]>
Dogcows Code - chaz/p5-File-KDBX/blob - lib/File/KDBX/Key/File.pm
1 package File
::KDBX
::Key
::File
;
7 use Crypt
::Digest
qw(digest_data);
8 use Crypt
::Misc
0.029 qw(decode_b64 encode_b64);
9 use Crypt
::PRNG
qw(random_bytes);
10 use File
::KDBX
::Constants
qw(:key_file);
11 use File
::KDBX
::Error
;
12 use File
::KDBX
::Util
qw(:class :erase trim);
13 use Ref
::Util
qw(is_ref is_scalarref);
14 use Scalar
::Util
qw(openhandle);
15 use XML
::LibXML
::Reader
;
18 extends
'File::KDBX::Key';
20 our $VERSION = '0.901'; # VERSION
23 has 'type', is => 'ro';
24 has 'version', is => 'ro';
25 has 'filepath', is => 'ro';
28 sub init
{ shift-
>load(@_) }
32 my $primitive = shift // throw
'Missing key primitive';
37 if (openhandle
($primitive)) {
38 seek $primitive, 0, 0; # not using ->seek method so it works on perl 5.10
39 my $buf = do { local $/; <$primitive> };
41 $cleanup = erase_scoped
$data;
43 elsif (is_scalarref
($primitive)) {
46 elsif (defined $primitive && !is_ref
($primitive)) {
47 open(my $fh, '<:raw', $primitive)
48 or throw
"Failed to open key file ($primitive)", filepath
=> $primitive;
49 my $buf = do { local $/; <$fh> };
51 $cleanup = erase_scoped
$data;
52 $self->{filepath
} = $primitive;
55 throw
'Unexpected primitive type', type
=> ref $primitive;
59 if (substr($$data, 0, 120) =~ /<KeyFile>/
60 and my ($type, $version) = $self->_load_xml($data, \
$raw_key)) {
61 $self->{type
} = $type;
62 $self->{version
} = $version;
63 $self->_set_raw_key($raw_key);
65 elsif (length($$data) == 32) {
66 $self->{type
} = KEY_FILE_TYPE_BINARY
;
67 $self->_set_raw_key($$data);
69 elsif ($$data =~ /^[A-Fa-f0-9]{64}$/) {
70 $self->{type
} = KEY_FILE_TYPE_HEX
;
71 $self->_set_raw_key(pack('H64', $$data));
74 $self->{type
} = KEY_FILE_TYPE_HASHED
;
75 $self->_set_raw_key(digest_data
('SHA256', $$data));
84 $self->init($self->{filepath
}) if defined $self->{filepath
};
94 my $raw_key = $args{raw_key
} // $self->raw_key // random_bytes
(32);
95 push @cleanup, erase_scoped
$raw_key;
96 length($raw_key) == 32 or throw
'Raw key must be exactly 256 bits (32 bytes)', length => length($raw_key);
98 my $type = $args{type
} // $self->type // KEY_FILE_TYPE_XML
;
99 my $version = $args{version
} // $self->version // 2;
100 my $filepath = $args{filepath
} // $self->filepath;
102 my $atomic = $args{atomic
} // 1;
105 if (!openhandle
($fh)) {
106 $filepath or throw
'Must specify where to safe the key file to';
110 ($fh, $filepath_temp) = eval { File
::Temp
::tempfile
("${filepath}-XXXXXX", UNLINK
=> 1) };
111 if (!$fh or my $err = $@) {
112 $err //= 'Unknown error';
113 throw
sprintf('Open file failed (%s): %s', $filepath_temp, $err),
115 filepath
=> $filepath_temp;
119 open($fh, '>:raw', $filepath) or throw
"Open file failed ($filepath): $!", filepath
=> $filepath;
123 if ($type == KEY_FILE_TYPE_XML
) {
124 $self->_save_xml($fh, $raw_key, $version);
126 elsif ($type == KEY_FILE_TYPE_BINARY
) {
129 elsif ($type == KEY_FILE_TYPE_HEX
) {
130 my $hex = uc(unpack('H*', $raw_key));
131 push @cleanup, erase_scoped
$hex;
135 throw
"Cannot save $type key file (invalid type)", type
=> $type;
140 if ($filepath_temp) {
141 my ($file_mode, $file_uid, $file_gid) = (stat($filepath))[2, 4, 5];
143 my $mode = $args{mode
} // $file_mode // do { my $m = umask; defined $m ? oct(666) &~ $m : undef };
144 my $uid = $args{uid
} // $file_uid // -1;
145 my $gid = $args{gid
} // $file_gid // -1;
146 chmod($mode, $filepath_temp) if defined $mode;
147 chown($uid, $gid, $filepath_temp);
148 rename($filepath_temp, $filepath)
149 or throw
"Failed to write file ($filepath): $!", filepath
=> $filepath;
153 ##############################################################################
160 my ($version, $hash, $data);
162 my $reader = XML
::LibXML
::Reader-
>new(string
=> $$buf);
163 my $pattern = XML
::LibXML
::Pattern-
>new('/KeyFile/Meta/Version|/KeyFile/Key/Data');
165 while ($reader->nextPatternMatch($pattern) == 1) {
166 next if $reader->nodeType != XML_READER_TYPE_ELEMENT
;
167 my $name = $reader->localName;
168 if ($name eq 'Version') {
169 $reader->read if !$reader->isEmptyElement;
170 $reader->nodeType == XML_READER_TYPE_TEXT
171 or alert
'Expected text node with version', line
=> $reader->lineNumber;
172 my $val = trim
($reader->value);
174 and alert
'Overwriting version', previous
=> $version, new
=> $val, line
=> $reader->lineNumber;
177 elsif ($name eq 'Data') {
178 $hash = trim
($reader->getAttribute('Hash')) if $reader->hasAttributes;
179 $reader->read if !$reader->isEmptyElement;
180 $reader->nodeType == XML_READER_TYPE_TEXT
181 or alert
'Expected text node with data', line
=> $reader->lineNumber;
182 $data = $reader->value;
183 $data =~ s/\s+//g if defined $data;
187 return if !defined $version || !defined $data;
189 if ($version =~ /^1\.0/ && $data =~ /^[A-Za-z0-9+\/=]+$/) {
190 $$out = eval { decode_b64
($data) };
192 throw
'Failed to decode key in key file', version
=> $version, data
=> $data, error
=> $err;
194 return (KEY_FILE_TYPE_XML
, $version);
196 elsif ($version =~ /^2\.0/ && $data =~ /^[A-Fa-f0-9]+$/ && defined $hash && $hash =~ /^[A-Fa-f0-9]+$/) {
197 $$out = pack('H*', $data);
198 $hash = pack('H*', $hash);
199 my $got_hash = digest_data
('SHA256', $$out);
200 $hash eq substr($got_hash, 0, length($hash))
201 or throw
'Checksum mismatch', got
=> $got_hash, expected
=> $hash;
202 return (KEY_FILE_TYPE_XML
, $version);
205 throw
'Unexpected data in key file', version
=> $version, data
=> $data;
212 my $version = shift // 2;
216 my $dom = XML
::LibXML
::Document-
>new('1.0', 'UTF-8');
217 my $doc = XML
::LibXML
::Element-
>new('KeyFile');
218 $dom->setDocumentElement($doc);
219 my $meta_node = XML
::LibXML
::Element-
>new('Meta');
220 $doc->appendChild($meta_node);
221 my $version_node = XML
::LibXML
::Element-
>new('Version');
222 $version_node->appendText(sprintf('%.1f', $version));
223 $meta_node->appendChild($version_node);
224 my $key_node = XML
::LibXML
::Element-
>new('Key');
225 $doc->appendChild($key_node);
226 my $data_node = XML
::LibXML
::Element-
>new('Data');
227 $key_node->appendChild($data_node);
229 if (int($version) == 1) {
230 my $b64 = encode_b64
($raw_key);
231 push @cleanup, erase_scoped
$b64;
232 $data_node->appendText($b64);
234 elsif (int($version) == 2) {
235 my @hex = unpack('(H8)8', $raw_key);
236 my $hex = uc(sprintf("\n %s\n %s\n ", join(' ', @hex[0..3]), join(' ', @hex[4..7])));
237 push @cleanup, erase_scoped
$hex, @hex;
238 $data_node->appendText($hex);
239 my $hash = digest_data
('SHA256', $raw_key);
240 substr($hash, 4) = '';
241 $hash = uc(unpack('H*', $hash));
242 $data_node->setAttribute('Hash', $hash);
245 throw
'Failed to save unsupported key file version', version
=> $version;
261 File::KDBX::Key::File - A file key
269 use File::KDBX::Constants qw(:key_file);
270 use File::KDBX::Key::File;
272 ### Create a key file:
274 my $key = File::KDBX::Key::File->new(
275 filepath => 'path/to/file.keyx',
276 type => KEY_FILE_TYPE_XML, # optional
277 version => 2, # optional
278 raw_key => $raw_key, # optional - leave undefined to generate a random key
284 my $key2 = File::KDBX::Key::File->new('path/to/file.keyx');
286 my $key2 = File::KDBX::Key::File->new(\$secret);
288 my $key2 = File::KDBX::Key::File->new($fh); # or *IO
292 A file key (or "key file") is the type of key where the secret is a file. The secret is either the file
293 contents or is generated based on the file contents. In order to lock and unlock a KDBX database with a key
294 file, the same file must be presented. The database cannot be opened without the file.
296 Inherets methods and attributes from L<File::KDBX::Key>.
298 There are multiple types of key files supported. See L</type>. This module can read and write key files.
306 Get the type of key file. Can be one of from L<File::KDBX::Constants/":key_file">:
312 C<KEY_FILE_TYPE_BINARY>
324 C<KEY_FILE_TYPE_HASHED>
330 $version = $key->version;
332 Get the file version. Only applies to XML key files.
336 $filepath = $key->filepath;
338 Get the filepath to the key file, if known.
344 $key = $key->load($filepath);
345 $key = $key->load(\$string);
346 $key = $key->load($fh);
347 $key = $key->load(*IO);
355 Re-read the key file, if possible, and update the raw key if the key changed.
360 $key->save(%options);
362 Write a key file. Available options:
368 C<type> - Type of key file (default: value of L</type>, or C<KEY_FILE_TYPE_XML>)
372 C<verson> - Version of key file (default: value of L</version>, or 2)
376 C<filepath> - Where to save the file (default: value of L</filepath>)
380 C<fh> - IO handle to write to (overrides C<filepath>, one of which must be defined)
384 C<raw_key> - Raw key (default: value of L</raw_key>)
388 C<atomic> - Write to the filepath atomically (default: true)
394 Please report any bugs or feature requests on the bugtracker website
395 L<https://github.com/chazmcgarvey/File-KDBX/issues>
397 When submitting a bug or request, please include a test-file or a
398 patch to an existing test-file that illustrates the bug or desired
403 Charles McGarvey <ccm@cpan.org>
405 =head1 COPYRIGHT AND LICENSE
407 This software is copyright (c) 2022 by Charles McGarvey.
409 This is free software; you can redistribute it and/or modify it under
410 the same terms as the Perl 5 programming language system itself.
This page took 0.059699 seconds and 4 git commands to generate.