Commit Graph

650 Commits

Author SHA1 Message Date
Jonathan White
8a7be101e4 CLI Improvements
* Fix #6001 - only use `--notes` in Add/Edit commands to prevent clash with password generator option `-n`.

* Fix #6119 - Send Unicode to clip command; Windows only understands UTF-16 encoding.

* Fix #6128 - `clip` command will default to clearing the clipboard after 10 seconds. To disable clearing set timeout to 0.
2021-04-25 07:38:21 -04:00
Jonathan White
be3e77d721 Cleanup CLI includes across all components
* Remove unused include files
* Move includes out of widely shared headers (reduced rebuild time)
* Consolidate code for Analyze command
2021-04-25 07:38:21 -04:00
Martin Mokrejs
dc496fd1d9 Better description text for Key File change dialog 2021-04-24 13:47:28 -04:00
Jonathan White
80809ace67 Replace all crypto libraries with Botan
Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out.

The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt.

Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's.

Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead.

Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan.

Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR.

NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established.

Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots.

Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG.

Greatly simplified Secret Service plugin's use of crypto functions with Botan.
2021-04-05 22:56:03 -04:00
Jonathan White
871c4fffdd OPVault: Use Text instead of Name for attribute and section names
* Fix #6303 - the text attribute in 1Password contains the actual text seen in 1Password whereas the name attribute may contain a ref pointer and not a name.
2021-04-01 22:59:44 -04:00
Sami Vänttinen
c19efb5b19
Remove credential sorting from Browser Integration (#6353) 2021-03-31 23:14:29 -04:00
Patrick Klein
57af7c131d Fix favicon download from URL with non-standard port.
Fixes #5001.

The favicon download URL was constructed from scheme and host only. This is fixed by simply replacing the path of the original URL with "/favicon.ico", thus keeping scheme, host, auth and port intact.

Further modification: URL's with a non-http schema are now rejected.
2021-03-01 21:42:19 -05:00
Ojas Anand
022154462e Add entry view column for password strength
* Closes #4216

Reduced to three-tiered rating system and fixed column implementation. Hide password strength indicator in entry view if excluded from reports.

Introduce password health caching to prevent unnecessary calculations.
2021-02-26 22:10:04 -05:00
Brandon Atkinson
c5a2aa0a2a Exclude additional lookalike characters (6G8B)
* Fix #6075
2021-02-25 21:36:30 -05:00
Jonathan White
8d058cbd04
Additional Auto-Type improvements based on PR feedback
* Improve documentation and remove external links to keepass.info documentation
2021-02-22 07:41:23 -05:00
Jonathan White
02446af743
Auto-Type support for T-CONV, T-REPLACE-RX, and Comments
* Close #1825 - Add full support for T-CONV and T-REPLACE-RX placeholders. Exception is support for the "raw" type in T-CONV.

* Close #5333 - Allow comment syntax to be present in the Auto-Type sequence
2021-02-22 07:41:23 -05:00
Jonathan White
027ff9f2bf
Overhaul Auto-Type Action Handling
* Close #2603 - Add support for modifier syntax (+, ^, and %)
* Fix #2633 - Allow reference syntax {REF:...} in Auto-Type sequences
* Close #5334  - Tell the user which part of the Auto-Type sequence is invalid for easy correction
* Fix #2401 - Select the right window on macOS prior to starting Auto-Type

* Allow for nested placeholders
2021-02-21 16:33:54 -05:00
Jonathan White
d9ae449f04
Improve Auto-Type Select Dialog
Significant improvements to the Auto-Type select dialog. Reduce stale and unnecessary code paths.

* Close select dialog when databases are locked.
* Close open modal dialogs prior to showing the Auto-Type select dialog to prevent interference.
* Never perform Auto-Type on the KeePassXC window.
* Only filter match list based on Group, Title, and Username column data (ie, ignore sequence column)
* Always show the sequence column (revert feature)
* Show selection dialog if there are no matches to allow for a database search

* Close #3630 - Allow typing {USERNAME} and {PASSWORD} from selection dialog (right-click menu).
* Close #429 - Ability to search open databases for an entry from the Auto-Type selection dialog.
* Fix #5361 - Default size of selection dialog doesn't cut off matches
2021-02-21 16:33:54 -05:00
Jonathan White
f3d88fbd36 Address translation feedback from Transifex 2021-02-19 18:37:33 -05:00
Aetf
9a8a5a0006
FdoSecrets: Major Refactor and Code Consolidation (#5747)
* Fixes #3837

* Change objects to use DBusMgr rather than separate adaptors
  - Update all DBus invokable methods to new parameter order
  - Change all usage of DBusReturn to simpler DBusResult
  - Use DBusMgr to handle path and service registration
  - Remove adaptor/*
  - Set path in DBusObject
  - Unregister service when service is destroyed
  - Restore handling of invalid QVariant in prompt complete signal
  - Clean up meta type registration
  - Move dbus related file together
  - Convert to QSharedPointer as much as possible
  - Fix mapping of the Delete method
  - Handle dbus property get all

* Add per-client states
  - Move cipher negotiation to DBusClient
  - Show list of clients instead of sessions in the settings page
  - Add settings for confirmation of accessing items
  - Fix infinite recursion when client disconnected
  - Use optional explicit DBusClient parameter instead. This makes accessing 
    the client info in an async context explicit, and thus prevent accidental 
    assertions in prompts.

* Improve User Interface
  - Add per-item access confirmation (if enabled)
  - Remove the "disable for site" button for the access control dialog
  - Improve the text on the settings page to be more consistent
  - Fix disconnect buttons in settings page not working
  - Make the unlock prompt method nonblocking

* Fix and cleanup unit tests
  - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded
  - Fixes in meta type registration and type conversion
  - Remove QStringLiteral in COMPARE macros, making diff output readable
  - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
Janek Bevendorff
86278311d2
Merge branch 'master' into develop 2021-01-12 18:24:59 +01:00
Janek Bevendorff
23ca46c918 Add support for version 2 XML key files.
As discussed in #4317, the next KeePass2 release will ship with
support for a new generation of XML key files which enable
hash integrity checks.

This patch adds support for reading and generating this new format.
By default, KeePass2 now uses the .keyx extension for generated
key files, which was added to KeePassXC's key generation file chooser
filter. We continue to generate hashed binary key files by default,
but the user can explicitly save the file with the new .keyx
extension to generate an XML v2 key file (currently undocumented).

When opening a database, the key file type is still determined
by content negotation, so the file extension has no impact here.

As an additional change, the legacy key file warnings have been
improved slightly to be less confusing and more helpful.
2021-01-07 22:02:43 -05:00
Jonathan White
a74e2391e8 Copy history when drag/drop entries and groups
* Fix #5809
2020-12-20 22:57:42 -05:00
Janek Bevendorff
cd0084f21c Add support for version 2 XML key files.
As discussed in #4317, the next KeePass2 release will ship with
support for a new generation of XML key files which enable
hash integrity checks.

This patch adds support for reading and generating this new format.
By default, KeePass2 now uses the .keyx extension for generated
key files, which was added to KeePassXC's key generation file chooser
filter. We continue to generate hashed binary key files by default,
but the user can explicitly save the file with the new .keyx
extension to generate an XML v2 key file (currently undocumented).

When opening a database, the key file type is still determined
by content negotation, so the file extension has no impact here.

As an additional change, the legacy key file warnings have been
improved slightly to be less confusing and more helpful.
2020-12-19 09:42:21 -05:00
Jonathan White
404fd941e8
Move global shortcut handling into OSUtils (#5566)
Move global shortcut handling into OSUtils
2020-12-13 23:23:25 -05:00
krsnik93
2ee4168956 Display default autotype sequence on entry preview pane
* Fix #5450
2020-12-13 11:33:03 -05:00
Bernhard Berg
a6f01349e8
Redo 'delete entries no confirm' functionality & unit-tests (#5812)
* Fixes #5232
2020-12-12 12:14:18 -05:00
Jonathan White
7ac651763c Improve CSV export and import capability
* Fixes #3541
* CSV export now includes TOTP settings, Entry Icon (database icon number only), Modified Time, and Created Time.
* CSV import properly understands time in ISO 8601 format and Unix Timestamp.
* CSV import will set the TOTP settings and entry icon based on the chosen column.
2020-12-06 11:16:49 -05:00
Janek Bevendorff
3f7e79cdf3 Add Argon2id KDF (backport of #5726) 2020-12-04 15:11:28 +01:00
Janek Bevendorff
9a96124040 Add Argon2id KDF 2020-12-03 20:06:58 +01:00
Aetf
9f4118974d FdoSecrets: fix signal connections 2020-11-13 17:20:45 -05:00
Aetf
a651d7049d FdoSecrets: handle corner cases in collection dbus names, fix #5279
- Use completeBaseName rather than baseName to ensure nonempty name
- Handle two databases have the same name
- Cleanup Service::onDatabaseTabOpened logic
2020-11-13 17:16:22 -05:00
Aetf
f5caf3968f FdoSecrets: fix typos 2020-11-13 17:16:22 -05:00
Jonathan White
eb6f0eb346 Add search 'by-path' url for browser 2020-10-17 18:22:47 -04:00
Jonathan White
0c5dd1556a
Merge branch 'release/2.6.2' into develop 2020-10-15 00:13:14 -04:00
Janek Bevendorff
389899e0c6 Fix theme issues on macOS
* Fix #5025 - Change edit entry widget title separator to the common bullet character • (U+2022)
* Fix #5307 and Fix #5347 - Remove transparent toolbar/window on macOS and properly color text in toolbar.
2020-10-14 23:55:01 -04:00
Jonathan White
b0e038e789 Improve default Qt widget icons
* Include new icons for toolbar overflow to ensure they are tinted correctly and fit in with the rest of the UI.
* Replace custom code for clearing line edits by including a proper icon for the default action.
2020-10-14 23:55:01 -04:00
Bernhard Berg
fd3cc7e8c3
Add keyfile option to keepassxc cli import cmd (#5402)
Fixes #5311

Added the keyFile logic from the create command to the import command and moved the loadFileKey() function
to the Utils class since it is now used in both create & import classes.
2020-10-09 20:31:29 -04:00
louib
48d9fb3e79
Remove GUI bootstraping from core/ (#5513) 2020-10-08 22:48:45 -04:00
Jonathan White
e1c2537084
Merge branch 'release/2.6.2' into develop 2020-09-27 12:11:02 -04:00
david
55eb855267 Add a -n (--notes) option to keepassxc-cli add and edit commands 2020-09-21 16:04:32 -04:00
Sami Vänttinen
e391dd182d
Fix Best-Matching ..again (#5316)
Co-authored-by: Jonathan White <support@dmapps.us>
2020-09-13 10:38:19 -04:00
Sami Vänttinen
9bab5d5a33
Don't mark URL references as invalid URL (#5380) 2020-09-05 09:00:36 -04:00
piegames
6a35bbea2f Add browser service search for entries via UUID 2020-09-02 23:19:43 -04:00
Jonathan White
f947c96462 Improve CSV export and import capability
* Fixes #3541
* CSV export now includes TOTP settings, Entry Icon (database icon number only), Modified Time, and Created Time.
* CSV import properly understands time in ISO 8601 format and Unix Timestamp.
* CSV import will set the TOTP settings and entry icon based on the chosen column.
2020-09-01 07:57:31 -04:00
Laurent Erignoux
f49f62d3be Add a best option to CLI command clip (#4489)
The best option copy the password from the best match if only one matching entry exists.

Adding clip best option documentation

Adding unit tests on the new clip --best option
2020-08-31 23:06:27 -04:00
Jonathan White
8a7bdd5b95 Change actions for F1-F2-F3 keys
* Fixes #5037
* F1 focuses group view, if already focused it opens the focused group for editing
* F2 focuses entry view, if already focused it opens the focused entry for editing
* F3 focuses search
2020-08-19 20:24:40 +02:00
Jonathan White
c538f0b907 Fixup saving non-data changes on database lock
* Fix #5107 
* Change setting for non-data changes to Auto save on database lock (or not) instead of marking modified.
* When enabled, database will be auto-saved if there are only non-data changes, but will not prompt the user if saving has failed.
* When disabled, database will not auto-save if there are only non-data changes (same behavior as 2.5 and below) and will not mark the database dirty.
2020-08-08 15:40:00 -04:00
varjolintu
f73855a7f2 Adjust matching with best-matching credentials enabled 2020-07-21 07:29:02 -04:00
Toni Spets
7c39907251 Substitute tilde with USERPROFILE on Windows
The substitution is now more shell-like and tilde is only replaced
from the beginning of the path if it is trailed by a slash.
2020-07-18 09:24:22 -04:00
Jonathan White
3b459813ed Replace "Master Key" with "Database Credentials"
Definitions:
* Database Key - Cryptographic hash used to perform encrypt/decrypt of the database.

* Database Credentials - User facing term to refer to the collection of Password, Key File, and/or Hardware Key used to derive the Database Key.

Changes:
* Remove the term "master" and "key" from the user's lexicon and clarify  the code base based on the definitions above.
* Clean up wording in the UI to be clearer to the end user.
2020-07-02 17:39:45 -04:00
Jonathan White
736df7696f FDO Secrets: Fix double free on exit
* Prevent double free due to QObject cleanup happening before/after the ExtraPage  storing the QSharedPointer to FdoSecretsPlugin is deleted.
* Fixes #4877
2020-06-19 21:24:43 -04:00
Jonathan White
fbebf30b98 Fix permissions changing on database save
* Saving a database in unsafe mode retains the existing permissions on the kdbx file
* New databases (save as, save backup, new database) and new key files are saved with 0600 permissions (user read/write), fixes #2575
2020-06-07 16:00:56 -04:00
Jonathan White
9d10792640 Update edit entry widget when backing entry changes
* Fixes #4060
* Also fix not emitting entryModified() when history is truncated. This possibly fixes other crashes with apply button when the history is truncated and then the history page is shown with a deleted entry.
2020-06-04 10:03:40 -04:00
Jonathan White
2073f2ddc3 Fix theming with Qt 5.15
* Fixes #4765
* Fixes #4766
2020-06-04 10:03:40 -04:00