This project has moved. For the latest updates, please go here.

Unable to open a database file on a ownCloud WebDAV share

Oct 31, 2014 at 10:02 AM
Edited Nov 16, 2014 at 4:28 PM
I've just installed the latest version of Keepass2Android v0.9.4 on my tablet and tried to open a database file from an ownCloud WebDAV share without success. This is the way how I tried to open the file:
  1. Selected https WebDAV access
  2. Entered the ownCloud WebDAV URL of the database file
    (https://my-owncloud-server/owncloud/remote.php/webdav/path-to-the-keepass-file)
  3. Entered the ownCloud WebDAV credentials
  4. Selected "password and key file"
  5. Chose the key file to be used from a local SD card (the path to the key file is not shown after the selection.
  6. Entered the password of the database file.
  7. Pressed "OK" button
The following messages are shown on the screen:
  1. loading database ...
  2. remote file and cache are the same (that shows to me that the WebDAV access is working)
  3. error: The file signature is invalid. Either the file isn't a keepass database file at all or it is corrupted.
The database and key file are both working fine if I open it from a PC. Do you have any idea what is working wrong here?
Coordinator
Nov 2, 2014 at 6:07 AM
could you please install https://keepass2android.codeplex.com/releases/view/120663 on both Android and Windows and compare the outputs? The first line (as far as I remember) outputs the hash code of the file contents. I wonder if these might be different...
Nov 2, 2014 at 8:21 AM
You're right. the hashes are different. Here are the program outputs:

Win7 Desktop:

Trying to hash file...
File hash: A6895886202CC18573E4277E05B0B671E79992E3E36A30FE29141FC58FF592CC
kdbFormat=Default

Android 4.4.2:

Trying to hash file...
File hash: 39676C9B956ECBCA5A948B8F9F1C693D1E385515C1E924D615684C313D4BA22E
kdbFormat=Default
Coordinator
Nov 4, 2014 at 6:07 AM
hmm, that's not good...

Can you set-up a test account for me so I can try to debug into this?
Nov 4, 2014 at 6:30 PM
Edited Nov 4, 2014 at 6:31 PM
Hi Philipp,
unfortunately my server is not accessible over the Internet so that you couldn't access
it for testing purposes. But it might not be necessary anymore, because I think I've found
an explanation for the described problems. Here are my findings:
  1. First I copied the database and key files to a SD card and tried to open it from there.
    This seem not to work with Android Kitkat 4.4.2 anymore, because it only allows read
    access to SD cards, based on the following thread:
    http://www.chainfire.eu/articles/113/Is_Google_blocking_apps_writing_to_SD_cards_/
  2. Then I copied both files to /storage/emulated/0/KeePass/ (most apps seems to create
    their data directories at that location) and tried to open it from there. This only seems
    to work if the whole path to the database and key file is manually entered but not if
    the integrated file browser is used to select the key file.
    BTW: If I select a file using the integrated file browser, the path information field of
    the key file is not updated with the path to the key file and stays empty.
After I had identified the mentioned pitfalls I was able to open the database locally.
  1. Next I tried to open the original database file from the WebDAV share, which failed.
    I realized that the original URL to the database contained some spaces in directory
    names, which are usually encoded as "%20". That seems not to impact the file loading
    itself but the hash generation. For testing purposes I've copied the database to a path
    without spaces in the directory names and was able to open it.
Let me know if this makes sense.
Coordinator
Nov 16, 2014 at 3:42 PM
thanks for the information. Maybe your server returns an "error page" when the file is not found (because of a problem with the spaces) but doesn't correctly send a 404 status code so that KP2A doesn't show "file not found" but hashes the error page.

Glad to hear you made it working!
Nov 16, 2014 at 5:09 PM
Edited Nov 16, 2014 at 5:57 PM
Ok, I've tested it again and explicitly had an eye on the Apache2 log files:
  1. Entered the URL to the database file, one time with spaces, the other time with '%20' but the result is the same.
  2. Entered the user name and password to access the webdav share
    Result: The program loads the database. The message "loading database ..." is shown on the screen on first access and sometimes also "Remote file and cache are the same" and the following message is added to the Apache2 log file: .../test.kdbx HTTP/1.1" 200 218 "-" "-" 397 1261
  3. Selected "password and key file"
  4. Entered the path to the key file which has been stored on the local device and can definitely be found when opening a database from the local device or as previously written opening a database from a webdav share which doesn't contain spaces or '%20'.
  5. Entered the password of the database file.
  6. Pressed "OK" button
    Result: The following message is displayed on the screen: "error: The file signature is invalid. Either the file isn't a keepass database file at all or it is corrupted."
My first conclusion: Due to the displayed messages on the screen and also the Apache2 log entries no problem seems to appear when loading the database file from the webdav share. Only the hash calculation algorithm seems to have a problem with the entered path.
My second conclusion: Due to the fact that the problem doesn't appear with a webdav share which doesn't contain spaces, spaces or '%20' must impact the hash calculation somehow.

Anything else I can test for you?
Jan 18, 2015 at 10:48 AM
Would it be worse to transfer this issue to the bug tracker to make sure it doesn't get lost?
Mar 5, 2015 at 9:54 AM
I want to mention that it still doesn't work with the current program version 0.9.6. If I could help to get hold of the problem, please let me know.