This patch implements a new database wizard to guide users through the process
of setting up a new database and choosing sane encryption settings.
It also reimplements the master key settings to be more
user-friendly. Users can now add, change, or remove individual composite
key components instead of having to set all components at once. This
avoids confusion about a password being reset if the user only wants to
add a key file.
With these changes comes a major refactor of how database composite keys and key
components are handled. Copying of keys is prohibited and each key
exists only once in memory and is referenced via shared pointers. GUI
components for changing individual keys are encapsulated into separate
classes to be more reusable. The password edit and generator widgets
have also been refactored to be more reusable.
* Fixed database not showing modified after failed save
* Fixed Yubikey not being redetected after replug
* Fixed single shot challenge resulting in failed saves
* If a removed Yubikey is to blame, re-inserting the Yubikey won't
resolve the issue. Hot plug isn't supported at this point.
* The caller should detect the error and cancel the database write.
Signed-off-by: Kyle Manna <kyle@kylemanna.com>
* Implement a YubiKey challenge response class. One object will be
created for each challenge response key available.
Signed-off-by: Kyle Manna <kyle@kylemanna.com>
* Use compile time detection of the YubiKey libraries and link against
the libraries if present. Can be disabled with:
$ cmake -DCMAKE_DISABLE_FIND_PACKAGE_YubiKey=FALSE
* A stub file provides empty calls for all the function calls integrated
in to the UI to support this. In the future a more modular approach
maybe better, but opting for simplicity initially.
Signed-off-by: Kyle Manna <kyle@kylemanna.com>
* Each Challenge Response Key consists of a list of regular keys and now
challenge response keys.
* Copy ChallengeResponseKeys when copying the object.
* Challenge consists of challenging each driver in the list and hashing
the concatenated data result using SHA256.
Signed-off-by: Kyle Manna <kyle@kylemanna.com>
* Add initial header file for forthcoming challenge response support.
* A ChallengeResponseKey operates by submitting some challenge data and
getting a deterministic result.
* In the case of the forthcoming YubiKey integration, the master seed is
submitted as the challenge to the YubiKey hardware and the YubiKey
returns a HMAC-SHA1 response.
Signed-off-by: Kyle Manna <kyle@kylemanna.com>
