CLI: Add support for okon in offline HIBP checks

* Closes #5447 * Add option `--okon <okon-cli path>` to trigger the use of the okon cli tool to process a database's entries. When using this option the `-H, --hibp` option must point to a post-processed okon file instead of the standard HIBP text file. * Updated documentation
2025-09-20 21:04:44 -04:00 · 2020-09-27 09:00:59 -04:00 · 2020-09-27 09:00:59 -04:00 · 7426693f1d
commit 7426693f1d
parent e1c2537084
5 changed files with 92 additions and 13 deletions
--- a/docs/man/keepassxc-cli.1.adoc
+++ b/docs/man/keepassxc-cli.1.adoc
@ -37,7 +37,7 @@ It provides the ability to query and modify the entries of a KeePass database, d
  The same password generation options as documented for the generate command can be used when the *-g* option is set.

 *analyze* [_options_] <__database__>::
-  Analyzes passwords in a database for weaknesses.
+  Analyzes passwords in a database for weaknesses using offline HIBP SHA-1 hash lookup.

 *clip* [_options_] <__database__> <__entry__> [_timeout_]::
  Copies an attribute or the current TOTP (if the *-t* option is specified) of a database entry to the clipboard.
@ -199,6 +199,10 @@ The same password generation options as documented for the generate command can
  Such files are available from https://haveibeenpwned.com/Passwords;
  note that they are large, and so this operation typically takes some time (minutes up to an hour or so).

+*--okon* <__okon-cli path__>::
+  Use the specified okon-cli program to perform offline breach checks. You can obtain okon-cli from https://github.com/stryku/okon.
+  When using this option, *-H, --hibp* must point to a post-processed okon file (e.g. file.okon).
+
 === Clip options
 *-a*, *--attribute*::
  Copies the specified attribute to the clipboard.