VERSION
- version 0.800
+ version 0.900
SYNOPSIS
DESCRIPTION
- File::KDBX provides everything you need to work with a KDBX database. A
+ File::KDBX provides everything you need to work with KDBX databases. A
KDBX database is a hierarchical object database which is commonly used
to store secret information securely. It was developed for the KeePass
password safe. See "Introduction to KDBX" for more information about
KDBX.
- This module lets you query entries, create new entries, delete entries
- and modify entries. The distribution also includes various parsers and
- generators for serializing and persisting databases.
+ This module lets you query entries, create new entries, delete entries,
+ modify entries and more. The distribution also includes various parsers
+ and generators for serializing and persisting databases.
- This design of this software was influenced by the KeePassXC
+ The design of this software was influenced by the KeePassXC
<https://github.com/keepassxreboot/keepassxc> implementation of KeePass
as well as the File::KeePass module. File::KeePass is an alternative
module that works well in most cases but has a small backlog of bugs
Features
- This implementation of KDBX supports a lot of features:
-
* ☑ Read and write KDBX version 3 - version 4.1
* ☑ Read and write KDB files (requires File::KeePass)
groups are directories, entries are files, and strings and binaries
make up a file's contents.
- Databases are typically persisted as a encrypted, compressed files.
- They are usually accessed directly (i.e. not over a network). The
- primary focus of this type of database is data security. It is ideal
- for storing relatively small amounts of data (strings and binaries)
- that must remain secret except to such individuals as have the correct
+ Databases are typically persisted as encrypted, compressed files. They
+ are usually accessed directly (i.e. not over a network). The primary
+ focus of this type of database is data security. It is ideal for
+ storing relatively small amounts of data (strings and binaries) that
+ must remain secret except to such individuals as have the correct
master key. Even if the database file were to be "leaked" to the public
Internet, it should be virtually impossible to crack with a strong key.
The KDBX format is most often used by password managers to store
Timestamp indicating when the default username was last changed.
- maintenance_history_days
-
- TODO... not really sure what this is. 😀
-
color
A color associated with the database (in the form #ffffff where "f" is
recycle_bin_changed
- Timestamp indicating when the recycle bin was last changed.
+ Timestamp indicating when the recycle bin group was last changed.
entry_templates_group
history_max_items
- The maximum number of historical entries allowed to be saved for each
- entry.
+ The maximum number of historical entries that should be kept for each
+ entry. Default is 10.
history_max_size
The maximum total size (in bytes) that each individual entry's history
- is allowed to grow.
+ is allowed to grow. Default is 6 MiB.
+
+ maintenance_history_days
+
+ The maximum age (in days) historical entries should be kept. Default it
+ 365.
settings_changed
single implicit root group is created to contain the actual root
groups. When writing to such a format, if the root group looks like it
was implicitly created then it won't be written and the resulting file
- might have multiple root groups. This allows working with older files
- without changing their written internal structure while still adhering
- to modern semantics while the database is opened.
+ might have multiple root groups, as it was before loading. This allows
+ working with older files without changing their written internal
+ structure while still adhering to modern semantics while the database
+ is opened.
The root group of a KDBX database contains all of the database's
entries and other groups. If you replace the root group, you are
group and calling "add_group" in File::KDBX::Group on the parent group,
forwarding the arguments. Available options:
- * group (aka parent) - Group object or group UUID to add the group to
- (default: root group)
+ * group - Group object or group UUID to add the group to (default:
+ root group)
groups
group and calling "add_entry" in File::KDBX::Group on the parent group,
forwarding the arguments. Available options:
- * group (aka parent) - Group object or group UUID to add the entry to
- (default: root group)
+ * group - Group object or group UUID to add the entry to (default:
+ root group)
entries
$key = $kdbx->key($primitive);
Get or set a File::KDBX::Key. This is the master key (e.g. a password
- or a key file that can decrypt a database). See "new" in
- File::KDBX::Key for an explanation of what the primitive can be.
+ or a key file that can decrypt a database). You can also pass a
+ primitive that can be cast to a Key. See "new" in File::KDBX::Key for
+ an explanation of what the primitive can be.
You generally don't need to call this directly because you can provide
the key directly to the loader or dumper when loading or dumping a KDBX
$key = $kdbx->composite_key($key);
$key = $kdbx->composite_key($primitive);
- Construct a File::KDBX::Key::Composite from a primitive. See "new" in
- File::KDBX::Key for an explanation of what the primitive can be. If the
- primitive does not represent a composite key, it will be wrapped.
+ Construct a File::KDBX::Key::Composite from a Key or primitive. See
+ "new" in File::KDBX::Key for an explanation of what the primitive can
+ be. If the primitive does not represent a composite key, it will be
+ wrapped.
- You generally don't need to call this directly. The parser and writer
+ You generally don't need to call this directly. The loader and dumper
use it to transform a master key into a raw encryption key.
kdf
If not passed, the UUID comes from $kdbx->headers->{cipher_id} and the
encryption IV comes from $kdbx->headers->{encryption_iv}.
- You generally don't need to call this directly. The parser and writer
+ You generally don't need to call this directly. The loader and dumper
use it to decrypt and encrypt KDBX files.
random_stream
$kdbx->inner_headers->{inner_random_stream_id} (respectively) for KDBX4
files.
- You generally don't need to call this directly. The parser and writer
+ You generally don't need to call this directly. The loader and dumper
use it to scramble protected strings.
RECIPES
If you have an iterator, such as returned by "entries", "groups" or
even "objects" you can filter it using "where" in File::KDBX::Iterator.
- my $filtered_entries = $kdbx->entries->where($query);
+ my $filtered_entries = $kdbx->entries->where(\&query);
- A $query is just a subroutine that you can either write yourself or
+ A \&query is just a subroutine that you can either write yourself or
have generated for you from either a "Simple Expression" or
"Declarative Syntax". It's easier to have your query generated, so I'll
cover that first.
* < - Number less than
- * >> - Number greater than
+ * > - Number greater than
* <= - Number less than or equal
- Group3
- EntryC
- IDS order of groups is: Root, Group1, Group2, Group3 IDS order of
- entries is: EntryA, EntryB, EntryC IDS order of objects is: Root,
- Group1, EntryA, Group2, EntryB, Group3, EntryC
+ * IDS order of groups is: Root, Group1, Group2, Group3
+
+ * IDS order of entries is: EntryA, EntryB, EntryC
+
+ * IDS order of objects is: Root, Group1, EntryA, Group2, EntryB,
+ Group3, EntryC
+
+ * DFS order of groups is: Group2, Group1, Group3, Root
+
+ * DFS order of entries is: EntryB, EntryA, EntryC
+
+ * DFS order of objects is: Group2, EntryB, Group1, EntryA, Group3,
+ EntryC, Root
+
+ * BFS order of groups is: Root, Group1, Group3, Group2
- DFS order of groups is: Group2, Group1, Group3, Root DFS order of
- entries is: EntryB, EntryA, EntryC DFS order of objects is: Group2,
- EntryB, Group1, EntryA, Group3, EntryC, Root
+ * BFS order of entries is: EntryA, EntryC, EntryB
- BFS order of groups is: Root, Group1, Group3, Group2 BFS order of
- entries is: EntryA, EntryC, EntryB BFS order of objects is: Root,
- Group1, EntryA, Group3, EntryC, Group2, EntryB
+ * BFS order of objects is: Root, Group1, EntryA, Group3, EntryC,
+ Group2, EntryB
SYNCHRONIZING