public function loadKeePass($userId, $path, $pass) { $arr = array(); KeePassPHP::init(true); $key = new CompositeKey(); $key->addKey(new KeyFromPassword(utf8_encode($pass))); $kdbx = new KdbxImporter($path, $key); $entries = $kdbx->parseEntries(); foreach ($entries as $entry => $value) { //$creationDate; //$creationTime; list($creationDate, $creationTime) = split($value['CreationTime'] . '[TZ]', 2); $array = array("id" => 4, "user_id" => $userId, "loginname" => $value['UserName'], "website" => $value['Title'], "address" => "", "pass" => $kdbx->getPassword($entry), "notes" => $value['Notes'], "creation_date" => $value['CreationTime']); array_push($arr, $array); } return $arr; }
/** * Tries to parse the given string $xmlsource, assumed to be data formatted * in XML, with the format of a KeePass 2.x database. Returns true * if the parsing succeeds, or false otherwise ; in case of success, * the attribute $this->entries will contain the result of the parsing, * as an array of entries. * @param string $xmlsource * @return boolean */ private function tryXMLParse($xmlsource) { $xml = new XMLStackReader(); if (!$xml->XML($xmlsource)) { $xml->close(); return false; } if (!$xml->read() || $xml->r->name != self::XML_FILEROOT) { $xml->close(); return false; } $expectedParentsMeta = array(self::XML_FILEROOT, self::XML_META); if (!$xml->readUntilParentsBe($expectedParentsMeta)) { $xml->close(); return false; } $isHeaderChecked = false; $d = $xml->r->depth; while ($xml->isInSubtree($d)) { if ($xml->r->name == self::XML_HEADERHASH) { $hash = base64_decode($this->readTextValueFromXML($xml)); if (strcmp($hash, $this->header->headerHash) != 0) { KeePassPHP::printDebug("Bad HeaderHash !"); } $isHeaderChecked = true; } elseif ($xml->r->name == self::XML_CUSTOMICONS) { foreach ($xml->readInnerXML($xml->r->depth) as $icon) { $uuid = null; $data = null; if ($icon[XMLStackReader::NODENAME] == self::XML_ICON && $this->tryReadTextValueFromArray($icon[XMLStackReader::INNER], self::XML_UUID, $uuid) && $this->tryReadTextValueFromArray($icon[XMLStackReader::INNER], self::XML_ICON_DATA, $data)) { $this->icons->addIcon($uuid, $data); } } } } if (!$isHeaderChecked) { KeePassPHP::printDebug("Did not found HeaderHash text node..."); } $this->rawEntries = array(); $expectedParents = array(self::XML_GROUP, self::XML_ENTRY); while ($xml->readUntilParentsBe($expectedParents)) { $entry = array(); $d = $xml->r->depth; while ($xml->isInSubtree($d)) { if ($xml->r->name == self::XML_UUID) { $entry[self::XML_UUID] = bin2hex(base64_decode($this->readTextValueFromXML($xml))); } elseif ($xml->r->name == self::XML_CUSTOMICONUUID) { $entry[self::XML_CUSTOMICONUUID] = $this->readTextValueFromXML($xml); } elseif ($xml->r->name == self::XML_TAGS) { $entry[self::XML_TAGS] = $this->readTextValueFromXML($xml); } elseif ($xml->r->name == self::XML_TIMES) { $value = null; $isHistory = $xml->isAncestor(self::XML_HISTORY); $inner = $xml->readInnerXML($xml->r->depth); if ($this->tryReadTextValueFromArray($inner, self::XML_CREATION_TIME, $value)) { if ($value != null && !$isHistory) { $entry[self::XML_CREATION_TIME] = $value; } } } elseif ($xml->r->name == self::XML_STRING) { $key = null; $value = null; $isHistory = $xml->isAncestor(self::XML_HISTORY); $inner = $xml->readInnerXML($xml->r->depth); if ($this->tryReadTextValueFromArray($inner, self::XML_STRING_VALUE, $value) && $this->tryReadTextValueFromArray($inner, self::XML_STRING_KEY, $key)) { if ($key != null && $value != null && !$isHistory) { $entry[$key] = $value; } } } } if (count($entry) > 0) { array_push($this->rawEntries, $entry); } } $xml->close(); return true; }
private function readBlock() { if (!$this->canRead()) { return false; } $bl = $this->base->readInt(); if (!$bl->equalsInt($this->currentIndex)) { return false; } $this->currentIndex++; $hash = $this->base->read(32); if ($hash == null || strlen($hash) != 32) { return false; } // Won't work if $blockSize is bigger than 2**31 $blockSize = $this->base->readInt()->asInt(); if ($blockSize <= 0) { return false; } $block = $this->base->read($blockSize); if ($block == null || strlen($block) != $blockSize) { return false; } if ($this->verify && strcmp($hash, $this->h->hash($block)) != 0) { KeePassPHP::printDebug("Corrupted data !"); return false; } $this->currentBlock = $block; $this->currentSize = $blockSize; $this->currentPos = 0; return true; }
/** * Tries to add the database $kdbxfile to KeePassPHP, using the ID $dbid, * the internal password $internalpwd, and the master key composed of the * keys $keys. If the ID already exists, the corresponding database will * be overriden. * $kdbxfile should be the temporary filename of the file, as just uploaded * by PHP. KeePassPHP will perform itself move_uploaded_file. Likewise, the * key filenames in $keys should be the temporary filenames as just uploaded * by PHP, and will be moved by KeePassPHP. * The internal password is used to encrypt the internal data kept by * KeePassPHP, whereas the passwords in $keys are used to build the master * key to decrypt the KeePass database file. The internal password may be * part of the master key (this is even recommended for the sake of * simplicity). * @param string $kdbxfile The temporary filename of the KeePass database. * @param string $dbid The ID to use. * @param string $internalpwd The internal password. * @param array $keys The keys composing the master key of the database. * @return boolean Returns true in case of success, false otherwise. */ public static function tryAdd($kdbxfile, $dbid, $internalpwd, array $keys) { if (!self::$started) { self::raiseError("KeepassPHP is not started !"); return false; } $nkeys = array(); foreach ($keys as $k) { if ($k[0] == self::KEY_PWD) { $nkeys[] = array(self::KEY_PWD); } elseif ($k[0] == self::KEY_FILE) { $h = KeePassPHP::addKeyFile($k[1]); if ($h == null) { self::raiseError("Key file upload failed."); return false; } $nkeys[] = array(KeePassPHP::KEY_FILE, $h); } } $hashname = KeePassPHP::addKdbxFile($kdbxfile); if ($hashname == null) { self::raiseError("Database file upload failed."); return false; } if (KeePassPHP::addInternal($dbid, $internalpwd, $hashname, $nkeys, array(), true) == null) { self::raiseError("Internal database write failed."); return false; } return true; }
$otherPwd = KphpUI::getString("openPwd1", $_POST); $ui = new AjaxUI(AjaxUI::FAIL); if (strlen($dbid) == 0) { $ui->setResult(AjaxUI::SOMETHING_EMPTY); $ui->setHTML("dbid"); } elseif (strlen($pwd) == 0) { $ui->setResult(AjaxUI::SOMETHING_EMPTY); $ui->setHTML("mainPwd"); } elseif (!$usePwdForCK && strlen($otherPwd) == 0) { $ui->setResult(AjaxUI::SOMETHING_EMPTY); $ui->setHTML("openPwd1"); } else { require_once KEEPASSPHP_LOCATION; KeePassPHP::init(KEEPASSPHP_DEBUG); if (KeePassPHP::exists($dbid)) { $db = KeePassPHP::get($dbid, $pwd, $usePwdForCK ? $pwd : $otherPwd); if ($db != null && $db->tryLoad()) { require_once "kphpui/htmlformat.php"; if ($isPwd) { $pwd = $db->getPassword($uuid); if ($pwd != null) { $ui->setResult(AjaxUI::SUCCESS); $ui->addHTML(HTMLFormat::formatPassword($pwd)); } else { $ui->setResult(AjaxUI::PASSWORD_NOT_FOUND); $ui->addHTML(HTMLFormat::PASSWORD_NOT_FOUND); } } else { $ui->setResult(AjaxUI::SUCCESS); $ui->addHTML(HTMLFormat::formatEntries($db)); }
} if (!$ui->isSomethingEmpty) { require_once KEEPASSPHP_LOCATION; KeePassPHP::init(KEEPASSPHP_DEBUG); if (!KeePassPHP::exists($dbid) || KeePassPHP::checkPassword($dbid, $mainPwd)) { $keys = $usePwdForCK ? array(array(KeePassPHP::KEY_PWD, $mainPwd)) : array(); if ($pwd1 != '') { $keys[] = array(KeePassPHP::KEY_PWD, $pwd1); } if ($keyfile != null) { if (($keyfile = checkFile("addFile1", $keyfile, $ui)) != null) { $keys[] = array(KeePassPHP::KEY_FILE, $keyfile); } } if (KeePassPHP::checkKeys($kdbxFile, $keys)) { if (KeePassPHP::tryAdd($kdbxFile, $dbid, $mainPwd, $keys)) { $ui->addSuccess = true; } } else { if ($usePwdForCK) { $ui->setIfEmpty("addMainPwd", MainUI::HI_BADPWD, "error"); } if ($pwd1 != "") { $ui->setIfEmpty("addPwd1", MainUI::HI_BADPWD, "error"); } if ($keyfile != null) { $ui->setIfEmpty("addFile1", MainUI::HI_BADPWD, "error"); } } } else { $ui->setIfEmpty("addDbid", MainUI::HI_IDEXISTS, "error");
$answer = new AjaxAnswer(); $dbid = KPHPUI::getPost("dbid"); $mainPwd = KPHPUI::getPost("main_pwd"); $usePwdInKey = KPHPUI::getPost("use_pwd_in_key") == "true"; $otherPwd = KPHPUI::getPost("open_other_pwd"); if (empty($dbid)) { $answer->set(AjaxAnswer::SOMETHING_EMPTY, "dbid"); } elseif (empty($mainPwd)) { $answer->set(AjaxAnswer::SOMETHING_EMPTY, "main_pwd"); } elseif (!$usePwdInKey && empty($otherPwd)) { $answer->set(AjaxAnswer::SOMETHING_EMPTY, "open_other_pwd"); } else { require_once KEEPASSPHP_LOCATION; KeePassPHP::init(dirname(KEEPASSPHP_LOCATION), KEEPASSPHP_DEBUG); if (KeePassPHP::exists($dbid)) { $db = KeePassPHP::get($dbid, $mainPwd, $usePwdInKey ? $mainPwd : $otherPwd); if ($db != null) { $uuid = KPHPUI::getPost("uuid"); if (!empty($uuid)) { $pwd = $db->getPassword($uuid); if ($pwd != null) { $answer->set(AjaxAnswer::SUCCESS, '<input type="text" class="verysmall selectOnFocus form-control" value="' . KPHPUI::htmlify($pwd) . '" style="font-size:3px !important;"/>'); } else { $answer->set(AjaxAnswer::PASSWORD_NOT_FOUND, '<span class="label label-danger">' . KPHPUI::l(KPHPUI::LANG_SEE_PWD_DOES_NOT_EXIST) . '</span>'); } } else { $s = '<table class="table table-hover form-inline"><thead><tr><th> </th><th>' . KPHPUI::l(KPHPUI::LANG_SEE_ENTRY_TITLE) . '</th><th>' . KPHPUI::l(KPHPUI::LANG_SEE_ENTRY_URL) . '</th><th>' . KPHPUI::l(KPHPUI::LANG_SEE_ENTRY_USERNAME) . '</th><th>' . KPHPUI::l(KPHPUI::LANG_SEE_ENTRY_PASSWORD) . '</th></tr></thead><tbody>'; foreach ($db->getEntries() as $uuid => $entry) { $icon = $entry[Database::KEY_CUSTOMICON]; if (!empty($icon)) { $icon = $db->getIconSrc($icon);
public function parse(Reader $reader) { $dreader = new DigestReader($reader); $sig1 = $dreader->readInt(); $sig2 = $dreader->readInt(); if (!$sig1->equalsString(self::SIGNATURE1) || !$sig2->equalsString(self::SIGNATURE2)) { KeePassPHP::printDebug("Bad database file !"); return false; } $version = $dreader->readInt(); if ($version->lsr(2)->asShort() < self::MINIMAL_VERSION) { KeePassPHP::printDebug("Database version not supported !"); return false; } $ended = false; while (!$ended) { $headerId = $dreader->readByte()->asByte(); $headerLen = $dreader->readShort()->asShort(); $header = $dreader->read($headerLen); /* * end of header */ if ($headerId == 0) { $ended = true; } elseif ($headerId == 1) { } elseif ($headerId == 2) { if (strcmp($header, self::CIPHER_AES) == 0) { $this->cipher = new CipherMcrypt(CipherMcrypt::AES128); } } elseif ($headerId == 3) { $res = Binary::fromString($header)->asInt(); if ($res == 0) { $this->compression = self::COMPRESSION_NONE; } elseif ($res == 1) { $this->compression = self::COMPRESSION_GZIP; } } elseif ($headerId == 4) { if (strlen($header) == self::SEED_LEN) { $this->masterSeed = $header; } } elseif ($headerId == 5) { if (strlen($header) == self::SEED_LEN) { $this->transformSeed = $header; } } elseif ($headerId == 6) { $this->rounds = Binary::fromString($header, $headerLen); } elseif ($headerId == 7) { $this->encryptionIV = $header; } elseif ($headerId == 8) { $this->randomStreamKey = $header; } elseif ($headerId == 9) { if (strlen($header) == self::STARTBYTES_LEN) { $this->startBytes = $header; } } elseif ($headerId == 10) { $res = Binary::fromString($header)->asInt(); /*if($res == 1) // unsuported $this->innerRandomStream= self::INNER_RANDOM_ARC4; else*/ if ($res == 2) { $this->innerRandomStream = self::INNER_RANDOM_SALSA20; } } } $this->headerHash = $dreader->GetDigest(); }