Commit Graph

17 Commits

Author SHA1 Message Date
Jonathan White
80809ace67 Replace all crypto libraries with Botan
Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out.

The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt.

Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's.

Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead.

Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan.

Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR.

NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established.

Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots.

Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG.

Greatly simplified Secret Service plugin's use of crypto functions with Botan.
2021-04-05 22:56:03 -04:00
Louis-Bertrand Varin
8324d03f0a Formatting the code. 2018-03-31 16:01:30 -04:00
Janek Bevendorff
7a6850d5fe Move useful QTest template specializations to global header file
Fix KDBX test linker errors on Windows
2018-01-24 13:32:37 +01:00
Janek Bevendorff
ccfd7a065c
Fix coding style and GUI test 2018-01-13 14:24:57 -05:00
angelsl
6a0d05e1ef
Add support for various algorithms for kdbx4
* Add SHA512 support to CryptoHash
* Add ChaCha20 support
* Add HMAC support
* Add new HmacBlockStream, used in KDBX 4
* Add support for ChaCha20 protected stream
2018-01-13 14:23:26 -05:00
Felix Geyer
c8ae31a248 Remove backported Qt5 test macros. 2015-09-23 22:21:21 +02:00
Felix Geyer
f6243675c9 Warn if result of processInPlace() is unchecked.
Fix callers accordingly.
2015-05-09 23:21:50 +02:00
Felix Geyer
a762cef0a9 Catch and handle all errors from libgcrypt. 2015-05-09 23:21:44 +02:00
Felix Geyer
0d6117bf4c Do some basic self-checks when initializing the crypto backend. 2014-06-15 11:17:40 +02:00
Florian Geyer
77af79498c Move QTEST_GUILESS_MAIN statements before test cases. 2014-05-16 12:32:52 +02:00
Felix Geyer
6504b6f2bd Drop Qt module name from include statements.
This is a preparation to be able to build KeePassX against Qt 5.
2013-10-03 15:18:16 +02:00
Felix Geyer
6b13d18137 Rename KEEPASSX_QTEST_CORE_MAIN to QTEST_GUILESS_MAIN which is available in Qt 5. 2012-07-25 12:18:16 +02:00
Felix Geyer
782223a643 Coding style fixes. 2012-07-01 21:58:45 +02:00
Felix Geyer
2e011d5362 Improve code style. 2012-04-18 22:08:22 +02:00
Felix Geyer
a61057d7f6 Core tests instantiate QCoreApplication instead of QApplication.
This way they can be used without a running X server.
2012-01-01 22:04:27 +01:00
Felix Geyer
ac60f7ce70 Add missing crypto initalization in tests. 2011-11-12 20:00:19 +01:00
Felix Geyer
58e048be96 Add KeePass2RandomStream class.
It's responsible for processing protected strings in kdbx files.
2011-07-07 00:08:37 +02:00