Commit Graph

3422 Commits

Author SHA1 Message Date
Carlo Teubner
ecdebd71c1 Fix file permissions for some files
Ensure that files that shouldn't be executable aren't.
2024-06-06 17:35:49 -04:00
Carlo Teubner
c81e4e1208 Remove zero-width space character from comments
Remove Unicode character U+FEFF ZERO WIDTH NO-BREAK SPACE from Weslly's
email address in a few places.

Not sure if this was done on purpose (anti-spam measure?), but it's not
consistently done anyway (e.g. wasn't the case in
src/gui/TotpDialog.cpp), so it seems cleanest to remove this.
2024-06-02 07:44:00 -04:00
Carlo Teubner
9288bef4f5
Botan: don't call deprecated functions (#10826)
* Botan: use raw_private_key_bits() if available

Botan 3.x introduces raw_private_key_bits() as an alias for
get_private_key(), and deprecates the latter.

* Botan: use Cipher_Dir::Encryption

Botan 3.x introduces Cipher_Dir::Encryption as an alias for
Cipher_Dir::ENCRYPTION, and deprecates the latter. Likewise for
Decryption/DECRYPTION.
2024-06-01 15:53:35 -04:00
Sami Vänttinen
5de669eb7b
Add action item for removing a passkey from entry (#10777) 2024-05-27 16:50:35 -04:00
Sebastian Lipponer
9aa040604a
Fix broken build when using system zxcvbn (#10717)
* Fix broken build when using system zxcvbn

Fixup of zxcvbn include statement added in 5513ff5. A zxcvbn/ directory
prefix breaks building with system zxcvbn. Remove this prefix to align
this include statement with ones present in other files. Add zxcvbn
libraries as dependency to CliTest.

* Move src/zxcvbn/ to src/thirdparty/zxcvbn
2024-05-27 15:11:34 -04:00
Steve Mokris
20868ab3a2 Restore macOS monospace font size prior to #10282 2024-05-27 15:02:14 -04:00
Frans-Willem Post
c93eacd1d3 Prevent HTML overflow, fix issue #10647 2024-05-27 14:51:23 -04:00
Jonathan White
a5c7f7bb50 Fix Flatpak config issues
Remove #ifdef guards from Config.h/cpp (no harm to non-Flatpak distros)

Cleanup #ifdef usage in NixUtils.cpp
2024-05-27 14:50:57 -04:00
Alexandre Petit
8cd45f57b7
Fix SSH Agent broken decrypt button (#10638)
* SSH Agent: Fix broken decrypt button (Fixes #10637)

---------

Co-authored-by: Jonathan White <support@dmapps.us>
2024-05-27 14:48:33 -04:00
Jonathan White
1fd8923746 Fix portable mode detection for native messaging files
* Fixes #10755
2024-05-27 14:47:53 -04:00
Jonathan White
2a62000b28 Fix Alt modifier on Windows Auto-Type
* Fixes #10791
2024-05-23 10:59:36 -04:00
Mounir IDRASSI
e7aa09276e
Fix wrong DACL memory size on Windows (createWindowsDACL) (#10712)
Each AddAccessAllowedAce invocation should be matched with a corresponding sizeof(ACCESS_ALLOWED_ACE) and the respective GetLengthSid of the SID being used. This ensures that there is enough space in the ACL for each entry.

The issue manifest itself only when WITH_XC_SSHAGENT is defined.
2024-05-21 11:17:43 +02:00
Jonathan White
3ace4c6cf5 Fix issues with Hardware Key auto detection
* Fix #10656 - Add a small delay when before auto-polling hardware keys to all them to settle immediately after plugging in. This resolves an issue where the key's serial number could not be resolved due to hardware timeout.
* Also fix use of uninitialized variable if polling serial number fails for whatever reason.

* Fix typo in macOS key registration code

* Prevent registering duplicate listeners on window focus. These were not de-registered because we didn't trigger on unfocus. Show/Hide are sufficient triggers to add and remove listeners.
2024-05-05 16:33:03 -04:00
Jonathan White
83623c896f Keep key file text when provided on command line
* Fixes #10552
2024-05-05 16:26:05 -04:00
varjolintu
92b30ae7ec Passkeys: Register to an existing entry 2024-05-05 13:53:43 -04:00
Jonathan White
bd449f3226 Fix issues with locking database
* Fix #6593 - force close any modal dialogs associated with a database widget that is being locked.

* Partial fix for #721 but doesn't address the problem of needing to save a modified entry or database while locking.

* Also improves import dialog behavior if databases(s) lock while it is visible.
2024-05-05 11:05:51 -04:00
Jonathan White
6b62beab6e Fix issues with Entry Editing
* Fix #10653 - prevent category switching if no category was actually hidden/visible. Also properly select a new category when a change is made instead of just changing the widget page.

* Fix apply button still being enabled after it is pressed and successfully committed
2024-05-05 11:05:51 -04:00
Jonathan White
1896883382 Bitwarden and 1PUX importer improvements
* Fixes #10400
  - Support TOTP entries with bare secrets instead of otpauth urls for Bitwarden. Vice-versa for 1PUX.
  - Support Bitwarden Argon2id encryption scheme

* Fixes #10380 - Support Bitwarden organization collections
2024-04-29 08:51:01 -04:00
Jonathan White
94ace985e7 Preserve Secret Service exposed group setting on merge
* Fixes #9371 - adds secret service custom data key to the list of protected custom data (will not be overwritten on merge)
2024-04-29 08:50:46 -04:00
Jonathan White
3829bcdd8f Prevent KeeShare from merging database custom data
This issue previously caused parent databases to be marked as modified on unlock. This was because of the new protections against byte-by-byte side channel attacks adds a randomized string to the database custom data. We should never be merging database custom data with keeshare or imports since we are merging groups only.

Also prevent overwrite of auto-generated custom data fields, Last Modified and Random Slug.
2024-04-29 08:50:46 -04:00
Jonathan White
4f12f57a0b Open links and urls in AppImage
* Fixes #8721
2024-04-29 08:49:49 -04:00
Jonathan White
04fac249f9 Force clear clipboard on Wayland
* Fixes #4498
2024-04-29 08:49:49 -04:00
Jonathan White
f812f0a1ac Further prevent ability to access memory on Windows
* Restrict access to changing DACL's after the process is started. This prevents the creator of the keepassxc.exe process from simply adding the permission to read memory back to the DACL list.
* Verified using System Informer.
2024-04-29 08:10:04 -04:00
Jonathan White
195e5b53f2 Reduce complexity of {CLEARFIELD} on Linux
Instead of `CTRL + HOME, CTRL + SHIFT + END, BACKSPACE` use `HOME, SHIFT + END, BACKSPACE`

Fixes #10006
2024-04-28 18:22:13 -04:00
Jonathan White
13362c9142 Fix TOTP being visible on unlock when disabled in settings
* Fixes #9996
2024-04-28 18:21:52 -04:00
Jonathan White
9a65ffe972 Don't remember key file folder if disabled
* Fixes #10557
2024-04-28 18:16:24 -04:00
Jonathan White
19d4f7334c Correct minor issues in translations 2024-04-28 18:16:10 -04:00
Mikko Saarinki
a542ded97c
QMenubar option to show/hide itself (#10341)
--------

Co-authored-by: Mikko Saarinki <mikko.saarinki@michaelkingston.fi>
Co-authored-by: Jonathan White <support@dmapps.us>
2024-04-27 22:09:38 -04:00
Kevin J
4ef52c859b
Add hotkey for group switching (#10625)
* Add hotkey for group switching

Ctrl + Shift + Key_PageUp for previous group
Ctrl + Shift + Key_PageDown for next group
Fixes #4394
2024-04-27 10:22:18 -04:00
Jonathan White
7ae65dd656 Remove password repeat application setting
* This removes the application setting to require typing the password in again even though it is visible.
* Removed automatic password repeat when the password is made visible on changing.
2024-04-27 09:49:38 -04:00
Jonathan White
bb856f89b9 Only perform group sort when GroupView is focused
* Fixes #10195
2024-04-25 23:51:03 -04:00
Kevin Jerebica
994c5b733a Add hotkey for search-help
Add a new hotkey (CTRL+J) for toggling on/off
the search-help when you are in the search field
Fixes: #4100
2024-04-25 23:42:06 -04:00
Mathieu Oriol
d0e9f133b1 Use XDG Desktop Portal to autostart the flatpak 2024-04-25 23:41:31 -04:00
Sami Vänttinen
5b123e7944
Passkeys: Pass extension JSON data to browser (#10615) 2024-04-25 06:29:51 -04:00
meigelb
880621c1fb
Fix display of bytes without decimals (#10595)
*Fixes #10594
2024-04-24 18:20:58 -04:00
Jonathan White
35af1c6695 Fix focus loss when using Auto-Type from locked database
* Fixes #10439
2024-04-23 20:56:31 -04:00
varjolintu
cb1ae44a3b Passkeys: Position the confirm dialog with the parent window 2024-04-21 12:23:37 -04:00
varjolintu
41d00135af Passkeys: Fix duplicate database selection 2024-04-21 07:19:16 -04:00
Jonathan White
6f11422604 Prevent SSH Agent from using entries in the recycle bin
* Fixes #10516
* Also cleanup Group::isRecycled() code a little
2024-04-20 12:54:40 -04:00
Jonathan White
e657cbf43b Fix crash when deleting history items
* Fixes #10386
2024-04-20 12:53:39 -04:00
Jonathan White
6481ecccd7 Fix crash on screen lock or computer sleep
* Fixes #10455
* Fixes #10432
* Fixes #10415

Prevent setting critical key components to nullptr when database data is cleared. This can result in a crash due to race condition between threads.

Added a bunch of asserts to detect this problem and if guards to prevent actual crashes.
2024-04-13 07:54:18 -04:00
Jonathan White
f60601fa67 Fix CSV import skipping over single-name groups
* Fixes #10574
2024-04-13 07:53:12 -04:00
Jonathan White
194409abd6 Remove various undefined/unused functions 2024-03-31 17:19:35 -04:00
varjolintu
5883f49f37 Passkeys: Fix RP ID validation 2024-03-31 17:19:22 -04:00
varjolintu
8a4787278d Passkeys: Do not ask update with a new user handle 2024-03-31 17:19:09 -04:00
varjolintu
9329df2b48 Passkeys: Enable Import Passkey entry menu item only if a single entry is selected 2024-03-31 16:13:04 -04:00
Sami Vänttinen
c34098546d
Passkeys: Fix compatibility with StrongBox (#10420) 2024-03-31 16:12:33 -04:00
Sami Vänttinen
e70777061c
Passkeys: Add warning on export (#10411) 2024-03-31 16:12:15 -04:00
varjolintu
d5e6f394b7 Passkeys: Allow nfc and usb transports 2024-03-31 16:11:53 -04:00
Joachim Breuer
35fdcfa28d Do not override fixed font size
This allows properly configuring a readable/desired fixed font in system settings, keepassxcrc etc.
2024-03-31 14:51:06 -04:00
Drwsburah
812bb606c7
Implemented database file hidden attribute preservation on Windows (#10343)
* Implemented database file hidden attribute preservation on Windows

Implemented database file hidden attribute preservation on Windows by modifying the save function to check the hidden attribute of the original database before saving and then reapply it post-saving if running on Windows so that users can easily store their database in a hidden file without having to re-hide it every time it's modified.

Updated the TestDatabase::testSaveAs() unit test to first verify after the initial save that the database file is not hidden before hiding it then saving again and verifying that it is now hidden.

Signed-off-by: Drwsburah <Drwsburah@yahoo.com>
Co-authored-by: Jonathan White <support@dmapps.us>
2024-03-31 14:48:57 -04:00
Jonathan White
db0b659a53 Fix Message Box button size on macOS and Linux
* Fixes #10381
2024-03-31 14:48:06 -04:00
Jonathan White
9521f63b3a Fix focusing search after database unlock
* Fixes #10405
2024-03-31 14:47:50 -04:00
Chris
b916b76713 Fix Indonesian language descriptor
Bahasa is simply means language in Indonesian.
Therefore, referring Indonesian language as "bahasa" is incorrect.
2024-03-31 08:06:44 -04:00
Jonathan White
60908d4b9b Fix parsing stat file for polkit 2024-03-29 06:29:30 -04:00
Jonathan White
3fb3659cc9
Revert "Add missing Q_OBJECT to ShortcutSettingsWidget"
This reverts commit 254ec73940.
2024-03-09 13:14:37 -05:00
Jonathan White
254ec73940
Add missing Q_OBJECT to ShortcutSettingsWidget
* Fix previous broken commit
2024-03-09 13:11:38 -05:00
Jonathan White
72fc00695c Prevent byte-by-byte and attachment inference side channel attacks
Attack - KeeShare attachments can be inferred because of attachment de-duplication.

Solution - Prevent de-duplication of normal database entry attachments with those entry attachments synchronized/associated with a KeeShare database. This is done using the KeeShare database UUID injected into the hash calculation of the attachment prior to de-dupe. The attachments themselves are not modified in any way.

--------

Attack - Side channel byte-by-byte inference due to compression de-duplication of data between a KeeShare database and it's parent.

Solution - Generate a random array between 64 and 512 bytes, convert to hex, and store in the database custom data.

--------

Attack vector assumptions:
1. Compression is enabled
2. The attacker has access to a KeeShare database actively syncing with the victim's database
3. The victim's database is unlocked and syncing
4. The attacker can see the exact size of the victim's database after saving, and syncing, the KeeShare database

Thank you to Andrés Fábrega from Cornell University for theorizing and informing us of this attack vector.
2024-03-09 12:39:00 -05:00
Jonathan White
14e8bc58f3
Add missing Q_OBJECT to ShortcutSettingsPage 2024-03-09 12:38:39 -05:00
Jonathan White
e700195f0a Add 1Password 1PUX and Bitwarden JSON Importers
* Closes #7545 - Support 1Password 1PUX import format based on https://support.1password.com/1pux-format/

* Closes #8367 - Support Bitwarden JSON import format (both unencrypted and encrypted) based on https://bitwarden.com/help/encrypted-export/

* Fixes #9577 - OPVault import when fields have the same name or type

* Introduce the import wizard to handle all import tasks (CSV, KDBX1, OPVault, 1PUX, JSON)

* Clean up CSV parser code to make it much more efficient and easier to read

* Combine all importer tests (except CSV) into one test file
2024-03-09 10:44:54 -05:00
Jonathan White
a02bceabd2 Minor changes to Group API to make it more explicit
* Include check for group as recycle bin directly into the Group::isRecycled() function

* Return the original root group from Database::setRootGroup(...) to force memory management transfer
2024-03-09 10:44:54 -05:00
Jonathan White
b4ff1fa36c Fix spacing of QGroupBox's
* Previously our base style sheet added roughly 20px of margin to the top and bottom of all QGroupBox. This caused visual errors where that margin was not needed/desired. 
* Transferred padding to the specific layouts instead where it belongs.
2024-03-09 10:44:54 -05:00
Janek Bevendorff
0acb15de0f Set test locale to C 2024-03-08 10:55:22 -05:00
Janek Bevendorff
aace1dc913 Fix TouchID not being shown after lid close
Fixes #8945
Fixes #10315
2024-03-08 10:55:22 -05:00
Janek Bevendorff
6a273363c4 Automatically detect USB device changes 2024-03-08 10:55:22 -05:00
Konrad Gräfe
d2a4ccbc16 ssh-agent: keygen: Fix negative numbers in RSA key
The private exponent d may be negative in which case an additional pad
byte is needed. Otherwise ssh-agent fails to load the key.

Signed-off-by: Konrad Gräfe <kgraefe@paktolos.net>
2024-03-06 08:00:57 -05:00
varjolintu
2086e4c7d1 Fix macOS crash on Accent Color change 2024-03-06 07:58:15 -05:00
Sami Vänttinen
ac2b445db6
Passkeys improvements (#10318)
Refactors the Passkey implementation to include more checks and a structure that is more aligned with the official specification.
Notable changes:
- _BrowserService_ no longer does the checks by itself. A new class _BrowserPasskeysClient_ constructs the relevant objects, acting as a client. _BrowserService_ only acts as a bridge between the client and _BrowserPasskeys_ (authenticator) and calls the relevant popups for user interaction.
- A new helper class _PasskeyUtils_ includes the actual checks and parses the objects.
- _BrowserPasskeys_ is pretty much intact, but some functions have been moved to PasskeyUtils.
- Fixes Ed25519 encoding in _BrowserCBOR_.
- Adds new error messages.
- User confirmation for Passkey retrieval is also asked even if `discouraged` is used. This goes against the specification, but currently there's no other way to verify the user.
- `cross-platform` is also accepted for compatibility. This could be removed if there's a potential issue with it.
- Extension data is now handled correctly during Authentication.
- Allowed and excluded credentials are now handled correctly.
- `KPEX_PASSKEY_GENERATED_USER_ID` is renamed to `KPEX_PASSKEY_CREDENTIAL_ID`
- Adds a new option "Allow localhost with Passkeys" to Browser Integration -> Advanced tab. By default it's not allowed to access HTTP sites, but `http://localhost` can be allowed for debugging and testing purposes for local servers.
- Add tag `Passkey` to a Passkey entry, or an entry with an imported Passkey.

Fixes #10287.
2024-03-06 07:42:01 -05:00
Waqar Ahmed
a472ef8a93
Allow configuring keyboard shortcuts (#9643)
Closes #2689

The design of the respective code is loosely based on KDE's KActionCollection. The ActionCollection manages all actions that can be shortcut configured. These actions are then exposed in the config and a user can assign a different shortcut.

Actions inside the MainWindow have been added to the ActionCollection.

---------

Co-authored-by: Jonathan White <support@dmapps.us>
2024-02-04 06:29:04 -05:00
hcwf
d03f5e4977 Fix broken Yubikey docs link from issue #10228 2024-02-03 08:41:21 -05:00
Michael Duersch
884386c924 Allow groups to restrict by browser integration key (#6437) 2024-01-14 07:43:48 -05:00
qycyfjy
7bfe9065cf Fix removing entry from history and improve logic of history tab showing 2024-01-06 18:23:43 -05:00
StableAgOH
6b3eaa7f3e Fix logging for no clipping program worked 2024-01-06 17:47:34 -05:00
ycwan9
b77eb4b905 Fix QT-based system theme detection 2024-01-06 17:05:44 -05:00
BGM99
f77975a9f7 Fix focus loss on save when the widget is not visible anymore 2024-01-06 16:56:20 -05:00
f4lkensmaz3
ce01f6d7cd
Prevent duplicate characters in "Also choose from" field of password generator (#9803)
* Fixes #9797
2024-01-06 16:54:30 -05:00
wise0n
07232f04c0 Fix menu location in alert 2024-01-06 16:53:33 -05:00
Jonathan White
9f3b4dc5ea Fix multiple TOTP issues
* Fix #9847 - don't provide TOTP values if settings are blank or completely wrong
* Fix #6838 - don't reset the ui when creating a new entry and applying TOTP to it
* Move totp source into the core folder
2024-01-06 15:17:13 -05:00
Dmytro
5d64292ed8
Fix dangling reference (#10135) 2024-01-06 13:58:56 -05:00
egglessness
d44486ce94
Add configurable password strength check on database password (#9782)
* Set default value of DatabasePasswordMinimumQuality to 3 (do not accept a master password that is less than Good)

* Add custom message box button "Continue with weak password"
2024-01-06 13:53:18 -05:00
varjolintu
b2e6dc5fda Passkeys: Add Resident Key error 2024-01-06 13:47:22 -05:00
varjolintu
6d19ab8894 Passkeys: UI adjustments 2024-01-06 13:47:12 -05:00
varjolintu
6820400b11 Passkeys: Create AAGUID for KeePassXC 2024-01-06 12:34:54 -05:00
varjolintu
e28f5187bc Passkeys: Fix default timeout on authentication 2024-01-06 12:34:20 -05:00
Jan Klötzke
a8cfefe6c8
Fix database merge crash when fdosecrets is enabled (#10136)
* Entry: re-parent before adding to new group

Adding the Entry to the Group will emit signals about the action.
Present the object with the correct parent already.

* fdosecrets: Item::Create() can fail

If an entry cannot be registered on DBus, Item::Create() will return a
nullptr. Basically, this can only happen if there is already an item
with the same UUID in the collection. The only viable option here is to
ignore the new entry.

* Merger: prevent duplicate entry when merging histories

If the source entry is newer, a copy of the entry is made. But before 
moving the merged entry to the target group, it must be removed. 
Otherwise there will be briefly two entries with the same UUID
in the same group/database.

Even though this is only the case during the transaction, it can still
be observed because the operations emit signals. A notable problem is
the fdosecrets feature that relies on the uniqueness of the UUID or will
otherwise run into problems because the UUID is used as part of the DBus
path.
2024-01-02 07:17:25 -05:00
spaette
9e119230d4
Fix minor typos (#10124) 2023-12-22 15:12:07 -05:00
lapse
681a0f5638
Update CMakeLists.txt (#10098)
Added set(CPACK_COMPONENTS_ALL "") to prevent cmake from causing an XML fragments issue later on in CPack.
2023-12-22 14:50:58 -05:00
Baptiste Daroussin
af4bc3e194 Add support to get process name on FreeBSD 2023-12-21 12:32:51 -05:00
louib
e355ac54b8 refactor: remove unused merge function
This function in unused since we removed the all the unused merge modes
in f7fd3881e3
2023-12-16 12:51:22 -05:00
varjolintu
c5e9d3588a Fix ifdefs with UrlTools 2023-12-11 14:29:20 -05:00
louib
f7fd3881e3 refactor: remove unused merge methods 2023-12-10 08:19:08 -05:00
Dan Church
cc0530ba46 Fix Botan 2/3 include
Botan::secure_scrub_memory -> defined in mem_ops.h
Botan::secure_vector -> defined in secmem.h

The reason only including secmem.h worked in previous (<3.0) versions of
Botan was because secmem.h included mem_ops.h. This is no longer the
case since commit
randombit/botan@49dbbcb2bf (2023-10-11;
"Split out allocator helpers to allocator.h")

Fixes #10038
2023-11-22 23:11:47 -05:00
Sami Vänttinen
13c88e1013
Passkeys: Add support for importing Passkey to entry (#9987)
---------
Co-authored-by: Jonathan White <support@dmapps.us>
2023-11-22 23:11:25 -05:00
Jonathan White
013db199cb Fix password generator close button for good
* Avoids using QDialog which breaks the standalone password generator

Revert "Fix password dialog close button"

This reverts commit 5b47190fcc.
2023-11-22 22:49:10 -05:00
varjolintu
a3717c7acd Rename userId to credentialId 2023-11-09 18:00:33 -05:00
Remigiusz Żętkowski
1126055015 Fix docs link anchors 2023-11-05 16:35:18 -05:00
Sami Vänttinen
454dc7169d
Fix showing password generator from the toolbar icon (#9984) 2023-11-04 06:23:18 -04:00
Sami Vänttinen
6f2354c0e9
Add basic support for WebAuthn (Passkeys) (#8825)
---------

Co-authored-by: varjolintu <sami.vanttinen@protonmail.com>
Co-authored-by: droidmonkey <support@dmapps.us>
2023-10-25 10:12:55 -04:00
Barnabás Pőcze
378c2992cd Do not hard-code colors in classic stylesheet for SearchBanner/KeeShareBanner
Having the green-ish hard-coded color makes the banner stand out
too much when the platform native theming is used.
2023-10-23 23:27:58 -04:00
Sami Vänttinen
6f5f600559
Fix crash on database open from browser (#9939) 2023-10-23 23:08:41 -04:00