* Fix#6242 - pinned taskbar shortcuts are not removed on upgrade or uninstall. Icons will be preserved between upgrades.
* Fix#6627 - properly set checkboxes for desktop shortcut and autostart of login based on current settings during install
* Add documentation shortcuts to the start menu
* Auto-accept license if upgrading application
Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out.
The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt.
Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's.
Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead.
Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan.
Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR.
NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established.
Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots.
Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG.
Greatly simplified Secret Service plugin's use of crypto functions with Botan.
This change adds a new database settings widget
named "maintenance", using a wrench icon. This widget is designated to be the home for database related maintenance tasks.
Initially, managing custom icons is now possible from that new tab. The feature includes bulk removing of
any number of selected custom icons and automatic purging of unused custom icons by the click of a button.
Fixes#2110
* Closes#4216
Reduced to three-tiered rating system and fixed column implementation. Hide password strength indicator in entry view if excluded from reports.
Introduce password health caching to prevent unnecessary calculations.
- Allow switching between themes without restart (except classic)
- Rework icon loading and recolouring logic to react to theme changes
- Automatically react to light/dark theme change
- Remove explicit selection of monochrome tray icon variant (selected
automatically now)
- Update theme background colours for Big Sur
- Update application icon to match Big Sur HIG
The tray icon doesn't respond perfectly to theme changes yet on Big Sur,
since we need different icons for dark and light theme and cannot simply
let the OS recolour the icon for us (we do that, too, but only as an
additional fallback). At the moment, there is no signal to listen to
that would allow this.
This patch adds a few generic methods to OSUtils for detecting and
communicating theme changes, which are only stubs for Windows and Linux at
the moment and need to be implemented in future commits.
Fixes#4933Fixes#5349
* Include new icons for toolbar overflow to ensure they are tinted correctly and fit in with the rest of the UI.
* Replace custom code for clearing line edits by including a proper icon for the default action.
Describe how to invoke the AFL fuzz tester on the KeePassXC
CLI tool. As suggested in #2729.
Fuzz test build of keepassxc-cli takes database password from
environment variable instead of requiring it to be empty.
Provide two empty kdbx files as initial fuzzer input, one
kdbx 3 and one kdbx 4, both with minimal number of decryption
rounds to speed up the test.
Taken from the .ts files, specifically the translations of phrases "Password Manager" and "KeePassXC - cross-platform password manager" (translations of the latter then appropriately cropped, with some help from Google Translate for the scripts I can't read).
Also add Estonian translation for Comment.
It is usable by both Gnome Software, KDE Discover and web frontends,
such as Flathub which now enforces OARS.
By using OARS 1.0 all distributions should be supported. Version 1.1
should work almost everywhere, but there are a few notable distributions
that still lack GNOME Software >= 3.27.3.
In this case it should not matter, because the OARS data is the same for
both versions (nothing 1.1 specific is used).
You can generate and verify these changes using:
https://odrs.gnome.org/oars
* Move portable configuration files into a config subfolder from the executable. This prevents overwriting the stored config when the application is updated in-place.
* Use .portable file to signal a portable app
* Fix#4751
- Reduce SVG complexity and clean up unnecessary paths
- Recreate monochrome icons for better rendering at low resolutions
- Export as minified SVG Basic 1.1 without style elements
- Recreate 256x256 PNG from optimised SVG
- Unify widget layouts and margins
- Fix tab order on a bunch of widgets
- Fix broken entry/group edit form layout and replace with grid layout
- Rearrange some settings for better logical grouping
- Fix some settings checkboxes not being enabled/disabled on load
- Fix "General" settings tab scrolling
- Rename "Root" group to "Passwords"
- Update demo.kdbx accordingly and redownload favicons
- Change entry path display to use slash separators
- Reduce Medium and Large icon sizes slightly
* Add icons for Database Import, Database Export, and Recent Databases
* Change app exit icon to be distinct from export icon
* Updated and ran makeappicons.sh
Original source of icons is the icon8 library (http://icons8.com/c/flat-color-icons) and Paomedia (https://github.com/paomedia/small-n-flat). All icons used are licensed MIT or CC0; annotated in COPYING.
* Closes#4071
* Increase default size of database icons to 24px and entry preview panel to 48px
* Add shell script to assemble the database icons
* Use QIcon to seamlessly support High DPI displays and pixmap caching
* Add badge support for KeeShare groups and expired entries.
* Guard against use of QPixmap::fromImage without a GUI
* Add SVG minify and improve `make icons`
Co-authored-by: Wolfram Rösler <wolfram@roesler-ac.de>
Introduce a third unsorted status that shows entries in the order they occur in the KDBX file.
* Add keyboard shortcut Ctrl+Alt+Up/Down to move entries up and down in sort order
* Add entry context menu icons to achieve movement up/down
* Only show menu icons when in natural sort order
* Add Material Design icons for moving up/down
* Add feature to track non-data changes and force a save on exit to ensure they are not lost when locking a database. This allows users to make entry movements and group expand/collapse operations and not lose that state.
Remove saveas
Add an option in the 'Database' menu to save a backup of the current database.
Add unit test for saving database copy
* Open a test database, mark it as modified, and save a copy
* Fail if the copy is not a valid database
* Fail if the original database is saved
* Fail if the original database is no longer marked as modified
* Fixes#4168
* Introduce a custom data element stored with an entry to indicate that it is a "Known Bad" entry. This flag causes database reports to skip these entries.
* The current number of known bad entries is displayed in the statistics report.
* Add context menu to reports to easily exclude entries.
* Include checkboxes to install a desktop shortcut (default no) and start on login (default yes)
* Fix closing KeePassXC.exe and keepassxc-proxy.exe before installation starts
* Improve styling of launch after exit checkbox
The recent macOS security patch renders our codesigning
"fix" of setting the sandbox entitlement to false twice
unusable. This patch adds a full provisioning profile
and adjusts the signing procedure to not include
entitlements for Qt frameworks.
The patch also changes the app and bundle ID, so granted
accessibility privileges have to be granted again after
installing the update.
Fixes#4398Fixes#4515
* Fixes#1083
* Add online HIBP checker dialog to the database reports widget. Permission is requested from the user prior to performing any network operations.
* The number of times a password has been found in a breach is shown to the user.
* If no passwords are breached then a positive message is presented.
* Source of HIBP icon: https://github.com/simple-icons/simple-icons/blob/develop/icons/haveibeenpwned.svg
Authored-by: Wolfram Rösler <wolfram@roesler-ac.de>
Co-authored-by: Jonathan White <support@dmapps.us>
* Add ability to create database with an empty password
* Add password repeat check
* Standardize process between `db-create` and `import` commands
* Improve db-create tests with new password repeat
Co-authored-by: Jonathan White <support@dmapps.us>
