Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
Struct(
# validate payload decryption
Checksum(
Bytes(32),
lambda this: this._._.header.value.dynamic_header.stream_start_bytes.data,
this,
# exception=CredentialsError
),
"xml" / Unprotect(
this._._.header.value.dynamic_header.protected_stream_id.data,
this._._.header.value.dynamic_header.protected_stream_key.data,
XML(
IfThenElse(
this._._.header.value.dynamic_header.compression_flags.data.compression,
Decompressed(Concatenated(PayloadBlocks)),
Concatenated(PayloadBlocks)
)
)
)
)
)
# -------------------- Main KDBX Structure --------------------
Body = Struct(
"transformed_key" / Computed(compute_transformed),
"master_key" / Computed(compute_master),
"payload" / UnpackedPayload(
Switch(
this._.header.value.dynamic_header.cipher_id.data,
{'aes256': AES256Payload(GreedyBytes),
UnpackedPayload = Reparsed(
Struct(
# validate payload decryption
Checksum(
Bytes(32),
lambda this: this._._.header.value.dynamic_header.stream_start_bytes.data,
this,
# exception=CredentialsError
),
"xml" / Unprotect(
this._._.header.value.dynamic_header.protected_stream_id.data,
this._._.header.value.dynamic_header.protected_stream_key.data,
XML(
IfThenElse(
this._._.header.value.dynamic_header.compression_flags.data.compression,
Decompressed(Concatenated(PayloadBlocks)),
Concatenated(PayloadBlocks)
)
)
)
)
)
# -------------------- Main KDBX Structure --------------------
Body = Struct(
"transformed_key" / Computed(compute_transformed),
"master_key" / Computed(compute_master),
"payload" / UnpackedPayload(
Switch(
this._.header.value.dynamic_header.cipher_id.data,
Padding(32),
"block_data" / Prefixed(Int32ul, GreedyBytes),
# hmac_hash has to be at the end with a pointer because it needs to
# come after other fields
"hmac_hash" / Pointer(
this.hmac_hash_offset,
Checksum(
Bytes(32),
compute_payload_block_hash,
this,
# exception=PayloadChecksumError
)
)
)
EncryptedPayload = Concatenated(RepeatUntil(
lambda item, a, b: len(item.block_data) == 0,
EncryptedPayloadBlock
))
DecryptedPayload = Switch(
this._.header.value.dynamic_header.cipher_id.data,
{'aes256': AES256Payload(EncryptedPayload),
'chacha20': ChaCha20Payload(EncryptedPayload),
'twofish': TwoFishPayload(EncryptedPayload)
}
)
InnerHeaderItem = Struct(
"type" / Mapping(
Byte,