Skip to content
/ libkeepass Public
forked from libkeepass/libkeepass

Python module to read KeePass 1.x/KeePassX (v3) and KeePass 2.x (v4) files

License

View license
0 stars 31 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

wget/libkeepass

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

168 Commits
libkeepass
libkeepass
 
 
samples
samples
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE.txt
LICENSE.txt
 
 
MANIFEST.in
MANIFEST.in
 
 
README.rst
README.rst
 
 
requirements.txt
requirements.txt
 
 
setup.py
setup.py
 
 
shell.py
shell.py
 
 

Repository files navigation

libkeepass

Low-level Python (2.7/3.x) module to read KeePass 1.x/KeePassX (v3) and KeePass 2.x (v4) files.

See pykeepass or kppy for higher level database access and editing.

Warning

This code makes no attempt to secure its memory.

Dependencies

  • pycrypto
  • lxml
  • CryptoPlus (optional - adds twofish encryption support for v1 databases)

KeePass 1.x support

The v3 reader will parse the v3 binary format and put groups into the "groups" attribute, and entries into the "entries" attribute. The special icon entry is parsed and icons can be accessed via the "icons" attribute. Other special entries are not parsed and seen as regular entries.

Only passwords are supported.

No write support.

KeePass 2.x support

The v4 reader can output the decrypted XML document that file format is based on. It is also available as parsed objectified element tree.

The password elements in the XML document are protected in addition to the AES encryption of the whole database. Switching between clear text and protected is possible.

Passwords and key-file protection is supported.

Compressed and uncompressed files are supported.

There is basic "save as" write support. When writing the KeePass2 file, the element tree is protected, serialized, compressed and encrypted according to the settings in the file header and written to a stream.

Examples

import libkeepass

filename = "input.kdbx"
with libkeepass.open(filename, password='secret', keyfile='keyfile.key') as kdb:
    # print parsed element tree as xml
    print kdb.pretty_print()

    # re-encrypt the password fields
    kdb.protect()
    print kdb.pretty_print()

    # or use kdb.obj_root to access the element tree
    kdb.obj_root.findall('.//Entry')

    # change the master password before writing
    kdb.clear_credentials()
    kdb.add_credentials(password="m04r_s3cr37")

    # disable compression
    kdb.set_compression(0)

    # write to a new file
    with open('output', 'wb') as output:
        kdb.write_to(output)

# Alternatively, read a kdb4 file protected
with libkeepass.open(filename, password='secret', keyfile='keyfile.key', unprotect=False) as kdb:
    # print parsed element tree as xml
    print kdb.pretty_print()

    # decrypt the password fields
    kdb.unprotect()
    print kdb.pretty_print()

Testing

Make a virtualenv and install the requirements (or install through pip). Then run the tests script

pip install -r requirements.txt
python tests/tests.py

References

Brett Viren's code was a starting point and some of his code is being re-used unchanged

For v4 support reading the original Keepass2 C# source was used as inspiration

Keepass 2.x uses Salsa20 to protect data in XML. Currently puresalsa20 is used and included.

For v3 read support, code was copied with some enhancements from WAKAYAMA Shirou's kptool.

Thanks to them and all others who came before are in order.

Contributors

  • fdemmer
  • phpwutz
  • nvamilichev
  • crass
  • pschmitt
  • evidlo

About

Python module to read KeePass 1.x/KeePassX (v3) and KeePass 2.x (v4) files

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • Python 100.0%