# README
gokeepasslib
gokeepasslib is a library which allows reading Keepass 2 files (kdbx).
Note: only Keepass v2.30 or higher is properly supported since earlier versions do not allow empty XML tags but expected self-closing tags (which is valid XML but not really supported by Golang on XML marshaling) Basically: this lib can probably read most Keepass2 files, but only Keepass v2.30 can be expected to read files created in this lib.
Installing
Use go get to retrieve the latest version:
go get -u github.com/tobischo/gokeepasslib/v3@latest
For including it in your code:
import "github.com/tobischo/gokeepasslib/v3"
Example: reading a file
package main
import (
"fmt"
"github.com/tobischo/gokeepasslib/v3"
"os"
)
func main() {
file, _ := os.Open("examples/reading/example.kdbx")
db := gokeepasslib.NewDatabase()
db.Credentials = gokeepasslib.NewPasswordCredentials("abcdefg12345678")
_ = gokeepasslib.NewDecoder(file).Decode(db)
db.UnlockProtectedEntries()
// Note: This is a simplified example and the groups and entries will depend on the specific file.
// bound checking for the slices is recommended to avoid panics.
entry := db.Content.Root.Groups[0].Groups[0].Entries[0]
fmt.Println(entry.GetTitle())
fmt.Println(entry.GetPassword())
}
Note the db.UnlockProtectedEntries() call: you have to unlock protected entries before using the database
and call db.LockProtectedEntries() before saving it to ensure that the passwords are not stored in plaintext in the xml.
In kdbx files, which are encrypted using the file credentials, fields are protected with another stream cipher.
Example: writing a file
See examples/writing/example-writing.go
Example: deleting a file
See examples/deleting/example-deleting.go
TODO
- Improve code readability
- Write more tests
Contributing
Changelog
License
Copyright
Copyright © 2024 Tobias Schoknecht. All rights reserved.
# Functions
NewBinaryReference creates a new BinaryReference with the given name and id.
No description provided by the author
NewContent creates a new database content with some good defaults.
NewDatabase creates a new database with some sensable default settings in KDBX version 3.1.
NewDecoder creates a new decoder with reader r, identical to gokeepasslib.Decoder{r}.
NewEncoder creates a new encoder with writer w, identical to gokeepasslib.Encoder{w}.
NewEncrypterManager initialize a new EncrypterManager.
NewEntry return a new entry with time data and uuid set.
NewFileHeaders creates a new FileHeaders with good defaults.
NewGroup returns a new group with time data and uuid set.
NewHashes creates a new DBHashes based on the given header.
NewHeader creates a new Header with good defaults.
NewKDBX3FileHeaders creates a new FileHeaders with good defaults for KDBX3.
NewKDBX3Header creates a new Header with good defaults for KDBX3.
NewKDBX4FileHeaders creates a new FileHeaders with good defaults for KDBX4.
NewKDBX4Header creates a new Header with good defaults for KDBX4.
NewKeyCredentials builds a new DBCredentials from a key file at the path specified by location.
NewKeyDataCredentials builds a new DBCredentials from a key file in bytes.
NewMetaData creates a MetaData struct with some defaults set.
NewOptions creates new options with default values.
NewPasswordAndKeyCredentials builds a new DBCredentials from a password and the key file at the path specified by location.
NewPasswordAndKeyDataCredentials builds a new DBCredentials from a password and the key file in bytes.
NewPasswordCredentials builds a new DBCredentials from a Password string.
NewRootData returns a RootData struct with good defaults.
NewStreamManager initialize a new StreamManager.
NewTimeData returns a TimeData struct with good defaults (no expire time, all times set to now).
NewUUID returns a new randomly generated UUID.
ParseKeyData returns the hashed key from a key file in bytes, parsing xml if needed.
ParseKeyFile returns the hashed key from a key file at the path specified by location, parsing xml if needed.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
WithKDBXv31Binary can be passed to the Binaries.Add function as an option to ensure that the Binary will follow the KDBXv31 format.
WithKDBXv4Binary can be passed to the Binaries.Add function as an option to ensure that the Binary will follow the KDBXv4 format.
No description provided by the author
No description provided by the author
No description provided by the author
# Constants
ID for ARC4 protection, not implemented.
ID for ChaCha20 protection.
Gzip compression flag.
Inner header binary byte.
Inner header InnerRandomStreamID byte.
Inner header InnerRandomStreamKey byte.
Inner header terminator byte.
No compression flag.
ID for non-protection.
ID for Salsa20 protection.
# Variables
BaseSignature is the valid base signature for kdbx files.
CipherAES is the AES cipher ID.
CipherChaCha20 is the ChaCha20 cipher ID.
CipherTwoFish is the TwoFish cipher ID.
DefaultKDBX3Sig is the full valid default signature struct for new databases (Kdbx v3.1).
DefaultKDBX4Sig is the full valid default signature struct for new databases (Kdbx v4.0).
DefaultSig is the full valid default signature struct for new databases (Kdbx v3.1).
ErrEndOfHeaders is the error returned when end of headers is read.
ErrEndOfInnerHeaders is the error returned when the end of inner header is read.
ErrInvalidDatabaseOrCredentials is returned when the file cannot be read properly.
ErrInvalidUUIDLength is an error which is returned during unmarshaling if the UUID does not have 16 bytes length.
ErrUnsupportedEncrypterType is retured if no encrypter manager can be created due to an invalid length of EncryptionIV.
ErrUnsupportedStreamType is retured if no stream manager can be created due to an unsupported InnerRandomStreamID value.
KdfAES3 is the AES key derivation function ID for Kdbx v3.1.
KdfAES4 is the AES key derivation function ID for Kdbx v4.
KdfArgon2 is the Argon2 key derivation function ID.
SecondarySignature is the valid version signature for kdbx files.
# Structs
AutoTypeAssociation is a structure that store the keystroke sequence of a window for AutoTypeData.
AutoTypeData is a structure containing auto type settings of an entry.
Binary stores a binary found in the metadata header of a database.
BinaryReference stores a reference to a binary which appears in the xml of an entry.
No description provided by the author
CustomData is the structure for plugins custom data.
CustomIcon is the structure needed to store custom icons.
Database stores all contents necessary for a keepass database file.
DBContent is a container for all elements of a keepass database.
DBCredentials holds the key used to lock and unlock the database.
DBHashes stores the hashes of a Kdbx v4 database.
DBHeader is the header of a database.
DBOptions stores options for database decoding/encoding.
Decoder stores a reader which is expected to be in kdbx format.
DeletedObjectData is the structure for a deleted object.
Encoder is used to automaticaly encrypt and write a database to a file, network, etc.
EncrypterManager is the manager to handle an Encrypter.
Entry is the structure which holds information about a parsed entry in a keepass database.
ErrInvalidSignature is the error returned if the file signature is invalid.
FileHeaders contains every field of the header.
Group is a structure to store entries in their named groups for organization.
History stores information about changes made to an entry, in the form of a list of previous versions of that entry.
InnerHeader is the container of crypt options and binaries, only for Kdbx v4.
KdfParameters contains every field of the KdfParameters header field.
MemProtection is a structure containing settings for MemoryProtection.
MetaData is the structure for the metadata headers at the top of kdbx files, it contains things like the name of the database.
RootData stores the actual content of a database (all enteries sorted into groups and the recycle bin).
Signature holds the Keepass File Signature.
StreamManager is the manager to handle a Stream.
TimeData contains all metadata related to times for groups and entries e.g.
V is a wrapper for the content of a value, so that it can store whether it is protected.
ValueData is a structure containing key value pairs of information stored in an entry.
VariantDictionary is a structure used into KdfParameters and PublicCustomData.
VariantDictionaryItem is an item of a VariantDictionary.
# Type aliases
Binaries Stores a slice of binaries in the metadata header of a database This will be used only on KDBX 3.1 Since KDBX 4, binaries are stored into the InnerHeader.
BinaryOption is the option function type for use with Binary structs.
No description provided by the author
No description provided by the author
No description provided by the author
ErrRequiredAttributeMissing is returned if a required value is not given.
ErrUnknownHeaderID is the error returned if an unknown header is read.
ErrUnknownInnerHeaderID is the error returned if an unknown inner header is read.
ErrUnknownParameterID is the error returned if an unknown kdf parameter is read.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
UUID stores a universal identifier for each group+entry.