Install error - Uncaught Defuse\\Crypto\\Exception\\BadFormatException: Encoded data is shorter than expected

[wirerydr]

Steps to reproduce

1. Start a fresh install of development commit a076916
2. Continue the installation until you reach the Finalization page.
3. At the Finalization page, click <Launch>.

Expected behaviour

The finalization steps should complete successfully without any errors displayed or logged.

Actual behaviour

As shown in the screenshot below, checkmarks appeared beside all 3 finalization steps, but error "[ERROR] Answer from server is empty." was also displayed immediately to the left of the <Launch> button. The following error appeared in the Apache log:

[Fri Sep 01 14:29:54.266055 2017] [php7:notice] [pid 5657] [client 192.168.240.120:53747] PHP Fatal error:  Uncaught Defuse\\Crypto\\Exception\\BadFormatException: Encoded data is shorter than expected. in /opt/teampass/teampass__TEST__20170901-a076916/includes/libraries
/Encryption/Encryption/Encoding.php:168\nStack trace:\n#0 /opt/teampass/teampass__TEST__20170901-a076916/includes/libraries/Encryption/Encryption/Key.php(38): Defuse\\Crypto\\Encoding::loadBytesFromChecksummedAsciiSafeString('\\xDE\\xF0\\x00\\x00', false)\n#1 /opt/teampa
ss/teampass__TEST__20170901-a076916/install/install.queries.php(92): Defuse\\Crypto\\Key::loadFromAsciiSafeString(false)\n#2 /opt/teampass/teampass__TEST__20170901-a076916/install/install.queries.php(1043): encryptFollowingDefuse('test12345...', false)\n#3 {main}\n
  thrown in /opt/teampass/teampass__TEST__20170901-a076916/includes/libraries/Encryption/Encryption/Encoding.php on line 168, referer: https://www.example.com/tptest/install/install.php

NOTE: If <Restart> was immediately clicked without clearing out the database, the SK directory, etc., then the installation completed successfully. I snapshotted the file-tree for both the 1st and 2nd tries. There were two overall differences:

1. includes/config/settings.php was missing after the 1st try, but present after the 2nd try.
2. teampass-seckey.txt contained a different value.

Failure Screenshot

Server configuration

Operating system: Fedora 26 (x86_64)

Web server: Apache 2.4

Database: MariaDB 10.1

PHP version: 7.1

Teampass version: Development commit a076916

Teampass configuration file:

<?php
global $SETTINGS;
$SETTINGS = array (
    'max_latest_items' => '10',
    'enable_favourites' => '1',
    'show_last_items' => '1',
    'enable_pf_feature' => '0',
    'log_connections' => '0',
    'log_accessed' => '1',
    'time_format' => 'H:i:s',
    'date_format' => 'd/m/Y',
    'duplicate_folder' => '0',
    'item_duplicate_in_same_folder' => '0',
    'duplicate_item' => '0',
    'number_of_used_pw' => '3',
    'manager_edit' => '1',
    'cpassman_dir' => '/opt/teampass/teampass-test',
    'cpassman_url' => 'https://www.example.com/tptest',
    'favicon' => 'https://www.example.com/tptest/favicon.ico',
    'path_to_upload_folder' => '/opt/teampass/teampass-test/upload',
    'url_to_upload_folder' => 'https://www.example.com/tptest/upload',
    'path_to_files_folder' => '/opt/teampass/teampass-test/files',
    'url_to_files_folder' => 'https://www.example.com/tptest/files',
    'activate_expiration' => '0',
    'pw_life_duration' => '0',
    'maintenance_mode' => '1',
    'enable_sts' => '0',
    'encryptClientServer' => '1',
    'cpassman_version' => '2.1.27',
    'ldap_mode' => '0',
    'ldap_type' => '0',
    'ldap_suffix' => '0',
    'ldap_domain_dn' => '0',
    'ldap_domain_controler' => '0',
    'ldap_user_attribute' => '0',
    'ldap_ssl' => '0',
    'ldap_tls' => '0',
    'ldap_elusers' => '0',
    'ldap_search_base' => '0',
    'richtext' => '0',
    'allow_print' => '0',
    'roles_allowed_to_print' => '0',
    'show_description' => '1',
    'anyone_can_modify' => '0',
    'anyone_can_modify_bydefault' => '0',
    'nb_bad_authentication' => '0',
    'utf8_enabled' => '1',
    'restricted_to' => '0',
    'restricted_to_roles' => '0',
    'enable_send_email_on_user_login' => '0',
    'enable_user_can_create_folders' => '0',
    'insert_manual_entry_item_history' => '0',
    'enable_kb' => '0',
    'enable_email_notification_on_item_shown' => '0',
    'enable_email_notification_on_user_pw_change' => '0',
    'custom_logo' => '',
    'custom_login_text' => '',
    'default_language' => 'english',
    'send_stats' => '0',
    'send_statistics_items' => 'stat_country;stat_users;stat_items;stat_items_shared;stat_folders;stat_folders_shared;stat_admins;stat_managers;stat_ro;stat_mysqlversion;stat_phpversion;stat_teampassversion;stat_languages;stat_kb;stat_suggestion;stat_customfields;stat_api;stat_2fa;stat_agses;stat_duo;stat_ldap;stat_syslog;stat_stricthttps;stat_fav;stat_pf;',
    'send_stats_time' => '1501699323',
    'get_tp_info' => '1',
    'send_mail_on_user_login' => '0',
    'sending_emails' => '0',
    'nb_items_by_query' => 'auto',
    'enable_delete_after_consultation' => '0',
    'enable_personal_saltkey_cookie' => '0',
    'personal_saltkey_cookie_duration' => '31',
    'email_smtp_server' => '',
    'email_smtp_auth' => '',
    'email_auth_username' => '',
    'email_auth_pwd' => '',
    'email_port' => '',
    'email_security' => '',
    'email_server_url' => '',
    'email_from' => '',
    'email_from_name' => '',
    'pwd_maximum_length' => '40',
    'google_authentication' => '0',
    'delay_item_edition' => '0',
    'allow_import' => '0',
    'proxy_ip' => '',
    'proxy_port' => '',
    'upload_maxfilesize' => '10mb',
    'upload_docext' => 'doc,docx,dotx,xls,xlsx,xltx,rtf,csv,txt,pdf,ppt,pptx,pot,dotx,xltx',
    'upload_imagesext' => 'jpg,jpeg,gif,png',
    'upload_pkgext' => '7z,rar,tar,zip',
    'upload_otherext' => 'sql,xml',
    'upload_imageresize_options' => '1',
    'upload_imageresize_width' => '800',
    'upload_imageresize_height' => '600',
    'upload_imageresize_quality' => '90',
    'use_md5_password_as_salt' => '0',
    'ga_website_name' => 'TeamPass for ChangeMe',
    'api' => '0',
    'subfolder_rights_as_parent' => '0',
    'show_only_accessible_folders' => '0',
    'enable_suggestion' => '0',
    'otv_expiration_period' => '7',
    'default_session_expiration_time' => '60',
    'duo' => '0',
    'enable_server_password_change' => '0',
    'ldap_object_class' => '0',
    'bck_script_path' => '/opt/teampass/teampass-test/backups',
    'bck_script_filename' => 'bck_teampass',
    'syslog_enable' => '0',
    'syslog_host' => 'localhost',
    'syslog_port' => '514',
    'manager_move_item' => '0',
    'create_item_without_password' => '0',
    'otv_is_enabled' => '0',
    'agses_authentication_enabled' => '0',
    'item_extra_fields' => '0',
    'saltkey_ante_2127' => 'none',
    'migration_to_2127' => 'done',
    'files_with_defuse' => 'done',
    'timezone' => 'UTC'
);

Updated from an older Teampass or fresh install: Fresh Install

Client configuration

Browser: FireFox 55 (64-bit)

Operating system: Windows 10

Logs

Web server error log

See above in Actual Behaviour

[nilsteampassnet]

You are right, this error could happen randomly depending on what order is done some installation tasks. In your previous ticket, you have written that this error happens randomly .. this word was very important ;)
Let me explain. During this step of the installation, a set of tasks need to be performed.
Those tasks are put in a stack and executed. Meaning that potentially the tasks are not done in an expected order. So as I have added a dependency between 2 tasks, the error happens if taskB is performed before taskA.

I will commit a fix for it.

[wirerydr]

Tested 6 times against fresh installs of development commit 6bb32ae. Successful completion each time - no errors observed in the apache logs, and no error messages observed on the Finalization page after clicking <Launch>. Was able to login successfully as administrator each time after completing the install. Closing this issue.

Speaking as someone who started coding professionally in 1991, I absolutely hate bugs that appear to manifest randomly. Of-course they turn out to be quite predictable once their root-cause is finally determined, but that doesn't help much beforehand. Thanks for chasing this one down so quickly.

• WireRydr

[nilsteampassnet]

Thank you for feedback