Closed janbrummer closed 9 months ago
Adding @A6GibKm
Sure, this is something I'm open to. Probably the right way to do this is by adding a construct If
conditional around the body and only parsing if some decrypt
argument is True.
Also I understand Secrets may access other properties in kdbx_parsing, such as what KDFs are available. It would probably be good to give them public APIs.
We are currently developing YubiKey and Smartcard support integration for GNOME Secrets and this implementation should be of course compatible with other keepass application like KeepassXC: https://gitlab.gnome.org/World/secrets/-/merge_requests/757
For the challenge response method of YubiKey KeepassXC is making use of the master seed of the database file. The result in turn is added to the transform key.
Currently pykeepass does not provide access to the master seed WITHOUT unlocking the database. But as this is in this case necessary to compute the correct hash, we need to read the data first and do the unlock in a second step.
Could you please provide such an API?