Commit Graph

693 Commits

Author SHA1 Message Date
Jonathan White
8a7eb36950 Several fixes for Auto-Type
* On Windows, offer explicit methods to use the virtual keyboard style of typing. This partially reverts 1150b69836 by going back to the standard unicode method by default. However, uses can either add {MODE=VIRTUAL} to their sequence or choose "Use Virtual Keyboard" / CTRL+4 from the selection dialog.

* Took this opportunity to clean up the signature of  AutoType::performAutoType and AutoType::performAutoTypeWithSequence by removing the "hideWindow" attribute.

* Show keyboard shortcuts on the selection dialog context menu

* Fix selection dialog help icon color when in dark theme
2022-03-19 08:23:53 -04:00
Sami Vänttinen
7284a8062a
Fix password generator responses (#7404)
* Respond directly to the current client instead of broadcasting

* Append requestID to generate-password response
2022-02-23 17:48:50 -05:00
Jonathan White
a76daeb4c5 Add key serialization to support Quick Unlock 2022-02-22 17:53:50 -05:00
Patrick Klein
bce8c84c26
Remove obsolete read only state from database. (#7324) 2022-01-28 21:26:53 -05:00
Jonathan White
7f92504a2d Fix wildcard window title matching in Auto-Type
* Fixes #6413
2022-01-28 19:38:30 -05:00
Xavier Valls
4a21cee98c Add tags feature
* show the tags in the entry preview
* allow searching by tag
* add a sidebar listing the tags in the database
* filter entries by tag on click
* Introduce a new TagsEdit widget that provides pill aesthetics, fast removal functionality and autocompletion
* add tests for the tags feature
* introduce the "is" tag for searching. Support for weak passwords and expired added.
2022-01-28 16:13:49 -05:00
Jonathan White
12990e59ad KeeShare: Remove checking signed container
* Remove QuaZip dependency in favor of minizip
* Remove signature checks, but maintain signatures for backwards compatibility
* Remove UI components related to certificates except for personal certificate for backwards compatibility
* Default to unsigned containers (*.kdbx)
2021-12-14 23:23:23 -05:00
Lorenzo Tucci
c88d8c870f Add lock selected database action on toolbar
Closes #6445

Switch tab when locking a database and move Lock Database actions to the Database section of the toolbar.
2021-12-12 23:40:59 -05:00
Geert Ijewski
d16fc2d62a Add db statistic output to CLI db-info command.
Closes #6920
2021-12-08 23:41:05 -05:00
Patrick Klein
a0a063b57f
Add -i/--include option to "generate" CLI command. (#7112) 2021-12-07 23:40:09 -05:00
Jonathan White
d3d7bd7b81 Fix transient save errors in TestGui 2021-11-25 14:29:13 -05:00
tenzap
dc7ad6c1b7
Fix syntax issue & add a missing header (#7160)
* Fix syntax to prevent compilation issue

Fix build failure with AppleClang 7 & 8.

Error was:
src/core/CustomData.cpp:30:41: error: default initialization of an object of const type 'const CustomData::CustomDataItem' without a user-provided default constructor
static const CustomData::CustomDataItem NULL_ITEM;
                                        ^
                                                 {}
src/core/Metadata.cpp:32:39: error: default initialization of an object of const type 'const Metadata::CustomIconData' without a user-provided default constructor
static const Metadata::CustomIconData NULL_ICON;
                                      ^

src/core/Metadata.cpp:32:48: note: add an explicit initializer to initialize 'NULL_ICON'
static const Metadata::CustomIconData NULL_ICON;
                                               ^
                                               {}

* Add missing QUuid header

Fixes this compilation issue with LLVM clang 9, possibly also due to an old QT5

tests/TestTools.cpp:96:39: error: incomplete type 'QUuid' named in nested name specifier
    auto validUuid = Tools::uuidToHex(QUuid::createUuid());
                                      ^~~~~~~
/opt/local/libexec/qt5/lib/QtCore.framework/Headers/qmetatype.h:1887:1: note: forward declaration of 'QUuid'
QT_FOR_EACH_STATIC_CORE_CLASS(QT_FORWARD_DECLARE_STATIC_TYPES_ITER)
^
/opt/local/libexec/qt5/lib/QtCore.framework/Headers/qmetatype.h:108:18: note: expanded from macro 'QT_FOR_EACH_STATIC_CORE_CLASS'
    F(QUuid, 30, QUuid) \
                 ^
tests/TestTools.cpp:101:40: error: incomplete type 'QUuid' named in nested name specifier
    auto nonHexUuid = Tools::uuidToHex(QUuid::createUuid()).replace(0, 1, 'p');
                                       ^~~~~~~
/opt/local/libexec/qt5/lib/QtCore.framework/Headers/qmetatype.h:1887:1: note: forward declaration of 'QUuid'
QT_FOR_EACH_STATIC_CORE_CLASS(QT_FORWARD_DECLARE_STATIC_TYPES_ITER)
^
/opt/local/libexec/qt5/lib/QtCore.framework/Headers/qmetatype.h:108:18: note: expanded from macro 'QT_FOR_EACH_STATIC_CORE_CLASS'
    F(QUuid, 30, QUuid) \
                 ^
2021-11-24 22:36:31 -05:00
Janek Bevendorff
a3dc977e58 Correctly set KDBX envelope version
Shows a warning when trying to open with a newer minor version than what is currently supported.

We always try to save with the lowest KDBX version possible for maximum compatibility.
2021-11-22 12:58:04 +01:00
Janek Bevendorff
c94efe6b5c Avoid redundant KDBX4 test runs 2021-11-22 12:58:04 +01:00
Janek Bevendorff
835e31ac3c Implement KDBX 4.1 CustomData modification date
We keep the old merging behaviour for now, since deleting a
CustomData entry does not create DeletedObject.
2021-11-22 12:58:04 +01:00
Janek Bevendorff
390e14b2c6 Implement KDBX 4.1 extended custom icons 2021-11-22 12:58:04 +01:00
Janek Bevendorff
cd9ef58e98 Implement KDBX 4.1 PreviousParentGroup flag 2021-11-22 12:58:04 +01:00
louib
004f2b6801 Removing QWidget dependency from src/core. 2021-11-12 07:41:30 -05:00
Jonathan White
6f5bbf7ad1
Fix database save calls in CLI due to backup path 2021-11-07 17:52:23 -05:00
Patrick Klein
84ff6a13f9
Allow specifing database backup paths. (#7035)
- Default backupFilePath is '{DB_FILENAME}.old.kdbx' to conform to existing standards
- Implement backupPathPattern tests.
- Show tooltip on how to format database backup location text field.
2021-11-07 17:41:17 -05:00
Jonathan White
8d7e491810 CLI: Fixed typo in tests 2021-11-07 17:27:16 -05:00
Andre Blanke
7d37f65ad0 CLI: Add commands to handle attachments
* Add commands to manipulate entry attachments from the CLI
* Closes #4462

* Add the following commands:
  attachment-export: Exports the content of an attachment to a specified file.

  attachment-import: Imports the attachment into an entry. An existing attachment with the same name may be overwritten if the -f option is specified.

  attachment-rm: Removes the named attachment from an entry.

* Add --show-attachments  to the show command
2021-11-07 17:27:16 -05:00
Aetf
2a9d92faeb
FdoSecrets: reject setting refs via the API (#7043)
* FdoSecrets: add TOTP as a readonly attribute

* FdoSecrets: reject setting fields containing refs, fixes #6802

It is still possible to set refs using KPXC UI.
2021-10-24 10:22:50 -04:00
Aetf
a31c5ba006 FdoSecrets: Implement unlock before search
Fixes #6942 and fixes #4443

- Return number of deleted entries
- Fix minor memory leak
- FdoSecrets: make all prompt truly async per spec and update tests
    * the waited signal may already be emitted before calling spy.wait(),
      causing the test to fail. This commit checks the count before waiting.
    * check unlock result after waiting for signal
- FdoSecrets: implement unlockBeforeSearch option
- FdoSecrets: make search always work regardless of entry group searching settings, fixes #6942
- FdoSecrets: cleanup gracefully even if some test failed
- FdoSecrets: make it safe to call prompts concurrently
- FdoSecrets: make sure in unit test we click on the correct dialog

Note on the unit tests: objects are not deleted (due to deleteLater event not handled).
So there may be multiple AccessControlDialog. But only one of
it is visible and is the correctly one to click on.

Before this change, a random one may be clicked on, causing the
completed signal never be sent.
2021-10-16 22:50:04 -04:00
varjolintu
c7cdce6e33 Support for triggering Global Auto-Type from browser extension 2021-10-10 23:41:58 -04:00
Chih-Hsuan Yen
3b3bc42e10
Fix broken browser integration since #6899 (#7030) 2021-10-09 11:22:44 -04:00
Jonathan White
f2aa32c7b0 Add direct write save option
* Closes #6335
* Modify application settings presentation to  allow for alternative saving strategies
* Transition Database::save calls to using flags to control saving behavior. Reduces boolean flags on function call.
* Made direct write save option a local setting to prevent unintentional carry over between platforms.
2021-10-09 11:12:25 -04:00
Aetf
60cfba8e46
FdoSecrets: Improve client executable path handling (#6915)
* Fixes #6459 

Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following:

* Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733)
* Show application PID and dbus address in the client list
* When the executable file is inaccessible, depending on where the client name is shown:
    * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid
    * when shown in auth dialog, show warning and print detailed info about the client
    * when shown in the client list, draw a warning icon

Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
Toni Spets
860fcfd78d SSH Agent: Add support for OpenSSH 8.2 FIDO/U2F keys
Closes #4334
2021-10-01 16:25:14 -04:00
Toni Spets
17d51b558e SSH Agent: Add missing ECDSA tests for OpenSSHKey 2021-10-01 16:25:14 -04:00
louib
2b0a1fc63f
Remove WITH_GUI_TESTS exclusion for CLI tests (#6946)
Apparently this exclusion was only relevant for Linux
systems not running X, which was already handled dynamically
in the testClip function. The CLI tests will now run by default
will all the other core tests.
2021-09-26 12:36:54 +02:00
Janek Bevendorff
a46231a39a
Fix tests on macOS and update coverage config (#6945)
Simplifies coverage generation and uses llvm-cov instead of gcov if
compiler is clang.
2021-09-26 12:35:42 +02:00
varjolintu
4c10e516c3 Add delete-entry command to Browser Integration API 2021-09-21 04:17:14 -04:00
m5w6
9aec84dee7 Add "parent directory match" priority between exact and host match 2021-09-20 23:53:31 -04:00
Robin Ebert
e8f2c9d126 CLI: Replace locate command with search
* Introduce search CLI command to replace locate command. Search can provide the same functionality but in a more fine-grained fashion

* Replace use of Group::locate in code: Use EntrySearcher in clip cli command best-match option. This removes the matching against group hierarchy of an entry which is kind of nonsense as clip expects exactly one match. Matching against groups can be done using search command.

* Remove obsolete Group::locate method
2021-08-22 19:23:16 -04:00
louib
ec81d2bc3f Moving CsvParser to format/ 2021-08-22 18:30:43 -04:00
Chih-Hsuan Yen
bc5d0df19e
Fix removing encrypted ASN.1 keys from ssh-agent (#6804)
Contents of id_rsa-encrypted-asn1 are from
TestOpenSSHKey::testDecryptRSAAES128CBC().

Closes #6788
2021-08-08 09:36:06 -04:00
Jonathan White
9b2b861a2a Removed / Consolidated unnecessary header files 2021-07-13 22:08:33 -04:00
peter
6b14b5dc27 Optimize includes across code base 2021-07-13 22:08:33 -04:00
Jonathan White
6a8b070b0a
Resolve compiler warnings for unused return values
* Fixes #1932 - See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425#c29

Adding a negation before the function call allows the (void) syntax to work properly.
2021-06-11 22:49:39 -04:00
Jonathan White
a0912b057e Improve testdatabase performance 2021-06-11 08:27:20 -04:00
Aetf
81a66c439c
Properly block modified signal during Database destruction (#6438)
fixes #6393
2021-05-27 21:50:15 -04:00
Jonathan White
fd0bdaae80 Fix challenge-response key data after Botan
* Fix #6420
* Refactor Challenge-Response key files to be more streamlined. Added a test to confirm raw key data is accurate.
2021-05-19 22:36:30 -04:00
Jonathan White
8a7be101e4 CLI Improvements
* Fix #6001 - only use `--notes` in Add/Edit commands to prevent clash with password generator option `-n`.

* Fix #6119 - Send Unicode to clip command; Windows only understands UTF-16 encoding.

* Fix #6128 - `clip` command will default to clearing the clipboard after 10 seconds. To disable clearing set timeout to 0.
2021-04-25 07:38:21 -04:00
Jonathan White
be3e77d721 Cleanup CLI includes across all components
* Remove unused include files
* Move includes out of widely shared headers (reduced rebuild time)
* Consolidate code for Analyze command
2021-04-25 07:38:21 -04:00
Martin Mokrejs
dc496fd1d9 Better description text for Key File change dialog 2021-04-24 13:47:28 -04:00
Jonathan White
80809ace67 Replace all crypto libraries with Botan
Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out.

The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt.

Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's.

Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead.

Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan.

Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR.

NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established.

Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots.

Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG.

Greatly simplified Secret Service plugin's use of crypto functions with Botan.
2021-04-05 22:56:03 -04:00
Jonathan White
871c4fffdd OPVault: Use Text instead of Name for attribute and section names
* Fix #6303 - the text attribute in 1Password contains the actual text seen in 1Password whereas the name attribute may contain a ref pointer and not a name.
2021-04-01 22:59:44 -04:00
Sami Vänttinen
c19efb5b19
Remove credential sorting from Browser Integration (#6353) 2021-03-31 23:14:29 -04:00
Patrick Klein
57af7c131d Fix favicon download from URL with non-standard port.
Fixes #5001.

The favicon download URL was constructed from scheme and host only. This is fixed by simply replacing the path of the original URL with "/favicon.ico", thus keeping scheme, host, auth and port intact.

Further modification: URL's with a non-http schema are now rejected.
2021-03-01 21:42:19 -05:00