.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.43) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .nr rF 0 .if \n(.g .if rF .nr rF 1 .if (\n(rF:(\n(.g==0)) \{\ . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF .\" ======================================================================== .\" .IX Title "File::KDBX::Cipher 3pm" .TH File::KDBX::Cipher 3pm "2022-11-20" "perl v5.36.0" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" File::KDBX::Cipher \- A block cipher mode or cipher stream .SH "VERSION" .IX Header "VERSION" version 0.906 .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 1 \& use File::KDBX::Cipher; \& \& my $cipher = File::KDBX::Cipher\->new(uuid => $uuid, key => $key, iv => $iv); \& \& my $ciphertext = $cipher\->encrypt(\*(Aqplaintext\*(Aq); \& $ciphertext .= $cipher\->encrypt(\*(Aqmore plaintext\*(Aq); \& $ciphertext .= $cipher\->finish; \& \& my $plaintext = $cipher\->decrypt(\*(Aqciphertext\*(Aq); \& $plaintext .= $cipher\->decrypt(\*(Aqmore ciphertext\*(Aq); \& $plaintext .= $cipher\->finish; .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" A cipher is used to encrypt and decrypt \s-1KDBX\s0 files. The File::KDBX distribution comes with several pre-registered ciphers ready to go: .IP "\(bu" 4 \&\f(CW\*(C`61AB05A1\-9464\-41C3\-8D74\-3A563DF8DD35\*(C'\fR \- \s-1AES128\s0 (legacy) .IP "\(bu" 4 \&\f(CW\*(C`31C1F2E6\-BF71\-4350\-BE58\-05216AFC5AFF\*(C'\fR \- \s-1AES256\s0 .IP "\(bu" 4 \&\f(CW\*(C`D6038A2B\-8B6F\-4CB5\-A524\-339A31DBB59A\*(C'\fR \- ChaCha20 .IP "\(bu" 4 \&\f(CW\*(C`716E1C8A\-EE17\-4BDC\-93AE\-A977B882833A\*(C'\fR \- Salsa20 .IP "\(bu" 4 \&\f(CW\*(C`098563FF\-DDF7\-4F98\-8619\-8079F6DB897A\*(C'\fR \- Serpent .IP "\(bu" 4 \&\f(CW\*(C`AD68F29F\-576F\-4BB9\-A36A\-D47AF965346C\*(C'\fR \- Twofish .PP \&\fB\s-1NOTE:\s0\fR If you want your \s-1KDBX\s0 file to be readable by other KeePass implementations, you must use a \s-1UUID\s0 and algorithm that they support. From the list above, \s-1AES256\s0 and ChaCha20 are well-supported. You should avoid \&\s-1AES128\s0 for new databases. .PP You can also \*(L"register\*(R" your own cipher. Here is a skeleton: .PP .Vb 1 \& package File::KDBX::Cipher::MyCipher; \& \& use parent \*(AqFile::KDBX::Cipher\*(Aq; \& \& File::KDBX::Cipher\->register( \& # $uuid, $package, %args \& "\ex12\ex34\ex56\ex78\ex9a\exbc\exde\exfg\ex12\ex34\ex56\ex78\ex9a\exbc\exde\exfg" => _\|_PACKAGE_\|_, \& ); \& \& sub init { ... } # optional \& \& sub encrypt { ... } \& sub decrypt { ... } \& sub finish { ... } \& \& sub key_size { ... } \& sub iv_size { ... } \& sub block_size { ... } .Ve .SH "ATTRIBUTES" .IX Header "ATTRIBUTES" .SS "uuid" .IX Subsection "uuid" .Vb 1 \& $uuid = $cipher\->uuid; .Ve .PP Get the \s-1UUID\s0 if the cipher was constructed with one. .SS "stream_id" .IX Subsection "stream_id" .Vb 1 \& $stream_id = $cipher\->stream_id; .Ve .PP Get the stream \s-1ID\s0 if the cipher was constructed with one. .SS "key" .IX Subsection "key" .Vb 1 \& $key = $cipher\->key; .Ve .PP Get the raw encryption key. .SS "iv" .IX Subsection "iv" .Vb 1 \& $iv = $cipher\->iv; .Ve .PP Get the initialization vector. .SS "iv_size" .IX Subsection "iv_size" .Vb 1 \& $size = $cipher\->iv_size; .Ve .PP Get the expected size of the initialization vector, in bytes. .SS "key_size" .IX Subsection "key_size" .Vb 1 \& $size = $cipher\->key_size; .Ve .PP Get the size the mode or stream expects the key to be, in bytes. .SS "block_size" .IX Subsection "block_size" .Vb 1 \& $size = $cipher\->block_size; .Ve .PP Get the block size, in bytes. .SS "algorithm" .IX Subsection "algorithm" Get the symmetric cipher algorithm. .SH "METHODS" .IX Header "METHODS" .SS "new" .IX Subsection "new" .SS "new_from_uuid" .IX Subsection "new_from_uuid" .SS "new_from_stream_id" .IX Subsection "new_from_stream_id" .Vb 3 \& $cipher = File::KDBX::Cipher\->new(uuid => $uuid, key => $key, iv => $iv); \& # OR \& $cipher = File::KDBX::Cipher\->new_from_uuid($uuid, key => $key, iv => $iv); \& \& $cipher = File::KDBX::Cipher\->new(stream_id => $id, key => $key); \& # OR \& $cipher = File::KDBX::Cipher\->new_from_stream_id($id, key => $key); .Ve .PP Construct a new File::KDBX::Cipher. .PP This is a factory method which returns a subclass. .SS "init" .IX Subsection "init" .Vb 1 \& $self\->init; .Ve .PP Called by \*(L"new\*(R" to set attributes. You normally shouldn't call this. Returns itself to allow method chaining. .SS "encrypt" .IX Subsection "encrypt" .Vb 1 \& $ciphertext = $cipher\->encrypt($plaintext, ...); .Ve .PP Encrypt some data. .SS "decrypt" .IX Subsection "decrypt" .Vb 1 \& $plaintext = $cipher\->decrypt($ciphertext, ...); .Ve .PP Decrypt some data. .SS "finish" .IX Subsection "finish" .Vb 2 \& $ciphertext .= $cipher\->finish; # if encrypting \& $plaintext .= $cipher\->finish; # if decrypting .Ve .PP Finish the stream. .SS "encrypt_finish" .IX Subsection "encrypt_finish" .Vb 1 \& $ciphertext = $cipher\->encrypt_finish($plaintext, ...); .Ve .PP Encrypt and finish a stream in one call. .SS "decrypt_finish" .IX Subsection "decrypt_finish" .Vb 1 \& $plaintext = $cipher\->decrypt_finish($ciphertext, ...); .Ve .PP Decrypt and finish a stream in one call. .SS "register" .IX Subsection "register" .Vb 1 \& File::KDBX::Cipher\->register($uuid => $package, %args); .Ve .PP Register a cipher. Registered ciphers can be used to encrypt and decrypt \s-1KDBX\s0 databases. A cipher's \s-1UUID\s0 \&\fBmust\fR be unique and \fBmusn't change\fR. A cipher \s-1UUID\s0 is written into each \s-1KDBX\s0 file and the associated cipher must be registered with the same \s-1UUID\s0 in order to decrypt the \s-1KDBX\s0 file. .PP \&\f(CW$package\fR should be a Perl package relative to \f(CW\*(C`File::KDBX::Cipher::\*(C'\fR or prefixed with a \f(CW\*(C`+\*(C'\fR if it is a fully-qualified package. \f(CW%args\fR are passed as-is to the cipher's \*(L"init\*(R" method. .SS "unregister" .IX Subsection "unregister" .Vb 1 \& File::KDBX::Cipher\->unregister($uuid); .Ve .PP Unregister a cipher. Unregistered ciphers can no longer be used to encrypt and decrypt \s-1KDBX\s0 databases, until reregistered (see \*(L"register\*(R"). .SH "BUGS" .IX Header "BUGS" Please report any bugs or feature requests on the bugtracker website .PP When submitting a bug or request, please include a test-file or a patch to an existing test-file that illustrates the bug or desired feature. .SH "AUTHOR" .IX Header "AUTHOR" Charles McGarvey .SH "COPYRIGHT AND LICENSE" .IX Header "COPYRIGHT AND LICENSE" This software is copyright (c) 2022 by Charles McGarvey. .PP This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.