Desktop app reports: [Encrypt service] decryptToUtf8 MAC comparison failed. Key or payload has changed. Key type

Ask the Community Password Manager
, ,
1

tl;dr I’d just like to know if there’s some action I should take, if this seems concerning, or it just looks like an already-known/common bug.

I’m seeing the following line output from bitwarden desktop app:

Feb 28 22:16:21 myhost bitwarden.desktop[8956]: 22:16:21.311 › [Encrypt service] decryptToUtf8 MAC comparison failed. Key or payload has changed. Key type AesCbc256_HmacSha256_B64Payload type AesCbc256_HmacSha256_B64 Decrypt context: no context
Feb 28 22:16:21 myhost bitwarden.desktop[8956]: 22:16:21.335 › [Encrypt service] decryptToUtf8 MAC comparison failed. Key or payload has changed. Key type AesCbc256_HmacSha256_B64Payload type AesCbc256_HmacSha256_B64 Decrypt context: no context

Seems to be this exact line checking cryptoFunctionService.compareFast(...) response:

  async decryptToUtf8(
    encString: EncString,
    key: SymmetricCryptoKey,
    decryptContext: string = "no context",
  ): Promise<string> {
    if (key == null) {
      throw new Error("No key provided for decryption.");
    }

    // ...snipped for brevity...

    if (fastParams.macKey != null && fastParams.mac != null) {
      const computedMac = await this.cryptoFunctionService.hmacFast(
        fastParams.macData,
        fastParams.macKey,
        "sha256",
      );
      const macsEqual = await this.cryptoFunctionService.compareFast(fastParams.mac, computedMac);
      if (!macsEqual) {
        this.logMacFailed(
          "[Encrypt service] decryptToUtf8 MAC comparison failed. Key or payload has changed. Key type " +
            encryptionTypeName(key.encType) +
            "Payload type " +
            encryptionTypeName(encString.encryptionType) +
            " Decrypt context: " +
            decryptContext,
        );
        return null;
      }
    }

    return await this.cryptoFunctionService.aesDecryptFast({ mode: "cbc", parameters: fastParams });
  }

At the time these logs output (I was watching logs for some other reason) bitwarden desktop app was up, but it was locked and not the currently focused window, so I wasn’t interacting with it.

some system/environment info:

  • bitwarden desktop → help → about
    • Version 2025.2.0
    • SDK main (28c7e29)
    • Shell 34.2.0
    • Renderer 132.0.6834.196
    • Node 20.18.2
    • Architecture x64
  • desktop app is currently logged in and working well (but was locked, as I said)
    • account: older and now the web UI for vault gives me warnings about “low KDF iterations” but I’m guessing that’s unrelated.
  • OS/environment: nixos + gnome 47; /etc/lsb-release says:
DISTRIB_CODENAME=warbler
DISTRIB_DESCRIPTION="NixOS 25.05 (Warbler)"
DISTRIB_ID=nixos
DISTRIB_RELEASE="25.05"
LSB_VERSION="25.05 (Warbler)"
2

guessing from this title “trace for decrypt failures”, the “failures” must somewhat common. Still I’m curious to learn more (particularly if anyone here has more crypto/eng background to explain some more).

3

Here some info to that part: Low KDF Iterations | Bitwarden Help Center

For the rest, I would dare to ping @Quexten

PS: I changed the category from “Feature Request” to “Ask the Community”. (and had to choose an OS tag for that, and chose “linux”)

4

The error means that either the encrypted item or the key used to encrypt it chnaged. This could for instance mean that you have some local state (an encrypted access token), that was encrypted with e.g. the account symmetric key (userkey); the userkey was rotated; and the local state was never cleared.

The trace was added to help debug these kinds of failures, should customers encounter them, since the current format encrypted items are stored. Since the trace shows “no context”, this must be one of the many non-hotpaths that did not have a context trace added yet.

Does your browser console show the same error when logging into the web vault? If not, clearing your local state from the desktop app, and clearing anything in your secrets sevice (I’m not sure which is used on NixOS, something like gnome-keyring/kwallet), should fix the issue.

5

I’m still suffering from this noisy log and do not know how to solve it.

Bitwarden-Desktop Version 2025.3.1
 SDK 'main (50f5a17)'
 Shell 34.0.0
 Renderer 132.0.6834.83
 Node 20.18.1
 Architecture arm64

bitwarden-cli
 2025.2.0

MacOS
 Appmle M1 Pro 
 Sonoma 14.6.1