For the past few weeks, I’ve been writing a small program to parse KeePass 2 database files (the ones that end in .kdbx) using Go.

I’ve been using this blog post which details the file format but it’s still damn complicated.

For example, the headers are a Type-length-value list. Note that TLV is meant for communications protocols (where bandwidth is limited), not for disk-based storage). Fair enough, I’ll deal with it. Moreover, everything is stored in Little Endian format (as opposed to the universal standard of Big Endian).

Then, instead of just using a standard block cipher and mode and calling it a day, KeePass also likes then adds a wrapper around the data. This a a complicated and misguided attempt at insuring data integrity, as a simple SHA2 checksum in the header would have been sufficient and been more than adequate to verify the integrity of the database.

After all, that, the decrypted and (horribly) unmangled data is put back together and creates an XML document.

If this isn’t an example of over-engineering software, then I don’t know what is.

I’ll finish this someday™. But for now, I’m done.