barbietunnie/DecryptDBeaver.java

## DecryptDBeaver.java
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Scanner;

/**
 * Reference: https://www.sameerahmad.net/blog/dbeaver-password
 */
public class DecryptDBeaver {

    // from the DBeaver source 8/23/19 https://github.com/dbeaver/dbeaver/blob/57cec8ddfdbbf311261ebd0c7f957fdcd80a085f/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/impl/app/DefaultSecureStorage.java#L31
    private static final byte[] LOCAL_KEY_CACHE = new byte[] {
        -70, -69, 74, -97, 119, 74, -72, 83, -55, 108, 45, 101, 61, -2, 84, 74
    };

    static String decrypt(byte[] contents) throws InvalidAlgorithmParameterException,
        InvalidKeyException,
        IOException,
        NoSuchPaddingException,
        NoSuchAlgorithmException {
            try (InputStream byteStream = new ByteArrayInputStream(contents)) {
                byte[] buffer = new byte[16];
                byteStream.read(buffer);
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                SecretKey aes = new SecretKeySpec(LOCAL_KEY_CACHE, "AES");
                cipher.init(Cipher.DECRYPT_MODE, aes, new IvParameterSpec(buffer));
                try (CipherInputStream cipherIn = new CipherInputStream(byteStream, cipher)) {
                    Scanner s = new Scanner(cipherIn).useDelimiter("\\A");
                    return s.hasNext() ? s.next() : "";
                }
            }
    }

    public static void main(String[] args) throws Exception {
        if (args.length != 1) {
            System.err.println("Usage: java DecryptDBeaver <path to your credentials-config.json file>");
            System.exit(1);
        }

        System.out.println(decrypt(Files.readAllBytes(Paths.get(args[0]))));
    }

}

## retrieve-dbeaver-connection.md

      
    Raw
  

              retrieve-dbeaver-connection.md
            
          
    How to retrieve/decrypt password stored in DBeaver connection


You can use OpenSSL to decrypt it
openssl aes-128-cbc -d \
  -K babb4a9f774ab853c96c2d653dfe544a \
  -iv 00000000000000000000000000000000 \
  -in <path-to-credentials-config.json> | \
  dd bs=1 skip=16 2>/dev/null

N.B: Replace <path-to-credentials-config.json> with the path to the DBeaver credentials.json file.
In DBeaver Community 23.2.1, it is located at ~/Library/DBeaverData/workspace6/General/.dbeaver/credentials-config.json


Alternatively, you can decrypt with the DecryptDBeaver Java application:
java DecryptDbeaver <path to your credentials-config.json file>

N.B: Compile the java application above for use.


References:

OpenSSL route on StackOverflow
Java application route
	import javax.crypto.Cipher;
	import javax.crypto.CipherInputStream;
	import javax.crypto.NoSuchPaddingException;
	import javax.crypto.SecretKey;
	import javax.crypto.spec.IvParameterSpec;
	import javax.crypto.spec.SecretKeySpec;
	import java.io.ByteArrayInputStream;
	import java.io.IOException;
	import java.io.InputStream;
	import java.nio.file.Files;
	import java.nio.file.Paths;
	import java.security.InvalidAlgorithmParameterException;
	import java.security.InvalidKeyException;
	import java.security.NoSuchAlgorithmException;
	import java.util.Scanner;

	/**
	* Reference: https://www.sameerahmad.net/blog/dbeaver-password
	*/
	public class DecryptDBeaver {

	// from the DBeaver source 8/23/19 https://github.com/dbeaver/dbeaver/blob/57cec8ddfdbbf311261ebd0c7f957fdcd80a085f/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/impl/app/DefaultSecureStorage.java#L31
	private static final byte[] LOCAL_KEY_CACHE = new byte[] {
	-70, -69, 74, -97, 119, 74, -72, 83, -55, 108, 45, 101, 61, -2, 84, 74
	};

	static String decrypt(byte[] contents) throws InvalidAlgorithmParameterException,
	InvalidKeyException,
	IOException,
	NoSuchPaddingException,
	NoSuchAlgorithmException {
	try (InputStream byteStream = new ByteArrayInputStream(contents)) {
	byte[] buffer = new byte[16];
	byteStream.read(buffer);
	Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
	SecretKey aes = new SecretKeySpec(LOCAL_KEY_CACHE, "AES");
	cipher.init(Cipher.DECRYPT_MODE, aes, new IvParameterSpec(buffer));
	try (CipherInputStream cipherIn = new CipherInputStream(byteStream, cipher)) {
	Scanner s = new Scanner(cipherIn).useDelimiter("\\A");
	return s.hasNext() ? s.next() : "";
	}
	}
	}

	public static void main(String[] args) throws Exception {
	if (args.length != 1) {
	System.err.println("Usage: java DecryptDBeaver <path to your credentials-config.json file>");
	System.exit(1);
	}

	System.out.println(decrypt(Files.readAllBytes(Paths.get(args[0]))));
	}

	}