Git-Mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2025-01-10 06:49:50 -05:00
Code Issues Packages Projects Releases Wiki Activity
c914c116e4
keepassxc/src/gui/DatabaseOpenWidget.cpp

468 lines
17 KiB
C++
Raw Normal View History

Implement opening/closing databases.
2011-11-13 08:55:20 -05:00
/*
* Copyright (C) 2011 Felix Geyer <debfx@fobos.de>
Update and fix copyright headers
2017-06-09 17:40:36 -04:00
* Copyright (C) 2017 KeePassXC Team <team@keepassxc.org>
Implement opening/closing databases.
2011-11-13 08:55:20 -05:00
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 2 or (at your option)
* version 3 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
Convert DatabaseOpenDialog into a widget on DatabaseWidget.
2012-06-28 03:21:15 -04:00
#include "DatabaseOpenWidget.h"
#include "ui_DatabaseOpenWidget.h"
Implement opening/closing databases.
2011-11-13 08:55:20 -05:00
Optimize includes across code base
2021-07-11 22:10:29 -04:00
#include "config-keepassx.h"
Use an own FileDialog class instead of QFileDialog.
2011-12-25 19:21:29 -05:00
#include "gui/FileDialog.h"
Move icon handling from Resources to gui/Icons (#5506)
2020-10-05 20:41:00 -04:00
#include "gui/Icons.h"
Formatting the code.
2018-03-31 16:01:30 -04:00
#include "gui/MainWindow.h"
Add a QMessageBox wrapper class to help gui tests. QMessageBox displays modal dialogs which blocks the gui tests. To work around this we add a MessageBox wrapper class where the tests can set the answer for the next dialog. The answer is then returned without actually showing the dialog.
2013-10-08 16:09:20 -04:00
#include "gui/MessageBox.h"
Fix challenge-response key data after Botan * Fix #6420 * Refactor Challenge-Response key files to be more streamlined. Added a test to confirm raw key data is accurate.
2021-04-22 23:07:49 -04:00
#include "keys/ChallengeResponseKey.h"
Implement opening databases with key files.
2011-12-24 13:19:52 -05:00
#include "keys/FileKey.h"
Hide UI elements when KeePassXC was compiled without -DWITH_XC_YUBIKEY
2017-02-20 19:06:32 -05:00
Optimize includes across code base
2021-07-11 22:10:29 -04:00
#ifdef Q_OS_MACOS
#include "touchid/TouchID.h"
#endif
gui: Add YubiKey support to widgets * Add YubiKey support to the GUI widgets. Signed-off-by: Kyle Manna <kyle@kylemanna.com>
2014-05-26 03:49:28 -04:00
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
#include <QDesktopServices>
#include <QFont>
Implement opening/closing databases.
2011-11-13 08:55:20 -05:00
Fix minor UX issues with DB Open Widget * Only clear password field when switching tabs or minimizing. This prevents the setting "Remember Key Files and Hardware Keys" from being useless with multiple databases. * Convert key file field to Line Edit, simplifies usage. Fix clear field button as well. * Removed need for clearForms to check if the database is being opened (was a solution to tab switching while unlocking, no longer a problem).
2020-06-06 09:54:57 -04:00
namespace
{
constexpr int clearFormsDelay = 30000;
}
Convert DatabaseOpenDialog into a widget on DatabaseWidget.
2012-06-28 03:21:15 -04:00
DatabaseOpenWidget::DatabaseOpenWidget(QWidget* parent)
Coding style fixes
2017-03-10 14:42:59 -05:00
: DialogyWidget(parent)
, m_ui(new Ui::DatabaseOpenWidget())
, m_db(nullptr)
Implement opening/closing databases.
2011-11-13 08:55:20 -05:00
{
m_ui->setupUi(this);
Replaced MessageBox dialogs with inline MessageWidget in DatabaseOpenWidget.
2015-01-19 18:14:59 -05:00
m_ui->messageWidget->setHidden(true);
Fix minor UX issues with DB Open Widget * Only clear password field when switching tabs or minimizing. This prevents the setting "Remember Key Files and Hardware Keys" from being useless with multiple databases. * Convert key file field to Line Edit, simplifies usage. Fix clear field button as well. * Removed need for clearForms to check if the database is being opened (was a solution to tab switching while unlocking, no longer a problem).
2020-06-06 09:54:57 -04:00
m_hideTimer.setInterval(clearFormsDelay);
m_hideTimer.setSingleShot(true);
connect(&m_hideTimer, &QTimer::timeout, this, [this] {
// Reset the password field after being hidden for a set time
m_ui->editPassword->setText("");
m_ui->editPassword->setShowPassword(false);
});
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
QFont font;
font.setPointSize(font.pointSize() + 4);
Make DatabaseOpenWidget a bit prettier.
2012-07-02 12:47:12 -04:00
font.setBold(true);
m_ui->labelHeadline->setFont(font);
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
m_ui->labelHeadline->setText(tr("Unlock KeePassXC Database"));
Implement opening databases with key files.
2011-12-24 13:19:52 -05:00
connect(m_ui->buttonBrowseFile, SIGNAL(clicked()), SLOT(browseKeyFile()));
Move the code to open database files from DatabaseTabWidget to DatabaseOpenDialog.
2012-04-05 13:03:55 -04:00
connect(m_ui->buttonBox, SIGNAL(accepted()), SLOT(openDatabase()));
Implement opening databases with key files.
2011-12-24 13:19:52 -05:00
connect(m_ui->buttonBox, SIGNAL(rejected()), SLOT(reject()));
gui: Clear YubiKeys detected on each load * Clear the YubiKey detected list on each load. * In the event the YubiKey was removed, it will no longer be displayed. * If it's still present it won't be duplicated.
2017-01-14 20:08:48 -05:00
Move icon handling from Resources to gui/Icons (#5506)
2020-10-05 20:41:00 -04:00
m_ui->hardwareKeyLabelHelp->setIcon(icons()->icon("system-help").pixmap(QSize(12, 12)));
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
connect(m_ui->hardwareKeyLabelHelp, SIGNAL(clicked(bool)), SLOT(openHardwareKeyHelp()));
Move icon handling from Resources to gui/Icons (#5506)
2020-10-05 20:41:00 -04:00
m_ui->keyFileLabelHelp->setIcon(icons()->icon("system-help").pixmap(QSize(12, 12)));
Make the purpose of the key file field clearer. The new unlock dialogue seems to confuse users as to what the purpose of the key file is. This patch changes the generic "Select file..." affordance to the more explicit "Select key file..." and adds a help button to the label just like the one we already have for the hardware key. Furthermore, it prevents the user from using the KDBX file as its own key file (since that would never work anyway). The change breaks existing translations on purpose (instead of simply adjusting the en_US locale) in order to force translators to update this string for their languages. Resolves #3678
2019-11-06 05:10:02 -05:00
connect(m_ui->keyFileLabelHelp, SIGNAL(clicked(bool)), SLOT(openKeyFileHelp()));
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
Hide UI elements when KeePassXC was compiled without -DWITH_XC_YUBIKEY
2017-02-20 19:06:32 -05:00
#ifdef WITH_XC_YUBIKEY
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
m_ui->hardwareKeyProgress->setVisible(false);
QSizePolicy sp = m_ui->hardwareKeyProgress->sizePolicy();
Hide UI elements when KeePassXC was compiled without -DWITH_XC_YUBIKEY
2017-02-20 19:06:32 -05:00
sp.setRetainSizeWhenHidden(true);
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
m_ui->hardwareKeyProgress->setSizePolicy(sp);
Hide UI elements when KeePassXC was compiled without -DWITH_XC_YUBIKEY
2017-02-20 19:06:32 -05:00
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
connect(m_ui->buttonRedetectYubikey, SIGNAL(clicked()), SLOT(pollHardwareKey()));
connect(YubiKey::instance(), SIGNAL(detectComplete(bool)), SLOT(hardwareKeyResponse(bool)), Qt::QueuedConnection);
connect(YubiKey::instance(), &YubiKey::userInteractionRequest, this, [this] {
// Show the press notification if we are in an independent window (e.g., DatabaseOpenDialog)
if (window() != getMainWindow()) {
Implement support for Yubikeys and potential other tokens via wireless NFC using smartcard readers (Rebase) (#6895) * Support NFC readers for hardware tokens using PC/SC This requires a new library dependency: PCSC. The PCSC library provides methods to access smartcards. On Linux, the third-party pcsc-lite package is used. On Windows, the native Windows API (Winscard.dll) is used. On Mac OSX, the native OSX API (framework-PCSC) is used. * Split hardware key access into multiple classes to handle different methods of communicating with the keys. * Since the Yubikey can now be a wireless token as well, the verb "plug in" was replaced with a more generic "interface with". This shall indicate that the user has to present their token to the reader, or plug it in via USB. * Add PC/SC interface for YubiKey challenge-response This new interface uses the PC/SC protocol and API instead of the USB protocol via ykpers. Many YubiKeys expose their functionality as a CCID device, which can be interfaced with using PC/SC. This is especially useful for NFC-only or NFC-capable Yubikeys, when they are used together with a PC/SC compliant NFC reader device. Although many (not all) Yubikeys expose their CCID functionality over their own USB connection as well, the HMAC-SHA1 functionality is often locked in this mode, as it requires eg. a touch on the gold button. When accessing the CCID functionality wirelessly via NFC (like this code can do using a reader), then the user interaction is to present the key to the reader. This implementation has been tested on Linux using pcsc-lite, Windows using the native Winscard.dll library, and Mac OSX using the native PCSC-framework library. * Remove PC/SC ATR whitelist, instead scan for AIDs Before, a whitelist of ATR codes (answer to reset, hardware-specific) was used to scan for compatible (Yubi)Keys. Now, every connected smartcard is scanned for AIDs (applet identifier), which are known to implement the HMAC-SHA1 protocol. This enables the support of currently unknown or unreleased hardware. Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 10:39:07 -04:00
m_ui->messageWidget->showMessage(tr("Please present or touch your YubiKey to continue…"),
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
MessageWidget::Information,
MessageWidget::DisableAutoHide);
}
});
connect(YubiKey::instance(), &YubiKey::challengeCompleted, this, [this] { m_ui->messageWidget->hide(); });
Hide UI elements when KeePassXC was compiled without -DWITH_XC_YUBIKEY
2017-02-20 19:06:32 -05:00
#else
Hide YubiKey labels on unlock screen when compiled without XC_YUBIKEY (#3664)
2019-10-25 13:35:16 -04:00
m_ui->hardwareKeyLabel->setVisible(false);
m_ui->hardwareKeyLabelHelp->setVisible(false);
Hide UI elements when KeePassXC was compiled without -DWITH_XC_YUBIKEY
2017-02-20 19:06:32 -05:00
m_ui->buttonRedetectYubikey->setVisible(false);
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
m_ui->challengeResponseCombo->setVisible(false);
m_ui->hardwareKeyProgress->setVisible(false);
Hide UI elements when KeePassXC was compiled without -DWITH_XC_YUBIKEY
2017-02-20 19:06:32 -05:00
#endif
Merge branch 'develop' into feature/yubikey
2017-02-20 14:24:38 -05:00
Add TouchID support on macOS
2018-04-04 11:39:26 -04:00
#ifndef WITH_XC_TOUCHID
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
m_ui->touchIDContainer->setVisible(false);
Add TouchID support on macOS
2018-04-04 11:39:26 -04:00
#else
if (!TouchID::getInstance().isAvailable()) {
m_ui->checkTouchID->setVisible(false);
}
#endif
Convert DatabaseOpenDialog into a widget on DatabaseWidget.
2012-06-28 03:21:15 -04:00
}
DatabaseOpenWidget::~DatabaseOpenWidget()
{
}
Force focus on password field, resolves #116 (#117) Also remove redudant code for minimizing to tray
2016-11-26 09:37:25 -05:00
void DatabaseOpenWidget::showEvent(QShowEvent* event)
{
DialogyWidget::showEvent(event);
m_ui->editPassword->setFocus();
Fix minor UX issues with DB Open Widget * Only clear password field when switching tabs or minimizing. This prevents the setting "Remember Key Files and Hardware Keys" from being useless with multiple databases. * Convert key file field to Line Edit, simplifies usage. Fix clear field button as well. * Removed need for clearForms to check if the database is being opened (was a solution to tab switching while unlocking, no longer a problem).
2020-06-06 09:54:57 -04:00
m_hideTimer.stop();
Force focus on password field, resolves #116 (#117) Also remove redudant code for minimizing to tray
2016-11-26 09:37:25 -05:00
}
Both slots on Yubikey are now polled for challenge/response
2017-10-07 21:25:42 -04:00
void DatabaseOpenWidget::hideEvent(QHideEvent* event)
{
DialogyWidget::hideEvent(event);
Fix minor UX issues with DB Open Widget * Only clear password field when switching tabs or minimizing. This prevents the setting "Remember Key Files and Hardware Keys" from being useless with multiple databases. * Convert key file field to Line Edit, simplifies usage. Fix clear field button as well. * Removed need for clearForms to check if the database is being opened (was a solution to tab switching while unlocking, no longer a problem).
2020-06-06 09:54:57 -04:00
// Schedule form clearing if we are hidden
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
if (!isVisible()) {
Fix minor UX issues with DB Open Widget * Only clear password field when switching tabs or minimizing. This prevents the setting "Remember Key Files and Hardware Keys" from being useless with multiple databases. * Convert key file field to Line Edit, simplifies usage. Fix clear field button as well. * Removed need for clearForms to check if the database is being opened (was a solution to tab switching while unlocking, no longer a problem).
2020-06-06 09:54:57 -04:00
m_hideTimer.start();
Fix bugs introduced by database refactor #2491 (#2503) * Fix SSHAgent identity removal on database lock * Refactor storage and manipulation of SSHAgent keys to streamline process with multiple db's * Clear password field when widget is hidden, resolves #2502
2018-11-23 07:49:55 -05:00
}
Both slots on Yubikey are now polled for challenge/response
2017-10-07 21:25:42 -04:00
}
Use QSaveFile to save databases.
2012-07-06 12:50:52 -04:00
void DatabaseOpenWidget::load(const QString& filename)
Convert DatabaseOpenDialog into a widget on DatabaseWidget.
2012-06-28 03:21:15 -04:00
{
Fix minor UX issues with DB Open Widget * Only clear password field when switching tabs or minimizing. This prevents the setting "Remember Key Files and Hardware Keys" from being useless with multiple databases. * Convert key file field to Line Edit, simplifies usage. Fix clear field button as well. * Removed need for clearForms to check if the database is being opened (was a solution to tab switching while unlocking, no longer a problem).
2020-06-06 09:54:57 -04:00
clearForms();
Convert DatabaseOpenDialog into a widget on DatabaseWidget.
2012-06-28 03:21:15 -04:00
m_filename = filename;
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
m_ui->fileNameLabel->setRawText(m_filename);
Remember last key file.
2011-12-25 14:36:45 -05:00
Refactor Config. Replaces all string configuration options with enum types that can be checked by the compiler. This prevents spelling errors, in-place configuration definitions, and inconsistent default values. The default value config getter signature was removed in favour of consistently and centrally default-initialised configuration values. Individual default values were adjusted for better security, such as the default password length, which was increased from 16 characters to 32. The already existing config option deprecation map was extended by a general migration procedure using configuration versioning. Settings were split into Roaming and Local settings, which go to their respective AppData locations on Windows. Fixes #2574 Fixes #2193
2020-04-25 19:31:38 -04:00
if (config()->get(Config::RememberLastKeyFiles).toBool()) {
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
auto lastKeyFiles = config()->get(Config::LastKeyFiles).toHash();
Issue #270 - turning off key location memory Add general settting for whether or not to remember last key files
2015-03-14 23:06:53 -04:00
if (lastKeyFiles.contains(m_filename)) {
Fix minor UX issues with DB Open Widget * Only clear password field when switching tabs or minimizing. This prevents the setting "Remember Key Files and Hardware Keys" from being useless with multiple databases. * Convert key file field to Line Edit, simplifies usage. Fix clear field button as well. * Removed need for clearForms to check if the database is being opened (was a solution to tab switching while unlocking, no longer a problem).
2020-06-06 09:54:57 -04:00
m_ui->keyFileLineEdit->setText(lastKeyFiles[m_filename].toString());
Issue #270 - turning off key location memory Add general settting for whether or not to remember last key files
2015-03-14 23:06:53 -04:00
}
Remember last key file.
2011-12-25 14:36:45 -05:00
}
Focus the password line edit by default.
2012-04-22 14:57:42 -04:00
Refactor Config. Replaces all string configuration options with enum types that can be checked by the compiler. This prevents spelling errors, in-place configuration definitions, and inconsistent default values. The default value config getter signature was removed in favour of consistently and centrally default-initialised configuration values. Individual default values were adjusted for better security, such as the default password length, which was increased from 16 characters to 32. The already existing config option deprecation map was extended by a general migration procedure using configuration versioning. Settings were split into Roaming and Local settings, which go to their respective AppData locations on Windows. Fixes #2574 Fixes #2193
2020-04-25 19:31:38 -04:00
QHash<QString, QVariant> useTouchID = config()->get(Config::UseTouchID).toHash();
Add TouchID support on macOS
2018-04-04 11:39:26 -04:00
m_ui->checkTouchID->setChecked(useTouchID.value(m_filename, false).toBool());
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
#ifdef WITH_XC_YUBIKEY
// Only auto-poll for hardware keys if we previously used one with this database file
if (config()->get(Config::RememberLastKeyFiles).toBool()) {
auto lastChallengeResponse = config()->get(Config::LastChallengeResponse).toHash();
if (lastChallengeResponse.contains(m_filename)) {
pollHardwareKey();
}
}
#endif
Implement opening/closing databases.
2011-11-13 08:55:20 -05:00
}
Clear database open dialog before and after merging a database (#958)
2017-09-23 11:43:29 -04:00
void DatabaseOpenWidget::clearForms()
{
Fix minor UX issues with DB Open Widget * Only clear password field when switching tabs or minimizing. This prevents the setting "Remember Key Files and Hardware Keys" from being useless with multiple databases. * Convert key file field to Line Edit, simplifies usage. Fix clear field button as well. * Removed need for clearForms to check if the database is being opened (was a solution to tab switching while unlocking, no longer a problem).
2020-06-06 09:54:57 -04:00
m_ui->editPassword->setText("");
m_ui->editPassword->setShowPassword(false);
m_ui->keyFileLineEdit->clear();
Hide keyfile path by default Fixes #5576
2020-12-04 08:01:36 -05:00
m_ui->keyFileLineEdit->setShowPassword(false);
Fix minor UX issues with DB Open Widget * Only clear password field when switching tabs or minimizing. This prevents the setting "Remember Key Files and Hardware Keys" from being useless with multiple databases. * Convert key file field to Line Edit, simplifies usage. Fix clear field button as well. * Removed need for clearForms to check if the database is being opened (was a solution to tab switching while unlocking, no longer a problem).
2020-06-06 09:54:57 -04:00
m_ui->checkTouchID->setChecked(false);
m_ui->challengeResponseCombo->clear();
m_db.reset();
Clear database open dialog before and after merging a database (#958)
2017-09-23 11:43:29 -04:00
}
Refactor Database and Database widgets (#2491) The Database, DatabaseWidget, and DatabaseTabWidget classes share many responsibilities in inconsistent ways resulting in impenetrable and unmaintainable code and a diverse set of bugs and architecture restrictions. This patch reworks the architecture, responsibilities of, and dependencies between these classes. The core changes are: * Move loading and saving logic from widgets into the Database class * Get rid of the DatabaseManagerStruct and move all the information contained in it into the Database * Let database objects keep track of modifications and dirty/clean state instead of handing this to external widgets * Move GUI interactions for loading and saving from the DatabaseTabWidget into the DatabaseWidget (resolves #2494 as a side-effect) * Heavily clean up DatabaseTabWidget and degrade it to a slightly glorified QTabWidget * Use QSharedPointers for all Database objects * Remove the modifiedImmediate signal and replace it with a markAsModified() method * Implement proper tabName() method instead of reading back titles from GUI widgets (resolves #1389 and its duplicates #2146 #855) * Fix unwanted AES-KDF downgrade if database uses Argon2 and has CustomData * Improve code This patch is also the first major step towards solving issues #476 and #2322.
2018-11-22 05:47:31 -05:00
QSharedPointer<Database> DatabaseOpenWidget::database()
Implement opening/closing databases.
2011-11-13 08:55:20 -05:00
{
Move the code to open database files from DatabaseTabWidget to DatabaseOpenDialog.
2012-04-05 13:03:55 -04:00
return m_db;
Implement opening/closing databases.
2011-11-13 08:55:20 -05:00
}
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
QString DatabaseOpenWidget::filename()
{
return m_filename;
}
Convert DatabaseOpenDialog into a widget on DatabaseWidget.
2012-06-28 03:21:15 -04:00
void DatabaseOpenWidget::enterKey(const QString& pw, const QString& keyFile)
Allow passing a filename and password on the command line. Passing passwords on the command line is not exactly best practice but will greatly improve development productivity.
2012-04-24 05:47:16 -04:00
{
Fix opening files from command line * Fix #2877 - password is unchecked by default * Smarter activation of key components based on contents of text entry fields * Prevent multiple copies of the same database from opening when the canonicalFileName != fileName
2019-03-26 22:23:16 -04:00
m_ui->editPassword->setText(pw);
Fix minor UX issues with DB Open Widget * Only clear password field when switching tabs or minimizing. This prevents the setting "Remember Key Files and Hardware Keys" from being useless with multiple databases. * Convert key file field to Line Edit, simplifies usage. Fix clear field button as well. * Removed need for clearForms to check if the database is being opened (was a solution to tab switching while unlocking, no longer a problem).
2020-06-06 09:54:57 -04:00
m_ui->keyFileLineEdit->setText(keyFile);
Allow passing a filename and password on the command line. Passing passwords on the command line is not exactly best practice but will greatly improve development productivity.
2012-04-24 05:47:16 -04:00
openDatabase();
}
Convert DatabaseOpenDialog into a widget on DatabaseWidget.
2012-06-28 03:21:15 -04:00
void DatabaseOpenWidget::openDatabase()
Implement opening/closing databases.
2011-11-13 08:55:20 -05:00
{
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
m_ui->messageWidget->hide();
Replace "Master Key" with "Database Credentials" Definitions: * Database Key - Cryptographic hash used to perform encrypt/decrypt of the database. * Database Credentials - User facing term to refer to the collection of Password, Key File, and/or Hardware Key used to derive the Database Key. Changes: * Remove the term "master" and "key" from the user's lexicon and clarify the code base based on the definitions above. * Clean up wording in the UI to be clearer to the end user.
2020-07-01 19:16:40 -04:00
QSharedPointer<CompositeKey> databaseKey = buildDatabaseKey();
if (!databaseKey) {
Fix double warning display for database open
2017-10-05 14:44:05 -04:00
return;
}
Implement database locking. Closes #35
2012-10-12 06:12:00 -04:00
Fix key component widget initialization and password field echo mode on database open
2019-04-01 18:01:58 -04:00
m_ui->editPassword->setShowPassword(false);
Always hide password on unlock Fixes #1692
2018-03-10 09:01:53 -05:00
QCoreApplication::processEvents();
Refactor Database and Database widgets (#2491) The Database, DatabaseWidget, and DatabaseTabWidget classes share many responsibilities in inconsistent ways resulting in impenetrable and unmaintainable code and a diverse set of bugs and architecture restrictions. This patch reworks the architecture, responsibilities of, and dependencies between these classes. The core changes are: * Move loading and saving logic from widgets into the Database class * Get rid of the DatabaseManagerStruct and move all the information contained in it into the Database * Let database objects keep track of modifications and dirty/clean state instead of handing this to external widgets * Move GUI interactions for loading and saving from the DatabaseTabWidget into the DatabaseWidget (resolves #2494 as a side-effect) * Heavily clean up DatabaseTabWidget and degrade it to a slightly glorified QTabWidget * Use QSharedPointers for all Database objects * Remove the modifiedImmediate signal and replace it with a markAsModified() method * Implement proper tabName() method instead of reading back titles from GUI widgets (resolves #1389 and its duplicates #2146 #855) * Fix unwanted AES-KDF downgrade if database uses Argon2 and has CustomData * Improve code This patch is also the first major step towards solving issues #476 and #2322.
2018-11-22 05:47:31 -05:00
m_db.reset(new Database());
QString error;
Disable database unlock form while decrypting
2019-11-18 08:17:26 -05:00
Implement database locking. Closes #35
2012-10-12 06:12:00 -04:00
QApplication::setOverrideCursor(QCursor(Qt::WaitCursor));
Disable database unlock form while decrypting
2019-11-18 08:17:26 -05:00
m_ui->passwordFormFrame->setEnabled(false);
QCoreApplication::processEvents();
Replace "Master Key" with "Database Credentials" Definitions: * Database Key - Cryptographic hash used to perform encrypt/decrypt of the database. * Database Credentials - User facing term to refer to the collection of Password, Key File, and/or Hardware Key used to derive the Database Key. Changes: * Remove the term "master" and "key" from the user's lexicon and clarify the code base based on the definitions above. * Clean up wording in the UI to be clearer to the end user.
2020-07-01 19:16:40 -04:00
bool ok = m_db->open(m_filename, databaseKey, &error, false);
Implement database locking. Closes #35
2012-10-12 06:12:00 -04:00
QApplication::restoreOverrideCursor();
Disable database unlock form while decrypting
2019-11-18 08:17:26 -05:00
m_ui->passwordFormFrame->setEnabled(true);
Correctly set KDBX envelope version Shows a warning when trying to open with a newer minor version than what is currently supported. We always try to save with the lowest KDBX version possible for maximum compatibility.
2021-11-19 18:32:09 -05:00
if (ok && m_db->hasMinorVersionMismatch()) {
QScopedPointer<QMessageBox> msgBox(new QMessageBox(this));
msgBox->setIcon(QMessageBox::Warning);
msgBox->setWindowTitle(tr("Database Version Mismatch"));
msgBox->setText(tr("The database you are trying to open was most likely\n"
"created by a newer version of KeePassXC.\n\n"
"You can try to open it anyway, but it may be incomplete\n"
"and saving any changes may incur data loss.\n\n"
"We recommend you update your KeePassXC installation."));
auto btn = msgBox->addButton(tr("Open database anyway"), QMessageBox::ButtonRole::AcceptRole);
msgBox->setDefaultButton(btn);
msgBox->addButton(QMessageBox::Cancel);
msgBox->exec();
if (msgBox->clickedButton() != btn) {
m_db.reset(new Database());
m_ui->messageWidget->showMessage(tr("Database unlock canceled."), MessageWidget::MessageType::Error);
return;
}
}
Fix crash when switching tabs while unlocking
2020-01-20 09:47:02 -05:00
if (ok) {
#ifdef WITH_XC_TOUCHID
Refactor Config. Replaces all string configuration options with enum types that can be checked by the compiler. This prevents spelling errors, in-place configuration definitions, and inconsistent default values. The default value config getter signature was removed in favour of consistently and centrally default-initialised configuration values. Individual default values were adjusted for better security, such as the default password length, which was increased from 16 characters to 32. The already existing config option deprecation map was extended by a general migration procedure using configuration versioning. Settings were split into Roaming and Local settings, which go to their respective AppData locations on Windows. Fixes #2574 Fixes #2193
2020-04-25 19:31:38 -04:00
QHash<QString, QVariant> useTouchID = config()->get(Config::UseTouchID).toHash();
Fix crash when switching tabs while unlocking
2020-01-20 09:47:02 -05:00
// check if TouchID can & should be used to unlock the database next time
if (m_ui->checkTouchID->isChecked() && TouchID::getInstance().isAvailable()) {
// encrypt and store key blob
if (TouchID::getInstance().storeKey(m_filename, PasswordKey(m_ui->editPassword->text()).rawKey())) {
useTouchID.insert(m_filename, true);
}
} else {
// when TouchID not available or unchecked, reset for the current database
TouchID::getInstance().reset(m_filename);
useTouchID.insert(m_filename, false);
}
Refactor Config. Replaces all string configuration options with enum types that can be checked by the compiler. This prevents spelling errors, in-place configuration definitions, and inconsistent default values. The default value config getter signature was removed in favour of consistently and centrally default-initialised configuration values. Individual default values were adjusted for better security, such as the default password length, which was increased from 16 characters to 32. The already existing config option deprecation map was extended by a general migration procedure using configuration versioning. Settings were split into Roaming and Local settings, which go to their respective AppData locations on Windows. Fixes #2574 Fixes #2193
2020-04-25 19:31:38 -04:00
config()->set(Config::UseTouchID, useTouchID);
Fix crash when switching tabs while unlocking
2020-01-20 09:47:02 -05:00
#endif
emit dialogFinished(true);
clearForms();
} else {
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
if (m_ui->editPassword->text().isEmpty() && !m_retryUnlockWithEmptyPassword) {
QScopedPointer<QMessageBox> msgBox(new QMessageBox(this));
msgBox->setIcon(QMessageBox::Critical);
msgBox->setWindowTitle(tr("Unlock failed and no password given"));
msgBox->setText(tr("Unlocking the database failed and you did not enter a password.\n"
"Do you want to retry with an \"empty\" password instead?\n\n"
"To prevent this error from appearing, you must go to "
"\"Database Settings / Security\" and reset your password."));
auto btn = msgBox->addButton(tr("Retry with empty password"), QMessageBox::ButtonRole::AcceptRole);
msgBox->setDefaultButton(btn);
msgBox->addButton(QMessageBox::Cancel);
msgBox->exec();
if (msgBox->clickedButton() == btn) {
m_retryUnlockWithEmptyPassword = true;
openDatabase();
return;
}
}
Fix crash when switching tabs while unlocking
2020-01-20 09:47:02 -05:00
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
m_retryUnlockWithEmptyPassword = false;
Improved error messages when opening database * Reduced wording and confusion * Streamlined delivery format * Fix #813
2019-04-05 08:31:37 -04:00
m_ui->messageWidget->showMessage(error, MessageWidget::MessageType::Error);
Fix issues with database unlock * Fix #3735 - Don't focus on OpenDatabaseWidget fields that are not visible; ensures password field is focused after database lock. * Fix #3487 - Password input is selected after failed unlock. * Fix #1938 - Password input is focused after toggling visibility using the keyboard
2019-11-08 17:56:24 -05:00
// Focus on the password field and select the input for easy retry
m_ui->editPassword->selectAll();
m_ui->editPassword->setFocus();
Add TouchID support on macOS
2018-04-04 11:39:26 -04:00
#ifdef WITH_XC_TOUCHID
// unable to unlock database, reset TouchID for the current database
TouchID::getInstance().reset(m_filename);
#endif
Implement database locking. Closes #35
2012-10-12 06:12:00 -04:00
}
}
Replace "Master Key" with "Database Credentials" Definitions: * Database Key - Cryptographic hash used to perform encrypt/decrypt of the database. * Database Credentials - User facing term to refer to the collection of Password, Key File, and/or Hardware Key used to derive the Database Key. Changes: * Remove the term "master" and "key" from the user's lexicon and clarify the code base based on the definitions above. * Clean up wording in the UI to be clearer to the end user.
2020-07-01 19:16:40 -04:00
QSharedPointer<CompositeKey> DatabaseOpenWidget::buildDatabaseKey()
Implement database locking. Closes #35
2012-10-12 06:12:00 -04:00
{
Replace "Master Key" with "Database Credentials" Definitions: * Database Key - Cryptographic hash used to perform encrypt/decrypt of the database. * Database Credentials - User facing term to refer to the collection of Password, Key File, and/or Hardware Key used to derive the Database Key. Changes: * Remove the term "master" and "key" from the user's lexicon and clarify the code base based on the definitions above. * Clean up wording in the UI to be clearer to the end user.
2020-07-01 19:16:40 -04:00
auto databaseKey = QSharedPointer<CompositeKey>::create();
Move the code to open database files from DatabaseTabWidget to DatabaseOpenDialog.
2012-04-05 13:03:55 -04:00
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
if (!m_ui->editPassword->text().isEmpty() || m_retryUnlockWithEmptyPassword) {
Replace "Master Key" with "Database Credentials" Definitions: * Database Key - Cryptographic hash used to perform encrypt/decrypt of the database. * Database Credentials - User facing term to refer to the collection of Password, Key File, and/or Hardware Key used to derive the Database Key. Changes: * Remove the term "master" and "key" from the user's lexicon and clarify the code base based on the definitions above. * Clean up wording in the UI to be clearer to the end user.
2020-07-01 19:16:40 -04:00
databaseKey->addKey(QSharedPointer<PasswordKey>::create(m_ui->editPassword->text()));
Implement opening/closing databases.
2011-11-13 08:55:20 -05:00
}
Add TouchID support on macOS
2018-04-04 11:39:26 -04:00
#ifdef WITH_XC_TOUCHID
// check if TouchID is available and enabled for unlocking the database
Fix TouchID operation after database refactor * Fix #2720
2019-02-24 18:31:55 -05:00
if (m_ui->checkTouchID->isChecked() && TouchID::getInstance().isAvailable()
&& m_ui->editPassword->text().isEmpty()) {
// clear empty password from composite key
Replace "Master Key" with "Database Credentials" Definitions: * Database Key - Cryptographic hash used to perform encrypt/decrypt of the database. * Database Credentials - User facing term to refer to the collection of Password, Key File, and/or Hardware Key used to derive the Database Key. Changes: * Remove the term "master" and "key" from the user's lexicon and clarify the code base based on the definitions above. * Clean up wording in the UI to be clearer to the end user.
2020-07-01 19:16:40 -04:00
databaseKey->clear();
Fix TouchID operation after database refactor * Fix #2720
2019-02-24 18:31:55 -05:00
Add TouchID support on macOS
2018-04-04 11:39:26 -04:00
// try to get, decrypt and use PasswordKey
Replace all crypto libraries with Botan Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out. The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt. Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's. Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead. Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan. Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR. NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established. Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots. Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG. Greatly simplified Secret Service plugin's use of crypto functions with Botan.
2021-04-04 08:56:00 -04:00
QByteArray passwordKey;
if (TouchID::getInstance().getKey(m_filename, passwordKey)) {
Add TouchID support on macOS
2018-04-04 11:39:26 -04:00
// check if the user cancelled the operation
Replace all crypto libraries with Botan Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out. The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt. Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's. Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead. Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan. Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR. NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established. Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots. Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG. Greatly simplified Secret Service plugin's use of crypto functions with Botan.
2021-04-04 08:56:00 -04:00
if (passwordKey.isNull()) {
Add TouchID support on macOS
2018-04-04 11:39:26 -04:00
return QSharedPointer<CompositeKey>();
Replace all crypto libraries with Botan Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out. The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt. Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's. Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead. Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan. Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR. NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established. Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots. Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG. Greatly simplified Secret Service plugin's use of crypto functions with Botan.
2021-04-04 08:56:00 -04:00
}
Remove redundant null-checks for pointer deletion Deleting a null pointer is defined behavior and results in a no-op at the assembly level, so it's perfectly safe.
2018-10-28 06:39:15 -04:00
Replace all crypto libraries with Botan Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out. The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt. Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's. Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead. Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan. Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR. NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established. Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots. Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG. Greatly simplified Secret Service plugin's use of crypto functions with Botan.
2021-04-04 08:56:00 -04:00
databaseKey->addKey(PasswordKey::fromRawKey(passwordKey));
Add TouchID support on macOS
2018-04-04 11:39:26 -04:00
}
}
#endif
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
auto lastKeyFiles = config()->get(Config::LastKeyFiles).toHash();
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
lastKeyFiles.remove(m_filename);
Remember last key file.
2011-12-25 14:36:45 -05:00
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
auto key = QSharedPointer<FileKey>::create();
Fix minor UX issues with DB Open Widget * Only clear password field when switching tabs or minimizing. This prevents the setting "Remember Key Files and Hardware Keys" from being useless with multiple databases. * Convert key file field to Line Edit, simplifies usage. Fix clear field button as well. * Removed need for clearForms to check if the database is being opened (was a solution to tab switching while unlocking, no longer a problem).
2020-06-06 09:54:57 -04:00
QString keyFilename = m_ui->keyFileLineEdit->text();
if (!keyFilename.isEmpty()) {
Implement opening databases with key files.
2011-12-24 13:19:52 -05:00
QString errorMsg;
Add a new database settings wizard This patch implements a new database wizard to guide users through the process of setting up a new database and choosing sane encryption settings. It also reimplements the master key settings to be more user-friendly. Users can now add, change, or remove individual composite key components instead of having to set all components at once. This avoids confusion about a password being reset if the user only wants to add a key file. With these changes comes a major refactor of how database composite keys and key components are handled. Copying of keys is prohibited and each key exists only once in memory and is referenced via shared pointers. GUI components for changing individual keys are encapsulated into separate classes to be more reusable. The password edit and generator widgets have also been refactored to be more reusable.
2018-05-13 17:21:43 -04:00
if (!key->load(keyFilename, &errorMsg)) {
Improved error messages when opening database * Reduced wording and confusion * Streamlined delivery format * Fix #813
2019-04-05 08:31:37 -04:00
m_ui->messageWidget->showMessage(tr("Failed to open key file: %1").arg(errorMsg), MessageWidget::Error);
Add a new database settings wizard This patch implements a new database wizard to guide users through the process of setting up a new database and choosing sane encryption settings. It also reimplements the master key settings to be more user-friendly. Users can now add, change, or remove individual composite key components instead of having to set all components at once. This avoids confusion about a password being reset if the user only wants to add a key file. With these changes comes a major refactor of how database composite keys and key components are handled. Copying of keys is prohibited and each key exists only once in memory and is referenced via shared pointers. GUI components for changing individual keys are encapsulated into separate classes to be more reusable. The password edit and generator widgets have also been refactored to be more reusable.
2018-05-13 17:21:43 -04:00
return {};
Implement opening databases with key files.
2011-12-24 13:19:52 -05:00
}
Add support for version 2 XML key files. As discussed in #4317, the next KeePass2 release will ship with support for a new generation of XML key files which enable hash integrity checks. This patch adds support for reading and generating this new format. By default, KeePass2 now uses the .keyx extension for generated key files, which was added to KeePassXC's key generation file chooser filter. We continue to generate hashed binary key files by default, but the user can explicitly save the file with the new .keyx extension to generate an XML v2 key file (currently undocumented). When opening a database, the key file type is still determined by content negotation, so the file extension has no impact here. As an additional change, the legacy key file warnings have been improved slightly to be less confusing and more helpful.
2020-12-09 19:28:01 -05:00
if (key->type() != FileKey::KeePass2XMLv2 && key->type() != FileKey::Hashed
&& !config()->get(Config::Messages_NoLegacyKeyFileWarning).toBool()) {
Add warning when using legacy key file formats.
2017-12-27 08:20:28 -05:00
QMessageBox legacyWarning;
Add support for version 2 XML key files. As discussed in #4317, the next KeePass2 release will ship with support for a new generation of XML key files which enable hash integrity checks. This patch adds support for reading and generating this new format. By default, KeePass2 now uses the .keyx extension for generated key files, which was added to KeePassXC's key generation file chooser filter. We continue to generate hashed binary key files by default, but the user can explicitly save the file with the new .keyx extension to generate an XML v2 key file (currently undocumented). When opening a database, the key file type is still determined by content negotation, so the file extension has no impact here. As an additional change, the legacy key file warnings have been improved slightly to be less confusing and more helpful.
2020-12-09 19:28:01 -05:00
legacyWarning.setWindowTitle(tr("Old key file format"));
legacyWarning.setText(tr("You are using an old key file format which KeePassXC may<br>"
"stop supporting in the future.<br><br>"
"Please consider generating a new key file by going to:<br>"
Address translation feedback from Transifex
2021-02-14 19:15:10 -05:00
"<strong>Database &gt; Database Security &gt; Change Key File.</strong><br>"));
Add warning when using legacy key file formats.
2017-12-27 08:20:28 -05:00
legacyWarning.setIcon(QMessageBox::Icon::Warning);
legacyWarning.addButton(QMessageBox::Ok);
legacyWarning.setDefaultButton(QMessageBox::Ok);
legacyWarning.setCheckBox(new QCheckBox(tr("Don't show this warning again")));
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
connect(legacyWarning.checkBox(), &QCheckBox::stateChanged, this, [](int state) {
Refactor Config. Replaces all string configuration options with enum types that can be checked by the compiler. This prevents spelling errors, in-place configuration definitions, and inconsistent default values. The default value config getter signature was removed in favour of consistently and centrally default-initialised configuration values. Individual default values were adjusted for better security, such as the default password length, which was increased from 16 characters to 32. The already existing config option deprecation map was extended by a general migration procedure using configuration versioning. Settings were split into Roaming and Local settings, which go to their respective AppData locations on Windows. Fixes #2574 Fixes #2193
2020-04-25 19:31:38 -04:00
config()->set(Config::Messages_NoLegacyKeyFileWarning, state == Qt::CheckState::Checked);
Add warning when using legacy key file formats.
2017-12-27 08:20:28 -05:00
});
legacyWarning.exec();
}
Replace "Master Key" with "Database Credentials" Definitions: * Database Key - Cryptographic hash used to perform encrypt/decrypt of the database. * Database Credentials - User facing term to refer to the collection of Password, Key File, and/or Hardware Key used to derive the Database Key. Changes: * Remove the term "master" and "key" from the user's lexicon and clarify the code base based on the definitions above. * Clean up wording in the UI to be clearer to the end user.
2020-07-01 19:16:40 -04:00
databaseKey->addKey(key);
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
lastKeyFiles.insert(m_filename, keyFilename);
Remember if challenge-response was used for each database and allow to re-detect Yubikeys without closing the database first
2017-02-20 16:07:01 -05:00
}
Refactor Config. Replaces all string configuration options with enum types that can be checked by the compiler. This prevents spelling errors, in-place configuration definitions, and inconsistent default values. The default value config getter signature was removed in favour of consistently and centrally default-initialised configuration values. Individual default values were adjusted for better security, such as the default password length, which was increased from 16 characters to 32. The already existing config option deprecation map was extended by a general migration procedure using configuration versioning. Settings were split into Roaming and Local settings, which go to their respective AppData locations on Windows. Fixes #2574 Fixes #2193
2020-04-25 19:31:38 -04:00
if (config()->get(Config::RememberLastKeyFiles).toBool()) {
config()->set(Config::LastKeyFiles, lastKeyFiles);
Issue #270 - turning off key location memory Add general settting for whether or not to remember last key files
2015-03-14 23:06:53 -04:00
}
Implement opening databases with key files.
2011-12-24 13:19:52 -05:00
Hide UI elements when KeePassXC was compiled without -DWITH_XC_YUBIKEY
2017-02-20 19:06:32 -05:00
#ifdef WITH_XC_YUBIKEY
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
auto lastChallengeResponse = config()->get(Config::LastChallengeResponse).toHash();
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
lastChallengeResponse.remove(m_filename);
gui: Add YubiKey support to widgets * Add YubiKey support to the GUI widgets. Signed-off-by: Kyle Manna <kyle@kylemanna.com>
2014-05-26 03:49:28 -04:00
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
int selectionIndex = m_ui->challengeResponseCombo->currentIndex();
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
if (selectionIndex > 0) {
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
auto slot = m_ui->challengeResponseCombo->itemData(selectionIndex).value<YubiKeySlot>();
Fix challenge-response key data after Botan * Fix #6420 * Refactor Challenge-Response key files to be more streamlined. Added a test to confirm raw key data is accurate.
2021-04-22 23:07:49 -04:00
auto crKey = QSharedPointer<ChallengeResponseKey>(new ChallengeResponseKey(slot));
Replace "Master Key" with "Database Credentials" Definitions: * Database Key - Cryptographic hash used to perform encrypt/decrypt of the database. * Database Credentials - User facing term to refer to the collection of Password, Key File, and/or Hardware Key used to derive the Database Key. Changes: * Remove the term "master" and "key" from the user's lexicon and clarify the code base based on the definitions above. * Clean up wording in the UI to be clearer to the end user.
2020-07-01 19:16:40 -04:00
databaseKey->addChallengeResponseKey(crKey);
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
// Qt doesn't read custom types in settings so stuff into a QString
lastChallengeResponse.insert(m_filename, QStringLiteral("%1:%2").arg(slot.first).arg(slot.second));
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
}
Refactor Config. Replaces all string configuration options with enum types that can be checked by the compiler. This prevents spelling errors, in-place configuration definitions, and inconsistent default values. The default value config getter signature was removed in favour of consistently and centrally default-initialised configuration values. Individual default values were adjusted for better security, such as the default password length, which was increased from 16 characters to 32. The already existing config option deprecation map was extended by a general migration procedure using configuration versioning. Settings were split into Roaming and Local settings, which go to their respective AppData locations on Windows. Fixes #2574 Fixes #2193
2020-04-25 19:31:38 -04:00
if (config()->get(Config::RememberLastKeyFiles).toBool()) {
config()->set(Config::LastChallengeResponse, lastChallengeResponse);
gui: Add YubiKey support to widgets * Add YubiKey support to the GUI widgets. Signed-off-by: Kyle Manna <kyle@kylemanna.com>
2014-05-26 03:49:28 -04:00
}
Hide UI elements when KeePassXC was compiled without -DWITH_XC_YUBIKEY
2017-02-20 19:06:32 -05:00
#endif
gui: Add YubiKey support to widgets * Add YubiKey support to the GUI widgets. Signed-off-by: Kyle Manna <kyle@kylemanna.com>
2014-05-26 03:49:28 -04:00
Replace "Master Key" with "Database Credentials" Definitions: * Database Key - Cryptographic hash used to perform encrypt/decrypt of the database. * Database Credentials - User facing term to refer to the collection of Password, Key File, and/or Hardware Key used to derive the Database Key. Changes: * Remove the term "master" and "key" from the user's lexicon and clarify the code base based on the definitions above. * Clean up wording in the UI to be clearer to the end user.
2020-07-01 19:16:40 -04:00
return databaseKey;
Implement opening/closing databases.
2011-11-13 08:55:20 -05:00
}
Automatically check password checkbox and make toggle password button work.
2011-11-16 12:46:09 -05:00
Convert DatabaseOpenDialog into a widget on DatabaseWidget.
2012-06-28 03:21:15 -04:00
void DatabaseOpenWidget::reject()
{
Refactor Database and Database widgets (#2491) The Database, DatabaseWidget, and DatabaseTabWidget classes share many responsibilities in inconsistent ways resulting in impenetrable and unmaintainable code and a diverse set of bugs and architecture restrictions. This patch reworks the architecture, responsibilities of, and dependencies between these classes. The core changes are: * Move loading and saving logic from widgets into the Database class * Get rid of the DatabaseManagerStruct and move all the information contained in it into the Database * Let database objects keep track of modifications and dirty/clean state instead of handing this to external widgets * Move GUI interactions for loading and saving from the DatabaseTabWidget into the DatabaseWidget (resolves #2494 as a side-effect) * Heavily clean up DatabaseTabWidget and degrade it to a slightly glorified QTabWidget * Use QSharedPointers for all Database objects * Remove the modifiedImmediate signal and replace it with a markAsModified() method * Implement proper tabName() method instead of reading back titles from GUI widgets (resolves #1389 and its duplicates #2146 #855) * Fix unwanted AES-KDF downgrade if database uses Argon2 and has CustomData * Improve code This patch is also the first major step towards solving issues #476 and #2322.
2018-11-22 05:47:31 -05:00
emit dialogFinished(false);
Convert DatabaseOpenDialog into a widget on DatabaseWidget.
2012-06-28 03:21:15 -04:00
}
void DatabaseOpenWidget::browseKeyFile()
Implement opening databases with key files.
2011-12-24 13:19:52 -05:00
{
Add support for version 2 XML key files. As discussed in #4317, the next KeePass2 release will ship with support for a new generation of XML key files which enable hash integrity checks. This patch adds support for reading and generating this new format. By default, KeePass2 now uses the .keyx extension for generated key files, which was added to KeePassXC's key generation file chooser filter. We continue to generate hashed binary key files by default, but the user can explicitly save the file with the new .keyx extension to generate an XML v2 key file (currently undocumented). When opening a database, the key file type is still determined by content negotation, so the file extension has no impact here. As an additional change, the legacy key file warnings have been improved slightly to be less confusing and more helpful.
2020-12-09 19:28:01 -05:00
QString filters = QString("%1 (*);;%2 (*.keyx; *.key)").arg(tr("All files"), tr("Key files"));
Use an own FileDialog class instead of QFileDialog.
2011-12-25 19:21:29 -05:00
QString filename = fileDialog()->getOpenFileName(this, tr("Select key file"), QString(), filters);
Implement opening databases with key files.
2011-12-24 13:19:52 -05:00
Make the purpose of the key file field clearer. The new unlock dialogue seems to confuse users as to what the purpose of the key file is. This patch changes the generic "Select file..." affordance to the more explicit "Select key file..." and adds a help button to the label just like the one we already have for the hardware key. Furthermore, it prevents the user from using the KDBX file as its own key file (since that would never work anyway). The change breaks existing translations on purpose (instead of simply adjusting the en_US locale) in order to force translators to update this string for their languages. Resolves #3678
2019-11-06 05:10:02 -05:00
if (QFileInfo(filename).canonicalFilePath() == QFileInfo(m_filename).canonicalFilePath()) {
Run code formatter
2019-11-18 01:57:04 -05:00
MessageBox::warning(this,
tr("Cannot use database file as key file"),
tr("You cannot use your database file as a key file.\nIf you do not have a key file, "
"please leave the field empty."),
MessageBox::Button::Ok);
Make the purpose of the key file field clearer. The new unlock dialogue seems to confuse users as to what the purpose of the key file is. This patch changes the generic "Select file..." affordance to the more explicit "Select key file..." and adds a help button to the label just like the one we already have for the hardware key. Furthermore, it prevents the user from using the KDBX file as its own key file (since that would never work anyway). The change breaks existing translations on purpose (instead of simply adjusting the en_US locale) in order to force translators to update this string for their languages. Resolves #3678
2019-11-06 05:10:02 -05:00
filename = "";
}
Implement opening databases with key files.
2011-12-24 13:19:52 -05:00
if (!filename.isEmpty()) {
Fix minor UX issues with DB Open Widget * Only clear password field when switching tabs or minimizing. This prevents the setting "Remember Key Files and Hardware Keys" from being useless with multiple databases. * Convert key file field to Line Edit, simplifies usage. Fix clear field button as well. * Removed need for clearForms to check if the database is being opened (was a solution to tab switching while unlocking, no longer a problem).
2020-06-06 09:54:57 -04:00
m_ui->keyFileLineEdit->setText(filename);
Implement opening databases with key files.
2011-12-24 13:19:52 -05:00
}
}
gui: Add YubiKey support to widgets * Add YubiKey support to the GUI widgets. Signed-off-by: Kyle Manna <kyle@kylemanna.com>
2014-05-26 03:49:28 -04:00
Fix minor UX issues with DB Open Widget * Only clear password field when switching tabs or minimizing. This prevents the setting "Remember Key Files and Hardware Keys" from being useless with multiple databases. * Convert key file field to Line Edit, simplifies usage. Fix clear field button as well. * Removed need for clearForms to check if the database is being opened (was a solution to tab switching while unlocking, no longer a problem).
2020-06-06 09:54:57 -04:00
void DatabaseOpenWidget::clearKeyFileText()
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
{
Fix minor UX issues with DB Open Widget * Only clear password field when switching tabs or minimizing. This prevents the setting "Remember Key Files and Hardware Keys" from being useless with multiple databases. * Convert key file field to Line Edit, simplifies usage. Fix clear field button as well. * Removed need for clearForms to check if the database is being opened (was a solution to tab switching while unlocking, no longer a problem).
2020-06-06 09:54:57 -04:00
m_ui->keyFileLineEdit->clear();
Hide keyfile path by default Fixes #5576
2020-12-04 08:01:36 -05:00
m_ui->keyFileLineEdit->setShowPassword(false);
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
}
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
void DatabaseOpenWidget::pollHardwareKey()
Remember if challenge-response was used for each database and allow to re-detect Yubikeys without closing the database first
2017-02-20 16:07:01 -05:00
{
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
if (m_pollingHardwareKey) {
return;
}
m_ui->challengeResponseCombo->clear();
m_ui->challengeResponseCombo->addItem(tr("Detecting hardware keys…"));
Remember if challenge-response was used for each database and allow to re-detect Yubikeys without closing the database first
2017-02-20 16:07:01 -05:00
m_ui->buttonRedetectYubikey->setEnabled(false);
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
m_ui->challengeResponseCombo->setEnabled(false);
m_ui->hardwareKeyProgress->setVisible(true);
m_pollingHardwareKey = true;
Use QSharedPointer instead of cloning YkChallengeResponseKey and make it a QObject to allow emitting signals
2017-02-23 17:52:36 -05:00
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
YubiKey::instance()->findValidKeys();
Remember if challenge-response was used for each database and allow to re-detect Yubikeys without closing the database first
2017-02-20 16:07:01 -05:00
}
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
void DatabaseOpenWidget::hardwareKeyResponse(bool found)
gui: Add YubiKey support to widgets * Add YubiKey support to the GUI widgets. Signed-off-by: Kyle Manna <kyle@kylemanna.com>
2014-05-26 03:49:28 -04:00
{
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
m_ui->challengeResponseCombo->clear();
m_ui->buttonRedetectYubikey->setEnabled(true);
m_ui->hardwareKeyProgress->setVisible(false);
m_pollingHardwareKey = false;
Remember if challenge-response was used for each database and allow to re-detect Yubikeys without closing the database first
2017-02-20 16:07:01 -05:00
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
if (!found) {
m_ui->challengeResponseCombo->addItem(tr("No hardware keys detected"));
m_ui->challengeResponseCombo->setEnabled(false);
return;
} else {
m_ui->challengeResponseCombo->addItem(tr("Select hardware key…"));
}
YubiKeySlot lastUsedSlot;
Refactor Config. Replaces all string configuration options with enum types that can be checked by the compiler. This prevents spelling errors, in-place configuration definitions, and inconsistent default values. The default value config getter signature was removed in favour of consistently and centrally default-initialised configuration values. Individual default values were adjusted for better security, such as the default password length, which was increased from 16 characters to 32. The already existing config option deprecation map was extended by a general migration procedure using configuration versioning. Settings were split into Roaming and Local settings, which go to their respective AppData locations on Windows. Fixes #2574 Fixes #2193
2020-04-25 19:31:38 -04:00
if (config()->get(Config::RememberLastKeyFiles).toBool()) {
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
auto lastChallengeResponse = config()->get(Config::LastChallengeResponse).toHash();
Remember if challenge-response was used for each database and allow to re-detect Yubikeys without closing the database first
2017-02-20 16:07:01 -05:00
if (lastChallengeResponse.contains(m_filename)) {
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
// Qt doesn't read custom types in settings so extract from QString
auto split = lastChallengeResponse.value(m_filename).toString().split(":");
if (split.size() > 1) {
lastUsedSlot = YubiKeySlot(split[0].toUInt(), split[1].toInt());
}
Remember if challenge-response was used for each database and allow to re-detect Yubikeys without closing the database first
2017-02-20 16:07:01 -05:00
}
}
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
int selectedIndex = 0;
for (auto& slot : YubiKey::instance()->foundKeys()) {
// add detected YubiKey to combo box
m_ui->challengeResponseCombo->addItem(YubiKey::instance()->getDisplayName(slot), QVariant::fromValue(slot));
// Select this YubiKey + Slot if we used it in the past
if (lastUsedSlot == slot) {
selectedIndex = m_ui->challengeResponseCombo->count() - 1;
}
}
Both slots on Yubikey are now polled for challenge/response
2017-10-07 21:25:42 -04:00
Significantly enhance hardware key robustness * Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC. * Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write. * Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize. * Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations. * Fixes #4400 * Fixes #4065 * Fixes #1050 * Fixes #1215 * Fixes #3087 * Fixes #1088 * Fixes #1869
2020-04-06 08:42:20 -04:00
m_ui->challengeResponseCombo->setCurrentIndex(selectedIndex);
m_ui->challengeResponseCombo->setEnabled(true);
gui: Add YubiKey support to widgets * Add YubiKey support to the GUI widgets. Signed-off-by: Kyle Manna <kyle@kylemanna.com>
2014-05-26 03:49:28 -04:00
}
Redesign database unlock widget. (#3287) With this change we get rid of the confusing key component checkboxes. Now a component is either there or not (if left empty). There is no redundant distinction between "unset" and "emtpy" anymore. For compatibility with older databases that have "empty" passwords, KeePassXC will ask if the user wants to retry with an empty password if unlocking failed and the password field was left blank. Besides these functional changes, the widget's layout has been rearranged to be more compact, less stretched out (e.g. input fields do not fill the full window width anymore), and more user-friendly by providing a help tooltip for the hardware key field and accessible descriptions for screen readers.
2019-06-22 12:00:31 -04:00
void DatabaseOpenWidget::openHardwareKeyHelp()
{
Make the purpose of the key file field clearer. The new unlock dialogue seems to confuse users as to what the purpose of the key file is. This patch changes the generic "Select file..." affordance to the more explicit "Select key file..." and adds a help button to the label just like the one we already have for the hardware key. Furthermore, it prevents the user from using the KDBX file as its own key file (since that would never work anyway). The change breaks existing translations on purpose (instead of simply adjusting the en_US locale) in order to force translators to update this string for their languages. Resolves #3678
2019-11-06 05:10:02 -05:00
QDesktopServices::openUrl(QUrl("https://keepassxc.org/docs#faq-cat-yubikey"));
}
void DatabaseOpenWidget::openKeyFileHelp()
{
QDesktopServices::openUrl(QUrl("https://keepassxc.org/docs#faq-cat-keyfile"));
}
Reference in New Issue Copy Permalink