Commit Graph

34 Commits

Author SHA1 Message Date
peter
6b14b5dc27 Optimize includes across code base 2021-07-13 22:08:33 -04:00
Jonathan White
80809ace67 Replace all crypto libraries with Botan
Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out.

The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt.

Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's.

Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead.

Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan.

Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR.

NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established.

Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots.

Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG.

Greatly simplified Secret Service plugin's use of crypto functions with Botan.
2021-04-05 22:56:03 -04:00
Carlo Teubner
f62e0534a2 Fixes for minor issues found by static analysis
Mostly style issues.

I used the following tools to find most of these:

- lgtm.com
- clang-tidy
- cpplint
- cppcheck
2020-02-02 08:46:58 -05:00
Jonathan White
c663b5d5fc Add braces around single line statements
* Ran clang-tidy with "readability-braces-around-statements" to find missing braces around statements.
2020-02-02 08:46:18 -05:00
Gianluca Recchia
fc930bae69
Restore correct formatting
Many lines were not conformant with the project's formatting rules.
This patch should fix all formatting and whitespace issues in the code
base.
A clang-format directive was put around the connect() calls containing
SIGNALs and SLOTs whose signatures would be denormalized because of the
formatting rules.
2018-11-28 18:29:15 -05:00
Janek Bevendorff
113c8eb702 Add CLI tests and improve coding style and i18n
The CLI module was lacking unit test coverage and showed some severe
coding style violations, which this patch addresses.

In addition, all uses of qCritical() with untranslatble raw char*
sequences were removed in favor of proper locale strings. These are
written to STDERR through QTextStreams and support output
redirection for testing purposes. With this change, error messages don't
depend on the global Qt logging settings and targets anymore and go
directly to the terminal or into a file if needed.

This patch also fixes a bug discovered during unit test development,
where the extract command would just dump the raw XML contents without
decrypting embedded Salsa20-protected values first, making the XML
export mostly useless, since passwords are scrambled.

Lastly, all CLI commands received a dedicated -h/--help option.
2018-10-19 21:49:54 +02:00
Louis-Bertrand Varin
8324d03f0a Formatting the code. 2018-03-31 16:01:30 -04:00
Toni Spets
d2359df2b0 SymmetricCipher: Add support for AES-128-CBC 2018-02-11 15:31:06 +01:00
Janek Bevendorff
7a6850d5fe Move useful QTest template specializations to global header file
Fix KDBX test linker errors on Windows
2018-01-24 13:32:37 +01:00
angelsl
6a0d05e1ef
Add support for various algorithms for kdbx4
* Add SHA512 support to CryptoHash
* Add ChaCha20 support
* Add HMAC support
* Add new HmacBlockStream, used in KDBX 4
* Add support for ChaCha20 protected stream
2018-01-13 14:23:26 -05:00
Jonathan White
28ad6ed552 Merge branch 'master' into develop 2017-12-11 21:10:25 -05:00
Michal Kaptur
0ff75e7a88 Fixed memory leaks in non-gui tests
Fixed 2 memory leaks in production code and a few in testcases. As a
result leak_check_at_exit ASAN option does not need to turned off for
non-gui tests.
Smart pointers should be used elsewhere for consistency, but the sooner
this fixes are delivered, the lesser memory leaks are introduced.
2017-11-27 23:36:09 +01:00
Toni Spets
a81a5fa31b SymmetricCipher: Support CTR mode
Includes AES-256-CTR non-stream tests
2017-11-19 14:38:59 +02:00
thez3ro
a53b111182
Update and fix copyright headers 2017-06-14 15:54:43 +02:00
Janek Bevendorff
4dab30ce6f
Break instead of returning 2017-01-28 17:53:19 +01:00
Janek Bevendorff
75dc21c66d
Implement Twofish CBC encryption and decryption tests 2017-01-28 17:53:17 +01:00
Felix Geyer
c8ae31a248 Remove backported Qt5 test macros. 2015-09-23 22:21:21 +02:00
Felix Geyer
98d9dae087 Test if reset() and close() write only one final block. 2015-07-20 21:51:32 +02:00
Felix Geyer
cfffdae573 Improve error reporing of layered streams. 2015-05-09 23:21:50 +02:00
Felix Geyer
a762cef0a9 Catch and handle all errors from libgcrypt. 2015-05-09 23:21:44 +02:00
Felix Geyer
0d6117bf4c Do some basic self-checks when initializing the crypto backend. 2014-06-15 11:17:40 +02:00
Florian Geyer
77af79498c Move QTEST_GUILESS_MAIN statements before test cases. 2014-05-16 12:32:52 +02:00
Felix Geyer
6504b6f2bd Drop Qt module name from include statements.
This is a preparation to be able to build KeePassX against Qt 5.
2013-10-03 15:18:16 +02:00
Felix Geyer
6b13d18137 Rename KEEPASSX_QTEST_CORE_MAIN to QTEST_GUILESS_MAIN which is available in Qt 5. 2012-07-25 12:18:16 +02:00
Felix Geyer
38e421d9c1 Fix padding handling in SymmetricCipherStream.
The implementation had two issues:
- It didn't add a block full of padding when the input size was a multiple
  of the block size.
- It didn't strip the padding when reading data.
2012-05-08 21:46:01 +02:00
Felix Geyer
2e011d5362 Improve code style. 2012-04-18 22:08:22 +02:00
Felix Geyer
a61057d7f6 Core tests instantiate QCoreApplication instead of QApplication.
This way they can be used without a running X server.
2012-01-01 22:04:27 +01:00
Felix Geyer
230d24a123 No longer use automoc. 2010-11-21 23:06:30 +01:00
Felix Geyer
a428464573 Add Salsa20 cipher.
Restructure SymmetricCipher implementation to allow multiple backends.
2010-11-21 16:19:27 +01:00
Felix Geyer
b639c43b24 Remove unneeded toHex() calls. 2010-09-19 20:13:23 +02:00
Felix Geyer
36d974649e Write the remaining buffer in reset(). 2010-09-18 17:13:28 +02:00
Felix Geyer
c2bdfab158 Implement writing to the SymmetricCipherStream. 2010-09-16 18:20:46 +02:00
Felix Geyer
d508c2dd68 Open a kdbx file in main() and add more SymmetricCipher tests. 2010-09-13 23:25:48 +02:00
Felix Geyer
6a2034fa24 Add crypto classes and tests. Link to libgcrypt. 2010-09-11 19:49:30 +02:00