MultiCertKeyProvider is a KeyProvider plugin for KeePass.
This plugin returns an AES key encrypted with the X509 certificates (RSA keys) of one or more users stored in an XML file ([database].kmx) decrypted to KeePass. KeePass uses this AES key and possibly other specified parameters (password, file) to encrypt the passwords.
After selecting an X509 certificate, the plugin searches the XML file for the subject of the certificate, reads the corresponding encrypted entry with the AES key and decrypts it with the private key of the certificate.
Each XML entry in the XML file represents an AES key encrypted with an X509 certificate. The KeyManagerRSA application is available for managing the XML entries in the XML file.
Example of the content of a key file (simplified)
<keys> <key> <subject>User 1 </subject> <key>AESKey_encrypted_with_X509-Certificate</key> </key> <key> <subject>User 1+n </subject> <key>AESKey_encrypted_with_X509-Certificate</key> </key> </keys>
Currently, this software is only available for Windows operating systems.
The X509 certificates used must have the “Usage DataEncipherment enabled” property.
The software presented here is freely available for private use under the GNU Public License (see here).
The commercial use of the software, parts or the whole source code, or similar is only allowed with permission of the author. Permission is usually granted after explanation and extent of the intended use and an appropriate donation to the author or to non-profit projects.
In general :
- A non-commercial use is free of charge (GNU-Public-License).
- Commercial use requires permission (see above).
- A separation of application and source code (if available) is not allowed.
- Removal of copyright notices is not allowed.
- Further restrictive copyright notices may be within the application or source code.
By downloading the application or source code, you are deemed to have accepted the above terms and conditions.
|MultiCertKeyProvider||0.2 beta||7 kByte|
|MultiCertKeyProvider Sources||0.2 beta||7 kByte|
– initial Version
– Changed file extension from *.xml to *.kmx