Commit Graph

230 Commits

Author SHA1 Message Date
Carlo Teubner
88b76244cf
Fix all Qt 5.15 deprecation warnings (#7783)
* Deprecated qSort() -> std::sort()
* Replace QDateTime::toString(Qt::DefaultLocaleShortDate) with Clock::toString()
* Replace QDateTime::toString(Qt::SystemLocaleShortDate) with QLocale::system().toString(..., QLocale::ShortFormat)
* Use QDateTime::startOfDay() instead of QDate(QDateTime) 
  Note: QDateTime::startOfDay() is only available in Qt 5.14, we need to guard it
* Replace QString::SkipEmptyParts with Qt::SkipEmptyParts
  Note: Its designated replacement, Qt::SplitBehavior, was only added in Qt 5.14.
* Don't call deprecated QFlags(nullptr) constructor
* QSet::{toList->values}
* Replace QList::toSet, QSet::fromList with Tools::asSet()
* QHash::insertMulti -> QMultiHash::insert
* QProcess::startDetached: non-deprecated overload
* QProcess::{pid->processId}
* QPainter::{HighQuality->}Antialiasing
* QPalette::{background->window}()
* Use Qt::{Background,Foreground}Role
* endl -> Qt::endl, flush -> Qt::flush
* Make YubiKey::s_interfaceMutex non-recursive
* OpenSSHKeyGenDialog: use non-deprecated QComboBox::sizeAdjustPolicy setting
2024-06-22 07:22:44 -04:00
Carlo Teubner
07f565aa49 Require Qt >= 5.12
Bump the minimum required Qt version up to 5.12, as per
https://github.com/keepassxreboot/keepassxc/issues/10859#issuecomment-2148477826.
Previously, the minimum version was 5.2.0 based on the CMakeLists.txt
check, though it's unclear if such old versions would actually work.

With this, we are able to remove a whole bunch of #ifdef'd code.
2024-06-22 00:01:23 -04:00
AgostonSzepessy
1f9c25cc91
Show character count in password generator dialog (#10940)
Displays the number of characters in the password field in the password generator dialog. This fixes #10858.
2024-06-21 23:53:18 -04:00
Carlo Teubner
9972b5f531
Fix Copy Password button when text is selected (#10853)
When the user chooses to copy the password for an entry to the clipboard, previously there was logic to check if text was selected, and if so, that text was instead copied to the clipboard. That made sense if
(a) the user invoked the Copy Password action via its keyboard shortcut, and (b) that keyboard shortcut was configured (as per default) to be Ctrl-C, i.e. the same as the system action for copy-to-clipboard.

However, it made no sense if the user invoked that action in some other way, for example by clicking the corresponding toolbar button.

It also made no sense in the case that the Copy Password action had some other keyboard shortcut assigned. Also, if some other action had Ctrl-C assigned, the logic would not kick in then.

Fix all of the above by modifying the keyboard shortcut logic to intervene precisely in the case where a shortcut is pressed that matches the system copy-to-clipboard shortcut; only in that case do we now check if text is selected and if so copy that to the clipboard instead of the action we would otherwise take.

Fixes #10734.
2024-06-19 08:03:42 -04:00
Carlo Teubner
24dc07897b Search entry: respect shortcut config on Copy key
If the system Copy key sequence (i.e. Ctrl+C or Cmd+C) is pressed while
inside the search entry without any text being selected, previously we
would copy the currently selected entry's password. This made sense when
keyboard shortcuts were fixed. Now that they are configurable, change it
to re-route the event to the main window, which can then take the
appropriate action (i.e. Ctrl+C might be bound to some other action).
2024-06-16 17:38:29 -04:00
Jonathan White
2c0844807e Improve overall database settings behavior
* Fixes #10723 - only display password strength warning when actively editing the password
* Also improve behavior of minimum quality warning
* Improve behavior and handling of password changes with the database settings dialog
* Prevents loss of newly entered password when toggling between elements in the settings page
* On error, switch to tab that prevents saving database settings for easier correction
2024-06-16 08:43:09 -04:00
Jonathan White
2b08af712f Fix encryption settings behavior
* Fixes #10558
2024-06-16 08:43:09 -04:00
Carlo Teubner
af2ba798a0 TestGui: testTotp: use QTRY_COMPARE
That test failed, presumably because of inherent raciness: https://ci.keepassxc.org/buildConfiguration/KeePassXC_MacOS/248424?expandBuildDeploymentsSection=false&hideTestsFromDependencies=false&hideProblemsFromDependencies=false&expandBuildChangesSection=true&expandBuildProblemsSection=true&showLog=248423_1081_942&logFilter=debug&logView=flowAware

Paper over the raciness by using QTRY_COMPARE instead of QCOMPARE.
2024-06-14 18:08:08 -04:00
sforst
1ca607792d
Support remote database access using external tools (#7222)
* Provide remote database sync capability

Allow arbitrary commands to be defined and executed for syncing databases with remote services. This includes sftp, scp, rsync, etc. 

Remote commands are stored per-database and sync operations are manually triggered by the user from the Database -> Remote Sync menu. 

---------

Co-authored-by: Stefan Forstenlechner <t-h-e@users.noreply.github.com>
Co-authored-by: Jonathan White <support@dmapps.us>
2024-06-13 06:23:41 -04:00
Jonathan White
5513ff5c1f Fix TestCli and TestGui entropy tests across platforms
* zxcvbn wordlists can vary between platforms depending on packager adjustments (ie, zxcvbn-c vs Ubuntu Focal)
2024-03-31 07:56:23 -04:00
Jonathan White
e700195f0a Add 1Password 1PUX and Bitwarden JSON Importers
* Closes #7545 - Support 1Password 1PUX import format based on https://support.1password.com/1pux-format/

* Closes #8367 - Support Bitwarden JSON import format (both unencrypted and encrypted) based on https://bitwarden.com/help/encrypted-export/

* Fixes #9577 - OPVault import when fields have the same name or type

* Introduce the import wizard to handle all import tasks (CSV, KDBX1, OPVault, 1PUX, JSON)

* Clean up CSV parser code to make it much more efficient and easier to read

* Combine all importer tests (except CSV) into one test file
2024-03-09 10:44:54 -05:00
Janek Bevendorff
0acb15de0f Set test locale to C 2024-03-08 10:55:22 -05:00
Janek Bevendorff
6a273363c4 Automatically detect USB device changes 2024-03-08 10:55:22 -05:00
Waqar Ahmed
a472ef8a93
Allow configuring keyboard shortcuts (#9643)
Closes #2689

The design of the respective code is loosely based on KDE's KActionCollection. The ActionCollection manages all actions that can be shortcut configured. These actions are then exposed in the config and a user can assign a different shortcut.

Actions inside the MainWindow have been added to the ActionCollection.

---------

Co-authored-by: Jonathan White <support@dmapps.us>
2024-02-04 06:29:04 -05:00
egglessness
d44486ce94
Add configurable password strength check on database password (#9782)
* Set default value of DatabasePasswordMinimumQuality to 3 (do not accept a master password that is less than Good)

* Add custom message box button "Continue with weak password"
2024-01-06 13:53:18 -05:00
Colfenor
cd7a53abbb
Fix first entry is not selected when a search is performed (#9868) 2023-09-25 09:21:28 -04:00
Jonathan White
eee25a1c35
Fix several issues with Quick Unlock (#9697)
* Fix #7892 - Pressing escape when the quick unlock prompt is shown will now go back to the main unlock dialog view.
* Fix #9030 - Quick unlock will be automatically invoked in the unlock dialog upon being shown.
* Fix #9554 - Quick unlock application setting will be updated every time the settings widget is shown instead of just on first launch.

* Show warning that quick unlock is not enabled if user cancels Windows Hello prompt. This should limit people thinking there is a security issue. Also improve documentation describing this behavior.

* Disable quick unlock in gui tests
2023-08-10 08:21:08 -04:00
Jonathan White
3cf14971f2 Improve database encryption settings UX
Fixes #6190

Remove the advanced settings checkbox and replace with a dedicated tab widget interface to toggle between basic and advanced encryption settings.
2023-07-09 12:29:56 -07:00
jNullj
35baeaff79
Add auto-save delay per database (#9100)
Add a new propery autosaveDelay in Metadata of the db.
The property is saved in customData to not affect database structure as this setting is unique to keepasxc.
The propery sets delay to wait since last modification before saving.

Co-authored-by: jNullj <jNullj@users.noreply.github.com>
2023-07-08 08:49:03 -04:00
jNullj
e755ee8e04
test: add test for maximum history in database settings (#9176)
This commit adds a test to the TestGui::testDatabaseSettings function for the history maximum items and maximum size settings.
The test opens the database settings dialog, disables the history items and size settings, saves the changes, reopens the dialog, and then cancels without making any changes to load the default values. The test ensures that the default values are loaded correctly.

Co-authored-by: jNullj <jNullj@users.noreply.github.com>
2023-07-04 05:43:12 -07:00
Jonathan White
e701ccbd73 Fix GUI tests on macOS 2023-04-30 09:26:33 -04:00
jNullj
7a6505626f
Fix TestGui::testDatabaseSettings open tab missing (#9162)
Co-authored-by: jNullj <jNullj@users.noreply.github.com>
2023-02-25 14:11:18 -05:00
Jonathan White
8dec687798 Correct testing status bar text 2023-02-19 08:28:12 -08:00
Akinori MUSHA
cc35bf2096 Select new entry after cloning
Also fixes re-selecting entries during a search refresh
2023-02-13 23:22:13 -08:00
Dmytro
5bd871528f
Fix status bar update when switching to other DB (#9073)
* Gui tests: add validation of StatusBarLabel in some tests
2023-02-07 22:11:52 -05:00
Dmytro Maslenko
f703736685 Scale and center QR code on window resizing
* Also add GUI test for QR code resizing
2023-02-02 00:03:30 -05:00
luzpaz
880cc230ac
Fix various typos (#8748) 2023-01-29 09:38:44 -05:00
Jonathan White
e5bd5f39fb Use search for showing expired entries on unlock
* Fix #8036 - use search interface to display expiring entries on first unlock.
2022-09-08 06:46:48 -04:00
Aetf
0f7b674cbb FdoSecrets: add smarter handling of database unlock requests
This commit implements the following logic:
* If there're already unlocked collections, just use those,
* otherwise, show the unlock dialog until there's an unlocked and exposed collection.

* Fixes #7574
2022-06-04 16:27:18 -04:00
Aetf
e2bf537c4a FdoSecrets: ask to unlock the database when creating items
Also only emit databaseUnlockFinished after the database is unlocked

Fix #7989
2022-06-04 15:49:34 -04:00
J.M. Dana
a740fe128c Add password strength indicator to PasswordEditWidget
Fixes #7437 (entry edit view only)
Fixes #5220
2022-05-31 07:34:50 -04:00
Jonathan White
ba8f787d0d Fix transient errors in GUI tests
* Fix saving file errors due to atomic saves on Windows
* Fix tests that rely on clicking a list index that is out of view
2022-05-30 23:31:34 -04:00
Patrick Sean Klein
65a1d1b0f7 Limit zxcvbn entropy estimation length
Limit the use of zxcvbn based password entropy estimation to 256 bytes. After this threshold, the average per-byte entropy from the zxcvbn calculation is added for each additional byte. In practice, this produces a slightly higher entropy calculation for purely randomized passwords than zxcvbn would normally calculate. However, the time to calculate is capped leading to a much better user experience and removing unnecessary calculations.

Fixes #7712
2022-05-30 10:46:39 -04:00
Aetf
a4c5997050 FdoSecrets: skip entries in recycle bin when searching (fix #7933) 2022-05-28 15:36:17 -04:00
Jonathan White
02602da257 Several improvements to tags editing
* Fix #7602 - Allow spaces in tag names
* Fix #7528 - Allow pasting text into the tags field. Text is split by comma creating tags for each section of text. If there are no commas then the pasted text becomes a tag.
* Fix tags editing not causing the entry to be marked as modified.
2022-03-29 18:41:31 -04:00
Aetf
7d3c3b09fb FdoSecrest: allow remember decision for future entries
Also added a reset decision button in session management tab

Fixes #7464

* Fix distorted button in settings page: the default margin in QToolBar is too large for our use case in a table row.
2022-03-21 08:42:17 -04:00
Patrick Klein
bce8c84c26
Remove obsolete read only state from database. (#7324) 2022-01-28 21:26:53 -05:00
Xavier Valls
4a21cee98c Add tags feature
* show the tags in the entry preview
* allow searching by tag
* add a sidebar listing the tags in the database
* filter entries by tag on click
* Introduce a new TagsEdit widget that provides pill aesthetics, fast removal functionality and autocompletion
* add tests for the tags feature
* introduce the "is" tag for searching. Support for weak passwords and expired added.
2022-01-28 16:13:49 -05:00
Lorenzo Tucci
c88d8c870f Add lock selected database action on toolbar
Closes #6445

Switch tab when locking a database and move Lock Database actions to the Database section of the toolbar.
2021-12-12 23:40:59 -05:00
Jonathan White
d3d7bd7b81 Fix transient save errors in TestGui 2021-11-25 14:29:13 -05:00
louib
004f2b6801 Removing QWidget dependency from src/core. 2021-11-12 07:41:30 -05:00
Patrick Klein
84ff6a13f9
Allow specifing database backup paths. (#7035)
- Default backupFilePath is '{DB_FILENAME}.old.kdbx' to conform to existing standards
- Implement backupPathPattern tests.
- Show tooltip on how to format database backup location text field.
2021-11-07 17:41:17 -05:00
Aetf
2a9d92faeb
FdoSecrets: reject setting refs via the API (#7043)
* FdoSecrets: add TOTP as a readonly attribute

* FdoSecrets: reject setting fields containing refs, fixes #6802

It is still possible to set refs using KPXC UI.
2021-10-24 10:22:50 -04:00
Aetf
a31c5ba006 FdoSecrets: Implement unlock before search
Fixes #6942 and fixes #4443

- Return number of deleted entries
- Fix minor memory leak
- FdoSecrets: make all prompt truly async per spec and update tests
    * the waited signal may already be emitted before calling spy.wait(),
      causing the test to fail. This commit checks the count before waiting.
    * check unlock result after waiting for signal
- FdoSecrets: implement unlockBeforeSearch option
- FdoSecrets: make search always work regardless of entry group searching settings, fixes #6942
- FdoSecrets: cleanup gracefully even if some test failed
- FdoSecrets: make it safe to call prompts concurrently
- FdoSecrets: make sure in unit test we click on the correct dialog

Note on the unit tests: objects are not deleted (due to deleteLater event not handled).
So there may be multiple AccessControlDialog. But only one of
it is visible and is the correctly one to click on.

Before this change, a random one may be clicked on, causing the
completed signal never be sent.
2021-10-16 22:50:04 -04:00
Aetf
60cfba8e46
FdoSecrets: Improve client executable path handling (#6915)
* Fixes #6459 

Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following:

* Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733)
* Show application PID and dbus address in the client list
* When the executable file is inaccessible, depending on where the client name is shown:
    * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid
    * when shown in auth dialog, show warning and print detailed info about the client
    * when shown in the client list, draw a warning icon

Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
Janek Bevendorff
a46231a39a
Fix tests on macOS and update coverage config (#6945)
Simplifies coverage generation and uses llvm-cov instead of gcov if
compiler is clang.
2021-09-26 12:35:42 +02:00
peter
6b14b5dc27 Optimize includes across code base 2021-07-13 22:08:33 -04:00
Jonathan White
6a8b070b0a
Resolve compiler warnings for unused return values
* Fixes #1932 - See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425#c29

Adding a negation before the function call allows the (void) syntax to work properly.
2021-06-11 22:49:39 -04:00
Martin Mokrejs
dc496fd1d9 Better description text for Key File change dialog 2021-04-24 13:47:28 -04:00
Jonathan White
80809ace67 Replace all crypto libraries with Botan
Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out.

The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt.

Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's.

Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead.

Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan.

Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR.

NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established.

Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots.

Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG.

Greatly simplified Secret Service plugin's use of crypto functions with Botan.
2021-04-05 22:56:03 -04:00