock client

5. Attempt to unlock client.

Expected Result

Unlocks app

Actual Result

Crashes app

Environment

Client:

• Pixel 4 XL
• Device: [e.g. iPhone6]
• Operating system: Android 11
• Build Version 2.6.0 (3162)]
• Is this a Beta release? [N]

Additional Context

Server:

• Bitwarden_RS
• Ubuntu 20.0.4

Misc:

• Accessed by IP/port (https://192.168.1.123:8005) or machine name (https://mypi:8005) , identical results
• certificates made with mkcert

[cscharf]

@callingshotgun , if you log in via the web vault, go to your settings page and then on that page under Encryption Key Settings, what are your KDF Iterations set at?

[alexlucasdev]

It's set to 100000 -- I've never touched that particular setting (relatively new account, didn't even know it was there).

Weird, though, since the mobile stack trace says minimum is 5000.
I'm comfortable with ADB, so if there's more detailed logging that would be helpful, just tell me log level and a rough idea of what to look for and I copy that to this thread.

[cscharf]

@callingshotgun , can you please try the same mobile client against our official cloud offering to ensure it's working there? Please try create a new, similar account and see if you're experiencing the same behavior. If it works against our official cloud release, please open an issue in the bitwarden_rs repo.

[alexlucasdev]

Did so, it turned out it was definitely on the Bitwarden_RS side. I was using the container tagged bitwardenrs/server:raspberry but that's no longer what should be used. As soon as I switched to bitwardenrs/server it worked. Closing the bug. Thanks all!