Decrypting Locked Notes Outside Bear

I’m considering using Bear to store some sensitive info and looking into password protected/encrypted notes. Overall, they seem very well implemented which is par for the course with this amazing app :smile: However, I have a question regarding the portability of encrypted files.

My basic question is this. Is there a way to decrypt backed up password protected notes (.textbundle files) outside of Bear?

When performing a back up, password protected notes remain encrypted (which is great!). I tried to open a password protected .textbundle note from the backup in a basic markdown editor (MarkEdit) and the file opened but it was blank. However, I didn’t see a way to decrypt it. Is this just a limitation of my app? Do other apps (outside of Bear) allow you to enter the password to decrypt it? A quick google search didn’t reveal any info on decrypting a .textbundle file.

I have noticed that you can manually export a locked note as a .md file which will be unencrypted but I’d rather not have to take an extra step to manually export all my locked notes every time I back up. Plus, I’d prefer the note remain encrypted while backed up. I highly value Bear’s data portability so I want to avoid adding notes that will be unusable outside of Bear.

Nothing stops you restoring your bear backup into bear, and then exporting all locked notes at that point - so you’re not going to be without, in that sense. However, from memory, the encrypted note data resides inside an XML or similar file in the text bundle. From memory, it uses the Themis encryption library with AES-256-GCM mode, so you could probably write a script to do it entirely offline if necessary:

However, I’d argue that it’s easier to re-import to bear and export decrypted from there :slight_smile:

1 Like

That’s a fair point. Of course it can be unencrypted/exported from Bear itself. However, it does add an extra level of complexity and dependency on Bear versus the interoperability/portability of standard markdown files. I guess it’s partially comes down to the classic tension between security and convenience. However, it’s good to know that theoretically there’d be a way to decrypt using the encryption library. Thanks for the reply.

1 Like