Commit Graph

4565 Commits

Author SHA1 Message Date
Sami Vänttinen
79ca00604a
Skip a few Passkeys tests with Botan <= 2.14 (#10360)
Botan version less than 2.14.0 miscalculates ECDSA signatures. 

---------

Co-authored-by: Jonathan White <support@dmapps.us>
2024-03-08 08:43:06 -05:00
Janek Bevendorff
d2e7d4a5ad Add vcpkg manifest with build dependencies
Also bump minimum CMake release
2024-03-07 19:03:13 -05:00
Konrad Gräfe
d2a4ccbc16 ssh-agent: keygen: Fix negative numbers in RSA key
The private exponent d may be negative in which case an additional pad
byte is needed. Otherwise ssh-agent fails to load the key.

Signed-off-by: Konrad Gräfe <kgraefe@paktolos.net>
2024-03-06 08:00:57 -05:00
varjolintu
2086e4c7d1 Fix macOS crash on Accent Color change 2024-03-06 07:58:15 -05:00
Sami Vänttinen
ac2b445db6
Passkeys improvements (#10318)
Refactors the Passkey implementation to include more checks and a structure that is more aligned with the official specification.
Notable changes:
- _BrowserService_ no longer does the checks by itself. A new class _BrowserPasskeysClient_ constructs the relevant objects, acting as a client. _BrowserService_ only acts as a bridge between the client and _BrowserPasskeys_ (authenticator) and calls the relevant popups for user interaction.
- A new helper class _PasskeyUtils_ includes the actual checks and parses the objects.
- _BrowserPasskeys_ is pretty much intact, but some functions have been moved to PasskeyUtils.
- Fixes Ed25519 encoding in _BrowserCBOR_.
- Adds new error messages.
- User confirmation for Passkey retrieval is also asked even if `discouraged` is used. This goes against the specification, but currently there's no other way to verify the user.
- `cross-platform` is also accepted for compatibility. This could be removed if there's a potential issue with it.
- Extension data is now handled correctly during Authentication.
- Allowed and excluded credentials are now handled correctly.
- `KPEX_PASSKEY_GENERATED_USER_ID` is renamed to `KPEX_PASSKEY_CREDENTIAL_ID`
- Adds a new option "Allow localhost with Passkeys" to Browser Integration -> Advanced tab. By default it's not allowed to access HTTP sites, but `http://localhost` can be allowed for debugging and testing purposes for local servers.
- Add tag `Passkey` to a Passkey entry, or an entry with an imported Passkey.

Fixes #10287.
2024-03-06 07:42:01 -05:00
Jonathan White
dff2f186ce
Fix translations 2024-03-01 23:29:49 -05:00
Waqar Ahmed
a472ef8a93
Allow configuring keyboard shortcuts (#9643)
Closes #2689

The design of the respective code is loosely based on KDE's KActionCollection. The ActionCollection manages all actions that can be shortcut configured. These actions are then exposed in the config and a user can assign a different shortcut.

Actions inside the MainWindow have been added to the ActionCollection.

---------

Co-authored-by: Jonathan White <support@dmapps.us>
2024-02-04 06:29:04 -05:00
hcwf
d03f5e4977 Fix broken Yubikey docs link from issue #10228 2024-02-03 08:41:21 -05:00
2014
eb892791f0 Update DownloadInstall.adoc
typo
2024-02-02 16:50:02 -05:00
lapse
442d65a497
Fix Visual Studio install detection in release-tool.ps1 (#10101)
* Update release-tool.ps1

`Get-CimInstance MSFT_VSInstance` does not always work as it uses the default namespace root/cimv2. Specifying `Get-CimInstance MSFT_VSInstance -Namespace root/cimv2/vs` allows it to work.

Co-authored-by: Jonathan White <support@dmapps.us>
2024-01-27 08:49:28 -05:00
Michael Duersch
884386c924 Allow groups to restrict by browser integration key (#6437) 2024-01-14 07:43:48 -05:00
qycyfjy
7bfe9065cf Fix removing entry from history and improve logic of history tab showing 2024-01-06 18:23:43 -05:00
StableAgOH
6b3eaa7f3e Fix logging for no clipping program worked 2024-01-06 17:47:34 -05:00
ycwan9
b77eb4b905 Fix QT-based system theme detection 2024-01-06 17:05:44 -05:00
BGM99
f77975a9f7 Fix focus loss on save when the widget is not visible anymore 2024-01-06 16:56:20 -05:00
f4lkensmaz3
ce01f6d7cd
Prevent duplicate characters in "Also choose from" field of password generator (#9803)
* Fixes #9797
2024-01-06 16:54:30 -05:00
wise0n
07232f04c0 Fix menu location in alert 2024-01-06 16:53:33 -05:00
Jonathan White
9f3b4dc5ea Fix multiple TOTP issues
* Fix #9847 - don't provide TOTP values if settings are blank or completely wrong
* Fix #6838 - don't reset the ui when creating a new entry and applying TOTP to it
* Move totp source into the core folder
2024-01-06 15:17:13 -05:00
Dmytro
5d64292ed8
Fix dangling reference (#10135) 2024-01-06 13:58:56 -05:00
egglessness
d44486ce94
Add configurable password strength check on database password (#9782)
* Set default value of DatabasePasswordMinimumQuality to 3 (do not accept a master password that is less than Good)

* Add custom message box button "Continue with weak password"
2024-01-06 13:53:18 -05:00
varjolintu
b2e6dc5fda Passkeys: Add Resident Key error 2024-01-06 13:47:22 -05:00
varjolintu
6d19ab8894 Passkeys: UI adjustments 2024-01-06 13:47:12 -05:00
varjolintu
6820400b11 Passkeys: Create AAGUID for KeePassXC 2024-01-06 12:34:54 -05:00
varjolintu
e28f5187bc Passkeys: Fix default timeout on authentication 2024-01-06 12:34:20 -05:00
Jan Klötzke
a8cfefe6c8
Fix database merge crash when fdosecrets is enabled (#10136)
* Entry: re-parent before adding to new group

Adding the Entry to the Group will emit signals about the action.
Present the object with the correct parent already.

* fdosecrets: Item::Create() can fail

If an entry cannot be registered on DBus, Item::Create() will return a
nullptr. Basically, this can only happen if there is already an item
with the same UUID in the collection. The only viable option here is to
ignore the new entry.

* Merger: prevent duplicate entry when merging histories

If the source entry is newer, a copy of the entry is made. But before 
moving the merged entry to the target group, it must be removed. 
Otherwise there will be briefly two entries with the same UUID
in the same group/database.

Even though this is only the case during the transaction, it can still
be observed because the operations emit signals. A notable problem is
the fdosecrets feature that relies on the uniqueness of the UUID or will
otherwise run into problems because the UUID is used as part of the DBus
path.
2024-01-02 07:17:25 -05:00
jxdv
fefab7064a update checkout action 2024-01-01 09:07:40 -05:00
spaette
9e119230d4
Fix minor typos (#10124) 2023-12-22 15:12:07 -05:00
lapse
681a0f5638
Update CMakeLists.txt (#10098)
Added set(CPACK_COMPONENTS_ALL "") to prevent cmake from causing an XML fragments issue later on in CPack.
2023-12-22 14:50:58 -05:00
Baptiste Daroussin
af4bc3e194 Add support to get process name on FreeBSD 2023-12-21 12:32:51 -05:00
dependabot[bot]
c0b71126bd Bump golang.org/x/crypto in /utils/keepassxc-cr-recovery
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.1.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.1.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-18 19:09:51 -05:00
louib
e355ac54b8 refactor: remove unused merge function
This function in unused since we removed the all the unused merge modes
in f7fd3881e3
2023-12-16 12:51:22 -05:00
varjolintu
c5e9d3588a Fix ifdefs with UrlTools 2023-12-11 14:29:20 -05:00
louib
f7fd3881e3 refactor: remove unused merge methods 2023-12-10 08:19:08 -05:00
Dan Church
cc0530ba46 Fix Botan 2/3 include
Botan::secure_scrub_memory -> defined in mem_ops.h
Botan::secure_vector -> defined in secmem.h

The reason only including secmem.h worked in previous (<3.0) versions of
Botan was because secmem.h included mem_ops.h. This is no longer the
case since commit
randombit/botan@49dbbcb2bf (2023-10-11;
"Split out allocator helpers to allocator.h")

Fixes #10038
2023-11-22 23:11:47 -05:00
Sami Vänttinen
13c88e1013
Passkeys: Add support for importing Passkey to entry (#9987)
---------
Co-authored-by: Jonathan White <support@dmapps.us>
2023-11-22 23:11:25 -05:00
Jonathan White
013db199cb Fix password generator close button for good
* Avoids using QDialog which breaks the standalone password generator

Revert "Fix password dialog close button"

This reverts commit 5b47190fcc.
2023-11-22 22:49:10 -05:00
Lapse
6e8fa34b1e Update FindBotan.cmake
The recent debug library is called botan-3.lib, which is unable to be found by this since BOTAN_NAMES_DEBUG does not contain the keyword "botan-3". This commit adds that keyword.
2023-11-22 22:45:06 -05:00
varjolintu
a3717c7acd Rename userId to credentialId 2023-11-09 18:00:33 -05:00
Remigiusz Żętkowski
1126055015 Fix docs link anchors 2023-11-05 16:35:18 -05:00
Martin Buchholz
8499a90caa Fix typo: SSH_AUTH_SOCKET 2023-11-04 23:41:01 -04:00
Jonathan White
49f2924532
Update translations from Transifex
* Also update Transifex config file to latest format
2023-11-04 14:52:08 -04:00
Sami Vänttinen
454dc7169d
Fix showing password generator from the toolbar icon (#9984) 2023-11-04 06:23:18 -04:00
Sami Vänttinen
6f2354c0e9
Add basic support for WebAuthn (Passkeys) (#8825)
---------

Co-authored-by: varjolintu <sami.vanttinen@protonmail.com>
Co-authored-by: droidmonkey <support@dmapps.us>
2023-10-25 10:12:55 -04:00
Barnabás Pőcze
378c2992cd Do not hard-code colors in classic stylesheet for SearchBanner/KeeShareBanner
Having the green-ish hard-coded color makes the banner stand out
too much when the platform native theming is used.
2023-10-23 23:27:58 -04:00
Sami Vänttinen
029b4c25ac
Fix terminating KeePassXC processes with MSI installer (#9822) 2023-10-23 23:23:20 -04:00
Sami Vänttinen
6f5f600559
Fix crash on database open from browser (#9939) 2023-10-23 23:08:41 -04:00
Thomas Hobson
f93adaa854 Add Polkit Quick Unlock Support
Closes #5991
Closes #3337 - Support fingerprint readers on Linux

Polkit allows for authentication of many means, including fingerprint scanning. Furthermore, a common interface for Quick Unlocking has been implemented, and has been replaced throughout to make implementing other quick unlock strategies easier.

Refactor QuickUnlock to use UUID stored in headers. This is a new feature using the KDBX 4 standard to store a randomly generated UUID in the public headers of the database. This enables identification of KDBX file without relying on path or filename and will eventually support persistent Quick Unlock.
2023-10-23 23:07:27 -04:00
Jonathan White
ddd2fcecea Prevent scrollbars on entry drag/drop
* Fixes #9746
2023-10-23 23:05:08 -04:00
varjolintu
1a81f79df7 Fix raising Update Entry messagebox 2023-10-23 22:55:21 -04:00
varjolintu
8f45431ecb Create new UrlTools class 2023-10-23 22:53:59 -04:00