Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Test if database is open #5

Closed
piegamesde opened this issue May 8, 2019 · 11 comments
Closed

Test if database is open #5

piegamesde opened this issue May 8, 2019 · 11 comments

Comments

@piegamesde
Copy link
Contributor

I use a variation of the test.py script to retrieve some passwords. But when the database is closed, it simply throws a generic keepassxc_browser.protocol.ProtocolError: Database not opened somewhere in the code.

I'd like to have the ability to cleanly check if the database is open before starting to retrieve passwords (ideally without requiring identification).
@hrehfeld
Copy link
Owner

hrehfeld commented May 8, 2019 via email

@piegamesde
Copy link
Contributor Author

test.py is already pretty minimal (note that I commented out line 18).

If I run it when the database is closed c.test_associate(id) in line 20 will return false. This will cause c.associate(id) in line 21 to throw a protocol error.

I'd like to add something like if c.is_open(): to abort the whole process if the database is locked.

@Phidica
Copy link
Contributor

Phidica commented May 8, 2019

You can use get_database_hash() to test if the database is open. ie,

try:
    c.get_database_hash(id)
except ProtocolError as ex:
    print(ex) # "Database not opened"
    exit(1)

@piegamesde
Copy link
Contributor Author

Hm, I commented the database hash part out because when I run this and the database is open, I get

>>> c.get_database_hash(id)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python3.7/site-packages/keepassxc_browser/protocol.py", line 198, in get_database_hash
    resp_message = self.send_encrypted_command(identity, command)
  File "/usr/lib/python3.7/site-packages/keepassxc_browser/protocol.py", line 172, in send_encrypted_command
    resp = self.send_command(identity, command, nonce, next_nonce)
  File "/usr/lib/python3.7/site-packages/keepassxc_browser/protocol.py", line 166, in send_command
    raise ProtocolError(resp['error'])
keepassxc_browser.protocol.ProtocolError: Cannot decrypt message

Don't know if this is related.

@Phidica
Copy link
Contributor

Phidica commented May 8, 2019

Hm, I haven't seen that error before. Even if the access key hasn't been associated to the database we should be able to read the response to this request. What version of KeePassXC are you using?

@piegamesde
Copy link
Contributor Author 

KeePassXC - Version 2.4.1
Revision: 7bafe65

Qt 5.12.3
Debugging mode is disabled.

Operating system: Antergos Linux
CPU architecture: x86_64
Kernel: linux 5.0.13-arch1-1-ARCH

Enabled extensions:
- Auto-Type
- Browser Integration
- SSH Agent
- KeeShare (signed and unsigned sharing)
- YubiKey

Cryptographic libraries:
 libgcrypt 1.8.4

@Phidica
Copy link
Contributor

Phidica commented May 8, 2019

Ah, you're using a much newer version of KeePassXC than I am. Perhaps the interface has changed... It looks like that error message actually means KeePassXC couldn't decrypt the message we had sent, not that we couldn't read its response.

As a workaround, you can also put the try / except block on the associate() command:

if not c.test_associate(id):
    try:
        associated_name = c.associate(id)
    except ProtocolError as ex:
        print(ex)
        exit(1)

@piegamesde
Copy link
Contributor Author

I think

try:
    c.get_database_hash(id)
except ProtocolError as ex:
    print(ex) # "Database not opened"
    exit(1)

solves my issue, but I'd be happy to have a convenience method to do this for me.

@piegamesde piegamesde mentioned this issue May 8, 2019
Closed
@piegamesde
Copy link
Contributor Author

I cannot import ProtocolError:

Traceback (most recent call last):
  File "keepassxc.py", line 2, in <module>
    from keepassxc_browser import Connection, Identity, ProtocolError
ImportError: cannot import name 'ProtocolError' from 'keepassxc_browser' (~/.local/lib/python3.7/site-packages/keepassxc_browser/__init__.py)

My code:

try:
    print(c.get_database_hash(id))
except ProtocolError as ex:
    print("Database not opened")

@Phidica
Copy link
Contributor

Phidica commented May 21, 2019

Ah, right, ProtocolError isn't available in the same way the classes are. You need a separate import line:

 from keepassxc_browser.protocol import ProtocolError

@piegamesde
Copy link
Contributor Author

It works now as expected, thanks.

@Phidica Phidica mentioned this issue May 21, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hrehfeld @Phidica @piegamesde