view release on metacpan or  search on metacpan

lib/File/KDBX.pm  view on Meta::CPAN

managers to store passwords so that users can know a single strong password and not have to reuse passwords
across different websites. See L</SECURITY> for an overview of security considerations.

=head1 ATTRIBUTES

=head2 sig1

=head2 sig2

=head2 version

=head2 headers

=head2 inner_headers

=head2 meta

=head2 binaries

=head2 deleted_objects

Hash of UUIDs for objects that have been deleted. This includes groups, entries and even custom icons.

=head2 raw

Bytes contained within the encrypted layer of a KDBX file. This is only set when using
L<File::KDBX::Loader::Raw>.

=head2 comment

A text string associated with the database stored unencrypted in the file header. Often unset.

=head2 cipher_id

The UUID of a cipher used to encrypt the database when stored as a file.

See L<File::KDBX::Cipher>.

=head2 compression_flags

Configuration for whether or not and how the database gets compressed. See
L<File::KDBX::Constants/":compression">.

=head2 master_seed

The master seed is a string of 32 random bytes that is used as salt in hashing the master key when loading
and saving the database. If a challenge-response key is used in the master key, the master seed is also the
challenge.

The master seed I<should> be changed each time the database is saved to file.

=head2 transform_seed

The transform seed is a string of 32 random bytes that is used in the key derivation function, either as the
salt or the key (depending on the algorithm).

The transform seed I<should> be changed each time the database is saved to file.

=head2 transform_rounds

The number of rounds or iterations used in the key derivation function. Increasing this number makes loading
and saving the database slower in order to make dictionary and brute force attacks more costly.

=head2 encryption_iv

The initialization vector used by the cipher.

The encryption IV I<should> be changed each time the database is saved to file.

=head2 inner_random_stream_key

The encryption key (possibly including the IV, depending on the cipher) used to encrypt the protected strings
within the database.

=head2 stream_start_bytes

A string of 32 random bytes written in the header and encrypted in the body. If the bytes do not match when
loading a file then the wrong master key was used or the file is corrupt. Only KDBX 2 and KDBX 3 files use
this. KDBX 4 files use an improved HMAC method to verify the master key and data integrity of the header and
entire file body.

=head2 inner_random_stream_id

A number indicating the cipher algorithm used to encrypt the protected strings within the database, usually
Salsa20 or ChaCha20. See L<File::KDBX::Constants/":random_stream">.

=head2 kdf_parameters

A hash/dict of key-value pairs used to configure the key derivation function. This is the KDBX4+ way to
configure the KDF, superceding L</transform_seed> and L</transform_rounds>.

=head2 generator

The name of the software used to generate the KDBX file.

=head2 header_hash

The header hash used to verify that the file header is not corrupt. (KDBX 2 - KDBX 3.1, removed KDBX 4.0)

=head2 database_name

Name of the database.

=head2 database_name_changed

Timestamp indicating when the database name was last changed.

=head2 database_description

Description of the database

=head2 database_description_changed

Timestamp indicating when the database description was last changed.

=head2 default_username

When a new entry is created, the I<UserName> string will be populated with this value.

=head2 default_username_changed