kdbxpasswordpwned
kdbxpasswordpwned copied to clipboard
fopina
docker image fails with non-ascii passwords
% docker run --rm -ti -v test.kdbx:/tmp.kdbx:ro fopina/kdbxpasswordpwned:dev -u /tmp.kdbx
Password:
Traceback (most recent call last):
File "/app/kdbxpasswordpwned.py", line 51, in <module>
main()
File "/app/kdbxpasswordpwned.py", line 36, in main
with pykeepass.PyKeePass(opt.kdbx, password=getpass.getpass(), keyfile=opt.keyfile) as kdb:
File "/usr/lib/python2.7/site-packages/pykeepass/pykeepass.py", line 28, in __init__
self.read(password=password, keyfile=keyfile)
File "/usr/lib/python2.7/site-packages/pykeepass/pykeepass.py", line 45, in read
keyfile=keyfile
File "/usr/lib/python2.7/site-packages/construct/core.py", line 325, in parse_file
return self.parse_stream(f, **contextkw)
File "/usr/lib/python2.7/site-packages/construct/core.py", line 316, in parse_stream
return self._parsereport(stream, context, "(parsing)")
File "/usr/lib/python2.7/site-packages/construct/core.py", line 328, in _parsereport
obj = self._parse(stream, context, path)
File "/usr/lib/python2.7/site-packages/construct/core.py", line 1979, in _parse
subobj = sc._parsereport(stream, context, path)
File "/usr/lib/python2.7/site-packages/construct/core.py", line 328, in _parsereport
obj = self._parse(stream, context, path)
File "/usr/lib/python2.7/site-packages/construct/core.py", line 2468, in _parse
return self.subcon._parsereport(stream, context, path)
File "/usr/lib/python2.7/site-packages/construct/core.py", line 328, in _parsereport
obj = self._parse(stream, context, path)
File "/usr/lib/python2.7/site-packages/construct/core.py", line 3663, in _parse
return sc._parsereport(stream, context, path)
File "/usr/lib/python2.7/site-packages/construct/core.py", line 328, in _parsereport
obj = self._parse(stream, context, path)
File "/usr/lib/python2.7/site-packages/construct/core.py", line 1979, in _parse
subobj = sc._parsereport(stream, context, path)
File "/usr/lib/python2.7/site-packages/construct/core.py", line 328, in _parsereport
obj = self._parse(stream, context, path)
File "/usr/lib/python2.7/site-packages/construct/core.py", line 2468, in _parse
return self.subcon._parsereport(stream, context, path)
File "/usr/lib/python2.7/site-packages/construct/core.py", line 328, in _parsereport
obj = self._parse(stream, context, path)
File "/usr/lib/python2.7/site-packages/construct/core.py", line 2604, in _parse
return self.func(context) if callable(self.func) else self.func
File "/usr/lib/python2.7/site-packages/pykeepass/kdbx_parsing/kdbx3.py", line 145, in <lambda>
keyfile=this._._.keyfile
File "/usr/lib/python2.7/site-packages/pykeepass/kdbx_parsing/common.py", line 69, in aes_kdf
keyfile=keyfile
File "/usr/lib/python2.7/site-packages/pykeepass/kdbx_parsing/common.py", line 86, in compute_key_composite
password_composite = hashlib.sha256(password.encode('utf-8')).digest()
UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 1: ordinal not in range(128)
It seems the Alpine system needs some locales, so Python doesn't fall back to ASCII.
Not that I think the error is from there but, out of curiosity, did you actually run docker run --rm -ti -v test.kdbx:/tmp.kdbx:ro fopina/kdbxpasswordpwned:dev -u /tmp.kdbx?
Because -v requires full path, single name means named volume, not the file you are probably looking for
I truncated the long absolute path that was actually used. I did test this with different passwords and in as well as outside of docker (dev as well as latest), so I'm fairly sure the error stems from some difference between my local system setup and the docker image, possibly the locales setup.
Local env shouldn’t affect as only the vars you specify are passed (none there), I believe.
Any chance you could produce such error with a sample file and share it?
Does it work if you add this?
ENV LANG C.UTF-8
ENV LC_ALL C.UTF-8
I had to do that in my dockerfile to get unicode passwords to work.
