2 # ABSTRACT: Encrypted databases to store secret text and files
7 use Crypt
::PRNG
qw(random_bytes);
8 use Devel
::GlobalDestruction
;
9 use File
::KDBX
::Constants
qw(:all);
10 use File
::KDBX
::Error
;
12 use File
::KDBX
::Util
qw(:empty erase generate_uuid search simple_expression_query snakify);
13 use List
::Util
qw(any);
14 use Ref
::Util
qw(is_ref is_arrayref is_plain_hashref);
15 use Scalar
::Util
qw(blessed refaddr);
20 our $VERSION = '999.999'; # VERSION
28 $kdbx = File
::KDBX-
>new(%attributes);
29 $kdbx = File
::KDBX-
>new($kdbx); # copy constructor
31 Construct a new L
<File
::KDBX
>.
39 return $_[0]->clone if @_ == 1 && blessed
$_[0] && $_[0]->isa($class);
41 my $self = bless {}, $class;
43 $self->_set_default_attributes if empty
$self;
47 sub DESTROY
{ !in_global_destruction
and $_[0]->reset }
51 $kdbx = $kdbx->init(%attributes);
53 Initialize a L
<File
::KDBX
> with a new set of attributes
. Returns itself to allow
method chaining
.
55 This
is called by L
</new
>.
63 @$self{keys %args} = values %args;
72 Set a L
<File
::KDBX
> to an empty
state, ready to load a KDBX file
or build a new one
. Returns itself to allow
79 erase
$self->headers->{+HEADER_INNER_RANDOM_STREAM_KEY
};
80 erase
$self->inner_headers->{+INNER_HEADER_INNER_RANDOM_STREAM_KEY
};
83 delete $SAFE{refaddr
($self)};
90 $kdbx_copy = $kdbx->clone;
91 $kdbx_copy = File
::KDBX-
>new($kdbx);
93 Clone a L
<File
::KDBX
>. The clone will be an exact copy
and completely independent of the original
.
100 return Storable
::dclone
($self);
103 sub STORABLE_freeze
{
109 return '', $copy, $KEYS{refaddr
($self)} // (), $SAFE{refaddr
($self)} // ();
120 @$self{keys %$clone} = values %$clone;
121 $KEYS{refaddr
($self)} = $key;
122 $SAFE{refaddr
($self)} = $safe;
124 for my $object (@{$self->all_groups}, @{$self->all_entries(history
=> 1)}) {
125 $object->kdbx($self);
129 ##############################################################################
139 $kdbx = KDBX
::File-
>load(\
$string, $key);
140 $kdbx = KDBX
::File-
>load(*IO
, $key);
141 $kdbx = KDBX
::File-
>load($filepath, $key);
142 $kdbx->load(...); # also instance method
144 $kdbx = File
::KDBX-
>load_string($string, $key);
145 $kdbx = File
::KDBX-
>load_string(\
$string, $key);
146 $kdbx->load_string(...); # also instance method
148 $kdbx = File
::KDBX-
>load_file($filepath, $key);
149 $kdbx->load_file(...); # also instance method
151 $kdbx = File
::KDBX-
>load_handle($fh, $key);
152 $kdbx = File
::KDBX-
>load_handle(*IO
, $key);
153 $kdbx->load_handle(...); # also instance method
155 Load a KDBX file from a string buffer
, IO handle
or file from a filesystem
.
157 L
<File
::KDBX
::Loader
> does the heavy lifting
.
161 sub load
{ shift-
>_loader->load(@_) }
162 sub load_string
{ shift-
>_loader->load_string(@_) }
163 sub load_file
{ shift-
>_loader->load_file(@_) }
164 sub load_handle
{ shift-
>_loader->load_handle(@_) }
168 $self = $self->new if !ref $self;
169 require File
::KDBX
::Loader
;
170 File
::KDBX
::Loader-
>new(kdbx
=> $self);
181 $kdbx->dump(\
$string, $key);
182 $kdbx->dump(*IO
, $key);
183 $kdbx->dump($filepath, $key);
185 $kdbx->dump_string(\
$string, $key);
186 \
$string = $kdbx->dump_string($key);
188 $kdbx->dump_file($filepath, $key);
190 $kdbx->dump_handle($fh, $key);
191 $kdbx->dump_handle(*IO
, $key);
193 Dump a KDBX file to a string buffer
, IO handle
or file
in a filesystem
.
195 L
<File
::KDBX
::Dumper
> does the heavy lifting
.
199 sub dump { shift-
>_dumper->dump(@_) }
200 sub dump_string
{ shift-
>_dumper->dump_string(@_) }
201 sub dump_file
{ shift-
>_dumper->dump_file(@_) }
202 sub dump_handle
{ shift-
>_dumper->dump_handle(@_) }
206 $self = $self->new if !ref $self;
207 require File
::KDBX
::Dumper
;
208 File
::KDBX
::Dumper-
>new(kdbx
=> $self);
211 ##############################################################################
213 =method user_agent_string
215 $string = $kdbx->user_agent_string;
217 Get a text string identifying the database client software
.
221 sub user_agent_string
{
223 sprintf('%s/%s (%s/%s; %s/%s; %s)',
224 __PACKAGE__
, $VERSION, @Config::Config
{qw(package version osname osvers archname)});
241 =attr deleted_objects
245 $value = $kdbx->$attr;
246 $kdbx->$attr($value);
248 Get
and set attributes
.
255 version
=> KDBX_VERSION_3_1
,
256 headers
=> sub { +{} },
257 inner_headers
=> sub { +{} },
259 binaries
=> sub { +{} },
260 deleted_objects
=> sub { +{} },
263 my %ATTRS_HEADERS = (
264 HEADER_COMMENT
() => '',
265 HEADER_CIPHER_ID
() => CIPHER_UUID_CHACHA20
,
266 HEADER_COMPRESSION_FLAGS
() => COMPRESSION_GZIP
,
267 HEADER_MASTER_SEED
() => sub { random_bytes
(32) },
268 # HEADER_TRANSFORM_SEED() => sub { random_bytes(32) },
269 # HEADER_TRANSFORM_ROUNDS() => 100_000,
270 HEADER_ENCRYPTION_IV
() => sub { random_bytes
(16) },
271 # HEADER_INNER_RANDOM_STREAM_KEY() => sub { random_bytes(32) }, # 64?
272 HEADER_STREAM_START_BYTES
() => sub { random_bytes
(32) },
273 # HEADER_INNER_RANDOM_STREAM_ID() => STREAM_ID_CHACHA20,
274 HEADER_KDF_PARAMETERS
() => sub {
276 KDF_PARAM_UUID
() => KDF_UUID_AES
,
277 KDF_PARAM_AES_ROUNDS
() => $_[0]->headers->{+HEADER_TRANSFORM_ROUNDS
} // KDF_DEFAULT_AES_ROUNDS
,
278 KDF_PARAM_AES_SEED
() => $_[0]->headers->{+HEADER_TRANSFORM_SEED
} // random_bytes
(32),
281 # HEADER_PUBLIC_CUSTOM_DATA() => sub { +{} },
287 database_name_changed
=> sub { gmtime },
288 database_description
=> '',
289 database_description_changed
=> sub { gmtime },
290 default_username
=> '',
291 default_username_changed
=> sub { gmtime },
292 maintenance_history_days
=> 0,
294 master_key_changed
=> sub { gmtime },
295 master_key_change_rec
=> -1,
296 master_key_change_force
=> -1,
297 # memory_protection => sub { +{} },
298 custom_icons
=> sub { +{} },
299 recycle_bin_enabled
=> true
,
300 recycle_bin_uuid
=> "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0",
301 recycle_bin_changed
=> sub { gmtime },
302 entry_templates_group
=> "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0",
303 entry_templates_group_changed
=> sub { gmtime },
304 last_selected_group
=> "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0",
305 last_top_visible_group
=> "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0",
306 history_max_items
=> HISTORY_DEFAULT_MAX_ITEMS
,
307 history_max_size
=> HISTORY_DEFAULT_MAX_SIZE
,
308 settings_changed
=> sub { gmtime },
309 # binaries => sub { +{} },
310 # custom_data => sub { +{} },
312 my %ATTRS_MEMORY_PROTECTION = (
313 protect_title
=> false
,
314 protect_username
=> false
,
315 protect_password
=> true
,
316 protect_url
=> false
,
317 protect_notes
=> false
,
318 auto_enable_visual_hiding
=> false
,
321 sub _update_group_uuid
{
323 my $old_uuid = shift // return;
324 my $new_uuid = shift;
326 my $meta = $self->meta;
327 $self->recycle_bin_uuid($new_uuid) if $old_uuid eq ($meta->{recycle_bin_uuid
} // '');
328 $self->entry_templates_group($new_uuid) if $old_uuid eq ($meta->{entry_templates_group
} // '');
329 $self->last_selected_group($new_uuid) if $old_uuid eq ($meta->{last_selected_group
} // '');
330 $self->last_top_visible_group($new_uuid) if $old_uuid eq ($meta->{last_top_visible_group
} // '');
332 for my $group (@{$self->all_groups}) {
333 $group->last_top_visible_entry($new_uuid) if $old_uuid eq ($group->{last_top_visible_entry
} // '');
334 $group->previous_parent_group($new_uuid) if $old_uuid eq ($group->{previous_parent_group
} // '');
336 for my $entry (@{$self->all_entries}) {
337 $entry->previous_parent_group($new_uuid) if $old_uuid eq ($entry->{previous_parent_group
} // '');
341 sub _update_entry_uuid
{
343 my $old_uuid = shift // return;
344 my $new_uuid = shift;
346 for my $entry (@{$self->all_entries}) {
347 $entry->previous_parent_group($new_uuid) if $old_uuid eq ($entry->{previous_parent_group
} // '');
351 while (my ($attr, $default) = each %ATTRS) {
352 no strict
'refs'; ## no critic (ProhibitNoStrict)
355 $self->{$attr} = shift if @_;
356 $self->{$attr} //= (ref $default eq 'CODE') ? $default->($self) : $default;
359 while (my ($attr, $default) = each %ATTRS_HEADERS) {
360 no strict
'refs'; ## no critic (ProhibitNoStrict)
363 $self->headers->{$attr} = shift if @_;
364 $self->headers->{$attr} //= (ref $default eq 'CODE') ? $default->($self) : $default;
367 while (my ($attr, $default) = each %ATTRS_META) {
368 no strict
'refs'; ## no critic (ProhibitNoStrict)
371 $self->meta->{$attr} = shift if @_;
372 $self->meta->{$attr} //= (ref $default eq 'CODE') ? $default->($self) : $default;
375 while (my ($attr, $default) = each %ATTRS_MEMORY_PROTECTION) {
376 no strict
'refs'; ## no critic (ProhibitNoStrict)
379 $self->meta->{$attr} = shift if @_;
380 $self->meta->{$attr} //= (ref $default eq 'CODE') ? $default->($self) : $default;
385 HEADER_TRANSFORM_SEED
,
386 HEADER_TRANSFORM_ROUNDS
,
387 HEADER_INNER_RANDOM_STREAM_KEY
,
388 HEADER_INNER_RANDOM_STREAM_ID
,
390 sub _set_default_attributes
{
392 $self->$_ for keys %ATTRS, keys %ATTRS_HEADERS, keys %ATTRS_META, keys %ATTRS_MEMORY_PROTECTION,
396 =method memory_protection
398 \
%settings = $kdbx->memory_protection
399 $kdbx->memory_protection(\
%settings);
401 $bool = $kdbx->memory_protection($string_key);
402 $kdbx->memory_protection($string_key => $bool);
404 Get
or set memory protection settings
. This globally
(for the whole database
) configures whether
and which of
405 the standard strings should be memory-protected
. The
default setting
is to memory-protect only I
<Password
>
408 Memory protection can be toggled individually
for each entry string
, and individual settings
take precedence
409 over these global settings
.
413 sub memory_protection
{
415 $self->{meta
}{memory_protection
} = shift if @_ == 1 && is_plain_hashref
($_[0]);
416 return $self->{meta
}{memory_protection
} //= {} if !@_;
418 my $string_key = shift;
419 my $key = 'protect_' . lc($string_key);
421 $self->meta->{memory_protection
}{$key} = shift if @_;
422 $self->meta->{memory_protection
}{$key};
425 =method minimum_version
427 $version = $kdbx->minimum_version;
429 Determine the minimum file version required to save a database losslessly
. Using certain databases features
430 might increase this value
. For example
, setting the KDF to Argon2 will increase the minimum version to at
431 least C
<KDBX_VERSION_4_0
> (i
.e
. C
<0x00040000>) because Argon2 was introduced with KDBX4
.
433 This
method never returns less than C
<KDBX_VERSION_3_1
> (i
.e
. C
<0x00030001>). That file version
is so
434 ubiquitious
and well-supported
, there are seldom reasons to
dump in a lesser format nowadays
.
436 B
<WARNING
:> If you
dump a database with a minimum version higher than the current L
</version
>, the dumper will
437 typically issue a warning
and automatically upgrade the database
. This seems like the safest behavior
in order
438 to avoid data loss
, but lower versions have the benefit of being compatible with more software
. It
is possible
439 to prevent auto-upgrades by explicitly telling the dumper which version to
use, but you
do run the risk of
440 data loss
. A database will never be automatically downgraded
.
444 sub minimum_version
{
447 return KDBX_VERSION_4_1
if any
{
448 nonempty
$_->{last_modification_time
}
449 } values %{$self->custom_data};
451 return KDBX_VERSION_4_1
if any
{
452 nonempty
$_->{name
} || nonempty
$_->{last_modification_time
}
453 } values %{$self->custom_icons};
455 return KDBX_VERSION_4_1
if any
{
456 nonempty
$_->previous_parent_group || nonempty
$_->tags ||
457 any
{ nonempty
$_->{last_modification_time
} } values %{$_->custom_data}
458 } @{$self->all_groups};
460 return KDBX_VERSION_4_1
if any
{
461 nonempty
$_->previous_parent_group || (defined $_->quality_check && !$_->quality_check) ||
462 any
{ nonempty
$_->{last_modification_time
} } values %{$_->custom_data}
463 } @{$self->all_entries(history
=> 1)};
465 return KDBX_VERSION_4_0
if $self->kdf->uuid ne KDF_UUID_AES
;
467 return KDBX_VERSION_4_0
if nonempty
$self->public_custom_data;
469 return KDBX_VERSION_4_0
if any
{
470 nonempty
$_->custom_data
471 } @{$self->all_groups}, @{$self->all_entries(history
=> 1)};
473 return KDBX_VERSION_3_1
;
476 ##############################################################################
480 $kdbx->add_group($group, %options);
481 $kdbx->add_group(%group_attributes, %options);
483 Add a group to a database
. This
is equivalent to identifying a parent group
and calling
484 L
<File
::KDBX
::Group
/add_group
> on the parent group
, forwarding the arguments
. Available options
:
487 * C<group> (aka C<parent>) - Group (object or group UUID) to add the group to (default: root group)
493 my $group = @_ % 2 == 1 ? shift : undef;
496 # find the right group to add the group to
497 my $parent = delete $args{group
} // delete $args{parent
} // $self->root;
498 ($parent) = $self->find_groups({uuid
=> $parent}) if !ref $parent;
499 $parent or throw
'Invalid group';
501 return $parent->add_group(defined $group ? $group : (), %args, kdbx
=> $self);
507 require File
::KDBX
::Group
;
508 return File
::KDBX
::Group-
>wrap($group, $self);
513 $group = $kdbx->root;
516 Get
or set a database
's root group. You don't necessarily need to explicitly create
or set a root group
517 because it autovivifies
when adding entries
and groups to the database
.
519 Every database
has only a single root group at a
time. Some old KDB files might have multiple root groups
.
520 When reading such files
, a single implicit root group
is created to contain the other explicit groups
. When
521 writing to such a format
, if the root group looks like it was implicitly created then it won
't be written and
522 the resulting file might have multiple root groups. This allows working with older files without changing
523 their written internal structure while still adhering to the modern restrictions while the database is opened.
525 B<WARNING:> The root group of a KDBX database contains all of the database's entries
and other groups
. If you
526 replace the root group
, you are essentially replacing the entire database contents with something
else.
533 $self->{root
} = $self->_wrap_group(@_);
534 $self->{root
}->kdbx($self);
536 $self->{root
} //= $self->_implicit_root;
537 return $self->_wrap_group($self->{root
});
542 return [] if !$self->{root
};
543 return $self->_has_implicit_root ? $self->root->groups : [$self->root];
546 sub _has_implicit_root
{
548 my $root = $self->root;
549 my $temp = __PACKAGE__-
>_implicit_root;
550 # If an implicit root group has been changed in any significant way, it is no longer implicit.
551 return $root->name eq $temp->name &&
552 $root->is_expanded ^ $temp->is_expanded &&
553 $root->notes eq $temp->notes &&
554 !@{$root->entries} &&
555 !defined $root->custom_icon_uuid &&
556 !keys %{$root->custom_data} &&
557 $root->icon_id == $temp->icon_id &&
558 $root->expires ^ $temp->expires &&
559 $root->default_auto_type_sequence eq $temp->default_auto_type_sequence &&
560 !defined $root->enable_auto_type &&
561 !defined $root->enable_searching;
566 require File
::KDBX
::Group
;
567 return File
::KDBX
::Group-
>new(
570 notes
=> 'Added as an implicit root group by '.__PACKAGE__
.'.',
571 ref $self ? (kdbx
=> $self) : (),
577 \
@groups = $kdbx->all_groups(%options);
578 \
@groups = $kdbx->all_groups($base_group, %options);
580 Get all groups deeply
in a database
, or all groups within a specified base group
, in a flat array
. Supported
584 * C<base> - Only include groups within a base group (same as C<$base_group>) (default: root)
585 * C<include_base> - Include the base group in the results (default: true)
591 my %args = @_ % 2 == 0 ? @_ : (base
=> shift, @_);
592 my $base = $args{base
} // $self->root;
594 my @groups = $args{include_base
} // 1 ? $self->_wrap_group($base) : ();
596 for my $subgroup (@{$base->{groups
} || []}) {
597 my $more = $self->all_groups($subgroup);
598 push @groups, @$more;
604 =method trace_lineage
606 \
@lineage = $kdbx->trace_lineage($group);
607 \
@lineage = $kdbx->trace_lineage($group, $base_group);
608 \
@lineage = $kdbx->trace_lineage($entry);
609 \
@lineage = $kdbx->trace_lineage($entry, $base_group);
611 Get the direct line of ancestors from C
<$base_group> (default: the root group
) to a group
or entry
. The
612 lineage includes the base group but I
<not> the target group
or entry
. Returns C
<undef> if the target
is not in
613 the database structure
.
620 return $object->lineage(@_);
628 push @lineage, $self->root if !@lineage;
629 my $base = $lineage[-1] or return [];
631 my $uuid = $object->uuid;
632 return \
@lineage if any
{ $_->uuid eq $uuid } @{$base->groups || []}, @{$base->entries || []};
634 for my $subgroup (@{$base->groups || []}) {
635 my $result = $self->_trace_lineage($object, @lineage, $subgroup);
636 return $result if $result;
642 @groups = $kdbx->find_groups($query, %options);
644 Find all groups deeply that match to a query
. Options are the same as
for L
</all_groups
>.
646 See L
</QUERY
> for a description of what C
<$query> can be
.
652 my $query = shift or throw
'Must provide a query';
656 include_base
=> $args{include_base
},
658 return @{search
($self->all_groups(%all_groups), is_arrayref
($query) ? @$query : $query)};
666 ##############################################################################
670 $kdbx->add_entry($entry, %options);
671 $kdbx->add_entry(%entry_attributes, %options);
673 Add a entry to a database
. This
is equivalent to identifying a parent group
and calling
674 L
<File
::KDBX
::Group
/add_entry
> on the parent group
, forwarding the arguments
. Available options
:
677 * C<group> (aka C<parent>) - Group (object or group UUID) to add the entry to (default: root group)
683 my $entry = @_ % 2 == 1 ? shift : undef;
686 # find the right group to add the entry to
687 my $parent = delete $args{group
} // delete $args{parent
} // $self->root;
688 ($parent) = $self->find_groups({uuid
=> $parent}) if !ref $parent;
689 $parent or throw
'Invalid group';
691 return $parent->add_entry(defined $entry ? $entry : (), %args, kdbx
=> $self);
697 require File
::KDBX
::Entry
;
698 return File
::KDBX
::Entry-
>wrap($entry, $self);
703 \
@entries = $kdbx->all_entries(%options);
704 \
@entries = $kdbx->all_entries($base_group, %options);
706 Get entries deeply
in a database
, in a flat array
. Supported options
:
709 * C<base> - Only include entries within a base group (same as C<$base_group>) (default: root)
710 * C<auto_type> - Only include entries with auto-type enabled (default: false, include all)
711 * C<search> - Only include entries within groups with search enabled (default: false, include all)
712 * C<history> - Also include historical entries (default: false, include only active entries)
718 my %args = @_ % 2 == 0 ? @_ : (base
=> shift, @_);
720 my $base = $args{base
} // $self->root;
721 my $history = $args{history
};
722 my $search = $args{search
};
723 my $auto_type = $args{auto_type
};
725 my $enable_auto_type = $base->{enable_auto_type
} // true
;
726 my $enable_searching = $base->{enable_searching
} // true
;
729 if ((!$search || $enable_searching) && (!$auto_type || $enable_auto_type)) {
731 map { $self->_wrap_entry($_) }
732 grep { !$auto_type || $_->{auto_type
}{enabled
} }
733 map { $_, $history ? @{$_->{history
} || []} : () }
734 @{$base->{entries
} || []};
737 for my $subgroup (@{$base->{groups
} || []}) {
738 my $more = $self->all_entries($subgroup,
739 auto_type
=> $auto_type,
743 push @entries, @$more;
751 =method find_entries_simple
753 @entries = $kdbx->find_entries($query, %options);
755 @entries = $kdbx->find_entries_simple($expression, \
@fields, %options);
756 @entries = $kdbx->find_entries_simple($expression, $operator, \
@fields, %options);
758 Find all entries deeply that match a query
. Options are the same as
for L
</all_entries
>.
760 See L
</QUERY
> for a description of what C
<$query> can be
.
766 my $query = shift or throw
'Must provide a query';
770 auto_type
=> $args{auto_type
},
771 search
=> $args{search
},
772 history
=> $args{history
},
774 return @{search
($self->all_entries(%all_entries), is_arrayref
($query) ? @$query : $query)};
777 sub find_entries_simple
{
780 my $op = @_ && !is_ref
($_[0]) ? shift : undef;
782 is_arrayref
($fields) or throw
q{Usage: find_entries_simple($expression, [$op,] \@fields)};
783 return $self->find_entries([\
$text, $op, $fields], @_);
786 ##############################################################################
790 \
%icon = $kdbx->custom_icon($uuid);
791 $kdbx->custom_icon($uuid => \
%icon);
792 $kdbx->custom_icon(%icon);
793 $kdbx->custom_icon(uuid
=> $value, %icon);
800 my %args = @_ == 2 ? (uuid
=> shift, value
=> shift)
801 : @_ % 2 == 1 ? (uuid
=> shift, @_) : @_;
803 if (!$args{key
} && !$args{value
}) {
804 my %standard = (key
=> 1, value
=> 1, last_modification_time
=> 1);
805 my @other_keys = grep { !$standard{$_} } keys %args;
806 if (@other_keys == 1) {
807 my $key = $args{key
} = $other_keys[0];
808 $args{value
} = delete $args{$key};
812 my $key = $args{key
} or throw
'Must provide a custom_icons key to access';
814 return $self->{meta
}{custom_icons
}{$key} = $args{value
} if is_plain_hashref
($args{value
});
816 while (my ($field, $value) = each %args) {
817 $self->{meta
}{custom_icons
}{$key}{$field} = $value;
819 return $self->{meta
}{custom_icons
}{$key};
822 =method custom_icon_data
824 $image_data = $kdbx->custom_icon_data($uuid);
830 sub custom_icon_data
{
832 my $uuid = shift // return;
833 return if !exists $self->custom_icons->{$uuid};
834 return $self->custom_icons->{$uuid}{data
};
837 =method add_custom_icon
839 $uuid = $kdbx->add_custom_icon($image_data, %attributes);
841 Add a custom icon
and get its UUID
. If
not provided
, a random UUID will be generated
. Possible attributes
:
844 * C<uuid> - Icon UUID
845 * C<name> - Name of the icon (text, KDBX4.1+)
846 * C<last_modification_time> - Just what it says (datetime, KDBX4.1+)
850 sub add_custom_icon
{
852 my $img = shift or throw
'Must provide image data';
855 my $uuid = $args{uuid
} // generate_uuid
(sub { !$self->custom_icons->{$_} });
856 $self->custom_icons->{$uuid} = {
864 =method remove_custom_icon
866 $kdbx->remove_custom_icon($uuid);
868 Remove a custom icon
.
872 sub remove_custom_icon
{
875 delete $self->custom_icons->{$uuid};
878 ##############################################################################
882 \
%all_data = $kdbx->custom_data;
883 $kdbx->custom_data(\
%all_data);
885 \
%data = $kdbx->custom_data($key);
886 $kdbx->custom_data($key => \
%data);
887 $kdbx->custom_data(%data);
888 $kdbx->custom_data(key
=> $value, %data);
890 Get
and set custom data
. Custom data
is metadata associated with a database
.
892 Each data item can have a few attributes associated with it
.
895 * C<key> - A unique text string identifier used to look up the data item (required)
896 * C<value> - A text string value (required)
897 * C<last_modification_time> (optional, KDBX4.1+)
903 $self->{meta
}{custom_data
} = shift if @_ == 1 && is_plain_hashref
($_[0]);
904 return $self->{meta
}{custom_data
} //= {} if !@_;
906 my %args = @_ == 2 ? (key
=> shift, value
=> shift)
907 : @_ % 2 == 1 ? (key
=> shift, @_) : @_;
909 if (!$args{key
} && !$args{value
}) {
910 my %standard = (key
=> 1, value
=> 1, last_modification_time
=> 1);
911 my @other_keys = grep { !$standard{$_} } keys %args;
912 if (@other_keys == 1) {
913 my $key = $args{key
} = $other_keys[0];
914 $args{value
} = delete $args{$key};
918 my $key = $args{key
} or throw
'Must provide a custom_data key to access';
920 return $self->{meta
}{custom_data
}{$key} = $args{value
} if is_plain_hashref
($args{value
});
922 while (my ($field, $value) = each %args) {
923 $self->{meta
}{custom_data
}{$key}{$field} = $value;
925 return $self->{meta
}{custom_data
}{$key};
928 =method custom_data_value
930 $value = $kdbx->custom_data_value($key);
932 Exactly the same as L
</custom_data
> except returns just the custom data
's value rather than a structure of
933 attributes. This is a shortcut for:
935 my $data = $kdbx->custom_data($key);
936 my $value = defined $data ? $data->{value} : undef;
940 sub custom_data_value {
942 my $data = $self->custom_data(@_) // return;
943 return $data->{value};
946 =method public_custom_data
948 \%all_data = $kdbx->public_custom_data;
949 $kdbx->public_custom_data(\%all_data);
951 $value = $kdbx->public_custom_data($key);
952 $kdbx->public_custom_data($key => $value);
954 Get and set public custom data. Public custom data is similar to custom data but different in some important
955 ways. Public custom data:
958 * can store strings, booleans and up to 64-bit integer values (custom data can only store text values)
959 * is NOT encrypted within a KDBX file (hence the "public" part of the name)
960 * is a flat hash/dict of key-value pairs (no other associated fields like modification times)
964 sub public_custom_data {
966 $self->{headers}{+HEADER_PUBLIC_CUSTOM_DATA} = shift if @_ == 1 && is_plain_hashref($_[0]);
967 return $self->{headers}{+HEADER_PUBLIC_CUSTOM_DATA} //= {} if !@_;
969 my $key = shift or throw 'Must provide a public_custom_data key to access
';
970 $self->{headers}{+HEADER_PUBLIC_CUSTOM_DATA}{$key} = shift if @_;
971 return $self->{headers}{+HEADER_PUBLIC_CUSTOM_DATA}{$key};
974 ##############################################################################
981 # my %options = @_; # prefer_old / prefer_new
982 # $other->merge_from($self);
989 # die 'Not implemented
';
992 ##############################################################################
994 =method resolve_reference
996 $string = $kdbx->resolve_reference($reference);
997 $string = $kdbx->resolve_reference($wanted, $search_in, $expression);
999 Resolve a L<field reference|https://keepass.info/help/base/fieldrefs.html>. A field reference is a kind of
1000 string placeholder. You can use a field reference to refer directly to a standard field within an entry. Field
1001 references are resolved automatically while expanding entry strings (i.e. replacing placeholders), but you can
1002 use this method to resolve on-the-fly references that aren't part of any actual string
in the database
.
1004 If the reference
does not resolve to any field
, C
<undef> is returned
. If the reference resolves to multiple
1005 fields
, only the first one
is returned
(in the same order as L
</all_entries
>). To avoid ambiguity
, you can
1006 refer to a specific entry by its UUID
.
1008 The syntax of a reference
is: C
<< {REF
:<WantedField
>@<SearchIn
>:<Text
>} >>. C
<Text
> is a
1009 L
</"Simple Expression">. C
<WantedField
> and C
<SearchIn
> are both single character codes representing a field
:
1018 * C<O> - Other custom strings
1020 Since C<O> does not represent any specific field, it cannot be used as the C<WantedField>.
1024 To get the value of the I<UserName> string of the first entry with "My Bank" in the title:
1026 my $username = $kdbx->resolve_reference('{REF:U@T:"My Bank"}');
1027 # OR the {REF:...} wrapper is optional
1028 my $username = $kdbx->resolve_reference('U@T:"My Bank"');
1029 # OR separate the arguments
1030 my $username = $kdbx->resolve_reference(U => T => '"My Bank"');
1032 Note how the text is a L</"Simple Expression">, so search terms with spaces must be surrounded in double
1035 To get the I<Password> string of a specific entry (identified by its UUID):
1037 my $password = $kdbx->resolve_reference('{REF:P@I:46C9B1FFBD4ABC4BBB260C6190BAD20C}');
1041 sub resolve_reference
{
1043 my $wanted = shift // return;
1044 my $search_in = shift;
1047 if (!defined $text) {
1048 $wanted =~ s/^\{REF:([^\}]+)\}$/$1/i;
1049 ($wanted, $search_in, $text) = $wanted =~ /^([TUPANI])\@([TUPANIO]):(.*)$/i;
1051 $wanted && $search_in && nonempty
($text) or return;
1054 T
=> 'expanded_title',
1055 U
=> 'expanded_username',
1056 P
=> 'expanded_password',
1057 A
=> 'expanded_url',
1058 N
=> 'expanded_notes',
1060 O
=> 'other_strings',
1062 $wanted = $fields{$wanted} or return;
1063 $search_in = $fields{$search_in} or return;
1065 my $query = simple_expression_query
($text, ($search_in eq 'id' ? 'eq' : '=~'), $search_in);
1067 my ($entry) = $self->find_entries($query);
1070 return $entry->$wanted;
1073 our %PLACEHOLDERS = (
1074 # placeholder => sub { my ($entry, $arg) = @_; ... };
1075 'TITLE' => sub { $_[0]->expanded_title },
1076 'USERNAME' => sub { $_[0]->expanded_username },
1077 'PASSWORD' => sub { $_[0]->expanded_password },
1078 'NOTES' => sub { $_[0]->expanded_notes },
1079 'S:' => sub { $_[0]->string_value($_[1]) },
1080 'URL' => sub { $_[0]->expanded_url },
1081 'URL:RMVSCM' => sub { local $_ = $_[0]->url; s!^[^:/\?\#]+://!!; $_ },
1082 'URL:WITHOUTSCHEME' => sub { local $_ = $_[0]->url; s!^[^:/\?\#]+://!!; $_ },
1083 'URL:SCM' => sub { (split_url
($_[0]->url))[0] },
1084 'URL:SCHEME' => sub { (split_url
($_[0]->url))[0] }, # non-standard
1085 'URL:HOST' => sub { (split_url
($_[0]->url))[2] },
1086 'URL:PORT' => sub { (split_url
($_[0]->url))[3] },
1087 'URL:PATH' => sub { (split_url
($_[0]->url))[4] },
1088 'URL:QUERY' => sub { (split_url
($_[0]->url))[5] },
1089 'URL:HASH' => sub { (split_url
($_[0]->url))[6] }, # non-standard
1090 'URL:FRAGMENT' => sub { (split_url
($_[0]->url))[6] }, # non-standard
1091 'URL:USERINFO' => sub { (split_url
($_[0]->url))[1] },
1092 'URL:USERNAME' => sub { (split_url
($_[0]->url))[7] },
1093 'URL:PASSWORD' => sub { (split_url
($_[0]->url))[8] },
1094 'UUID' => sub { local $_ = format_uuid
($_[0]->uuid); s/-//g; $_ },
1095 'REF:' => sub { $_[0]->kdbx->resolve_reference($_[1]) },
1096 'INTERNETEXPLORER' => sub { load_optional
('IPC::Cmd'); IPC
::Cmd
::can_run
('iexplore') },
1097 'FIREFOX' => sub { load_optional
('IPC::Cmd'); IPC
::Cmd
::can_run
('firefox') },
1098 'GOOGLECHROME' => sub { load_optional
('IPC::Cmd'); IPC
::Cmd
::can_run
('google-chrome') },
1099 'OPERA' => sub { load_optional
('IPC::Cmd'); IPC
::Cmd
::can_run
('opera') },
1100 'SAFARI' => sub { load_optional
('IPC::Cmd'); IPC
::Cmd
::can_run
('safari') },
1101 'APPDIR' => sub { load_optional
('FindBin'); $FindBin::Bin
},
1102 'GROUP' => sub { my $p = $_[0]->parent; $p ? $p->name : undef },
1103 'GROUP_PATH' => sub { $_[0]->path },
1104 'GROUP_NOTES' => sub { my $p = $_[0]->parent; $p ? $p->notes : undef },
1113 'ENV:' => sub { $ENV{$_[1]} },
1114 'ENV_DIRSEP' => sub { load_optional
('File::Spec')->catfile('', '') },
1115 'ENV_PROGRAMFILES_X86' => sub { $ENV{'ProgramFiles(x86)'} || $ENV{'ProgramFiles'} },
1118 'DT_SIMPLE' => sub { localtime-
>strftime('%Y%m%d%H%M%S') },
1119 'DT_YEAR' => sub { localtime-
>strftime('%Y') },
1120 'DT_MONTH' => sub { localtime-
>strftime('%m') },
1121 'DT_DAY' => sub { localtime-
>strftime('%d') },
1122 'DT_HOUR' => sub { localtime-
>strftime('%H') },
1123 'DT_MINUTE' => sub { localtime-
>strftime('%M') },
1124 'DT_SECOND' => sub { localtime-
>strftime('%S') },
1125 'DT_UTC_SIMPLE' => sub { gmtime-
>strftime('%Y%m%d%H%M%S') },
1126 'DT_UTC_YEAR' => sub { gmtime-
>strftime('%Y') },
1127 'DT_UTC_MONTH' => sub { gmtime-
>strftime('%m') },
1128 'DT_UTC_DAY' => sub { gmtime-
>strftime('%d') },
1129 'DT_UTC_HOUR' => sub { gmtime-
>strftime('%H') },
1130 'DT_UTC_MINUTE' => sub { gmtime-
>strftime('%M') },
1131 'DT_UTC_SECOND' => sub { gmtime-
>strftime('%S') },
1138 'HMACOTP' => sub { $_[0]->hmac_otp },
1139 'TIMEOTP' => sub { $_[0]->time_otp },
1140 'C:' => sub { '' }, # comment
1148 ##############################################################################
1154 Encrypt all protected strings
in a database
. The encrypted strings are stored
in a L
<File
::KDBX
::Safe
>
1155 associated with the database
and the actual strings will be replaced with C
<undef> to indicate their protected
1156 state. Returns itself to allow
method chaining
.
1162 $SAFE{refaddr
($self)} = shift if @_;
1163 $SAFE{refaddr
($self)};
1166 sub _remove_safe
{ delete $SAFE{refaddr
($_[0])} }
1171 $self->_safe and return $self;
1175 my $entries = $self->all_entries(history
=> 1);
1176 for my $entry (@$entries) {
1177 push @strings, grep { $_->{protect
} } values %{$entry->{strings
} || {}};
1180 $self->_safe(File
::KDBX
::Safe-
>new(\
@strings));
1189 Decrypt all protected strings
in a database
, replacing C
<undef> placeholders with unprotected
values. Returns
1190 itself to allow
method chaining
.
1197 my $safe = $self->_safe or return;
1198 return $safe->peek($string);
1203 my $safe = $self->_safe or return $self;
1206 $self->_remove_safe;
1211 # sub unlock_scoped {
1213 # return if !$self->is_locked;
1214 # require Scope::Guard;
1215 # my $guard = Scope::Guard->new(sub { $self->lock });
1222 $bool = $kdbx->is_locked;
1224 Get whether
or not a database
's strings are memory-protected. If this is true, then some or all of the
1225 protected strings within the database will be unavailable (literally have C<undef> values) until L</unlock> is
1230 sub is_locked { $_[0]->_safe ? 1 : 0 }
1232 ##############################################################################
1234 =method randomize_seeds
1236 $kdbx->randomize_seeds;
1238 Set various keys, seeds and IVs to random values. These values are used by the cryptographic functions that
1239 secure the database when dumped. The attributes that will be randomized are:
1243 * L</inner_random_stream_key>
1245 * L</stream_start_bytes>
1246 * L</transform_seed>
1248 Randomizing these values has no effect on a loaded database. These are only used when a database is dumped.
1249 You normally do not need to call this method explicitly because the dumper does it explicitly by default.
1253 sub randomize_seeds {
1255 $self->encryption_iv(random_bytes(16));
1256 $self->inner_random_stream_key(random_bytes(64));
1257 $self->master_seed(random_bytes(32));
1258 $self->stream_start_bytes(random_bytes(32));
1259 $self->transform_seed(random_bytes(32));
1262 ##############################################################################
1267 $key = $kdbx->key($key);
1268 $key = $kdbx->key($primitive);
1270 Get or set a L<File::KDBX::Key>. This is the master key (i.e. a password or a key file that can decrypt
1271 a database). See L<File::KDBX::Key/new> for an explanation of what the primitive can be.
1273 You generally don't need to call this directly because you can provide the key directly to the loader
or
1274 dumper
when loading
or saving a KDBX file
.
1280 $KEYS{refaddr
($self)} = File
::KDBX
::Key-
>new(@_) if @_;
1281 $KEYS{refaddr
($self)};
1284 =method composite_key
1286 $key = $kdbx->composite_key($key);
1287 $key = $kdbx->composite_key($primitive);
1289 Construct a L
<File
::KDBX
::Key
::Composite
> from a primitive
. See L
<File
::KDBX
::Key
/new
> for an explanation of
1290 what the primitive can be
. If the primitive
does not represent a composite key
, it will be wrapped
.
1292 You generally don
't need to call this directly. The parser and writer use it to transform a master key into
1293 a raw encryption key.
1299 require File::KDBX::Key::Composite;
1300 return File::KDBX::Key::Composite->new(@_);
1305 $kdf = $kdbx->kdf(%options);
1306 $kdf = $kdbx->kdf(\%parameters, %options);
1308 Get a L<File::KDBX::KDF> (key derivation function).
1313 * C<params> - KDF parameters, same as C<\%parameters> (default: value of L</kdf_parameters>)
1319 my %args = @_ % 2 == 1 ? (params => shift, @_) : @_;
1321 my $params = $args{params};
1322 my $compat = $args{compatible} // 1;
1324 $params //= $self->kdf_parameters;
1325 $params = {%{$params || {}}};
1327 if (empty $params || !defined $params->{+KDF_PARAM_UUID}) {
1328 $params->{+KDF_PARAM_UUID} = KDF_UUID_AES;
1330 if ($params->{+KDF_PARAM_UUID} eq KDF_UUID_AES) {
1331 # AES_CHALLENGE_RESPONSE is equivalent to AES if there are no challenge-response keys, and since
1332 # non-KeePassXC implementations don't support challenge-response
keys anyway
, there
's no problem with
1333 # always using AES_CHALLENGE_RESPONSE for all KDBX4+ databases.
1334 # For compatibility, we should not *write* AES_CHALLENGE_RESPONSE, but the dumper handles that.
1335 if ($self->version >= KDBX_VERSION_4_0) {
1336 $params->{+KDF_PARAM_UUID} = KDF_UUID_AES_CHALLENGE_RESPONSE;
1338 $params->{+KDF_PARAM_AES_SEED} //= $self->transform_seed;
1339 $params->{+KDF_PARAM_AES_ROUNDS} //= $self->transform_rounds;
1342 require File::KDBX::KDF;
1343 return File::KDBX::KDF->new(%$params);
1346 sub transform_seed {
1348 $self->headers->{+HEADER_TRANSFORM_SEED} =
1349 $self->headers->{+HEADER_KDF_PARAMETERS}{+KDF_PARAM_AES_SEED} = shift if @_;
1350 $self->headers->{+HEADER_TRANSFORM_SEED} =
1351 $self->headers->{+HEADER_KDF_PARAMETERS}{+KDF_PARAM_AES_SEED} //= random_bytes(32);
1354 sub transform_rounds {
1356 $self->headers->{+HEADER_TRANSFORM_ROUNDS} =
1357 $self->headers->{+HEADER_KDF_PARAMETERS}{+KDF_PARAM_AES_ROUNDS} = shift if @_;
1358 $self->headers->{+HEADER_TRANSFORM_ROUNDS} =
1359 $self->headers->{+HEADER_KDF_PARAMETERS}{+KDF_PARAM_AES_ROUNDS} //= 100_000;
1364 $cipher = $kdbx->cipher(key => $key);
1365 $cipher = $kdbx->cipher(key => $key, iv => $iv, uuid => $uuid);
1367 Get a L<File::KDBX::Cipher> capable of encrypting and decrypting the body of a database file.
1369 A key is required. This should be a raw encryption key made up of a fixed number of octets (depending on the
1370 cipher), not a L<File::KDBX::Key> or primitive.
1372 If not passed, the UUID comes from C<< $kdbx->headers->{cipher_id} >> and the encryption IV comes from
1373 C<< $kdbx->headers->{encryption_iv} >>.
1375 You generally don't need to call this directly
. The parser
and writer
use it to decrypt
and encrypt KDBX
1384 $args{uuid
} //= $self->headers->{+HEADER_CIPHER_ID
};
1385 $args{iv
} //= $self->headers->{+HEADER_ENCRYPTION_IV
};
1387 require File
::KDBX
::Cipher
;
1388 return File
::KDBX
::Cipher-
>new(%args);
1391 =method random_stream
1393 $cipher = $kdbx->random_stream;
1394 $cipher = $kdbx->random_stream(id
=> $stream_id, key
=> $key);
1396 Get a L
<File
::KDBX
::Cipher
::Stream
> for decrypting
and encrypting protected
values.
1398 If
not passed
, the ID
and encryption key comes from C
<< $kdbx->headers->{inner_random_stream_id
} >> and
1399 C
<< $kdbx->headers->{inner_random_stream_key
} >> (respectively
) for KDBX3 files
and from
1400 C
<< $kdbx->inner_headers->{inner_random_stream_key
} >> and
1401 C
<< $kdbx->inner_headers->{inner_random_stream_id
} >> (respectively
) for KDBX4 files
.
1403 You generally don
't need to call this directly. The parser and writer use it to scramble protected strings.
1411 $args{stream_id} //= delete $args{id} // $self->inner_random_stream_id;
1412 $args{key} //= $self->inner_random_stream_key;
1414 require File::KDBX::Cipher;
1415 File::KDBX::Cipher->new(%args);
1418 sub inner_random_stream_id {
1420 $self->inner_headers->{+INNER_HEADER_INNER_RANDOM_STREAM_ID}
1421 = $self->headers->{+HEADER_INNER_RANDOM_STREAM_ID} = shift if @_;
1422 $self->inner_headers->{+INNER_HEADER_INNER_RANDOM_STREAM_ID}
1423 //= $self->headers->{+HEADER_INNER_RANDOM_STREAM_ID} //= do {
1424 my $version = $self->minimum_version;
1425 $version < KDBX_VERSION_4_0 ? STREAM_ID_SALSA20 : STREAM_ID_CHACHA20;
1429 sub inner_random_stream_key {
1432 # These are probably the same SvPV so erasing one will CoW, but erasing the second should do the
1434 erase \$self->inner_headers->{+INNER_HEADER_INNER_RANDOM_STREAM_KEY};
1435 erase \$self->headers->{+HEADER_INNER_RANDOM_STREAM_KEY};
1436 $self->inner_headers->{+INNER_HEADER_INNER_RANDOM_STREAM_KEY}
1437 = $self->headers->{+HEADER_INNER_RANDOM_STREAM_KEY} = shift;
1439 $self->inner_headers->{+INNER_HEADER_INNER_RANDOM_STREAM_KEY}
1440 //= $self->headers->{+HEADER_INNER_RANDOM_STREAM_KEY} //= random_bytes(64); # 32
1443 #########################################################################################
1446 # - Fixer tool. Can repair inconsistencies, including:
1447 # - Orphaned binaries... not really a thing anymore since we now distribute binaries amongst entries
1448 # - Unused custom icons (OFF, data loss)
1450 # - All data types are valid
1451 # - date times are correct
1453 # - All UUIDs refer to things that exist
1454 # - previous parent group
1456 # - last selected group
1457 # - last visible group
1458 # - Enforce history size limits (ON)
1459 # - Check headers/meta (ON)
1460 # - Duplicate deleted objects (ON)
1461 # - Duplicate window associations (OFF)
1462 # - Only one root group (ON)
1463 # - Header UUIDs match known ciphers/KDFs?
1466 #########################################################################################
1470 A text string associated with the database. Often unset.
1474 The UUID of a cipher used to encrypt the database when stored as a file.
1476 See L</File::KDBX::Cipher>.
1478 =attr compression_flags
1480 Configuration for whether or not and how the database gets compressed. See
1481 L<File::KDBX::Constants/":compression">.
1485 The master seed is a string of 32 random bytes that is used as salt in hashing the master key when loading
1486 and saving the database. If a challenge-response key is used in the master key, the master seed is also the
1489 The master seed I<should> be changed each time the database is saved to file.
1491 =attr transform_seed
1493 The transform seed is a string of 32 random bytes that is used in the key derivation function, either as the
1494 salt or the key (depending on the algorithm).
1496 The transform seed I<should> be changed each time the database is saved to file.
1498 =attr transform_rounds
1500 The number of rounds or iterations used in the key derivation function. Increasing this number makes loading
1501 and saving the database slower by design in order to make dictionary and brute force attacks more costly.
1505 The initialization vector used by the cipher.
1507 The encryption IV I<should> be changed each time the database is saved to file.
1509 =attr inner_random_stream_key
1511 The encryption key (possibly including the IV, depending on the cipher) used to encrypt the protected strings
1512 within the database.
1514 =attr stream_start_bytes
1516 A string of 32 random bytes written in the header and encrypted in the body. If the bytes do not match when
1517 loading a file then the wrong master key was used or the file is corrupt. Only KDBX 2 and KDBX 3 files use
1518 this. KDBX 4 files use an improved HMAC method to verify the master key and data integrity of the header and
1521 =attr inner_random_stream_id
1523 A number indicating the cipher algorithm used to encrypt the protected strings within the database, usually
1524 Salsa20 or ChaCha20. See L<File::KDBX::Constants/":random_stream">.
1526 =attr kdf_parameters
1528 A hash/dict of key-value pairs used to configure the key derivation function. This is the KDBX4+ way to
1529 configure the KDF, superceding L</transform_seed> and L</transform_rounds>.
1533 The name of the software used to generate the KDBX file.
1537 The header hash used to verify that the file header is not corrupt. (KDBX 2 - KDBX 3.1, removed KDBX 4.0)
1541 Name of the database.
1543 =attr database_name_changed
1545 Timestamp indicating when the database name was last changed.
1547 =attr database_description
1549 Description of the database
1551 =attr database_description_changed
1553 Timestamp indicating when the database description was last changed.
1555 =attr default_username
1557 When a new entry is created, the I<UserName> string will be populated with this value.
1559 =attr default_username_changed
1561 Timestamp indicating when the default username was last changed.
1563 =attr maintenance_history_days
1565 TODO... not really sure what this is. 😀
1569 A color associated with the database (in the form C<#ffffff> where "f" is a hexidecimal digit). Some agents
1570 use this to help users visually distinguish between different databases.
1572 =attr master_key_changed
1574 Timestamp indicating when the master key was last changed.
1576 =attr master_key_change_rec
1578 Number of days until the agent should prompt to recommend changing the master key.
1580 =attr master_key_change_force
1582 Number of days until the agent should prompt to force changing the master key.
1584 Note: This is purely advisory. It is up to the individual agent software to actually enforce it.
1585 C<File::KDBX> does NOT enforce it.
1587 =attr recycle_bin_enabled
1589 Boolean indicating whether removed groups and entries should go to a recycle bin or be immediately deleted.
1591 =attr recycle_bin_uuid
1593 The UUID of a group used to store thrown-away groups and entries.
1595 =attr recycle_bin_changed
1597 Timestamp indicating when the recycle bin was last changed.
1599 =attr entry_templates_group
1601 The UUID of a group containing template entries used when creating new entries.
1603 =attr entry_templates_group_changed
1605 Timestamp indicating when the entry templates group was last changed.
1607 =attr last_selected_group
1609 The UUID of the previously-selected group.
1611 =attr last_top_visible_group
1613 The UUID of the group visible at the top of the list.
1615 =attr history_max_items
1617 The maximum number of historical entries allowed to be saved for each entry.
1619 =attr history_max_size
1621 The maximum total size (in bytes) that each individual entry's history
is allowed to grow
.
1623 =attr settings_changed
1625 Timestamp indicating
when the database settings were
last updated
.
1629 Alias of the L
</memory_protection
> setting
for the I
<Title
> string
.
1631 =attr protect_username
1633 Alias of the L
</memory_protection
> setting
for the I
<UserName
> string
.
1635 =attr protect_password
1637 Alias of the L
</memory_protection
> setting
for the I
<Password
> string
.
1641 Alias of the L
</memory_protection
> setting
for the I
<URL
> string
.
1645 Alias of the L
</memory_protection
> setting
for the I
<Notes
> string
.
1649 #########################################################################################
1651 sub TO_JSON
{ +{%{$_[0]}} }
1656 =for Pod::Coverage STORABLE_freeze STORABLE_thaw TO_JSON
1662 my $kdbx = File::KDBX->new;
1664 my $group = $kdbx->add_group(
1665 name => 'Passwords',
1668 my $entry = $group->add_entry(
1670 password => 's3cr3t',
1673 $kdbx->dump_file('passwords.kdbx', 'M@st3rP@ssw0rd!');
1675 $kdbx = File::KDBX->load_file('passwords.kdbx', 'M@st3rP@ssw0rd!');
1677 for my $entry (@{ $kdbx->all_entries }) {
1678 say 'Entry: ', $entry->title;
1683 B<File::KDBX> provides everything you need to work with a KDBX database. A KDBX database is a hierarchical
1684 object database which is commonly used to store secret information securely. It was developed for the KeePass
1685 password safe. See L</"KDBX Introduction"> for more information about KDBX.
1687 This module lets you query entries, create new entries, delete entries and modify entries. The distribution
1688 also includes various parsers and generators for serializing and persisting databases.
1690 This design of this software was influenced by the L<KeePassXC|https://github.com/keepassxreboot/keepassxc>
1691 implementation of KeePass as well as the L<File::KeePass> module. B<File::KeePass> is an alternative module
1692 that works well in most cases but has a small backlog of bugs and security issues and also does not work with
1693 newer KDBX version 4 files. If you're coming here from the B<File::KeePass> world, you might be interested in
1694 L<File::KeePass::KDBX> that is a drop-in replacement for B<File::KeePass> that uses B<File::KDBX> for storage.
1696 =head2 KDBX Introduction
1698 A KDBX database consists of a hierarchical I<group> of I<entries>. Entries can contain zero or more key-value
1699 pairs of I<strings> and zero or more I<binaries> (i.e. octet strings). Groups, entries, strings and binaries:
1700 that's the KDBX vernacular. A small amount of metadata (timestamps, etc.) is associated with each entry, group
1701 and the database as a whole.
1703 You can think of a KDBX database kind of like a file system, where groups are directories, entries are files,
1704 and strings and binaries make up a file's contents.
1706 Databases are typically persisted as a encrypted, compressed files. They are usually accessed directly (i.e.
1707 not over a network). The primary focus of this type of database is data security. It is ideal for storing
1708 relatively small amounts of data (strings and binaries) that must remain secret except to such individuals as
1709 have the correct I<master key>. Even if the database file were to be "leaked" to the public Internet, it
1710 should be virtually impossible to crack with a strong key. See L</SECURITY> for an overview of security
1715 =head2 Create a new database
1717 my $kdbx = File::KDBX->new;
1719 my $group = $kdbx->add_group(name => 'Passwords);
1720 my $entry = $group->add_entry(
1721 title => 'WayneCorp',
1722 username => 'bwayne',
1723 password => 'iambatman',
1724 url => 'https://example.com/login'
1726 $entry->add_auto_type_window_association('WayneCorp - Mozilla Firefox', '{PASSWORD}{ENTER}');
1728 $kdbx->dump_file('mypasswords.kdbx', 'master password CHANGEME');
1730 =head2 Read an existing database
1732 my $kdbx = File::KDBX->load_file('mypasswords.kdbx', 'master password CHANGEME');
1735 for my $entry (@{ $kdbx->all_entries }) {
1736 say 'Found password for ', $entry->title, ':';
1737 say ' Username: ', $entry->username;
1738 say ' Password: ', $entry->password;
1741 =head2 Search for entries
1743 my @entries = $kdbx->find_entries({
1744 title => 'WayneCorp',
1747 See L</QUERY> for many more query examples.
1749 =head2 Search for entries by auto-type window association
1751 my @entry_key_sequences = $kdbx->find_entries_for_window('WayneCorp - Mozilla Firefox');
1752 for my $pair (@entry_key_sequences) {
1753 my ($entry, $key_sequence) = @$pair;
1754 say 'Entry title: ', $entry->title, ', key sequence: ', $key_sequence;
1759 Entry title: WayneCorp, key sequence: {PASSWORD}{ENTER}
1763 One of the biggest threats to your database security is how easily the encryption key can be brute-forced.
1764 Strong brute-force protection depends on a couple factors:
1767 * Using unguessable passwords, passphrases and key files.
1768 * Using a brute-force resistent key derivation function.
1770 The first factor is up to you. This module does not enforce strong master keys. It is up to you to pick or
1771 generate strong keys.
1773 The KDBX format allows for the key derivation function to be tuned. The idea is that you want each single
1774 brute-foce attempt to be expensive (in terms of time, CPU usage or memory usage), so that making a lot of
1775 attempts (which would be required if you have a strong master key) gets I<really> expensive.
1777 How expensive you want to make each attempt is up to you and can depend on the application.
1779 This and other KDBX-related security issues are covered here more in depth:
1780 L<https://keepass.info/help/base/security.html>
1782 Here are other security risks you should be thinking about:
1786 This distribution uses the excellent L<CryptX> and L<Crypt::Argon2> packages to handle all crypto-related
1787 functions. As such, a lot of the security depends on the quality of these dependencies. Fortunately these
1788 modules are maintained and appear to have good track records.
1790 The KDBX format has evolved over time to incorporate improved security practices and cryptographic functions.
1791 This package uses the following functions for authentication, hashing, encryption and random number
1797 * Argon2d & Argon2id
1802 * Salsa20 & ChaCha20
1805 At the time of this writing, I am not aware of any successful attacks against any of these functions. These
1806 are among the most-analyzed and widely-adopted crypto functions available.
1808 The KDBX format allows the body cipher and key derivation function to be configured. If a flaw is discovered
1809 in one of these functions, you can hopefully just switch to a better function without needing to update this
1810 software. A later software release may phase out the use of any functions which are no longer secure.
1812 =head2 Memory Protection
1814 It is not a good idea to keep secret information unencrypted in system memory for longer than is needed. The
1815 address space of your program can generally be read by a user with elevated privileges on the system. If your
1816 system is memory-constrained or goes into a hibernation mode, the contents of your address space could be
1817 written to a disk where it might be persisted for long time.
1819 There might be system-level things you can do to reduce your risk, like using swap encryption and limiting
1820 system access to your program's address space while your program is running.
1822 B<File::KDBX> helps minimize (but not eliminate) risk by keeping secrets encrypted in memory until accessed
1823 and zeroing out memory that holds secrets after they're no longer needed, but it's not a silver bullet.
1825 For one thing, the encryption key is stored in the same address space. If core is dumped, the encryption key
1826 is available to be found out. But at least there is the chance that the encryption key and the encrypted
1827 secrets won't both be paged out while memory-constrained.
1829 Another problem is that some perls (somewhat notoriously) copy around memory behind the scenes willy nilly,
1830 and it's difficult know when perl makes a copy of a secret in order to be able to zero it out later. It might
1831 be impossible. The good news is that perls with SvPV copy-on-write (enabled by default beginning with perl
1832 5.20) are much better in this regard. With COW, it's mostly possible to know what operations will cause perl
1833 to copy the memory of a scalar string, and the number of copies will be significantly reduced. There is a unit
1834 test named F<t/memory-protection.t> in this distribution that can be run on POSIX systems to determine how
1835 well B<File::KDBX> memory protection is working.
1837 Memory protection also depends on how your application handles secrets. If your app code is handling scalar
1838 strings with secret information, it's up to you to make sure its memory is zeroed out when no longer needed.
1839 L<File::KDBX::Util/erase> et al. provide some tools to help accomplish this. Or if you're not too concerned
1840 about the risks memory protection is meant to mitigate, then maybe don't worry about it. The security policy
1841 of B<File::KDBX> is to try hard to keep secrets protected while in memory so that your app might claim a high
1842 level of security, in case you care about that.
1844 There are some memory protection strategies that B<File::KDBX> does NOT use today but could in the future:
1846 Many systems allow programs to mark unswappable pages. Secret information should ideally be stored in such
1847 pages. You could potentially use L<mlockall(2)> (or equivalent for your system) in your own application to
1848 prevent the entire address space from being swapped.
1850 Some systems provide special syscalls for storing secrets in memory while keeping the encryption key outside
1851 of the program's address space, like C<CryptProtectMemory> for Windows. This could be a good option, though
1852 unfortunately not portable.
1856 Several methods take a I<query> as an argument (e.g. L</find_entries>). A query is just a subroutine that you
1857 can either write yourself or have generated for you based on either a simple expression or a declarative
1858 structure. It's easier to have your query generated, so I'll cover that first.
1860 =head2 Simple Expression
1862 A simple expression is mostly compatible with the KeePass 2 implementation
1863 L<described here|https://keepass.info/help/base/search.html#mode_se>.
1865 An expression is a string with one or more space-separated terms. Terms with spaces can be enclosed in double
1866 quotes. Terms are negated if they are prefixed with a minus sign. A record must match every term on at least
1867 one of the given fields.
1869 So a simple expression is something like what you might type into a search engine. You can generate a simple
1870 expression query using L<File::KDBX::Util/simple_expression_query> or by passing the simple expression as
1871 a B<string reference> to search methods like L</find_entries>.
1873 To search for all entries in a database with the word "canyon" appearing anywhere in the title:
1875 my @entries = $kdbx->find_entries([ \'canyon', qw(title) ]);
1877 Notice the first argument is a B<stringref>. This diambiguates a simple expression from other types of queries
1880 As mentioned, a simple expression can have multiple terms. This simple expression query matches any entry that
1881 has the words "red" B<and> "canyon" anywhere in the title:
1883 my @entries = $kdbx->find_entries([ \'red canyon', qw(title) ]);
1885 Each term in the simple expression must be found for an entry to match.
1887 To search for entries with "red" in the title but B<not> "canyon", just prepend "canyon" with a minus sign:
1889 my @entries = $kdbx->find_entries([ \'red -canyon', qw(title) ]);
1891 To search over multiple fields simultaneously, just list them. To search for entries with "grocery" in the
1892 title or notes but not "Foodland":
1894 my @entries = $kdbx->find_entries([ \'grocery -Foodland', qw(title notes) ]);
1896 The default operator is a case-insensitive regexp match, which is fine for searching text loosely. You can use
1897 just about any binary comparison operator that perl supports. To specify an operator, list it after the simple
1898 expression. For example, to search for any entry that has been used at least five times:
1900 my @entries = $kdbx->find_entries([ \5, '>=', qw(usage_count) ]);
1902 It helps to read it right-to-left, like "usage_count is >= 5".
1904 If you find the disambiguating structures to be confusing, you can also the L</find_entries_simple> method as
1905 a more intuitive alternative. The following example is equivalent to the previous:
1907 my @entries = $kdbx->find_entries_simple(5, '>=', qw(usage_count));
1909 =head2 Declarative Query
1911 Structuring a declarative query is similar to L<SQL::Abstract/"WHERE CLAUSES">, but you don't have to be
1912 familiar with that module. Just learn by examples.
1914 To search for all entries in a database titled "My Bank":
1916 my @entries = $kdbx->find_entries({ title => 'My Bank' });
1918 The query here is C<< { title => 'My Bank' } >>. A hashref can contain key-value pairs where the key is
1919 a attribute of the thing being searched for (in this case an entry) and the value is what you want the thing's
1920 attribute to be to consider it a match. In this case, the attribute we're using as our match criteria is
1921 L<File::KDBX::Entry/title>, a text field. If an entry has its title attribute equal to "My Bank", it's
1924 A hashref can contain multiple attributes. The search candidate will be a match if I<all> of the specified
1925 attributes are equal to their respective values. For example, to search for all entries with a particular URL
1928 my @entries = $kdbx->find_entries({
1929 url => 'https://example.com',
1933 To search for entries matching I<any> criteria, just change the hashref to an arrayref. To search for entries
1934 with a particular URL B<OR> a particular username:
1936 my @entries = $kdbx->find_entries([ # <-- square bracket
1937 url => 'https://example.com',
1941 You can user different operators to test different types of attributes. The L<File::KDBX::Entry/icon_id>
1942 attribute is a number, so we should use a number comparison operator. To find entries using the smartphone
1945 my @entries = $kdbx->find_entries({
1946 icon_id => { '==', ICON_SMARTPHONE },
1949 Note: L<File::KDBX::Constants/ICON_SMARTPHONE> is just a constant from L<File::KDBX::Constants>. It isn't
1950 special to this example or to queries generally. We could have just used a literal number.
1952 The important thing to notice here is how we wrapped the condition in another arrayref with a single key-pair
1953 where the key is the name of an operator and the value is the thing to match against. The supported operators
1957 * C<eq> - String equal
1958 * C<ne> - String not equal
1959 * C<lt> - String less than
1960 * C<gt> - String greater than
1961 * C<le> - String less than or equal
1962 * C<ge> - String greater than or equal
1963 * C<==> - Number equal
1964 * C<!=> - Number not equal
1965 * C<< < >> - Number less than
1966 * C<< > >>> - Number greater than
1967 * C<< <= >> - Number less than or equal
1968 * C<< >= >> - Number less than or equal
1969 * C<=~> - String match regular expression
1970 * C<!~> - String does not match regular expression
1971 * C<!> - Boolean false
1972 * C<!!> - Boolean true
1974 Other special operators:
1977 * C<-true> - Boolean true
1978 * C<-false> - Boolean false
1979 * C<-not> - Boolean false (alias for C<-false>)
1980 * C<-defined> - Is defined
1981 * C<-undef> - Is not d efined
1982 * C<-empty> - Is empty
1983 * C<-nonempty> - Is not empty
1984 * C<-or> - Logical or
1985 * C<-and> - Logical and
1987 Let's see another example using an explicit operator. To find all groups except one in particular (identified
1988 by its L<File::KDBX::Group/uuid>), we can use the C<ne> (string not equal) operator:
1990 my ($group, @other) = $kdbx->find_groups({
1992 'ne' => uuid('596f7520-6172-6520-7370-656369616c2e'),
1995 if (@other) { say "Problem: there can be only one!" }
1997 Note: L<File::KDBX::Util/uuid> is a little helper function to convert a UUID in its pretty form into octets.
1998 This helper function isn't special to this example or to queries generally. It could have been written with
1999 a literal such as C<"\x59\x6f\x75\x20\x61...">, but that's harder to read.
2001 Notice we searched for groups this time. Finding groups works exactly the same as it does for entries.
2003 Testing the truthiness of an attribute is a little bit different because it isn't a binary operation. To find
2004 all entries with the password quality check disabled:
2006 my @entries = $kdbx->find_entries({ '!' => 'quality_check' });
2008 This time the string after the operator is the attribute name rather than a value to compare the attribute
2009 against. To test that a boolean value is true, use the C<!!> operator (or C<-true> if C<!!> seems a little too
2010 weird for your taste):
2012 my @entries = $kdbx->find_entries({ '!!' => 'quality_check' });
2013 my @entries = $kdbx->find_entries({ -true => 'quality_check' });
2015 Yes, there is also a C<-false> and a C<-not> if you prefer one of those over C<!>. C<-false> and C<-not>
2016 (along with C<-true>) are also special in that you can use them to invert the logic of a subquery. These are
2017 logically equivalent:
2019 my @entries = $kdbx->find_entries([ -not => { title => 'My Bank' } ]);
2020 my @entries = $kdbx->find_entries({ title => { 'ne' => 'My Bank' } });
2022 These special operators become more useful when combined with two more special operators: C<-and> and C<-or>.
2023 With these, it is possible to construct more interesting queries with groups of logic. For example:
2025 my @entries = $kdbx->find_entries({
2026 title => { '=~', qr/bank/ },
2029 notes => { '=~', qr/business/ },
2030 icon_id => { '==', ICON_TRASHCAN_FULL },
2035 In English, find entries where the word "bank" appears anywhere in the title but also do not have either the
2036 word "business" in the notes or is using the full trashcan icon.
2038 =head2 Subroutine Query
2040 Lastly, as mentioned at the top, you can ignore all this and write your own subroutine. Your subroutine will
2041 be called once for each thing being searched over. The single argument is the search candidate. The subroutine
2042 should match the candidate against whatever criteria you want and return true if it matches. The C<find_*>
2043 methods collect all matching things and return them.
2045 For example, to find all entries in the database titled "My Bank":
2047 my @entries = $kdbx->find_entries(sub { shift->title eq 'My Bank' });
2048 # logically the same as this declarative structure:
2049 my @entries = $kdbx->find_entries({ title => 'My Bank' });
2050 # as well as this simple expression:
2051 my @entries = $kdbx->find_entries([ \'My Bank', 'eq', qw{title} ]);
2053 This is a trivial example, but of course your subroutine can be arbitrarily complex.
2055 All of these query mechanisms described in this section are just tools, each with its own set of limitations.
2056 If the tools are getting in your way, you can of course iterate over the contents of a database and implement
2057 your own query logic, like this:
2059 for my $entry (@{ $kdbx->all_entries }) {
2060 if (wanted($entry)) {
2061 do_something($entry);
2070 Errors in this package are constructed as L<File::KDBX::Error> objects and propagated using perl's built-in
2071 mechanisms. Fatal errors are propagated using L<functions/die> and non-fatal errors (a.k.a. warnings) are
2072 propagated using L<functions/warn> while adhering to perl's L<warnings> system. If you're already familiar
2073 with these mechanisms, you can skip this section.
2075 You can catch fatal errors using L<functions/eval> (or something like L<Try::Tiny>) and non-fatal errors using
2076 C<$SIG{__WARN__}> (see L<variables/%SIG>). Examples:
2078 use File::KDBX::Error qw(error);
2080 my $key = ''; # uh oh
2082 $kdbx->load_file('whatever.kdbx', $key);
2084 if (my $error = error($@)) {
2085 handle_missing_key($error) if $error->type eq 'key.missing';
2089 or using C<Try::Tiny>:
2092 $kdbx->load_file('whatever.kdbx', $key);
2098 Catching non-fatal errors:
2101 local $SIG{__WARN__} = sub { push @warnings, $_[0] };
2103 $kdbx->load_file('whatever.kdbx', $key);
2105 handle_warnings(@warnings) if @warnings;
2107 By default perl prints warnings to C<STDERR> if you don't catch them. If you don't want to catch them and also
2108 don't want them printed to C<STDERR>, you can suppress them lexically (perl v5.28 or higher required):
2111 no warnings 'File::KDBX';
2118 local $File::KDBX::WARNINGS = 0;
2122 or globally in your program:
2124 $File::KDBX::WARNINGS = 0;
2126 You cannot suppress fatal errors, and if you don't catch them your program will exit.
2130 This software will alter its behavior depending on the value of certain environment variables:
2133 * C<PERL_FILE_KDBX_XS> - Do not use L<File::KDBX::XS> if false (default: true)
2134 * C<PERL_ONLY> - Do not use L<File::KDBX::XS> if true (default: false)
2135 * C<NO_FORK> - Do not fork if true (default: false)
2139 Some features (e.g. parsing) require 64-bit perl. It should be possible and actually pretty easy to make it
2140 work using L<Math::BigInt>, but I need to build a 32-bit perl in order to test it and frankly I'm still
2141 figuring out how. I'm sure it's simple so I'll mark this one "TODO", but for now an exception will be thrown
2142 when trying to use such features with undersized IVs.
2146 L<File::KeePass> is a much older alternative. It's good but has a backlog of bugs and lacks support for newer