* core: database: make UUID searching case-insensitive
4c4d8a5e84 ("Implement search for reference placeholder based on
fields other than ID") changed the semantics of searching-by-reference
in KeePassXC. Unforuntately it contained a bug where it implicitly
became case-sensitive to UUIDs, which broke existing databases that used
references (especially since the default reference format uses a
different case to the UUID used while searching).
The tests didn't catch this because ->toHex() preserves the case that it
was provided, they have been updated to check that UUIDs are case
insensitive.
* cli: show: resolve references in output
Previously, `keepassxc-cli show` would not resolve references. This
would make it quite hard to script around its output (since there's not
interface to resolve references manually either). Fix this by using
resolveMultiplePlaceholders as with all other users of ->password() and
related entry fields.
Fixes: keepassxreboot/keepassxc#1260
* tests: entry: add tests for ref-cloned entries
This ensures that the most "intuitive" current usage of references
(through the clone feature of the GUI) remains self-consistent and
always produces the correct results. In addition, explicitly test that
case insensitivity works as expected. These should avoid similar
regressions in reference handling in the future.
* http: resolve references in AccessControlDialog
The access control dialog previously would not show the "real" username
or "real" title when asking for permission to give access to entries.
Fix this by resolving it, as we do in many other places.
Fixes: keepassxreboot/keepassxc#1269
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
* Save the master seed upon first challenge so it can be used as a
challenge at a later point.
* When verifyKey() is called, verify that the challenge is successful.
* Uncheck YubiKey box to not leak information about how the database is
protected.
Signed-off-by: Kyle Manna <kyle@kylemanna.com>
* Tweak the logic so it more closely resembles other code (i.e.
trasnformKey()). Matches existing style better.
* Save the challengeResponseKey in the database structure so that
it can be referred to later (i.e. database unlocking).
Signed-off-by: Kyle Manna <kyle@kylemanna.com>
* If a removed Yubikey is to blame, re-inserting the Yubikey won't
resolve the issue. Hot plug isn't supported at this point.
* The caller should detect the error and cancel the database write.
Signed-off-by: Kyle Manna <kyle@kylemanna.com>
* Pass the master seed from the database to CompositeKey::challenge()
function which will in turn issue challenges to all selected
drivers.
Signed-off-by: Kyle Manna <kyle@kylemanna.com>
