Bad sigs

[yamatt]

Hi guys, first of all great work on this project. I know it's not been worked on for a little while but it's the only module like it that I have found.

When I open my example blank database I created with the latest KeePass program I get the below error:

./keepassc.py open blank.kdbx 
Traceback (most recent call last):
  File "./keepassc.py", line 16, in <module>
    cliobj()
  File "./python/keepass/cli.py", line 86, in __call__
    meth(cmdopts)
  File "./python/keepass/cli.py", line 151, in _open
    self.db = kpdb.Database(files[0],opts.masterkey)
  File "./python/keepass/kpdb.py", line 36, in __init__
    self.read(filename)
  File "./python/keepass/kpdb.py", line 50, in read
    self.header = DBHDR(headbuf)
  File "./python/keepass/header.py", line 79, in __init__
    if buf: self.decode(buf)
  File "./python/keepass/header.py", line 130, in decode
    raise IOError,msg
IOError: Bad sigs:
2594363651 3041655653
2594363651 3041655655

I presume the sigs that need to be changed are in the header.py file but I was kind of hoping for a plug and play solution so I'm not sure what needs to be done. Any help would be greatly appreciated.

[brettviren]

Hi Matt,

This code operates on KeePass files in v3 file format only. Such files are produced by KeePass 1 and KeePassX. The .kdbx files made by KeePass 2 are in some totally different format. I have no plans to ever add support for this format.

I've never used KeePass (neither version 1 nor 2, actually) but you could check if it can save your DB in this old v3 file format. Or maybe there is some 3rd format shared by both KeePass 2 and either KeePass 1 or KeePassX that would let you finally convert to the v3 format.

-Brett.

[yamatt]

Hey @brettviren I just checked and the latest keepass2 GUI program doesn't seem to allow you to save to another version of the database. Not sure what's going on here.

[smarthall]

I believe KeePass V2 allows you to save databases in the KeePass V1 format using the Export option, on the file menu.

[yamatt]

Thanks @smarthall I shall hunt down that option.

[yamatt]

So I found the option unfortunately it is only available on Windows platforms (for some reason) so I was unable to try it.

[haridsv]

Hi Brett,

In my case, decryption itself is failing and wondering if this format should have been recognized or not. I created the file using KeepPassX on Mac, and file reports this:

Keepass password database 1.x KDB, 48 groups, 773 entries, 6000 key transformation rounds

BTW, I don't like typing passwords on the command-line where they can be accidentally seen (and can get into the shell history), so I suggest reading it when one is not specified. In my case, I just used a quick hack to workaround like this:

diff --git a/python/keepass/cli.py b/python/keepass/cli.py
index bdfb022..fd58d21 100644
--- a/python/keepass/cli.py
+++ b/python/keepass/cli.py
@@ -11,6 +11,7 @@ Command line interface to manipulating keepass files
 # later version.

 import sys
+import getpass

 class Cli(object):
     '''
@@ -148,7 +149,7 @@ class Cli(object):
         except IndexError:
             print "No database file specified"
             sys.exit(1)
-        self.db = kpdb.Database(files[0],opts.masterkey)
+        self.db = kpdb.Database(files[0],opts.masterkey or getpass.getpass())
         self.hier = self.db.hierarchy()
         return

[brettviren]

Hi haridsv.

I think you have some other file format. Using one of my KeePassX files I get:

$ file junk.kdb 
junk.kdb: DBase 3 data file

As for hiding passwords from shell history you can simply preface your command line with a space. At least in Bash 4.1.2 I see that feature.

But, if you want to make a pull request with your change I'll merge it in.

[haridsv]

As per their FAQ at http://www.keepassx.org/faq/#q_2, they are using what is called KeePass 1.x (Classic) format (and I am using their KeePassX 0.x release, not the newer 2.x release). This is also compatible with the MiniKeePass on iOS and KeePassDroid on Android (I sync the same file via Dropbox). What program to you use to create your kdb file?

The change I made is a quick hack, which doesn't account for the fact that you could have databases with no passwords. I will think of a way to allow both and send a pull request.

BTW, I am aware of the bash feature to skip history, but I don't think many people are aware of it, and I still don't prefer using it for the fact that it is still visible on the screen for sometime :)

[brettviren]

There might be some confusion here over KeePass vs. KeePassX versions and the various versions of the database file formats.

This package handles keepass file format v3. This is used by KeePassX 0.4.3 at least (this is the version I use now). I've never used anything else but KeePassX and only up to 0.4.3. I think there is an effort to rewrite KeePassX but I've not looked into it nor know what it's version numbers look like. The "non-X" KeePass is a whole different package which I have not even tried to run.

Given the use of similar or same names in this space I would not be surprised if saying "keepass file format v3" is still ambiguous. But, that's all I know how to describe what python-keepass supports.

HTH.

[haridsv]

Interestingly, that is exactly the same application and version I am using:

Looks like my file should have been supported, so could this be a bug in python-keepass then?

[brettviren]

Hmm, okay our differing output from file could mean that your "magic" file that file uses as its lookup could have better support for KDB files than mine. Although the reporting of version "1.x" confuses me. I think that might refer to the KeePass (not-X) application version number.

I don't know why python-keepass is not decrypting your file. Maybe you can make and post a sample file which fails for you and I could see if I can reproduce it.

[openhoat]

Hi,

Got the same problem with a new fresh sample Keepass db (created from scratch with KeePass 2.30).

$ keepassc.py open -m "aa" ~/NewDatabase.kdbx
Traceback (most recent call last):
File "/usr/bin/keepassc.py", line 4, in
import('pkg_resources').run_script('python-keepass==1.0', 'keepassc.py')
File "/usr/lib/python2.7/site-packages/pkg_resources/init.py", line 735, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/usr/lib/python2.7/site-packages/pkg_resources/init.py", line 1659, in run_script
exec(script_code, namespace, namespace)
File "/usr/lib/python2.7/site-packages/python_keepass-1.0-py2.7.egg/EGG-INFO/scripts/keepassc.py", line 14, in

File "build/bdist.linux-x86_64/egg/keepass/cli.py", line 86, in call
File "build/bdist.linux-x86_64/egg/keepass/cli.py", line 151, in _open
File "build/bdist.linux-x86_64/egg/keepass/kpdb.py", line 38, in init
File "build/bdist.linux-x86_64/egg/keepass/kpdb.py", line 52, in read
File "build/bdist.linux-x86_64/egg/keepass/header.py", line 82, in init
File "build/bdist.linux-x86_64/egg/keepass/header.py", line 146, in decode
IOError: Bad sigs:
2594363651 3041655653
2594363651 3041655655

OS : Fedora 23
NewDatabase.kdbx.zip

[brettviren]

.kdbx is not a supported format.