* Botan: use raw_private_key_bits() if available
Botan 3.x introduces raw_private_key_bits() as an alias for
get_private_key(), and deprecates the latter.
* Botan: use Cipher_Dir::Encryption
Botan 3.x introduces Cipher_Dir::Encryption as an alias for
Cipher_Dir::ENCRYPTION, and deprecates the latter. Likewise for
Decryption/DECRYPTION.
* SymmetricCipher: Fix Botan 3 build
Botan commit 819cf8fe6278a19b8266f449228f02fc28a4f784 changed
Botan::Cipher_Dir to be a scoped enumeration, so the users
must be adapted.
This change causes no issues with Botan 2 because normal
enumeration values can also be referred to the same way
scoped enumeration values are accessed.
* Auto detect Botan3
* AsyncTask: Do not use `std::result_of`
`std::result_of` was deprecated in C++17 and then it was
subsequently removed in C++20. One could use `std::invoke_result_t`,
but let Qt figure out the return type instead.
* Collapse Botan2 and Botan3 find package into one
* Update COPYING
---------
Co-authored-by: Jonathan White <support@dmapps.us>
* Fix detecting AES-256/GCM cipher, fixes#8964
When you generate a ssh key using the aes-256/gcm cipher, the cipher name in the keyfile includes an @openssh.com at the end.
* Use separate iv length for getting iv data, the assumption that the block size and iv size are equal does not hold for every cipher mode (e.g., GCM)
* Disable AES-256/GCM for now in ssh keys
Currently, the granularity for the botan gcm implementation is too large. To fix a problem with another algorithm in the library, they are multiplying
the blocksize, so by default the granularity is 64. This causes issues since the encrypted data in the key is only guaranteed to have a length that is a multiple of the block size (16).
* Remove parallel left/right block calculations in favor of calculating both blocks simultaneously. This brings the calculation within parity of 2.6.6.
* Fix#7682
* Fix#7487 - Botan does not use threads when calculating Argon2 KDF leading to very poor performance for a parallelism value > 1.
* Include port file for vcpkg backed builds
* Special thanks to @HexF and @smlu for their contributions towards this feature.
* Add MVP support for Windows Hello as a Quick Unlock solution using the WinRT API. This works by signing a random challenge vector with the Windows Hello protected key store (typically from TPM). The signed challenge is hashed using SHA-256 and then used as the encryption key to encrypt the database credentials. Credentials are encrypted using AES-256/GCM. This ensures the database password can only be decrypted following a successful authentication with Windows Hello in the future.
* Unify Touch ID and Windows Hello behavior under the Quick Unlock branding. Remove all timeout features of Touch ID as they are unnecessary and complicate the feature for no security gain.
* Quick Unlock is automatically reset only when the database key is changed vice whenever database settings are modified.
* Don't set database unlock dialog as always on top. This allows Touch ID and Windows Hello prompts to appear above the dialog properly.
* Prevent quick unlock when using AutoOpen or opening from the command line.
Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out.
The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt.
Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's.
Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead.
Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan.
Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR.
NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established.
Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots.
Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG.
Greatly simplified Secret Service plugin's use of crypto functions with Botan.
* Fix issues when Config options were renamed
* Fix compile issues when using clang 10
* Rearrange database menu icons and import database menu icons
* Set minimum size of MainWindow to 800 to prevent search bar from hiding
* Fix not saving password generator options when closing the standalone generator
* Add headers to health check reports
* Don't show hidden content dots when notes are hidden but empty.
* Fix saving new database files in SMB shares on Windows, fixes#4809
* Gracefully handle duplicate attachments :
Instead of bailing out with an error, prepend a random string to the name of duplicate attachment records. This prevents data loss from other programs that mishandled KDBX XML writing. Fixes#2493
* Properly handle blocked import of signed KeeShare database, fixes#4413
* Prevent using double memory when benchmarking Argon2 performance.
* Improve benchmark results by not overusing CPU and memory simultaneously. Parallel benchmarks were causing artificially strained calculations resulting in a lower than desired number of rounds.
Added an option to set the target decryption time on database creation
for the CLI create command. This required some refactoring, in
particular the extraction of the min, max and defaut decryption times in
the `Kdf` module. Some work was done to allow changing those constant
only in the `Kdf` module, should we ever want to change them.
* DatabaseTabWidget::newDatabase returns the created DatabaseWidget
* Emit DatabaseTabWidget::databaseOpened signal before a new tab is added
* EntrySearcher can now search attribute values including custom ones
* Add Group::applyGroupIconTo to set the group icon on the supplied entry
* Implement desktop notifications through the system tray icon
* Add DatabaseWidget::deleteEntries to delete a list of entries
* Add Aes128 in SymmetricCipher::algorithmIvSize
* Add DatabaseWidget::databaseReplaced signal
* Add a helper class to override the message box's parent (prevent bugs)
Adding debug info to the CLI and the general option
of the main Qt app. Also took time to:
* use `EXIT_SUCCESS`/`EXIT_FAILURE` constants
for main.cpp (this is what is used in `src/cli`);
* fixed `m_initalized` typo;
* added info on debugging mode being disabled
or not;
* regrouped Qt related stuff in the debug output.
* Minor code quality fixes found by Codacy
* Fix unused variables when WITH_XC_NETWORKING is OFF
* Fix#2684, resolve entry references from the root group
* Fix#2697 and Fix#2699, listen specifically for
WM_QUERYENDSESSION and WM_ENDSESSION on
Windows to gracefully shutdown KeePassXC
* Cleanup proxy code and add explicit closure for
shutdown messages
Many lines were not conformant with the project's formatting rules.
This patch should fix all formatting and whitespace issues in the code
base.
A clang-format directive was put around the connect() calls containing
SIGNALs and SLOTs whose signatures would be denormalized because of the
formatting rules.
The Database, DatabaseWidget, and DatabaseTabWidget classes share many responsibilities in inconsistent ways resulting in impenetrable and unmaintainable code and a diverse set of bugs and architecture restrictions. This patch reworks the architecture, responsibilities of, and dependencies between these classes.
The core changes are:
* Move loading and saving logic from widgets into the Database class
* Get rid of the DatabaseManagerStruct and move all the information contained in it into the Database
* Let database objects keep track of modifications and dirty/clean state instead of handing this to external widgets
* Move GUI interactions for loading and saving from the DatabaseTabWidget into the DatabaseWidget (resolves#2494 as a side-effect)
* Heavily clean up DatabaseTabWidget and degrade it to a slightly glorified QTabWidget
* Use QSharedPointers for all Database objects
* Remove the modifiedImmediate signal and replace it with a markAsModified() method
* Implement proper tabName() method instead of reading back titles from GUI widgets (resolves#1389 and its duplicates #2146#855)
* Fix unwanted AES-KDF downgrade if database uses Argon2 and has CustomData
* Improve code
This patch is also the first major step towards solving issues #476 and #2322.
Use nullptr instead of 0 or NULL to initialize a null pointer. In some
cases, readability was enhanced by replacing 0 with more meaningful
values according to the type of the pointer being initialized.
The CLI module was lacking unit test coverage and showed some severe
coding style violations, which this patch addresses.
In addition, all uses of qCritical() with untranslatble raw char*
sequences were removed in favor of proper locale strings. These are
written to STDERR through QTextStreams and support output
redirection for testing purposes. With this change, error messages don't
depend on the global Qt logging settings and targets anymore and go
directly to the terminal or into a file if needed.
This patch also fixes a bug discovered during unit test development,
where the extract command would just dump the raw XML contents without
decrypting embedded Salsa20-protected values first, making the XML
export mostly useless, since passwords are scrambled.
Lastly, all CLI commands received a dedicated -h/--help option.
Generation of unit test coverage reports used to be quite complicated
and required a lot of different settings, including a custom CMake
build type. This patch updates the coverage CMake module to only
require -DWITH_COVERAGE=ON to be set on a normal Debug build in order
to create a coverage target.
This patch also moves away from lcov in favor of gcovr, since lcov appears
to be broken in GCC 8. However, the routines for generating lcov reports
still exist, so provided lcov receives updates and there is sufficient
reason to switch back, it is easy to do so.
* Add source folder keeshare for sharing with corresponding define WITH_XC_KEESHARE
* Move common crypto parts to src/crypto/ssh
* Extended OpenSSHKey
* Move filewatching to own file (currently in two related classes DelayedFileWatcher and BulkFileWatcher)
* Small improvements for style and code in several classes
* Sharing is secured using RSA-Keys which are generated on demand
* Publisher signs the container using their private key
* Client can verify the signed container and choose to decline an import,
import only once or trust the publisher and automatically import all
data of this source henceforth
* Integration of settings into Group-Settings, Database-Settings and Application-Settings
* Introduced dependency QuaZip as dependency to allow combined export of
key container and the (custom format) certificate
This patch implements a new database wizard to guide users through the process
of setting up a new database and choosing sane encryption settings.
It also reimplements the master key settings to be more
user-friendly. Users can now add, change, or remove individual composite
key components instead of having to set all components at once. This
avoids confusion about a password being reset if the user only wants to
add a key file.
With these changes comes a major refactor of how database composite keys and key
components are handled. Copying of keys is prohibited and each key
exists only once in memory and is referenced via shared pointers. GUI
components for changing individual keys are encapsulated into separate
classes to be more reusable. The password edit and generator widgets
have also been refactored to be more reusable.
* Adds KDBX4 reader/writer interfaces
* Adds KDBX4 XML reader/write interfaces
* Implements test cases for KDBX4
* Fully compatible with KeePass2
* Corrects minor issues with Argon2 KDF
Note: This implementation is not yet connected to the
database itself and will corrupt existing kdbx3 db's.
* Implemented memory and parallelism parameters for Argon2Kdf
* Using libargon2; libsodium does not support Argon2d algorithm
* Moved basic rounds parameter into Kdf class
* Reimplemented benchmark algorithm; previous was utterly broken
