search

PhilippC / keepass2android

Password manager app for Android
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
GNU General Public License v3.0
4.82k stars 390 forks source link

Support Password + Challenge-Response secret (recovery mode) for KeepassXC #790

Open markchalloner opened 5 years ago

markchalloner commented 5 years ago

https://github.com/keepassxreboot/keepassxc/issues/1734 shows how to open a Yubikey protected KeepassXC KDBX 4 file with a pre-computed key file:

CHALLENGE_RESPONSE_KEY=
DATABASE_FILE=/tmp/passwords.kdbx
KEY_FILE=/tmp/passwords.key
xxd -p -c 33 -s 0xc5 -l 32 "$DATABASE_FILE" | xxd -r -p | openssl dgst -sha1 -hmac "$(echo -n "$CHALLENGE_RESPONSE_KEY" | xxd -r -p)" | cut -c 10- | xxd -r -p > "$KEY_FILE"

Currently the master key type Password + Challenge-Response secret (recovery mode) does not work (Invalid composite key), most likely due to the different methods that KeeChallenge and KeepassXC use to generate the composite key.

markchalloner commented 3 years ago

@PhilippC bumping this in case it has been forgotten