fix issue369 - better handling of malformed keyfiles

pykeepass/kdbx_parsing/common.py

@@ -135,8 +135,10 @@ def compute_key_composite(password=None, keyfile=None):
                 hash = bytes.fromhex(data_element.attrib['Hash'])
                 hash_computed = hashlib.sha256(keyfile_composite).digest()[:4]
                 assert hash == hash_computed, "Keyfile has invalid hash"
+            else:
+                raise AttributeError("Invalid version in keyfile")
         # otherwise, try to read plain keyfile
-        except (etree.XMLSyntaxError, UnicodeDecodeError):
+        except (etree.XMLSyntaxError, UnicodeDecodeError, AttributeError):
             try:
                 try:
                     int(keyfile_bytes, 16)

tests/test_invalidversion.key

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<KeyFile>
+	<Meta>
+		<Version>3.00</Version>
+	</Meta>
+	<Key>
+		<Data>Qp9MrFM1RpSLO8iHZHGAiPbr8Z+hDFpp0cgtH+RM0hw=</Data>
+	</Key>
+</KeyFile>

tests/tests.py

@@ -1239,6 +1239,8 @@ def test_open_error(self):
             'test3.kdbx',
             'test4.kdbx',
             'test4.kdbx',
+            'test4.kdbx',
+            'test4.kdbx',
             'test3.key',
         ]
         passwords = [
@@ -1247,19 +1249,24 @@ def test_open_error(self):
             'invalid',
             'password',
             'password',
+            'password',
+            'password',
         ]
         keyfiles = [
             'test3.key',
             'test4.key',
             'test4.key',
-            'test3.key',
+            'test_invalidversion.key',
+            'test.svg',
             'test3.key',
         ]
         errors = [
             CredentialsError,
             CredentialsError,
             CredentialsError,
             CredentialsError,
+            CredentialsError,
+            CredentialsError,
             HeaderChecksumError,
         ]
         for database, password, keyfile, error in zip(databases, passwords, keyfiles, errors):