Error while decrypting the ciphertext provided to safeStorage.decryptString #239
Comments
|
Hi @Dryadxon, is still a problem with the news version? |
|
Unfortunately no, the bug is still there. |
Yeah, I tried all the steps listed in the link I gave you, including those, unfortunately it didn't change the situation, even using the |
|
This works with vscodium installed directly on host from the rpm package? |
|
It works when installed on the host, just tried it a few minutes ago. Both VSCodium and VSCode. |
|
I was able to reproduce the issue with the following minimal Electron app: const { app, safeStorage } = require('electron')
const fs = require('fs')
const decrypt = (path) => {
console.log('Decryption: START')
try {
const secret = fs.readFileSync(path)
const decrypted = safeStorage.decryptString(secret)
console.log(`The secret is: ${decrypted}`)
return true
} catch (e) {
console.error(e)
}
console.log('Decryption: STOP')
return false
}
const encrypt = (path) => {
console.log('Encryption: START')
const secret = safeStorage.encryptString('my secret')
fs.writeFileSync(path, secret)
console.log('Encryption: STOP')
}
app.whenReady().then(() => {
const path = './tmp.txt'
if (safeStorage.isEncryptionAvailable()) {
console.log(safeStorage.getSelectedStorageBackend())
if (!decrypt(path)) {
encrypt(path)
}
}
})So I can say with a bit of confidence that it's a problem of the Electron framework with flatpak. Unfortunately I can't figure out what the cause is, looking at the os_crypt_linux.cc implementation everything seems ok, and not everyone seems to have the same problem even though they also use Fedora Gnome. |
|
The only thing I can say for sure are these:
|
|
I think that OSCryptImpl::GetPasswordV11() may be the most likely cause, but I can't debug Chomium directly while running my Electron app despite countless attempts. I hope someone more experienced can help out. |
|
I've just experience the same issue and for the additional context - I've tried to decrypt encrypted string in the main process during Most likely Electron haven't loaded all the necessary system resource, so it can't correctly determine the password. See the comment above from @Dryadxon. Consider moving the code that decrypts secret value later in the Electron's life-cycle and that should work. At least it worked for me. |
I think so too, every log made after a service authentication (e.g.: Copilot, Codeium) reports
Could you share the suggested changes? |
|
@Dryadxon absolutely. My project is quite large, so I can't share all the code, but essentially here is what did not work for. In the 
Normally, you would expect that the So I had to pivot. At the moment I see two quick solutions:
In my case, I used the second option. |
For some reason neither of those worked on my machine, I even tried a timeout of 30sec, but still nothing, it fails to decrypt secrets and keeps generating a new password every time it is executed. |
|
I tried again to set |
ghost
mentioned this issue
|
Can people who were investigating this issue check if #319 fixed the issue ? |
Tested today, unfortunately it didn't solve it. VSCodium still fails to decrypt secrets with GNOME_LIBSECRET as the OSCrypt backend. |
VSCodium can't retrieve the secrets it stores with the new SecretStorage API, in my case the authentication code for Codeium.
I followed these steps, and from the logs, both before and after authentication, it appears that VSCode correctly recognizes GNOME, and libsecret, but still fails with error
Error while decrypting the ciphertext provided to safeStorage.decryptString.I also tried a clean setup, with no customization or override, in a new Gnome User, with only the extension for Codeium, but unfortunately nothing changed.
The error is also present with VSCode.
Operating System : Fedora 38.
DE: Gnome.
PS: Other applications, e.g. Tuba, don't have this problem, unfortunately I can't tell if it's only present with VSCode derivatie applications, or if it affects other Electron apps.
Possible related issues:
The text was updated successfully, but these errors were encountered: