File-KDBX
view release on metacpan or search on metacpan
Revision history for File-KDBX.
0.906 2022-08-16 19:44:09-0600
* Fixed bug where dumping a fresh database could write wrong-sized encryption IV, making the resulting
serialization unreadable by some KeePass implementations. Thanks HIGHTOWE.
* Fixed bugs preventing the use of memory protection with fresh databases. Thanks HIGHTOWE.
* Fixed the transform_rounds method to work with Argon KDF; this now maps to the Argon iterations value if
the current KDF is Argon. Thanks HIGHTOWE.
0.905 2022-08-06 12:12:42-0600
* Declared Time::Local 1.19 as a required dependency.
* Declared CryptX 0.055 as a required dependency. Thanks HIGHTOWE.
* Fixed minor documentation errors.
0.904 2022-07-07 21:51:17-0600
* Use expanded title, username in OTP parameters.
The transform seed is a string of 32 random bytes that is used in the
key derivation function, either as the salt or the key (depending on
the algorithm).
The transform seed should be changed each time the database is saved to
file.
transform_rounds
The number of rounds or iterations used in the key derivation function.
Increasing this number makes loading and saving the database slower in
order to make dictionary and brute force attacks more costly.
encryption_iv
The initialization vector used by the cipher.
The encryption IV should be changed each time the database is saved to
file.
lib/File/KDBX.pm view on Meta::CPAN
=head2 transform_seed
The transform seed is a string of 32 random bytes that is used in the key derivation function, either as the
salt or the key (depending on the algorithm).
The transform seed I<should> be changed each time the database is saved to file.
=head2 transform_rounds
The number of rounds or iterations used in the key derivation function. Increasing this number makes loading
and saving the database slower in order to make dictionary and brute force attacks more costly.
=head2 encryption_iv
The initialization vector used by the cipher.
The encryption IV I<should> be changed each time the database is saved to file.
=head2 inner_random_stream_key
lib/File/KDBX/KDF/Argon2.pm view on Meta::CPAN
extends 'File::KDBX::KDF';
our $VERSION = '0.906'; # VERSION
sub salt { $_[0]->{+KDF_PARAM_ARGON2_SALT} or throw 'Salt is not set' }
sub seed { $_[0]->salt }
sub parallelism { $_[0]->{+KDF_PARAM_ARGON2_PARALLELISM} //= KDF_DEFAULT_ARGON2_PARALLELISM }
sub memory { $_[0]->{+KDF_PARAM_ARGON2_MEMORY} //= KDF_DEFAULT_ARGON2_MEMORY }
sub iterations { $_[0]->{+KDF_PARAM_ARGON2_ITERATIONS} //= KDF_DEFAULT_ARGON2_ITERATIONS }
sub version { $_[0]->{+KDF_PARAM_ARGON2_VERSION} //= KDF_DEFAULT_ARGON2_VERSION }
sub secret { $_[0]->{+KDF_PARAM_ARGON2_SECRET} }
sub assocdata { $_[0]->{+KDF_PARAM_ARGON2_ASSOCDATA} }
sub init {
my $self = shift;
my %args = @_;
return $self->SUPER::init(
KDF_PARAM_ARGON2_SALT() => $args{+KDF_PARAM_ARGON2_SALT} // $args{salt},
KDF_PARAM_ARGON2_PARALLELISM() => $args{+KDF_PARAM_ARGON2_PARALLELISM} // $args{parallelism},
KDF_PARAM_ARGON2_MEMORY() => $args{+KDF_PARAM_ARGON2_MEMORY} // $args{memory},
KDF_PARAM_ARGON2_ITERATIONS() => $args{+KDF_PARAM_ARGON2_ITERATIONS} // $args{iterations},
KDF_PARAM_ARGON2_VERSION() => $args{+KDF_PARAM_ARGON2_VERSION} // $args{version},
KDF_PARAM_ARGON2_SECRET() => $args{+KDF_PARAM_ARGON2_SECRET} // $args{secret},
KDF_PARAM_ARGON2_ASSOCDATA() => $args{+KDF_PARAM_ARGON2_ASSOCDATA} // $args{assocdata},
);
}
sub _transform {
my $self = shift;
my $key = shift;
my ($uuid, $salt, $iterations, $memory, $parallelism)
= ($self->uuid, $self->salt, $self->iterations, $self->memory, $self->parallelism);
if ($uuid eq KDF_UUID_ARGON2D) {
return argon2d_raw($key, $salt, $iterations, $memory, $parallelism, length($salt));
}
elsif ($uuid eq KDF_UUID_ARGON2ID) {
return argon2id_raw($key, $salt, $iterations, $memory, $parallelism, length($salt));
}
throw 'Unknown Argon2 type', uuid => $uuid;
}
1;
__END__
=pod
lib/File/KDBX/KDF/Argon2.pm view on Meta::CPAN
track record of L<File::KDBX::KDF::AES> and requires using the KDBX4+ file format.
=head1 ATTRIBUTES
=head2 salt
=head2 parallelism
=head2 memory
=head2 iterations
=head2 version
=head2 secret
=head2 assocdata
Get various KDF parameters.
C<version>, C<secret> and C<assocdata> are currently unused.
'AES KDF basically works';
like exception { $kdf1->transform("\2" x 33) }, qr/raw key must be 32 bytes/i,
'Transformation requires valid arguments';
};
subtest 'Argon2 KDF' => sub {
my $kdf1 = File::KDBX::KDF->new(
uuid => KDF_UUID_ARGON2D,
salt => "\2" x 32,
iterations => 2,
parallelism => 2,
);
my $r1 = $kdf1->transform("\2" x 32);
is $r1, "\352\333\247\347+x#\"C\340\224\30\316\350\3068E\246\347H\263\214V\310\5\375\16N.K\320\255",
'Argon2D KDF works';
my $kdf2 = File::KDBX::KDF->new(
uuid => KDF_UUID_ARGON2ID,
salt => "\2" x 32,
iterations => 2,
parallelism => 3,
);
my $r2 = $kdf2->transform("\2" x 32);
is $r2, "S\304\304u\316\311\202^\214JW{\312=\236\307P\345\253\323\313\23\215\247\210O!#F\16\1x",
'Argon2ID KDF works';
};
done_testing;
( run in 1.982 second using v1.01-cache-2.11-cpan-71847e10f99 )