This commit introduces support for exporting a KeePassXC database in
HTML format via the CLI tool. The key changes include:
- Refactoring HtmlExporter:
- Moved HtmlExporter to the format directory and made its API
compatible with CsvExporter.
- Since the original HtmlExporter had a direct dependency on the
gui/Icons functions and indirect dependencies on the
gui/DatabaseIcons class, only the non-GUI parts were moved to
format/HtmlExporter.
- All icon-related functionality was encapsulated in a new child
class, gui/HtmlGuiExporter.
- The gui/HtmlGuiExporter retains the original functionality of the
HtmlExporter class.
- The format/HtmlExporter now generates HTML export without icons.
Adding icon support to format/HtmlExporter would require moving
icon management logic to the core, which could have broader
implications.
- CLI integration:
- Updated cli/Export to use format/HtmlExporter.
- GUI Integration:
- Updated gui/export/ExportDialog to use gui/HtmlGuiExporter.
- Build System Updates:
- Updated CMakeLists.txt to build HtmlExporter as part of core_SOURCES
and HtmlGuiExporter as part of gui_SOURCES.
- Testing:
- Updated TestCli to automatically verify the output of the HTML
export.
Signed-off-by: AdriandMartin <adriandmartin@protonmail.com>
* Add support for URL wildcards with Additional URL feature
* Only check TLD if wildcard is used
* Avoid using network function in no-feature build
---------
Co-authored-by: varjolintu <sami.vanttinen@ahmala.org>
Co-authored-by: Jonathan White <support@dmapps.us>
Fixes#5290Fixes#9062Fixes#8545
* Fix data loss on failed reload
- External modifications to the db file can no longer be missed.
- Fixed dialogFinished signal of DatabaseOpenDialog was not emitted when dialog was closed via the 'X' (close) button
- For reloading with a modified db, an additional choice has been added to allow the user to ignore the changes in the file on disk.
- User is now presented with an unlock database dialog if reload fails to open the db automatically. For example when the user removed the YubiKey, failed to touch the YubiKey within the timeout period, or db pw has been changed.
- Mark db as modified when db file is gone or invalid.
- Prevent saving when db is being reloaded
- If merge is triggered by a save action, continue on with the save action after the user makes their choice
---------
Co-authored-by: vuurvlieg <vuurvli3g@protonmail.com>
Co-authored-by: Jonathan White <support@dmapps.us>
Closes#11506Closes#3383
* This change adds a new opportunity to add attachments that don’t require a real file in the file system.
* Add a new dialog window to add and preview attachments and integrate it into the EntryAttachmentsWidget.
* Attachment preview support for images and plain text files.
Additional enhancements:
* Fix sizing of attachment columns
* Add padding to attachment table items
* Fix targeting of preview widget styling to not impact unintended children
Fixes#11543
Also fix delayed polling on window activation
---------
Co-authored-by: w15dev <w15developer@proton.me>
Co-authored-by: Jonathan White <support@dmapps.us>
* An additional approach to create passphrases with one random word being in UPPERCASE.
* Also remove duplicate character count from passphrase generator
---------
Co-authored-by: Stephan Heffner <stephan@heffner.it>
Co-authored-by: Jonathan White <support@dmapps.us>
* Closes#7293
* Move existing T-CONV and T-REPLACE-RX code from AutoType to Entry. Replumb AutoType to use the entry functions.
* Improve placeholder code in various place
Replace a QVector for the wordlist with a QSet. This removes all duplicate entries in a given wordlist.
Thus, it hinders a malicious wordlist that has the proper length (>4000 entries) but with repetitions (effectively << 4000 entries) to be used and potentially create weaker passphrases than estimated.
Example:
List with 4000 items but only 64 unique words would lead to only 48 bit of Entropy instead of ~95 bit!
This PR splits the GUI source files from the core source files. The immediate goal is to allow the CLI to require only a minimum number of dynamic libraries. The long term goal is to create an architectural boundary around the core module, in preparation of libkdbx.
Previously, in a pattern like "{TIME:yy} {TIME}",
substituteBackupFilePath() would greedily use the entire string
"yy} {TIME" as the format specifier for the first TIME template, instead
of just "yy". Fix this, by adjusting the regular expression.
This ends up changing the behaviour of a weird corner case that is
covered in the tests, so change the test. I don't think anyone cares
about that case, and I think the current behaviour is better there.
Fixes#10505 (proved by adding a test case very similar to what was
reported there).
Includes following changes:
* Encryption Settings now has a similar key with the new database wizard for switching between Advanced and Simple Settings
* The extra UI layer DatabaseSettingsDialog.ui has been removed. DatabaseSettingsDialog class now inherits EditWidget instead of DialogyWidget (just like Application Settings).
* Extra classes for separate page settings (DatabaseSettingsPageFdoSecrets, DatabaseSettingsPageKeeShare) have been removed. Instead the widgets are used directly in DatabaseSettingsDialog. Same could be done later to Application
---------
Co-authored-by: Jonathan White <support@dmapps.us>
* Deprecated qSort() -> std::sort()
* Replace QDateTime::toString(Qt::DefaultLocaleShortDate) with Clock::toString()
* Replace QDateTime::toString(Qt::SystemLocaleShortDate) with QLocale::system().toString(..., QLocale::ShortFormat)
* Use QDateTime::startOfDay() instead of QDate(QDateTime)
Note: QDateTime::startOfDay() is only available in Qt 5.14, we need to guard it
* Replace QString::SkipEmptyParts with Qt::SkipEmptyParts
Note: Its designated replacement, Qt::SplitBehavior, was only added in Qt 5.14.
* Don't call deprecated QFlags(nullptr) constructor
* QSet::{toList->values}
* Replace QList::toSet, QSet::fromList with Tools::asSet()
* QHash::insertMulti -> QMultiHash::insert
* QProcess::startDetached: non-deprecated overload
* QProcess::{pid->processId}
* QPainter::{HighQuality->}Antialiasing
* QPalette::{background->window}()
* Use Qt::{Background,Foreground}Role
* endl -> Qt::endl, flush -> Qt::flush
* Make YubiKey::s_interfaceMutex non-recursive
* OpenSSHKeyGenDialog: use non-deprecated QComboBox::sizeAdjustPolicy setting
Bump the minimum required Qt version up to 5.12, as per
https://github.com/keepassxreboot/keepassxc/issues/10859#issuecomment-2148477826.
Previously, the minimum version was 5.2.0 based on the CMakeLists.txt
check, though it's unclear if such old versions would actually work.
With this, we are able to remove a whole bunch of #ifdef'd code.
When the user chooses to copy the password for an entry to the clipboard, previously there was logic to check if text was selected, and if so, that text was instead copied to the clipboard. That made sense if
(a) the user invoked the Copy Password action via its keyboard shortcut, and (b) that keyboard shortcut was configured (as per default) to be Ctrl-C, i.e. the same as the system action for copy-to-clipboard.
However, it made no sense if the user invoked that action in some other way, for example by clicking the corresponding toolbar button.
It also made no sense in the case that the Copy Password action had some other keyboard shortcut assigned. Also, if some other action had Ctrl-C assigned, the logic would not kick in then.
Fix all of the above by modifying the keyboard shortcut logic to intervene precisely in the case where a shortcut is pressed that matches the system copy-to-clipboard shortcut; only in that case do we now check if text is selected and if so copy that to the clipboard instead of the action we would otherwise take.
Fixes#10734.
If the system Copy key sequence (i.e. Ctrl+C or Cmd+C) is pressed while
inside the search entry without any text being selected, previously we
would copy the currently selected entry's password. This made sense when
keyboard shortcuts were fixed. Now that they are configurable, change it
to re-route the event to the main window, which can then take the
appropriate action (i.e. Ctrl+C might be bound to some other action).
* Entry placeholder resolution: don't overdo it
After resolving placeholders, previously the code would do it all over again if anything had changed, multiple times up to the recursion limit. This would have the effect of applying a much greater recursion limit, which is confusing and unnecessary, and probably undesired.
* Entry tweaks and minor refactoring
- Entry::size(): when computing tag size, use same delimiter set as in other places in the code
- Factor tag delimiter set regex out into global constant
- Placeholder resolution: remove unnecessary special casing for self-referential placeholders (these are taken care of by existing recursion depth limit)
- Placeholder resolution: less wasteful string building loop
- Move some constants from being public static data members of Entry to being local to Entry.cpp (in anonymous namespace)
- Migrate some QRegEx instances to QRegularExpression, the modern alternative
- Miscellanous minor code cleanups
* Entry: fix hitting recursion limit with {braces}
When encountering a {brace-enclosed} substring, the placeholder resolution logic would previously keep recursing until it hit the recursion depth limit (currently 10). This would lead to "Maximum depth of replacement has been reached" messages, and was also wasting CPU cycles.
Fixes#1741
---------
Co-authored-by: Jonathan White <support@dmapps.us>
* Fixes#10723 - only display password strength warning when actively editing the password
* Also improve behavior of minimum quality warning
* Improve behavior and handling of password changes with the database settings dialog
* Prevents loss of newly entered password when toggling between elements in the settings page
* On error, switch to tab that prevents saving database settings for easier correction
* Provide remote database sync capability
Allow arbitrary commands to be defined and executed for syncing databases with remote services. This includes sftp, scp, rsync, etc.
Remote commands are stored per-database and sync operations are manually triggered by the user from the Database -> Remote Sync menu.
---------
Co-authored-by: Stefan Forstenlechner <t-h-e@users.noreply.github.com>
Co-authored-by: Jonathan White <support@dmapps.us>
* Fix passphrase generator test
Previously, the test case was assuming the wrong regex. In particular, the default word list (eff_large.wordlist) contains several words that contain dashes. Adjust the regex used in the test to reflect this. This should fix rare test failures
Remove Unicode character U+FEFF ZERO WIDTH NO-BREAK SPACE from Weslly's
email address in a few places.
Not sure if this was done on purpose (anti-spam measure?), but it's not
consistently done anyway (e.g. wasn't the case in
src/gui/TotpDialog.cpp), so it seems cleanest to remove this.
* Fix broken build when using system zxcvbn
Fixup of zxcvbn include statement added in 5513ff5. A zxcvbn/ directory
prefix breaks building with system zxcvbn. Remove this prefix to align
this include statement with ones present in other files. Add zxcvbn
libraries as dependency to CliTest.
* Move src/zxcvbn/ to src/thirdparty/zxcvbn
* Fixes#10400
- Support TOTP entries with bare secrets instead of otpauth urls for Bitwarden. Vice-versa for 1PUX.
- Support Bitwarden Argon2id encryption scheme
* Fixes#10380 - Support Bitwarden organization collections
This issue previously caused parent databases to be marked as modified on unlock. This was because of the new protections against byte-by-byte side channel attacks adds a randomized string to the database custom data. We should never be merging database custom data with keeshare or imports since we are merging groups only.
Also prevent overwrite of auto-generated custom data fields, Last Modified and Random Slug.
* This removes the application setting to require typing the password in again even though it is visible.
* Removed automatic password repeat when the password is made visible on changing.
* Fixes#10455
* Fixes#10432
* Fixes#10415
Prevent setting critical key components to nullptr when database data is cleared. This can result in a crash due to race condition between threads.
Added a bunch of asserts to detect this problem and if guards to prevent actual crashes.
* Implemented database file hidden attribute preservation on Windows
Implemented database file hidden attribute preservation on Windows by modifying the save function to check the hidden attribute of the original database before saving and then reapply it post-saving if running on Windows so that users can easily store their database in a hidden file without having to re-hide it every time it's modified.
Updated the TestDatabase::testSaveAs() unit test to first verify after the initial save that the database file is not hidden before hiding it then saving again and verifying that it is now hidden.
Signed-off-by: Drwsburah <Drwsburah@yahoo.com>
Co-authored-by: Jonathan White <support@dmapps.us>
Attack - KeeShare attachments can be inferred because of attachment de-duplication.
Solution - Prevent de-duplication of normal database entry attachments with those entry attachments synchronized/associated with a KeeShare database. This is done using the KeeShare database UUID injected into the hash calculation of the attachment prior to de-dupe. The attachments themselves are not modified in any way.
--------
Attack - Side channel byte-by-byte inference due to compression de-duplication of data between a KeeShare database and it's parent.
Solution - Generate a random array between 64 and 512 bytes, convert to hex, and store in the database custom data.
--------
Attack vector assumptions:
1. Compression is enabled
2. The attacker has access to a KeeShare database actively syncing with the victim's database
3. The victim's database is unlocked and syncing
4. The attacker can see the exact size of the victim's database after saving, and syncing, the KeeShare database
Thank you to Andrés Fábrega from Cornell University for theorizing and informing us of this attack vector.
* Closes#7545 - Support 1Password 1PUX import format based on https://support.1password.com/1pux-format/
* Closes#8367 - Support Bitwarden JSON import format (both unencrypted and encrypted) based on https://bitwarden.com/help/encrypted-export/
* Fixes#9577 - OPVault import when fields have the same name or type
* Introduce the import wizard to handle all import tasks (CSV, KDBX1, OPVault, 1PUX, JSON)
* Clean up CSV parser code to make it much more efficient and easier to read
* Combine all importer tests (except CSV) into one test file
