Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out.
The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt.
Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's.
Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead.
Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan.
Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR.
NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established.
Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots.
Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG.
Greatly simplified Secret Service plugin's use of crypto functions with Botan.
Completely rewritten XCB Auto-Type keymap system.
- supports multiple simultaneous layouts
- prefers current layout if it has all keysyms available
- removed hardcoded KeySymMap
- removed clunky custom KeySym emulation
Biggest breaking change is removing KeySym emulation for keys that
do not exist in any of the layouts currently in use. It would be
possible to make it work but if you are trying to type syms that
are not available in any of your layouts you are abusing it. It
also adds unnecessary complexity and opens up timing issues when
the keymap is modified on-the-fly. Now we are just reading it.
This also workarounds a Qt related issue where QX11Info::display()
returns a connection to X server that fails to receive updated
keymap data when client settings change. We use our own connection
now to get it working.
Fixes#5001.
The favicon download URL was constructed from scheme and host only. This is fixed by simply replacing the path of the original URL with "/favicon.ico", thus keeping scheme, host, auth and port intact.
Further modification: URL's with a non-http schema are now rejected.
This change adds a new database settings widget
named "maintenance", using a wrench icon. This widget is designated to be the home for database related maintenance tasks.
Initially, managing custom icons is now possible from that new tab. The feature includes bulk removing of
any number of selected custom icons and automatic purging of unused custom icons by the click of a button.
Fixes#2110
* Closes#4216
Reduced to three-tiered rating system and fixed column implementation. Hide password strength indicator in entry view if excluded from reports.
Introduce password health caching to prevent unnecessary calculations.
* Close#2603 - Add support for modifier syntax (+, ^, and %)
* Fix#2633 - Allow reference syntax {REF:...} in Auto-Type sequences
* Close#5334 - Tell the user which part of the Auto-Type sequence is invalid for easy correction
* Fix#2401 - Select the right window on macOS prior to starting Auto-Type
* Allow for nested placeholders
Significant improvements to the Auto-Type select dialog. Reduce stale and unnecessary code paths.
* Close select dialog when databases are locked.
* Close open modal dialogs prior to showing the Auto-Type select dialog to prevent interference.
* Never perform Auto-Type on the KeePassXC window.
* Only filter match list based on Group, Title, and Username column data (ie, ignore sequence column)
* Always show the sequence column (revert feature)
* Show selection dialog if there are no matches to allow for a database search
* Close#3630 - Allow typing {USERNAME} and {PASSWORD} from selection dialog (right-click menu).
* Close#429 - Ability to search open databases for an entry from the Auto-Type selection dialog.
* Fix#5361 - Default size of selection dialog doesn't cut off matches
* Show the sequence that will be typed when performing the default action
* Combine default sequence action with Username / Password options
* Fix#4939 - confirm prior to performing entry level auto-type if "Always Ask Before Auto-Type" is enabled
* Fixes#3837
* Change objects to use DBusMgr rather than separate adaptors
- Update all DBus invokable methods to new parameter order
- Change all usage of DBusReturn to simpler DBusResult
- Use DBusMgr to handle path and service registration
- Remove adaptor/*
- Set path in DBusObject
- Unregister service when service is destroyed
- Restore handling of invalid QVariant in prompt complete signal
- Clean up meta type registration
- Move dbus related file together
- Convert to QSharedPointer as much as possible
- Fix mapping of the Delete method
- Handle dbus property get all
* Add per-client states
- Move cipher negotiation to DBusClient
- Show list of clients instead of sessions in the settings page
- Add settings for confirmation of accessing items
- Fix infinite recursion when client disconnected
- Use optional explicit DBusClient parameter instead. This makes accessing
the client info in an async context explicit, and thus prevent accidental
assertions in prompts.
* Improve User Interface
- Add per-item access confirmation (if enabled)
- Remove the "disable for site" button for the access control dialog
- Improve the text on the settings page to be more consistent
- Fix disconnect buttons in settings page not working
- Make the unlock prompt method nonblocking
* Fix and cleanup unit tests
- Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded
- Fixes in meta type registration and type conversion
- Remove QStringLiteral in COMPARE macros, making diff output readable
- Add testing for remembering auth decision
Some widgets such as QTableView do not call QIconEngine::pixmap(), but do
the drawing immediately through QIconEngine::paint(). This breaks alpha
blending for recolouring, since the underlying image canvas is not
necessarily transparent and also not anchored at (0, 0). This results in
a black box of the size of the icon bounding box.
Icon recolouring is now always done on a temporary QImage with
transparent background and only the finished end result is composed onto
the original canvas.
Fixes#6006
Uses Qt 5.15's new QWindow::startSystemMove() to implement empty-area
drag, which allows the user to click and drag any empty area on the
menubar, toolbar, or tabbar to move the window around.
As discussed in #4317, the next KeePass2 release will ship with
support for a new generation of XML key files which enable
hash integrity checks.
This patch adds support for reading and generating this new format.
By default, KeePass2 now uses the .keyx extension for generated
key files, which was added to KeePassXC's key generation file chooser
filter. We continue to generate hashed binary key files by default,
but the user can explicitly save the file with the new .keyx
extension to generate an XML v2 key file (currently undocumented).
When opening a database, the key file type is still determined
by content negotation, so the file extension has no impact here.
As an additional change, the legacy key file warnings have been
improved slightly to be less confusing and more helpful.
- Allow switching between themes without restart (except classic)
- Rework icon loading and recolouring logic to react to theme changes
- Automatically react to light/dark theme change
- Remove explicit selection of monochrome tray icon variant (selected
automatically now)
- Update theme background colours for Big Sur
- Update application icon to match Big Sur HIG
The tray icon doesn't respond perfectly to theme changes yet on Big Sur,
since we need different icons for dark and light theme and cannot simply
let the OS recolour the icon for us (we do that, too, but only as an
additional fallback). At the moment, there is no signal to listen to
that would allow this.
This patch adds a few generic methods to OSUtils for detecting and
communicating theme changes, which are only stubs for Windows and Linux at
the moment and need to be implemented in future commits.
Fixes#4933Fixes#5349
The average password length shown in the Statistics report
is now computed based on the total number of passwords.
Previously, it was erroneously computed based on the
number of unique passwords.
Fixes#5134.
Uses Qt 5.15's new QWindow::startSystemMove() to implement empty-area
drag, which allows the user to click and drag any empty area on the
menubar, toolbar, or tabbar to move the window around.
* Hack for #5722 until a refactor of KeeShare, Merger, and EditEntryWidget can be performed. This hack should only ever be triggered on the rare occurrence of two people editing the same entry at the same time. The end result is potential data loss, but the current result is a hard crash. Unfortunately the way everything is interfaced currently doesn't afford any solution without a major refactor.
* Additionally add a short delay before actually reloading a share to prevent read/write locks from preventing proper import. This delay also prevents conflicting saves between the main database and the KeeShare database. This should eventually be moved into the FileObserver itself to smooth out all merge operations once the above refactor occurs.
Side note: KeeShare operates independently of DatabaseWidget causing unexpected behavior when files are updated/merged/etc. This needs to be corrected in a refactor.
As discussed in #4317, the next KeePass2 release will ship with
support for a new generation of XML key files which enable
hash integrity checks.
This patch adds support for reading and generating this new format.
By default, KeePass2 now uses the .keyx extension for generated
key files, which was added to KeePassXC's key generation file chooser
filter. We continue to generate hashed binary key files by default,
but the user can explicitly save the file with the new .keyx
extension to generate an XML v2 key file (currently undocumented).
When opening a database, the key file type is still determined
by content negotation, so the file extension has no impact here.
As an additional change, the legacy key file warnings have been
improved slightly to be less confusing and more helpful.
* Fix#5691 - add a 2 second delay to startup on Gnome to allow for tray initialization and Auto-Type shortcut registration. On KDE, start after the panel is started.
* Fixes#3541
* CSV export now includes TOTP settings, Entry Icon (database icon number only), Modified Time, and Created Time.
* CSV import properly understands time in ISO 8601 format and Unix Timestamp.
* CSV import will set the TOTP settings and entry icon based on the chosen column.
* Fixes#5262
* Always reset the UUID on groups and entries moved or copied between databases. This prevents data loss when the group/entry is moved back to the original database.
* Fix#5025 - Change edit entry widget title separator to the common bullet character • (U+2022)
* Fix#5307 and Fix#5347 - Remove transparent toolbar/window on macOS and properly color text in toolbar.
* Include new icons for toolbar overflow to ensure they are tinted correctly and fit in with the rest of the UI.
* Replace custom code for clearing line edits by including a proper icon for the default action.
* Fix#4083 - move auto-type checks early in the commit process to prevent half-saving an entry if there is a bail-out.
* Fix#4182 - prevent setting modified by just viewing auto-type window associations
The classes used for screen lock detection use QWidget and are only ever used by the GUI,
so moving them there so we can eventually build core/ without Qt5::Widgets.
* Fix#5313, allow specifying local config path using environment variable and command line flag
* Add command line flag `--localconfig <path>` to specify a file path to use for the local configuration settings.
* Add environment variable support to set config files paths: `KPXC_CONFIG` and `KPXC_CONFIG_LOCAL` to override default locations.
* Reorder startup sequence to load specified config files earlier to allow for theme settings and other early options to be picked up.
* Removed old command line option `--pw`, no longer used.
* Attempt a fix of application not closing when last window is gone. Only set `QApplication::setQuitOnLastWindowClosed(true)` when tray icon is enabled instead of always.
* Fixes#5321 - Text alignment in the general tab of the entry and group edit views is fixed
* Fixes#5300 - Errant scrollbar in the general tab is fixed
* Fixes#4852 - Tabbing into notes field works as expected. To tab out, currently only Shift+Tab works.
* Work around Qt bug that causes isSectionHidden to return false after restoring state due to the section actually only being set to 0 width.
* Fixes#5317
* Fixes#3541
* CSV export now includes TOTP settings, Entry Icon (database icon number only), Modified Time, and Created Time.
* CSV import properly understands time in ISO 8601 format and Unix Timestamp.
* CSV import will set the TOTP settings and entry icon based on the chosen column.
Currently the Open Dialog does not behave like a dialog. In Unix it
means that the EWHM hints are not set correctly therefore the window
manager doesn't properly set the floating window style.
It should also allow removing Mac/Windows/Unix custom conditional code.
* Fixes#5037
* F1 focuses group view, if already focused it opens the focused group for editing
* F2 focuses entry view, if already focused it opens the focused entry for editing
* F3 focuses search
* Fix#5107
* Change setting for non-data changes to Auto save on database lock (or not) instead of marking modified.
* When enabled, database will be auto-saved if there are only non-data changes, but will not prompt the user if saving has failed.
* When disabled, database will not auto-save if there are only non-data changes (same behavior as 2.5 and below) and will not mark the database dirty.
* Fix#5098 - Ensure advanced mode settings are saved distinctly from simple mode settings
* Make selected character groups pop out in the UI
* Improve layout of character options
The light and dark theme don't respond to Windows's high contrast
accessibility mode, so when the theme is set to "auto", we
default to "classic" instead of "light".
Fixes#5044
* Fixes#5081 - Initialize MessageWidget::m_animate prior to use
* Fixes#5021 - Don't change tray icon type with unfocused mouse wheel
* Fixes#5029 - Only use HighDpiScaleFactorRoundingPolicy::PassThrough on Windows platforms. Prevents significant scaling bugs on Linux. MacOS does not support fractional scaling.
Fixes#4444
Some websites these days do not present both the "username" and the "password"
input box on the same webpage (e.g. Google, Amazon). So no custom sequence is
possible to enter both the said attributes in one go.
So, two new context menu actions have been added:
1. Perform Auto-Type of just the username
2. Perform Auto-Type of just the password
These context menu actions are analogous to "Copy username" and "Copy
password", except it avoids sending all characters via clipboard.
* Create a sub-menu in the Context Menu of Entry.
* The sub-menu offers the following sequences:
- {USERNAME}
- {USERNAME}{ENTER}
- {PASSWORD}
- {PASSWORD}{ENTER}
Definitions:
* Database Key - Cryptographic hash used to perform encrypt/decrypt of the database.
* Database Credentials - User facing term to refer to the collection of Password, Key File, and/or Hardware Key used to derive the Database Key.
Changes:
* Remove the term "master" and "key" from the user's lexicon and clarify the code base based on the definitions above.
* Clean up wording in the UI to be clearer to the end user.
* Fix#4768
* MainWindow::updateTrayIcon() is called in MainWindow::applySettingsChanges() earlier in construction. Calling this function twice in a row causes issues with startup times on Linux.
* Added to the new view menu, show entry/group icons at 16px and reduce toolbar icons to 22px.
* Fix search widget being too large vertically (removed padding)
* Only clear password field when switching tabs or minimizing. This prevents the setting "Remember Key Files and Hardware Keys" from being useless with multiple databases.
* Convert key file field to Line Edit, simplifies usage. Fix clear field button as well.
* Removed need for clearForms to check if the database is being opened (was a solution to tab switching while unlocking, no longer a problem).
* Check every hour to see if another update check should be performed. Nothing actually happens unless 7 days has elapsed since the last update check.
* Fixes#3706
* Add support for 'ifDevice' feature, closes#2871
* Resolve placeholders for username and password to support references, fixes#2078
* Add support for open databases from an entry when the url starts with 'kdbx://'. Uses the same syntax as AutoOpen. Closes#1536.
* Fixes#4060
* Also fix not emitting entryModified() when history is truncated. This possibly fixes other crashes with apply button when the history is truncated and then the history page is shown with a deleted entry.
* Fix issues when Config options were renamed
* Fix compile issues when using clang 10
* Rearrange database menu icons and import database menu icons
* Set minimum size of MainWindow to 800 to prevent search bar from hiding
* Fix not saving password generator options when closing the standalone generator
* Add headers to health check reports
* Don't show hidden content dots when notes are hidden but empty.
* Fix saving new database files in SMB shares on Windows, fixes#4809
* Gracefully handle duplicate attachments :
Instead of bailing out with an error, prepend a random string to the name of duplicate attachment records. This prevents data loss from other programs that mishandled KDBX XML writing. Fixes#2493
* Properly handle blocked import of signed KeeShare database, fixes#4413
The tray icon appearance setting is null by default, since we do not
want to include OSUtils into Config. As a result, we must take special
care to preselect the correct combo box entry on the settings page.
- Unify widget layouts and margins
- Fix tab order on a bunch of widgets
- Fix broken entry/group edit form layout and replace with grid layout
- Rearrange some settings for better logical grouping
- Fix some settings checkboxes not being enabled/disabled on load
- Fix "General" settings tab scrolling
- Rename "Root" group to "Passwords"
- Update demo.kdbx accordingly and redownload favicons
- Change entry path display to use slash separators
- Reduce Medium and Large icon sizes slightly
* Add icons for Database Import, Database Export, and Recent Databases
* Change app exit icon to be distinct from export icon
* Updated and ran makeappicons.sh
Original source of icons is the icon8 library (http://icons8.com/c/flat-color-icons) and Paomedia (https://github.com/paomedia/small-n-flat). All icons used are licensed MIT or CC0; annotated in COPYING.
* Closes#4071
* Increase default size of database icons to 24px and entry preview panel to 48px
* Add shell script to assemble the database icons
* Use QIcon to seamlessly support High DPI displays and pixmap caching
* Add badge support for KeeShare groups and expired entries.
* Guard against use of QPixmap::fromImage without a GUI
* Add SVG minify and improve `make icons`
Co-authored-by: Wolfram Rösler <wolfram@roesler-ac.de>
Transforms application into a UIElement agent app when
minimize to tray is enabled and the window is hidden.
This hides the dock icon and removes the application
from the Cmd+Tab listing. The changes work well together
with macOS's inbuilt hide feature.
Also fixes the buggy tray icon context menu trigger behaviour.
macOS triggers the tray context menu also on normal left
click, which causes the window to toggle at the same time
as the menu. To fix this, window toggling has been disabled
altogether on macOS and users will be shown only the context
menu from now on.
Fixes#1334
Introduce a third unsorted status that shows entries in the order they occur in the KDBX file.
* Add keyboard shortcut Ctrl+Alt+Up/Down to move entries up and down in sort order
* Add entry context menu icons to achieve movement up/down
* Only show menu icons when in natural sort order
* Add Material Design icons for moving up/down
* Add feature to track non-data changes and force a save on exit to ensure they are not lost when locking a database. This allows users to make entry movements and group expand/collapse operations and not lose that state.
Remove saveas
Add an option in the 'Database' menu to save a backup of the current database.
Add unit test for saving database copy
* Open a test database, mark it as modified, and save a copy
* Fail if the copy is not a valid database
* Fail if the original database is saved
* Fail if the original database is no longer marked as modified
* Override Qt's default [broken] behavior of handling Tab/Shift+Tab to navigate around the MainWindow. Completely fixes trapped focus.
* Improve handling of search results when navigating the UI.
* Fix selecting first entry after ending a search.
* Add keyboard shortcuts to directly focus on search (F1), Group List (F2), and Entry List (F3)
* Fixes#2878, #4636, and #4221
* Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC.
* Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write.
* Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize.
* Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations.
* Fixes#4400
* Fixes#4065
* Fixes#1050
* Fixes#1215
* Fixes#3087
* Fixes#1088
* Fixes#1869
* Removed option to attach KeePassXC to the browser extension. Users must use the proxy application to communicate with KeePassXC.
* Significantly streamlined proxy code. Used same implementation of stdin/stdout interface across all platforms.
* Moved browser service entry point to BrowserService class instead of NativeMessagingHost. BrowserService now coordinates the communication to/from clients.
* Moved settings page definition out of MainWindow
* Decoupled BrowserService from DatabaseTabWidget
* Reduced complexity of various functions and cleaned the ABI (public vs private).
* Eliminated BrowserClients class, moved functionality into the BrowserService
* Renamed HostInstaller to NativeMessageInstaller and renamed NativeMessageHost to BrowserHost.
* Recognize XDG_CONFIG_HOME when installing native message file on Linux. Fix#4121 and fix#4123.
* Fix various bugs in opvault parsing to include: TOTP parsing, date handling, naming convention, attachments, and multiple url's.
* Remove category groups that don't have any entries.
* Simplify tests by focusing on the resulting database instead of the parsing mechanics.
* Remove proprietary "freddy" opvault in favor of self-made "keepassxc" opvault.
* Fix#4069, select opvault file on macOS
* Fix#3790, shares now use the standard FileWatcher class to detect remote file changes using checksums and file system triggers.
* Fix#3895, macOS file selection no longer hangs the app.
* Restore saving of KeeShare settings accidentally removed by 596d2cf
* Fixes#4168
* Introduce a custom data element stored with an entry to indicate that it is a "Known Bad" entry. This flag causes database reports to skip these entries.
* The current number of known bad entries is displayed in the statistics report.
* Add context menu to reports to easily exclude entries.
- Sizes are displayed in B, KiB, MiB, and GiB with 2 significant
digits after the decimal
- Column is hidden by default
- TestEntryModel updated for testing proxy model
Replaces all string configuration options with enum types
that can be checked by the compiler. This prevents spelling
errors, in-place configuration definitions, and inconsistent
default values. The default value config getter signature was
removed in favour of consistently and centrally default-initialised
configuration values.
Individual default values were adjusted for better security,
such as the default password length, which was increased from
16 characters to 32.
The already existing config option deprecation map was extended
by a general migration procedure using configuration versioning.
Settings were split into Roaming and Local settings, which
go to their respective AppData locations on Windows.
Fixes#2574Fixes#2193
Hard-coded widget state colours (error, warning, health etc.)
are replace by a central palette class, which also takes care
of determining if KeePassXC is in dark or light mode.
Colours expected to be used as background for normal text
were tested for WCAG level A compliance. Health colours were
adjusted for better harmony with the application theme and
tested for sufficient contrast with a colour blindness simulator.
* Changed style so that only default buttons have full background highlight. This prevents confusion as to which button in various dialogs is the default/desired choice.
* Move password generator popup into static function outside of PasswordEdit so other parts of the program can easily access it.
* QDialog forces 'autoDefault' property on all buttons causing them to obtain background highlight when they are focused. Moved Password Generator outside of a QDialog and forced 'autoDefault' to false on Browser Access Dialog.
* Fixed button ordering in Totp Setup Dialog
* About dialog close button is now the default button
Fixes#4407Fixes#4637
Additional changes:
- Fix reference entry colour being incompatible with dark themes
- Fix QWizard page being too bright in dark mode
- Prevent unfocused wheel scroll changes to theme setting
* Fixes#1083
* Add online HIBP checker dialog to the database reports widget. Permission is requested from the user prior to performing any network operations.
* The number of times a password has been found in a breach is shown to the user.
* If no passwords are breached then a positive message is presented.
* Source of HIBP icon: https://github.com/simple-icons/simple-icons/blob/develop/icons/haveibeenpwned.svg
Authored-by: Wolfram Rösler <wolfram@roesler-ac.de>
Co-authored-by: Jonathan White <support@dmapps.us>
See issue #3271 for a motivation of this feature.
This patch adds an additional text input to the advanced view of the password generator. All characters of this input field (if not empty) will be added as another group to the password generator. The characters from the excluded field have precedence over the characters from this new field, meaning any character added to both fields will *not* appear in any generated password. As the
characters from this new field will be added as their own group to the password generator, checking the 'Include characters from every group' checkbox will
force at least character to be chosen from the new input field.
The `PasswordGenerator` class has also been changed so that the `isValid` method returns `true` if only characters from the new input field would be used.
There is a new, simple test that covers the new feature. While the test only uses ASCII characters, any Unicode characters can be used with the new feature.
* Remove repeat password on entry edit
* Move show/hide password and password generator buttons into the field as actions.
* Register keyboard shortcut Ctrl+H to toggle password visibility
* Register keyboard shortcut Ctrl+G to open the password generator
* Cleanup code and improve interactions between elements
* Simplify Password Generator button layout; convert advanced mode button to toggle button
* Update GUI tests
* Fixes#4120
* Add function to Application to quickly determine if in light or dark theme
* Add kpxcApp symbol
* Explicitly define main function for GUI tests to improve performance and use custom Application.
* Add saving mutex to database class to prevent re-entrant saving
* Prevent saving multiple times to the same file if the database is not marked as modified
* Prevent locking the database while saving. This also prevents closing the application and database tab while saving.
* FileWatcher: only perform async checksum calculations when triggered by timer (prevents random GUI freezes)
* Re-attempt database lock when requested during save operation
* Prevent database tabs from closing before all databases are locked on quit
* Clean up parent alignment code
* Don't hide widget if it currently has focus
* Use Qt::Tool window type on macOS as well. This prevents the popup help from hiding to the background if the main window has focus.
* Fixes#2814
Moves MacUtils into a separate sub folder and adds
WinUtils, NixUtils, and OSUtils for platform-native
code on Windows, Unix-like, and generic/all systems.
The GUI features depend on windowing system used, not just OS.
There is an issue with the WM sometimes producing an event that keepassxc interprets as request to hide the main window just after it is shown. A workaround with immediately firing a timer was implemented. However, there is no guarantee on execution ordering of the timer callback and other application code. Remove the timer and override
show() and hide() on main window to only hide if the window has not been shown recently.
The user can set an option to hide window instead of minimizing when tray icon is enabled. This is not honored in most places where the main windows is minimized. Fix it. This also allows using the tray icon as a workaround for minimization not working under some circumstances in X11.
Signed-off-by: Michal Suchanek <msuchanek@suse.de>
* macOS and Windows browsers do not use `Alt+#` to change tabs. Windows uses `Ctrl` and macOS uses `Command`. Linux uses `Alt`.
* Remove shortcut for `Key+0` and assign `Key+9` as last tab selection
* Streamline tab selection code in MainWindow
Introduce a password health check to the application that evaluates every entry in a database. Entries that fail various tests are listed for user review and action. Also moves the statistics panel to the new Database -> Reports widget. Recycled entries are excluded from the results.
We now have two classes, PasswordHealth to deal with a single password and HealthChecker to deal with all passwords of a database.
Tests include passwords that are expired, re-used, and weak.
* Closes#551
* Move zxcvbn usage to a centralized class (PasswordHealth) and replace its usages across the application to ensure standardized interpretation of entropy calculations.
* Add new icons for the database reports view
* Updated the demo database to show off the reports
With the Material Design icons, any other icons brought in through
the system icon theme will look inconsistent.
Also remove the KEEPASSXC_IGNORE_ICON_THEME environment variable
(which was introduced during development of the new icons to
disable the system icon theme and is thus no longer needed).
Fixes#475
Added an option to set the target decryption time on database creation
for the CLI create command. This required some refactoring, in
particular the extraction of the min, max and defaut decryption times in
the `Kdf` module. Some work was done to allow changing those constant
only in the `Kdf` module, should we ever want to change them.
Removes unnecessary & from strings in settings widgets. These cause confusion and complicate translation. They are unnecessary as all dialogs allow efficient tabbing between elements.
Also add colons after several settings with input boxes and remove a hard stop.
Improve wording of strings based on translator feedback.
Fix case sensitive matching of CLI Export.
- Remove duplicate code to load a key (EditEntryWidget & SSHAgent)
- Refactor all key loading and saving to KeeAgentSettings
- Depend only on Entry to allow future CLI expansion
* Prefer clearing clipboard by explicitly setting the clipboard to an empty string. Qt's QClipboard::clear() method is unreliable under X11 environment.
* Fixes#4126
* Fix#4093 - The first entry in the list is selected after deleting an entry
* Prevents crashes due to dangling pointers held by the Entry Preview Widget when entries were deleted.
* Improve GUI tests to ensure this new behavior occurs.
It's used extremely rarely, having it in such a prominent position
in the tool bar isn't justified. Also, with the Material Design
icons, its tool bar icon can easily be confused with "create new
entry".
Fixes#475
Use the following to run KeePassXC with the icons from the
source code, ignoring the operating system's Qt icon theme:
```
KEEPASSXC_IGNORE_ICON_THEME=1 keepassxc
```
The patch further adds a script `makeicons.sh` that re-creates KeePassXC
icons from the Material Design icon set and can be used for easily
updating icons in the future. Instructions are in the script.
Fixes#475
* Remove deprecation warnings when not doing a DEV_BUILD. Qt 5.14 introduced several deprecation flags on basic function calls in QList and QSet that would require several #pragma ignores. Assuming this was in preparation to Qt 6.0.
* Remove unnecessary assert in PasswordEditWidget that was hit in macOS debug builds.
This commit reverts #3357.
The previous PR is for the new symbol NSEventMaskKeyDown, which is
introduced in #3347. In #3794, #3347 is reverted, so the workaround
in #3357 is no longer needed. Furthermore, it causes build failures
on 10.11 (#3932) as the header file for type NSEventMask is removed
in #3794, too.
Note that this is not a complete fix. A complete patch can be found
at [1]. In MacPorts, the OS version for building a package is the same
as the OS that installs it, so #ifdef can be used to replace @available.
The latter language feature is not available until Xcode 9.
With the patch mentioned in the previous paragraph, KeePassXC 2.5.1
can be built on Mac OS X 10.9 or newer.
Ref: #2899
[1] de1bb703ad/security/KeePassXC/files/patch-old-mac.diff
This makes most tests run successfully with asan.
The GUI tests still have a bunch of leaks, some from library code, and
some that look real but which I didn't immediately manage to figure out.
* TestOpVaultReader: use QSharedPointer
* Fix#3933 and fix#3857. Interaction with entries and groups is disabled while the database is being reloaded or saved to prevent changes from occurring. Prevent the database from being reloading if an entry or group is currently being edited.
* Fix#3941 - Only notify components when the database file actually changes (determined by checksum). This prevents spurious merge requests when the file is merely touched by another service (e.g., DropBox).
* Fix code format of ElidedLabel.cpp
* Mark the database as clean after fully completing the file save operation INSTEAD of when merely writing the database to a file.
* Stop the modified timer when marking the database as clean, this prevents latent erroneous modified signals from being emitted.
* Do not restart the modified timer after a new change is detected while it is still running.
* Fix#3701 - replace QLabel with QTextEdit to enable scrolling of notes
* Notes are plain text. They will remain as plain text and hyperlinks will not be enabled in the notes. Until the notes editor is moved to a rich text / html editor this will remain the case.
* Convert username and password fields in preview pane to QLineEdit's to allow for full copying and viewing if larger than the field width.
* Fix#3688 - hide the sequences column if all of the entry matches return the same sequence. This cleans up redundent data in the Auto-Type selection dialog introduced in 2.5.0.
When we lock a database, we reset the database pointer to
free its resources. Since various other widgets besides the
DatabaseWidget hold references to the shared pointer object,
however, it cannot be guaranteed that the actual database
object will be freed right away. This patch adds a releaseData()
method which is called upon database lock to ensure all
residual data is cleared without having to rely on the actual
database object being cleaned up.
* Fix#3754 - Accept valid TOTP keys that require padding when converted to Base32.
* Allow use of spaces and lower case letters in the TOTP secret key.
* Fix#3334 - AutoOpen is now processed after the database widget is put into view mode to prevent infinite recursion of unlock attempts if two databases auto open each other.
* Fix#3735 - Don't focus on OpenDatabaseWidget fields that are not visible; ensures password field is focused after database lock.
* Fix#3487 - Password input is selected after failed unlock.
* Fix#1938 - Password input is focused after toggling visibility using the keyboard
The new unlock dialogue seems to confuse users
as to what the purpose of the key file is. This
patch changes the generic "Select file..." affordance
to the more explicit "Select key file..." and adds
a help button to the label just like the one we
already have for the hardware key. Furthermore,
it prevents the user from using the KDBX file as its
own key file (since that would never work anyway).
The change breaks existing translations on purpose
(instead of simply adjusting the en_US locale)
in order to force translators to update this string
for their languages.
Resolves#3678
* Fix#3550
* Default memory reduced to 64 MiB (from 128 MiB) and parallelism reduced to 2 threads. This allows for desktop and mobile device compatibility.
Resolves#3410.
Additionally, "fix" main window toggling behaviour when
clicking the tray icon while the window is visible, but
not in focus (e.g. hidden by other windows). On platforms
other than Windows, the window is now brought to the front
if it does not already have focus or is toggled otherwise.
Remove obsolete Windows session end handling code.
if KeePassXC is compiled with WITH_XC_KEESHARE=OFF, the "Share" tab of
the EntryPreviewWidget for groups is removed from the GUI completely.
closes#3619.
* Fix#3651
* Correct data loss when the database reloads due to a file change while creating a new entry. The issue occurred due to the "new parent group" pointer being invalid after the database is reloaded following merge.
* Also fix re-selecting entries following database file reload. If the entry was moved out of the current group it would result in an assert hit. This fix prevents recursively looking for the entry.
* Fixes#2813
Added special context menu for entries to move the most-used actions to the top.
Re-ordered actions in the entry menu to be more user friendly.
* Fixes#2118
Enables select entry actions when editing an entry. This allows users to copy the password of the entry, for example.
Note: unsaved changes to the entry will not be copied to the clipboard.
* Fix#3506
* Fix#2389
* Fix#2536
* Fix#2230
Every database that has been opened now watch's it's own file. This allows the database class to manage file changes and detect fail conditions during saving. Additionally, all stakeholders of the database can listen for the database file changed notification and respond accordingly.
Performed significant cleanup of the autoreload code within DatabaseWidget. Fixed several issues with handling changes due to merging, not merging, and other scenarios while reloading.
Prevent database saves to the same file if there are changes on disk that have not been merged with the open database.
Fixes#3365
Add prompt to delete the recycle bin when disabling it. If the user chooses not to delete it, the recycle bin will be suffixed with "(old)" and the icon changed to the default group icon.
Also moved recycle bin creation within the database class where it belongs.
* Fix#3142 - Warn user when entering invalid TOTP secret key.
* Fix#773 - The TOTP dialog now listens for the copy shortcut without having to press the Copy button.
* Add ability to choose hash algorithm from the TOTP setup dialog
* Add upgrade to "otp" attribute when custom attributes are chosen to prevent data loss
Ran make format
* Fixes#398
The new Browser Integration entry settings page has a list view with any additional URL's. These URL's are added to the entry attributes with KP2A_URL_<counter>, which means those are directly compatible with Keepass2Android.
* Fix#3609 - Request screen reader permission by faking a 1px screenshot. Thanks to MacPass for this idea.
* Fix#3578 - Remove duplicate sandbox entitlement
* Fix#3270 - Use executable path reference for libquazip
Added new page "Statistics" to the Database Settings dialog that shows information like number of groups and entries, number of unique and re-used passwords, average password length, etc.
Show warnings for problematic values with explainations for the user in tooltips.
Fixes#2034
Database statistics icon:
Downloaded from: https://www.flaticon.com/authors/freepik
Original source: https://www.flaticon.com/free-icon/bars-chart_265733
This change adds support for hyperlinks in the notes field of the EntryPreviewWidget. This is done by enabling the `openExternalLinks` property of `QLabel`, and modifying the value of the content of this field so that links are wrapped
with `<a>` tags.
Links are assumed to use the format: `protocol://path`, since assumptions cannot/shoudn't be made about the specific format of a link. The text of the label uses the modified notes value.
This allows `t:word` instead of `title:word` and `p:word` instead of `password:word`, and so on. The rule is that an abbreviated name expands to the first field name that starts with it, with exceptions
`u:` expanding to `username:` instead of `url:` and `pw:` expanding to `password:`.
* Fix#3376. Set font for password preview to Font::fixedFont()
* Add a menu entry opening the shortcuts documentation in the browser
* Fixed duplicate item in CLI documentation
* QFileDialog returns UNIX paths, even on Windows. This patch converts what QFileDialog returns to the native path format.
* Improve const correctness
* Avoid imposing file extension on Linux
* This patch improves things like unneeded passes by values, missing const qualifiers, ugly copies because of variable reuse and consistency in variable names.
* Fix#3407
* Read-only files now disable auto-save and show as modified correctly. This allows the GUI to prompt to "save-as" instead of silently discarding changes when the read-only database is locked or closed.
* Add application settings reset button
- Corrects accessibility findings GP.2
* Use icons in addition to color to indicate password mismatch
- Corrects accessibility finding CN.2
* Announce begin/end of list navigation
- Corrects accessibility finding KF.4
* Fixes for keyboard navigation
- Add Ctrl+F10 keyboard shortcut to show group/entry context menus. Fixes#3140
- Improve movement between form fields
* Fix loading system-defined language in translator
- Fixes#3202
- Bypass built-in Qt loading of QLocale for translations. The order of loading languages doesn't consider all file names prior to moving to the next language in the list. This resulted in English being chosen no matter what language is the top priority.
* Improve message box defaults and fix documentation links
* Better support for screen readers
* Add accessible names on form fields
* Prevent changing values during settings widget scrolling
- Add an event filter to combo boxes and spin boxes on the settings page to prevent the mouse wheel from changing the values without having focus
- Add horizontal stretch to the security settings to make the spin boxes more manageable.
* Selecting one or more entries to download icons always forces the download (ie, if a new URL exists the new icon will be downloaded and set)
* Instead of downloading for each entry, the web url's are scraped from the provided entries and only those urls are downloaded. The icon is set for all entries that share a URL. This is useful if a group contains many entries that point to the same url, only 1 download call will occur.
* The icon download dialog displays whether you are doing one entry, many entries, or an entire group. It is also modal so you have to dismiss it to use KeePassXC again.
* Moved DuckDuckGo fallback notice into the download dialog.
Updating mingw-w64-x86_64-qt5 to version 5.12.4-2 caused EditEntryWidget to fail
building. Fixed that with proper includes. Also ran `make format` which revealed
one file in need of formatting.
* Fixes#3126
* Limit autocompletion to the top ten used usernames
- Load common usernames when database is opened
- Transition from QLineEdit to QComboBox for usernames
- Dropdown menu of the combobox lets user choose a common username
- Common usernames are autocompleted via inline completion
- Common usernames are sorted by frequency (first) and name (second)
* Add notes to General tab
* Combine Attributes and Attachments tabs into Advanced
* Remove extra viewTotpWidget
* Shrink minimum size of preview panel
With this change we get rid of the confusing key component checkboxes.
Now a component is either there or not (if left empty). There is
no redundant distinction between "unset" and "emtpy" anymore.
For compatibility with older databases that have "empty" passwords,
KeePassXC will ask if the user wants to retry with an empty password
if unlocking failed and the password field was left blank.
Besides these functional changes, the widget's layout has been
rearranged to be more compact, less stretched out (e.g. input fields
do not fill the full window width anymore), and more user-friendly
by providing a help tooltip for the hardware key field and accessible
descriptions for screen readers.
* Moved KeeShare Quiet Success message setting to the KeeShare portion of the application settings
* Removed an assert that caused the application to crash in debugging when a share file could not be found
* Corrected database settings security icon
* Replace placeholders in URLs copied from popup menu on the entry preview widget.
* Replace placeholders in URLs opened by double-clicking URL field in the entry table.
* Pass correct entropy amount to keepassxc-browser instead of amount of bits for both password and passphrase.
* Rename json key from "login" to "entropy" (keeping "login" key for backwards compatibility).
* Also make some changes to entropy calculation methods:
- Rename PassphraseGenerator::calculateEntropy to estimateEntropy
- Rename PasswordGenerator::calculateEntropy to estimateEntropy
This change adds a right-click context menu to the
AutoType dialog, which allows the user to copy
either the username or password. The dialog then
automatically closes.
* Add combo menu button to apply an icon to children
- allow more options to apply icons (child groups, child entries)
- extend tests in TestGroup (applying icons for groups/entries only)
- prevent blue folder icon being set for entries (on entry creation only)
* Do not show the combo menu button for entries
KDE does not take focus from the current active window when the tray
icon is clicked. This prevented toggling the window (always called bringToFront).
Checking if the window is active corrects this issue.
Fixes#3256, fixes#3214.
* Fix remaining issues with menu keyboard navigation
* Entry menu now locks focus on entry when used from menubar
* When using keyboard navigation to select menubar menus,
do not lose focus on selected entry (fixes#3246)
* Enable all entry keyboard shortcuts while in search (fixes#3034)
* When the search text edit has focus, retain selected entry keyboard
shortcuts and button pressing capability
* Fixes#3145
The system tray menu used to have three items (toggle window,
lock database, quit) of which only two had an icon, which
looked strange and unintended. This commit adds an icon for
the "Toggle window" menu item.
* Use a padlock icon for the "Lock DB" tray menu item
Originally, icon `document-encryt.png` was used, however theming seems
to be getting in the way by sometimes displaying a plain "document"
icon instead. Copied the icon files to `database-lock.png` and used
that one for the "lock database" tray menu item instead.
* In Database Settings, use the "security-high" icon for "Security"
Previously, the "document-encrypt" icon was used, which should be
something like a padlock but which, due to theming, somethings
fell back to a generic document icon (page of paper).
The "document-encrypt" icon is no longer used and was removed.
* Fixes#3141
* Clearing the entry edit widget prior to emitting the editFinished signal caused the widget to be marked modified and prevent new entries from being created. Use an explicit boolean to notify commit success.
* Don't clear password generator on canceling a cancel
* Don't discard changes if saving from a cancel produces an error
* Fixes#2692
* KeePassXC was ignoring OS close messages on shutdown or logoff when minimize to tray on close was enabled. This change causes a second close message (when KeePassXC is hidden to the tray) to actually exit the application.
* Fixes#2838
* When navigating the entry context menu with up/down arrow the options would disable due to losing focus on the EntryView. This change preserves the "focus" during this event.
* Support importing 1Password vaults (.opvault folders) into KDBX database
* Entry attributes are filled based on section and field name
* Expiration dates are set for entries
* Entry URL's are set from a wider array of fields
* Fix#2427
* Changed the openUrl() function to use a QUrl object, which has the appropriate scheme set.
* Preview widget now passes url handling back to DatabaseWidget
* Store the currently active window right when the global keyboard shortcut is triggered
* Eliminate unnecessary window raise/lower and delays on macOS
* Remove duplicate addition of macutils symbols from mac Auto-Type plugin
* Fix tests to fake trigger a global autotype sequence
This plugin implements the Secret Storage specification version 0.2.
While running KeePassXC, it acts as a Secret Service server, registered
on DBus, so clients like seahorse, python-secretstorage, or other
implementations can connect and access the exposed database in KeePassXC.
Squashed commits:
- Initial code
- Add SessionAdaptor and fix build
- The skeletons for all dbus objects are in place
- Implement collection creation and deletion
- Emit collectionChanged signal
- Implement app-wise settings page
- Implement error message on GUI
- Implement settings
- Fix uuid to dbus path
- Implement app level settings
- Add freedesktop logo
- Implement database settings page
- Change database settings to a treeview
- Move all settings read/write to one place
- Rename SecretServiceOptionsPage to SettingsWidgetFdoSecrets
- Fix selected group can not be saved if the user hasn't click on the item
- Show selected group per database in app settings
- Disable editing of various readonly widgets
- Remove unused warning about non exposed database
- Fix method signature on dbus adaptors
- Fix type derived from DBusObject not recognized as QDBusContext
- Resolve a few TODOs around error handling
- Remove const when passing DBus exposed objects
- Move dismiss to PromptBase
- Implement per collection locking/unlocking
- Fix const correctness on Item::setSecret
- Implement SecretService::getSecrets
- Rework the signal connections around collections.
- Remove generateId from DBusObject
- Per spec, use encoded label as DBus object path for collections
- Fix some corner cases around collection name changes
- Implement alias
- Fix wrong alias dbus path
- Implement encryption per spec
- Cleanup SessionCipher
- Implement searchItems for SecretService
- Use Tools::uuidToHex
- Implement Item attributes and delete
- Implement createItem
- Always check if the database is unlocked before perform any operation
- Add missing ReadAlias/SetAlias on service
- Reorganize and fix OpenSession always returning empty output
- Overhaul error handling
- Make sure default alias is always present
- Remove collection aliases early in doDelete
- Handles all content types, fix setProperties not working
- Fix sometimes there is an extraneous leading zero when converting from MPI
- Fix session encryption negotiation
- Do not expose recycle bin
- Protect against the methods not called from DBus
- Also emit collectionChanged signal when lock state changes
- Show notification when entry secret is requested
- Add a README file
- Actually close session when client disconnects
- Gracefully return alternative label when collection is locked
- Reorganize, rename secretservice to fdosecrets
- Fix issues reported by clazy
- Unify UI strings and fix icon
- Implement a setting to skip confirmation when deleting entries from DBus
- Remove some unused debugging log
- Simply ignore errors when DBus context is not available. QtDBus won't set QDBusContext when deliver property get/set, and there is no way to get a QDBusMessage in property getter/setter.
- Simplify GcryptMPI using std::unique_ptr and add unit test
- Format code in fdosecrets
- Move DBusReturnImpl to details namespace
- Fix crash when locking a database: don't modify exposedGroup setting in customData when database is deleted
- Make sure Collection::searchItems works, whether it's locked or not
- Fix FdoSecrets::Collection becomes empty after a database reload
- Fix crash when looping while modifying the list
* DatabaseTabWidget::newDatabase returns the created DatabaseWidget
* Emit DatabaseTabWidget::databaseOpened signal before a new tab is added
* EntrySearcher can now search attribute values including custom ones
* Add Group::applyGroupIconTo to set the group icon on the supplied entry
* Implement desktop notifications through the system tray icon
* Add DatabaseWidget::deleteEntries to delete a list of entries
* Add Aes128 in SymmetricCipher::algorithmIvSize
* Add DatabaseWidget::databaseReplaced signal
* Add a helper class to override the message box's parent (prevent bugs)
* Support double click on tray icon to always toggle window to/from tray
* Single click on tray icon will bring window to front if in background, otherwise window is toggled
* Fixes#2956
This bug impacted unsafe saves. When auto save after every change was enabled, an
unsafe save to a location that has become unavailable (eg, dismounted veracrypt drive),
the database modified signal would continually activate a save action that failed.
This caused an infinite loop.
When auto-save on exit was enabled, the database tab and the application itself refused to
close if saving failed for whatever reason.
The fixes in this commit prevent both of these scenarios from occurring.
When selecting another attribute in the advanced tab, do not mark the entry as modified
(nothing was changed). Also do not mark as modified when the notes checkbox is
checked/unchecked (doesn't change entry). Fixes#3013.
