Thanks for your work on this script.
I'm trying to decrypt an exported file from Google Authenticator app.
% uname -a
Linux wattpad 6.0.7-arch1-1 #1 SMP PREEMPT_DYNAMIC Thu, 03 Nov 2022 18:01:58 +0000 x86_64 GNU/Linux
% python -V
Python 3.10.8
% pip3 install cryptography
Defaulting to user installation because normal site-packages is not writeable
Requirement already satisfied: cryptography in /usr/lib/python3.10/site-packages (38.0.3)
Requirement already satisfied: cffi>=1.12 in /usr/lib/python3.10/site-packages (from cryptography) (1.15.1)
Requirement already satisfied: pycparser in /usr/lib/python3.10/site-packages (from cffi>=1.12->cryptography) (2.21)
% ./decrypt-2fas-backup.py mypass ~/Downloads/2fas-backup-20221107223516.2fas
Traceback (most recent call last):
File "/home/userspace/workspace/crypto/decrypt-2fas-backup/./decrypt-2fas-backup.py", line 51, in <module>
main()
File "/home/userspace/workspace/crypto/decrypt-2fas-backup/./decrypt-2fas-backup.py", line 46, in main
credentials_dec = aesgcm.decrypt(nonce, credentials_enc, None)
File "/usr/lib/python3.10/site-packages/cryptography/hazmat/primitives/ciphers/aead.py", line 210, in decrypt
return aead._decrypt(backend, self, nonce, data, [associated_data], 16)
File "/usr/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/aead.py", line 249, in _decrypt
raise InvalidTag
cryptography.exceptions.InvalidTag