Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Binary keyfiles of 64 bytes are not handled correctly #835

Closed
oilarabla opened this issue Dec 31, 2020 · 4 comments
Closed

Binary keyfiles of 64 bytes are not handled correctly #835

oilarabla opened this issue Dec 31, 2020 · 4 comments
Labels
bug completed developments
Projects
KeePassDX_2.9.9

Comments

@oilarabla
Copy link

Describe the bug
When using a binary file of 64 bytes as a keyfile, databases generated by KeePass can't be opened using KeePassDX

To Reproduce
Steps to reproduce the behavior:

  1. Create a binary file (non UTF-8) of exactly 64 bytes length
  2. Create a new database using the above file as a keyfile using KeePass
  3. Try to open the database with KeePassDX (using the same keyfile and password, obviously)
  4. The database doesn't open

Expected behavior
The database should open correctly

Additional context
The code handling keyfiles of 64 bytes assumes it is a UTF-8 formatted hex string.
I don't know what it is supposed to do but from my testings, using AES for encryption and key derivation, it looks like the keyfile (of 64B) is hashed using SHA2-256 like keyfiles >64B
@oilarabla oilarabla added the bug label Dec 31, 2020
@J-Jamet
Copy link
Member

J-Jamet commented Jan 1, 2021
edited

Thank you for your issue. Unfortunately this functionality is not yet implemented in KeePassDX. I have to take the time to do it. I will plan it for future versions.

@J-Jamet J-Jamet added this to To do in KeePassDX_2.9.9 via automation Jan 1, 2021
@J-Jamet J-Jamet moved this from To do to In progress in KeePassDX_2.9.9 Jan 2, 2021
@J-Jamet
Copy link
Member

J-Jamet commented Jan 11, 2021

Sorry, I thought you were talking about something else.

I relied on the KeePass documentation, here : https://keepass.info/help/base/keys.html

  • 32 bytes. If the key file contains exactly 32 bytes, these are used as a 256-bit cryptographic key. This format requires the least disk space.

  • Hexadecimal. If the key file contains exactly 64 hexadecimal characters (0-9 and A-F, in UTF-8/ASCII encoding, one line, no spaces), these are decoded to a 256-bit cryptographic key.

  • Hashed. If a key file does not match any of the formats above, its content is hashed using a cryptographic hash function in order to build a key (typically a 256-bit key with SHA-256). This allows to use arbitrary files as key files.

So if the key file contains something other than these characters, it is normally hashed (3rd point).

@J-Jamet
Copy link
Member

J-Jamet commented Jan 11, 2021

It seems that the second point is not correct, I will recode it. We should also contact KeePassDroid because it is part of it.

@J-Jamet
Copy link
Member

J-Jamet commented Jan 11, 2021

After all of my testing it looks like the second condition is not included in KeePass2, I tested with a text file containing a key as shown, but it is recognized as a binary file. And if I directly create a file with 64 hexadecimal characters, it gives me a 32 bit file, so the first condition is called.
I'm just removing the second condition from the code as it just causes bugs ...

J-Jamet added a commit that referenced this issue Jan 11, 2021
@J-Jamet
Fix binary keyfiles of 64 bytes #835
3dfe4ac
@J-Jamet J-Jamet moved this from In progress to Done in KeePassDX_2.9.9 Jan 11, 2021
@J-Jamet J-Jamet closed this as completed Jan 15, 2021
@J-Jamet J-Jamet mentioned this issue Jan 16, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug completed developments
Projects
No open projects
KeePassDX_2.9.9
Done
Milestone
No milestone
Development

No branches or pull requests
2 participants
@J-Jamet @oilarabla