The composite key is invalid

[ghost]

I have Keypass GUI open using same key file and DB just fine but when I try to use this Posh tool on the get-keepassentry cmdlet I get:

PS C:\WINDOWS\system32> Get-KeePassEntry -DatabaseProfileName 'KeyAndMasterKeyDB' -AsPlainText
Exception calling "Open" with "3" argument(s): "The composite key is invalid!
Make sure the composite key is correct and try again."
At C:\Program Files\WindowsPowerShell\Modules\PoShKeePass\2.1.3.0\PoShKeePass.psm1:2664 char:9
+         $null = $DatabaseObject.Open($IOInfo, $CompositeKey, $IStatus ...
+         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : InvalidCompositeKeyException

[jkdba]

@jbruns2019 Lets clarify what you are seeing, starting with the simple so I can try to reproduce or see if its a simple usage error.

• run this and put output here:

  ## Get profile we are working with
  Get-KeePassDatabaseConfiguration -DatabaseProfileName 'KeyAndMasterKeyDB'

• your keepass database uses both a key file and a master key password, is that correct?
• when did this start?
• did this work before and it just stopped?

[ghost]

DatabasePath : C:\Users\u0132130\Dropbox\MyKeePassDB.kdbx Default : False Name : KeyAndMasterKeyDB UseMasterKey : False KeyPath : C:\Users\u0132130\Documents\MyKeePassDB.key AuthenticationType : Key UseNetworkAccount : False

• your keepass database uses both a key file and a master key password, is that correct?
  • yes
• when did this start?
  • After downloading your code 2 days ago and I tried it
• did this work before and it just stopped?
  • Never tried until 2 days ago
• what version of the module are you running?
  • 2.1.3.0

-Joe B.

From: John Klann notifications@github.com Sent: Thursday, July 25, 2019 10:06 AM To: PSKeePass/PoShKeePass PoShKeePass@noreply.github.com Cc: Bruns, Joe W. (TR Tech, Content & Ops) joe.bruns@thomsonreuters.com; Mention mention@noreply.github.com Subject: Re: [PSKeePass/PoShKeePass] The composite key is invalid (#166)

@jbruns2019https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_jbruns2019&d=DwMCaQ&c=4ZIZThykDLcoWk-GVjSLmy8-1Cr1I4FWIvbLFebwKgY&r=EmXB1hdqAUsNr2oNinCjmF_WQrDx6UdLKFBtFym2pdM&m=xJ_LLJLbMnvbcmbi3JOoiGLnUUsWCHFhADg0KtLIyYk&s=cFGDsgAnZrGxX8KSABBcei_npIj9mhOiwZ8jXkhFwUA&e= Lets clarify what you are seeing, starting with the simple so I can try to reproduce or see if its a simple usage error.

• run this and put output here:

Get profile we are working with

Get-KeePassDatabaseConfiguration -DatabaseProfileName 'KeyAndMasterKeyDB'

• your keepass database uses both a key file and a master key password, is that correct?
• when did this start?
• did this work before and it just stopped?
• what version of the module are you running?

Get version

Import-Module 'PoShKeePass'

Get-Module 'PoShKeePass'

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_PSKeePass_PoShKeePass_issues_166-3Femail-5Fsource-3Dnotifications-26email-5Ftoken-3DAMOUXSC2I2DEABWSZ5TYBBDQBG6OJA5CNFSM4IGIXOU2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD2ZYQJY-23issuecomment-2D515082279&d=DwMCaQ&c=4ZIZThykDLcoWk-GVjSLmy8-1Cr1I4FWIvbLFebwKgY&r=EmXB1hdqAUsNr2oNinCjmF_WQrDx6UdLKFBtFym2pdM&m=xJ_LLJLbMnvbcmbi3JOoiGLnUUsWCHFhADg0KtLIyYk&s=TURSJE9E8YSoGuY5lkKOoEWKpCEzy1LJoXetgvdH2j8&e=, or mute the threadhttps://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_notifications_unsubscribe-2Dauth_AMOUXSCN4QJY3YQEDAYJZITQBG6OJANCNFSM4IGIXOUQ&d=DwMCaQ&c=4ZIZThykDLcoWk-GVjSLmy8-1Cr1I4FWIvbLFebwKgY&r=EmXB1hdqAUsNr2oNinCjmF_WQrDx6UdLKFBtFym2pdM&m=xJ_LLJLbMnvbcmbi3JOoiGLnUUsWCHFhADg0KtLIyYk&s=oBkjHR7trKtj-0_XHNtSNH8Y1E5x2zFqSnqi33NuxWg&e=.

[jkdba]

Great if you use a key file and password to auth your profile should look like this:

DatabasePath : C:\Users\u0132130\Dropbox\MyKeePassDB.kdbx Default : False Name : KeyAndMasterKeyDB UseMasterKey : True KeyPath : C:\Users\u0132130\Documents\MyKeePassDB.key AuthenticationType : Key UseNetworkAccount : False

You can also set a KeePassDatabaseConfigurationProfile as the default so you don't have to specify the profile on every call. To do this when creating the profile specify the '-Default' parameter when creating the profile.

to fix it run this:

## Remove current profile and create a new one with the -UseMasterKey parameter 
PS> Remove-KeePassDatabaseConfiguration -DatabaseProfileName 'KeyAndMasterKeyDB' -force
PS> New-KeePassDatabaseConfiguration -DatabaseProfileName 'KeyAndMasterKeyDB' -DatabasePath 'C:\Users\u0132130\Dropbox\MyKeePassDB.kdbx' -KeyPath 'C:\Users\u0132130\Documents\MyKeePassDB.key' -UseMasterKey
# Or if you want it to be the default
PS> New-KeePassDatabaseConfiguration -DatabaseProfileName 'KeyAndMasterKeyDB' -DatabasePath 'C:\Users\u0132130\Dropbox\MyKeePassDB.kdbx' -KeyPath 'C:\Users\u0132130\Documents\MyKeePassDB.key' -UseMasterKey -Default

then to make calls you have two choices

1. Enter Password when prompted at each call

   PS> Get-KeePassEntry -DatabaseProfileName 'KeyAndMasterKeyDB' -AsPlainText
   KeePass Password: *****
   # Or if you made it your default profile
   PS> Get-KeePassEntry -AsPlainText
   KeePass Password: *****

2. Pass a powershell credential object or secure string to the -MasterKey parameter

   
   # get your master key password in a secure credential object, note the username does not matter
   $masterkey = Get-Credential -UserName 'keepass' -Message 'enter masterkey password'
   # or it also support a secureString type for the master key so you could do this as well
   $masterkey = ConvertTo-SecureString -String 'MyPassword' -AsPlainText -Force

pass your master key

Get-KeePassEntry -DatabaseProfileName 'KeyAndMasterKeyDB' -AsPlainText -MasterKey $masterkey

Or if you made it your default profile

Get-KeePassEntry -AsPlainText -MasterKey $masterkey

[ghost]

Much better, thank you!

-Joe B.

From: John Klann notifications@github.com Sent: Thursday, July 25, 2019 10:44 AM To: PSKeePass/PoShKeePass PoShKeePass@noreply.github.com Cc: Bruns, Joe W. (TR Tech, Content & Ops) joe.bruns@thomsonreuters.com; Mention mention@noreply.github.com Subject: Re: [PSKeePass/PoShKeePass] The composite key is invalid (#166)

Great if you use a key file and password to auth you profile should look like this:

DatabasePath : C:\Users\u0132130\Dropbox\MyKeePassDB.kdbx Default : False Name : KeyAndMasterKeyDB UseMasterKey : True KeyPath : C:\Users\u0132130\Documents\MyKeePassDB.key AuthenticationType : Key UseNetworkAccount : False

You can also set a KeePassDatabaseConfigurationProfile as the default so you don't have to specify the profile on every call. To do this when creating the profile specify the '-Default' parameter when creating the profile.

to fix it run this:

Remove current profile and create a new one with the -UseMasterKey parameter

PS> Remove-KeePassDatabaseConfiguration -DatabaseProfileName 'KeyAndMasterKeyDB' -force

PS> New-KeePassDatabaseConfiguration -DatabaseProfileName 'KeyAndMasterKeyDB' -DatabasePath 'C:\Users\u0132130\Dropbox\MyKeePassDB.kdbx' -KeyPath 'C:\Users\u0132130\Documents\MyKeePassDB.key' -UseMasterKey

Or if you want it to be the default

PS> New-KeePassDatabaseConfiguration -DatabaseProfileName 'KeyAndMasterKeyDB' -DatabasePath 'C:\Users\u0132130\Dropbox\MyKeePassDB.kdbx' -KeyPath 'C:\Users\u0132130\Documents\MyKeePassDB.key' -UseMasterKey -Default

the to make calls you have two choices

1. Enter Password when prompted at each call

PS> Get-KeePassEntry -DatabaseProfileName 'KeyAndMasterKeyDB' -AsPlainText

KeePass Password: *****

Or if you made it your default profile

PS> Get-KeePassEntry -AsPlainText

KeePass Password: *****

1. Pass a powershell credential object to the -MasterKey parameter

get your master key password in a secure credential object, note the username does not matter

$masterkey = Get-Credential -UserName 'keepass' -Message 'enter masterkey password'

or it also support a secureString type for the master key so you could do this as well

$masterkey = ConvertTo-SecureString -String 'MyPassword' -AsPlainText -Force

pass your master key

Get-KeePassEntry -DatabaseProfileName 'KeyAndMasterKeyDB' -AsPlainText -MasterKey $masterkey

Or if you made it your default profile

Get-KeePassEntry -AsPlainText -MasterKey $masterkey

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_PSKeePass_PoShKeePass_issues_166-3Femail-5Fsource-3Dnotifications-26email-5Ftoken-3DAMOUXSFASPDTF6PEGKYL7WTQBHC3NA5CNFSM4IGIXOU2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD2Z4CWA-23issuecomment-2D515096920&d=DwMCaQ&c=4ZIZThykDLcoWk-GVjSLmy8-1Cr1I4FWIvbLFebwKgY&r=EmXB1hdqAUsNr2oNinCjmF_WQrDx6UdLKFBtFym2pdM&m=EiT0soGJVjWAUZs7N1MCtTKIyM0txJwbzif9Y0wa_E8&s=S26WrAoToDFl3LF9S71Yz-67wjaHNZ5-L82ajnQ0LLk&e=, or mute the threadhttps://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_notifications_unsubscribe-2Dauth_AMOUXSDBP34K7MGS6SAJEOTQBHC3NANCNFSM4IGIXOUQ&d=DwMCaQ&c=4ZIZThykDLcoWk-GVjSLmy8-1Cr1I4FWIvbLFebwKgY&r=EmXB1hdqAUsNr2oNinCjmF_WQrDx6UdLKFBtFym2pdM&m=EiT0soGJVjWAUZs7N1MCtTKIyM0txJwbzif9Y0wa_E8&s=NkKxXdsQu0dhVWFcloty3tTh5VFrGV6hYUDg6yyzuqs&e=.

[jkdba]

Not a problem!