Commit Graph

797 Commits

Author SHA1 Message Date
Janek Bevendorff
9d2e066aca Clean up various parts of the UI and rearrange settings
- Unify widget layouts and margins
- Fix tab order on a bunch of widgets
- Fix broken entry/group edit form layout and replace with grid layout
- Rearrange some settings for better logical grouping
- Fix some settings checkboxes not being enabled/disabled on load
- Fix "General" settings tab scrolling
- Rename "Root" group to "Passwords"
- Update demo.kdbx accordingly and redownload favicons
- Change entry path display to use slash separators
- Reduce Medium and Large icon sizes slightly
2020-05-30 10:45:00 +02:00
Jonathan White
90d5372813
Replace database icons with SVG's
Original source of icons is the icon8 library (http://icons8.com/c/flat-color-icons) and Paomedia (https://github.com/paomedia/small-n-flat). All icons used are licensed MIT or CC0; annotated in COPYING.

* Closes #4071

* Increase default size of database icons to 24px and entry preview panel to 48px
* Add shell script to assemble the database icons

* Use QIcon to seamlessly support High DPI displays and pixmap caching
* Add badge support for KeeShare groups and expired entries.
* Guard against use of QPixmap::fromImage without a GUI

* Add SVG minify and improve `make icons`

Co-authored-by: Wolfram Rösler <wolfram@roesler-ac.de>
2020-05-29 10:00:32 -04:00
Aetf
a1f599c7c4 Add an option to EntrySearcher to skip protected attributes 2020-05-27 22:07:25 -04:00
Aetf
44779bc862 FdoSecrets: add unit tests 2020-05-27 22:07:25 -04:00
Holger Böhnke
eb198271ac Add natural sort of entry list
Introduce a third unsorted status that shows entries in the order they occur in the KDBX file.

* Add keyboard shortcut Ctrl+Alt+Up/Down to move entries up and down in sort order
* Add entry context menu icons to achieve movement up/down
* Only show menu icons when in natural sort order
* Add Material Design icons for moving up/down

* Add feature to track non-data changes and force a save on exit to ensure they are not lost when locking a database. This allows users to make entry movements and group expand/collapse operations and not lose that state.

Remove saveas
2020-05-22 12:13:20 -04:00
Toni Spets
a1b4a3f8b7 SSH Agent: Track which database owns a key for remove-on-lock
Fixes #4532
2020-05-19 09:23:41 -04:00
Andrew Meyer
45848c3f61 Implement 'Save Database Backup' option
Add an option in the 'Database' menu to save a backup of the current database.

Add unit test for saving database copy

* Open a test database, mark it as modified, and save a copy
* Fail if the copy is not a valid database
* Fail if the original database is saved
* Fail if the original database is no longer marked as modified
2020-05-16 11:00:27 -04:00
Jonathan White
689a85a071 Make GUI tests more robust for CI 2020-05-16 00:47:01 +02:00
Jonathan White
49487f9d4a Fix changing focus around the main window using tab
* Override Qt's default [broken] behavior of handling Tab/Shift+Tab to navigate around the MainWindow. Completely fixes trapped focus.

* Improve handling of search results when navigating the UI.

* Fix selecting first entry after ending a search.

* Add keyboard shortcuts to directly focus on search (F1), Group List (F2), and Entry List (F3)

* Fixes #2878, #4636, and #4221
2020-05-14 20:21:32 -04:00
Jonathan White
5142981018 Significantly enhance hardware key robustness
* Significantly improve user experience when using hardware keys on databases in both GUI and CLI modes. Prevent locking up the YubiKey USB interface for prolonged periods of time. Allows for other apps to use the key concurrently with KeePassXC.

* Improve messages displayed to user when finding keys and when user interaction is required. Output specific error messages when handling hardware keys during database read/write.

* Only poll for keys when previously used or upon user request. Prevent continuously polling keys when accessing the UI such as switching tabs and minimize/maximize.

* Add support for using multiple hardware keys simultaneously. Keys are identified by their serial number which prevents using the wrong key during open and save operations.

* Fixes #4400
* Fixes #4065
* Fixes #1050
* Fixes #1215
* Fixes #3087
* Fixes #1088
* Fixes #1869
2020-05-14 20:19:56 -04:00
Jonathan White
a145bf9119 Complete refactor of Browser Integration classes
* Removed option to attach KeePassXC to the browser extension. Users must use the proxy application to communicate with KeePassXC.
* Significantly streamlined proxy code. Used same implementation of stdin/stdout interface across all platforms.
* Moved browser service entry point to BrowserService class instead of NativeMessagingHost. BrowserService now coordinates the communication to/from clients.
* Moved settings page definition out of MainWindow
* Decoupled BrowserService from DatabaseTabWidget
* Reduced complexity of various functions and cleaned the ABI (public vs private).
* Eliminated BrowserClients class, moved functionality into the BrowserService
* Renamed HostInstaller to NativeMessageInstaller and renamed NativeMessageHost to BrowserHost.
* Recognize XDG_CONFIG_HOME when installing native message file on Linux. Fix #4121 and fix #4123.
2020-05-14 17:14:17 -04:00
BO41
f1080d633e Add group search
* Allow searching by group using the `group:` field.
* Group hierarchies can be searched by including a '/' in the search term.
2020-05-14 16:48:57 -04:00
Jonathan White
485852c9db CLI: Use stderr for password prompt
Fixes #3398.

Convert to QTextStream for all CLI IO and greatly improve CLI tests

* Completely overhaul CLI tests to be much more streamlined and easy to read. Removed unnecessary code blocks by using existing functions.

Co-authored-by: Emma Brooks <me@pluvano.com>
2020-05-14 16:33:25 -04:00
Jonathan White
612f8d2e5b Improve OPVault handling and replace test opvault
* Fix various bugs in opvault parsing to include: TOTP parsing, date handling, naming convention, attachments, and multiple url's.

* Remove category groups that don't have any entries.

* Simplify tests by focusing on the resulting database instead of the parsing mechanics.

* Remove proprietary "freddy" opvault in favor of self-made "keepassxc" opvault.

* Fix #4069, select opvault file on macOS
2020-05-14 15:17:28 -04:00
ameyer0
560209550c
Change settings checkbox texts to positive phrasing (#4715) 2020-05-10 21:35:08 -04:00
Wolfram Rösler
3c19fdd193 Reports: Add "Known Bad" flag for entries
* Fixes #4168

* Introduce a custom data element stored with an entry to indicate that it is a "Known Bad" entry. This flag causes database reports to skip these entries.
* The current number of known bad entries is displayed in the statistics report.
* Add context menu to reports to easily exclude entries.
2020-05-08 20:51:11 -04:00
Janek Bevendorff
ad1b333601 Make CLI clip test more reliable 2020-05-06 23:10:41 +02:00
Ojas Anand
1b18c5d51d Add "Size" column
- Sizes are displayed in B, KiB, MiB, and GiB with 2 significant
  digits after the decimal
- Column is hidden by default
- TestEntryModel updated for testing proxy model
2020-05-04 00:05:28 +02:00
Janek Bevendorff
596d2cf425 Refactor Config.
Replaces all string configuration options with enum types
that can be checked by the compiler. This prevents spelling
errors, in-place configuration definitions, and inconsistent
default values. The default value config getter signature was
removed in favour of consistently and centrally default-initialised
configuration values.

Individual default values were adjusted for better security,
such as the default password length, which was increased from
16 characters to 32.

The already existing config option deprecation map was extended
by a general migration procedure using configuration versioning.

Settings were split into Roaming and Local settings, which
go to their respective AppData locations on Windows.

Fixes #2574
Fixes #2193
2020-05-02 22:30:27 +02:00
Tezkerek
6128e5d582 [CLI] On Unix, copy to clipboard using wl-clipboard if xclip is not available. 2020-04-09 15:46:44 +02:00
louib
e6c2c7ed93
CLI: Cleanup create options (#4313)
* Add ability to create database with an empty password
* Add password repeat check
* Standardize process between `db-create` and `import` commands
* Improve db-create tests with new password repeat

Co-authored-by: Jonathan White <support@dmapps.us>
2020-03-18 21:51:36 -04:00
Janek Bevendorff
b045160e4f Bundle icons using the Qt resource system.
Simplify resource loading logic and enable reproducible builds.
Fixes #2582
2020-03-14 10:13:12 -04:00
Benedikt Rascher-Friesenhausen
b2c2f42f30 Allow defining additional characters for the password generator
See issue #3271 for a motivation of this feature.

This patch adds an additional text input to the advanced view of the password generator.  All characters of this input field (if not empty) will be added as another group to the password generator.  The characters from the excluded field have precedence over the characters from this new field, meaning any character added to both fields will *not* appear in any generated password.  As the
characters from this new field will be added as their own group to the password generator, checking the 'Include characters from every group' checkbox will
force at least character to be chosen from the new input field.

The `PasswordGenerator` class has also been changed so that the `isValid` method returns `true` if only characters from the new input field would be used.

There is a new, simple test that covers the new feature.  While the test only uses ASCII characters, any Unicode characters can be used with the new feature.
2020-03-09 23:35:55 -04:00
Toni Spets
dce9af219f SSH Agent: Integration tests against ssh-agent
Windows testing is currently explicitly disabled due to too many different scenarios to run an agent and MSYS2 having its own.
2020-03-09 23:09:28 -04:00
Jonathan White
fb5173cebd Remove inline password generator when editing entries
* Always use a pop-up generator to avoid cluttering the user interface and making it clear that a password is being created
2020-03-09 18:03:20 -04:00
Jonathan White
fe1189ea79 Enhance Password Editing Fields
* Remove repeat password on entry edit
* Move show/hide password and password generator buttons into the field as actions.
* Register keyboard shortcut Ctrl+H to toggle password visibility
* Register keyboard shortcut Ctrl+G to open the password generator
* Cleanup code and improve interactions between elements
* Simplify Password Generator button layout; convert advanced mode button to toggle button
* Update GUI tests

* Fixes #4120
2020-03-09 18:03:20 -04:00
Jonathan White
1d7ef5d4eb Move theme detection into Application
* Add function to Application to quickly determine if in light or dark theme
* Add kpxcApp symbol
* Explicitly define main function for GUI tests to improve performance and use custom Application.
2020-03-09 18:03:20 -04:00
Jonathan White
91c6e436b3 Dynamically determine database validity
* Check that the database composite key exists, has sub-keys associated with it, and the root group exists.
2020-03-07 16:52:24 -05:00
Carlo Teubner
f62e0534a2 Fixes for minor issues found by static analysis
Mostly style issues.

I used the following tools to find most of these:

- lgtm.com
- clang-tidy
- cpplint
- cppcheck
2020-02-02 08:46:58 -05:00
Jonathan White
c663b5d5fc Add braces around single line statements
* Ran clang-tidy with "readability-braces-around-statements" to find missing braces around statements.
2020-02-02 08:46:18 -05:00
Wolfram Rösler
a81c6469a8 Implement Password Health Report
Introduce a password health check to the application that evaluates every entry in a database. Entries that fail  various tests are listed for user review and action. Also moves the statistics panel to the new Database -> Reports  widget. Recycled entries are excluded from the results.

We now have two classes, PasswordHealth to deal with a single password and HealthChecker to deal with all passwords of a database.

Tests include passwords that are expired, re-used, and weak.

* Closes #551

* Move zxcvbn usage to a centralized class (PasswordHealth)  and replace its usages across the application to ensure standardized interpretation of entropy calculations.

* Add new icons for the database reports view

* Updated the demo database to show off the reports
2020-02-01 09:30:12 -05:00
James Ring
71a39c37ec
Add --username option to Clip command. (#3947)
* make Clip accept an attribute name

This allows users to copy arbitrary attributes (e.g. username, notes,
URL) to the clipboard in addition to the password and TOTP values.

* update Clip manpage

* Add findAttributes to CLI utils

* Use case-insensitive search in Show command.

* Use case-insensitive search in Clip command.

Co-authored-by: louib <L0U13@protonmail.com>
2020-01-30 15:46:48 -05:00
louib
0b6d9cb472 CLI: set decryption time on create.
Added an option to set the target decryption time on database creation
for the CLI create command. This required some refactoring, in
particular the extraction of the min, max and defaut decryption times in
the `Kdf` module. Some work was done to allow changing those constant
only in the `Kdf` module, should we ever want to change them.
2020-01-27 23:00:34 -05:00
Toni Spets
6fc7be78ea Implement SSH key file path env substitution
Supports all platforms, including Windows with %FOO% syntax.

Fixes #3523
2020-01-27 22:57:31 -05:00
Jonathan White
b0ad4a50d9
Fix GUI test failures 2020-01-27 21:02:50 -05:00
louib
b78ca924fd Adding db-info CLI command. (#4231)
This adds a basic db-show CLI command, to display
the information related to a database.
2020-01-26 23:44:31 -05:00
louib
c8ab3b5f4f Removing QColor (from Qt::Widgets) from core modules. (#4247) 2020-01-26 21:38:43 -05:00
varjolintu
d2e76058cd Fix base domain matching 2020-01-19 18:13:12 +01:00
Jonathan White
0d3eb047c7 Prevent crash when all entries are deleted from a group
* Fix #4093 - The first entry in the list is selected after deleting an entry
* Prevents crashes due to dangling pointers held by the Entry Preview Widget when entries were deleted.
* Improve GUI tests to ensure this new behavior occurs.
2020-01-16 10:53:41 -05:00
Janek Bevendorff
247ebf5a35 Ensure challenge-response key buffer is properly cleared.
The challenge-response key buffer is explicitly cleared
before the key transformation if no such key is configured
to ensure one is never injected into the hash even if the
database had a challenge-response key previously.

This patch also adds extensive tests for verifying that a
key change will not add any expired key material to the hash.

Fixes #4146
2020-01-11 11:16:03 +01:00
Jonathan White
7ad330eccb Improve GUI test reliability
* Explicitly resize the window to improve testing on High DPI displays
* Add additional bootstrap calls to mimic the actual application
2020-01-03 18:08:24 -05:00
Aetf
af14929af1 FdoSecrets: fix searching of entries with special characters in attributes 2020-01-02 08:04:42 -05:00
Wizz
0654ffc117 CLI: Fix keyfile from/to parameter collision in merge command
Rename 'k' to 'f' because 'k' is already used to specify the key for the target database of the merge

* Remove short -f option from keepassxc-cli.1
* Remove -f option from keepassxc-cli merge
* Add test cases covering cli options for merge
* Add functional test for merge with keys
2019-12-21 17:39:50 -05:00
varjolintu
c0796d8fb1 Add option to use entry only for HTTP Basic Auth 2019-12-21 17:28:27 -05:00
Carlo Teubner
c70ebe6dce Fix memory leaks (mostly) in tests (#3922)
This makes most tests run successfully with asan.

The GUI tests still have a bunch of leaks, some from library code, and
some that look real but which I didn't immediately manage to figure out.

* TestOpVaultReader: use QSharedPointer
2019-12-21 09:25:17 -05:00
varjolintu
c0f29cc790 Show UI warning for invalid URLs 2019-12-21 09:22:16 -05:00
Balazs Gyurak
c0b1c9e106 Run code formatter 2019-11-23 10:07:39 -05:00
varjolintu
e2c95f75f1 Fix subdomain matching 2019-11-23 07:53:09 -05:00
varjolintu
3d0964bce9 Fix URL matching 2019-11-10 08:43:10 -05:00
Jonathan White
f9d2696046 Relax strictness of TOTP Base32 validation
* Fix #3754 - Accept valid TOTP keys that require padding when converted to Base32.
* Allow use of spaces and lower case letters in the TOTP secret key.
2019-11-09 00:53:40 +01:00
Aetf
f9097c84e9 FdoSecrets: use EntrySearcher's internal search API 2019-11-08 17:37:50 -05:00
Aetf
b96c1e92a3 Expose EntrySearcher's SearchTerm for internal code usage 2019-11-08 17:37:50 -05:00
louib
f4d6b4d13a CLI: do not display protected fields by default. 2019-11-01 22:53:54 -04:00
asapelkin
98badfb4a2 some cppcheck and clang-tidy fixies 2019-11-01 22:53:28 -04:00
Jonathan White
178bea6bbc Fix building without features
* Fix #3684 - Include YubiKey headers in CLI tests 

* Skip building testguibrowser if browser integration is disabled

* Cleanup test CMakeLists
2019-10-29 23:03:39 -04:00
Jonathan White
1e694271a3 Improve Database and CLI tests 2019-10-20 18:56:41 -04:00
Jonathan White
744b4abce8 Move FileWatcher into Database class
* Fix #3506
* Fix #2389
* Fix #2536
* Fix #2230

Every database that has been opened now watch's it's own file. This allows the database class to manage file changes and detect fail conditions during saving. Additionally, all stakeholders of the database can listen for the database file changed notification and respond accordingly.

Performed significant cleanup of the autoreload code within DatabaseWidget. Fixed several issues with handling changes due to merging, not merging, and other scenarios while reloading.

Prevent database saves to the same file if there are changes on disk that have not been merged with the open database.
2019-10-20 18:56:41 -04:00
Mark Hakansson
a876b3b72f Prompt to delete recycle bin when disabling it
Fixes #3365

Add prompt to delete the recycle bin when disabling it. If the user chooses not to delete it, the recycle bin will be suffixed with "(old)" and the icon changed to the default group icon.

Also moved recycle bin creation within the database class where it belongs.
2019-10-20 17:58:15 -04:00
Jonathan White
99a2d66086 Correct issues with TOTP Setup
* Fix #3142 - Warn user when entering invalid TOTP secret key.
* Fix #773 - The TOTP dialog now listens for the copy shortcut without having to press the Copy button.

* Add ability to choose hash algorithm from the TOTP setup dialog
* Add upgrade to "otp" attribute when custom attributes are chosen to prevent data loss

Ran make format
2019-10-20 17:57:51 -04:00
varjolintu
f726d7501f Add support for multiple URLs in an entry
* Fixes #398

The new Browser Integration entry settings page has a list view with any additional URL's. These URL's are added to the entry attributes with KP2A_URL_<counter>, which means those are directly compatible with Keepass2Android.
2019-10-16 22:20:57 -04:00
Jacob Sachs
dbe15d32e5 CLI: Add Import XML command (#3572)
The CLI now contains an "import" command that creates a new database from the specified XML export. The new database is in kdbx 4 format, and does not currently accept a keyfile in database creation.

This change is required to create new databases from XML backups.

Fixes #2458
2019-10-15 22:10:45 -04:00
libklein
058b4da954 Fix entry clone modification time update (#3602)
* Add test for (unwanted) history timeinfo update when cloning entries.
* Add timeInfo test for clone with rename.
* Fixed modification time update when cloning an entry with renaming.
2019-10-05 13:58:00 -04:00
James Ring
b1eda37cca CLI: Add interactive session mode command open
This change adds a GNU Readline-based interactive mode to keepassxc-cli. If GNU Readline is not available, commands are just read from stdin with no editing or auto-complete support.

DatabaseCommand is modified to add the path to the current database to the arguments passed to executeWithDatabase. In this way, instances of DatabaseCommand do not have to prompt to re-open the database after each invocation, and existing command implementations do not have to be changed to support interactive mode.

This change also introduces a new way of handling commands between interactive and batch modes.

* Fixes #3224.
* Ran make format
2019-09-28 11:24:42 -04:00
louib
19f87ca057 CLI: Add group commands 2019-09-22 21:13:50 -04:00
louib
964478e78f CLI: Add Yubikey unlock support 2019-09-22 18:11:40 -04:00
louib
77fcde875e CLI: Export database as CSV
* Changed `Extract` to `Export` to support additional formats
* Allow database expot as CSV.  Added a `--format` option to the `Export` command for that, which defaults to xml, so the current behavior is unchanged.
*The `CsvExporter` had to be refactored a bit, but nothing major. It can
now print to a file or return a string.
2019-09-22 12:42:53 -04:00
James Ring
547c246e88 Additional database file checks in cli/Utils.unlockDatabase
Avoids prompting the user for a password if unlocking is likely to fail
due to some problem with the database file (i.e. not found, not a file,
not readable).

Add unit tests.
2019-09-22 11:19:57 -04:00
louib
c19703c39f Merge custom data only when necessary (#3475) 2019-09-16 14:01:13 -04:00
varjolintu
77be468670 Fix crash when removing custom data 2019-09-07 07:50:08 -04:00
Akinori MUSHA
41131ae48d Allow abbreviation of search field names
This allows `t:word` instead of `title:word` and `p:word` instead of `password:word`, and so on.  The rule is that an abbreviated name expands to the first field name that starts with it, with exceptions
`u:` expanding to `username:` instead of `url:` and `pw:` expanding to `password:`.
2019-09-04 22:31:15 -04:00
louib
eb1882453f CLI password generation options cleanup (#3275)
Summary of changes:
* Extract function for creating password generator from options into
`Generate` command. This function is now reused in `Add` and `Edit`
commands.
* Updated manpage with missing password generation options.
* Updated manpage with missing longer forms of password generation options.
* Added unit tests for new password generation options in `Add` and
`Edit`.
* Handle case when `-g` and `-p` options are used at the same time.

This PR adds password generation functionalities while reducing
code duplication, but at the cost of 2 small breaking changes:
* The password generation option for `Add` and `Edit` for specifying
password length is now `-L` instead of `-l`, to not clash with the
`-l --lower` option.
* The `-u` shorthand for the `--upper` option has to be removed, to not
clash with the `-u --username` option.
* Add -U variant for uppercase.
2019-08-30 22:50:32 -04:00
Jonathan White
0e0cba653f CLI: add 'analyze' subcommand for offline HIBP breach checks
This new subcommand checks all passwords in the given database against a given list of SHA-1 password hashes. Such lists are available from the "Have I Been Pwned" project at https://haveibeenpwned.com/Passwords.

Note that this support offline checking only. The HIBP project also provides a web API for checking specific hash ranges; this is not currently supported.
2019-06-25 15:37:40 -04:00
Matthias Drexler
f85642741d Autocomplete usernames based on most frequent in database
* Fixes #3126
* Limit autocompletion to the top ten used usernames
- Load common usernames when database is opened
- Transition from QLineEdit to QComboBox for usernames
- Dropdown menu of the combobox lets user choose a common username
- Common usernames are autocompleted via inline completion
- Common usernames are sorted by frequency (first) and name (second)
2019-06-23 22:22:57 -04:00
Matthias Drexler
bb8377ae6a Allow setting group icons to children groups/entries (#3273)
* Add combo menu button to apply an icon to children

- allow more options to apply icons (child groups, child entries)
- extend tests in TestGroup (applying icons for groups/entries only)
- prevent blue folder icon being set for entries (on entry creation only)

* Do not show the combo menu button for entries
2019-06-19 10:02:07 -04:00
louib
84eec03cb7 Add CLI --dry-run option for merge (#3254) 2019-06-18 21:45:24 -04:00
Balazs Gyurak
05c11d1b7c CLI: Add 'flatten' option to the 'ls' command (#3276)
* Fixes #925 
* Add 'flatten' option to CLI ls command
* Add test for Group::hierarchy() and man page for ls --flatten
* Rename group sort test to align with others
2019-06-18 20:42:19 -04:00
Jonathan White
1e915eef89 Run code formatter 2019-06-18 18:51:38 -04:00
Balazs Gyurak
09181fab13 Add group sorting feature
* Enabling sorting of groups and their children in ascending and descending direction
2019-06-18 18:51:38 -04:00
louib
04360ed552 CLI Command cleanup
This PR cleans up the `Command` classes in the CLI, introducing a
`DatabaseCommand` class for the commands operating on a database,
and a `getCommandLineParser` command to centralize the arguments
parsing and validation.

The opening of the database based on the CLI arguments and options
is now centralized in `DatabaseCommand.execute`, making it easy to
add new database opening features (like YubiKey support for the CLI).

Also a couple of bugs fixed:
  * `Create` was still using `stdout` for some error messages.
  * `Diceware` and `Generate` were not validating that the word count was an integer.
  * `Diceware` was also using `stdout` for some error messages.
2019-06-14 18:15:38 -04:00
Jonathan White
63aab99b9c
Merge branch 'release/2.4.2' into develop 2019-05-30 17:22:09 -04:00
varjolintu
5341a8215c Browser Integration tests 2019-05-29 09:24:22 -04:00
shaneknysh
7ead8e7290 Add word case option to passphrase generator (#3172)
* Closes #1933
* Adds word case options for lower, UPPER, and Title Case to passphrase generation
2019-05-24 18:23:19 -04:00
Jonathan White
2ee97ed191 Code formatting 2019-05-19 18:21:34 -04:00
Jonathan White
125a81f2ed Implement 1Password Vault Import
* Support importing 1Password vaults (.opvault folders) into KDBX database
* Entry attributes are filled based on section and field name
* Expiration dates are set for entries
* Entry URL's are set from a wider array of fields
2019-05-19 18:21:34 -04:00
Jonathan White
63855346bf Fix global Auto-Type when database locked
* Store the currently active window right when the global keyboard shortcut is triggered
* Eliminate unnecessary window raise/lower and delays on macOS
* Remove duplicate addition of macutils symbols from mac Auto-Type plugin
* Fix tests to fake trigger a global autotype sequence
2019-05-12 12:37:50 -04:00
Aetf
e121f4bc28 Add Freedesktop.org Secret Storage Spec Server Side API (Fix #1403)
This plugin implements the Secret Storage specification version 0.2.
While running KeePassXC, it acts as a Secret Service server, registered
on DBus, so clients like seahorse, python-secretstorage, or other
implementations can connect and access the exposed database in KeePassXC.

Squashed commits:

- Initial code
- Add SessionAdaptor and fix build
- The skeletons for all dbus objects are in place
- Implement collection creation and deletion
- Emit collectionChanged signal
- Implement app-wise settings page
- Implement error message on GUI
- Implement settings
- Fix uuid to dbus path
- Implement app level settings
- Add freedesktop logo
- Implement database settings page
- Change database settings to a treeview
- Move all settings read/write to one place
- Rename SecretServiceOptionsPage to SettingsWidgetFdoSecrets
- Fix selected group can not be saved if the user hasn't click on the item
- Show selected group per database in app settings
- Disable editing of various readonly widgets
- Remove unused warning about non exposed database
- Fix method signature on dbus adaptors
- Fix type derived from DBusObject not recognized as QDBusContext
- Resolve a few TODOs around error handling
- Remove const when passing DBus exposed objects
- Move dismiss to PromptBase
- Implement per collection locking/unlocking
- Fix const correctness on Item::setSecret
- Implement SecretService::getSecrets
- Rework the signal connections around collections.
- Remove generateId from DBusObject
- Per spec, use encoded label as DBus object path for collections
- Fix some corner cases around collection name changes
- Implement alias
- Fix wrong alias dbus path
- Implement encryption per spec
- Cleanup SessionCipher
- Implement searchItems for SecretService
- Use Tools::uuidToHex
- Implement Item attributes and delete
- Implement createItem
- Always check if the database is unlocked before perform any operation
- Add missing ReadAlias/SetAlias on service
- Reorganize and fix OpenSession always returning empty output
- Overhaul error handling
- Make sure default alias is always present
- Remove collection aliases early in doDelete
- Handles all content types, fix setProperties not working
- Fix sometimes there is an extraneous leading zero when converting from MPI
- Fix session encryption negotiation
- Do not expose recycle bin
- Protect against the methods not called from DBus
- Also emit collectionChanged signal when lock state changes
- Show notification when entry secret is requested
- Add a README file
- Actually close session when client disconnects
- Gracefully return alternative label when collection is locked
- Reorganize, rename secretservice to fdosecrets
- Fix issues reported by clazy
- Unify UI strings and fix icon
- Implement a setting to skip confirmation when deleting entries from DBus
- Remove some unused debugging log
- Simply ignore errors when DBus context is not available. QtDBus won't set QDBusContext when deliver property get/set, and there is no way to get a QDBusMessage in property getter/setter.
- Simplify GcryptMPI using std::unique_ptr and add unit test
- Format code in fdosecrets
- Move DBusReturnImpl to details namespace
- Fix crash when locking a database: don't modify exposedGroup setting in customData when database is deleted
- Make sure Collection::searchItems works, whether it's locked or not
- Fix FdoSecrets::Collection becomes empty after a database reload
- Fix crash when looping while modifying the list
2019-05-12 12:35:42 -04:00
Aetf
d93f33f514 Improve existing code prior to implementing FDO Secrets
* DatabaseTabWidget::newDatabase returns the created DatabaseWidget
* Emit DatabaseTabWidget::databaseOpened signal before a new tab is added
* EntrySearcher can now search attribute values including custom ones
* Add Group::applyGroupIconTo to set the group icon on the supplied entry
* Implement desktop notifications through the system tray icon
* Add DatabaseWidget::deleteEntries to delete a list of entries
* Add Aes128 in SymmetricCipher::algorithmIvSize
* Add DatabaseWidget::databaseReplaced signal
* Add a helper class to override the message box's parent (prevent bugs)
2019-05-12 12:35:42 -04:00
Jonathan White
bc891761b6
Merge branch 'release/2.4.2' into develop 2019-05-07 13:00:27 -04:00
Jonathan White
faf7a2bbb3 Robust processing of tray icon triggers
* Support double click on tray icon to always toggle window to/from tray
* Single click on tray icon will bring window to front if in background, otherwise window is toggled
* Fixes #2956
2019-05-04 16:45:03 -04:00
Sami Vänttinen
e4eee897f9 Support Database Custom Data Merging (#3002)
* Introduce _LAST_MODIFIED custom data entry that stores the last modified datetime of the database's custom data entries
* Merge custom data from source database to target
* Modify tests to be aware of _LAST_MODIFIED entry
2019-05-01 18:35:08 -04:00
Bryan Jacobs
04983ce4cd Support for RFC-compliant TOTP hashes #873 #1566
This implements support for SHA-256 and SHA-512 hash algorithms when
generating TOTP codes. These algorithms are specified by RFC6238. The
implementation is compatible with Google's OTP URL format, as well as
with the KeeOTP plugin for KeePass.

The implementation is not wired into the GUI, as the main project
developer expressed strong negative sentiment about adding more
options there. It is possible to configure codes by putting the
appropriate string into the entry's otp property, or using another
program with a less opinionated UI and a compatible on-disk format.
2019-04-15 14:23:26 -04:00
Christian Kieschnick
05bee40f0a Fix duplicate icon add in export
SharedObserver did not check for already added icons add during export
leading to duplicate icons in the target db.
2019-04-12 16:14:23 -04:00
Jonathan White
2ffefc95ae Enhance update checker
* Reduce initial update check notification to 500 ms to prevent inappropriately stealing focus from user
* Add build flag WITH_XC_UPDATECHECK which defaults to ON
* Update checks are resolved every 7 days instead of every time the application is started
* Better checks for beta builds; ignore snapshots
* Increase test cases
2019-04-11 08:52:51 -04:00
Jonathan White
4b1258f585 Correct issues with apply button
* Don't show apply button when creating new entries or groups (Fix #2191)
* Don't mark entry/group as dirty when first creating a new one (prevents unnecessary discard dialog on cancel)
* Properly enable/disable apply button when changes are made to entries and groups
* Don't show discard change warning when locking database unless their are actual changes made

NOTE: Extra pages in the group edit widget are not watched for changes yet. Requires a major refactor.
2019-04-07 19:12:45 -04:00
Jonathan White
71e375aff0 Allow copying passwords directly from searching
* Reverts removal of previously implemented feature
* Fix #2630
* Make gui search tests more robust
2019-04-07 19:12:45 -04:00
Jonathan White
0201fcd400 Improved error messages when opening database
* Reduced wording and confusion
* Streamlined delivery format
* Fix #813
2019-04-07 19:12:45 -04:00
Jonathan White
d6324feafd Fix base64 check missing '/' as valid character
* Issue introduced in 558cb3d
* Corrects loading of legacy KeePass Key Files that included a '/' in their data section. Fix #2863 and Fix #2834
2019-03-25 13:06:03 -04:00
Jonathan White
13a9ac8f57 Adding --no-password option to CLI
I also added tests for the --key-file option, which was
untested.
2019-03-24 09:23:26 -04:00
Jonathan White
fb5faf0ff5
Ran make format 2019-03-19 18:56:17 -04:00
Jonathan White
d0d1b25e5c Updates to EntrySearcher
* Only search custom named attributes
* Search attribute values in addition to keys
* Optimize search process
2019-02-25 18:09:54 -05:00
louib
fa3c959212 Fix quiet option for Merge (CLI) (#2695) 2019-02-15 08:56:29 -05:00
Aetf
e60f4278f7 Fix group signals (#2670)
* Fix group not emitting signals when modified through copyDataFrom
* Fix Group::GroupData equals wrongly compares timeInfo
2019-02-01 17:03:28 -05:00
Sami Vänttinen
891f67a1cd Select group when adding credentials from browser extension (#2637) 2019-01-30 09:48:22 -05:00
Weslly
779b529da2 Update checking feature (#2648)
* Check on startup (toggleable setting) and manually
* Option to check for pre-releases (eg, 2.4.0-beta1)
* Only included if WITH_XC_NETWORKING is enabled
2019-01-30 09:11:50 -05:00
Jonathan White
7e1b16250c Performed project-wide code formatting
* Updated format CMake command to properly
ignore new directories and files
* Added output when command is run
* Resolves #2623
2019-01-28 22:38:59 -05:00
Jonathan White
c74664097b
Fix crash when canceling save of new database (#2601)
* Fix crash when canceling save of new database
* Standardize use of DatabaseWidget::save() function
* Close new database tabs that are "discarded"
* Fixes #2604. autoSaveOnExit setting
* Re-implement autosave functionality
2019-01-25 07:20:39 -05:00
Sami Vänttinen
0da9efdbd4 Fix updating reference passwords from KeePassXC-Browser (#2218)
* Allow updating reference passwords

* Fix function change after refactor
2019-01-21 14:24:57 -05:00
Christian Kieschnick
2bfe66e840 Another attempt to make GCC happy 2019-01-04 12:38:34 +01:00
Christian Kieschnick
51d63f0e83 Fixed GCC issues for const initialization
Fixed issues reported by GCC for initialization of const variables
2019-01-04 12:28:36 +01:00
Christian Kieschnick
b204451d06 More ci issues (missing initialize for const)
Fixed issues detected in TestSharing
2019-01-04 12:11:20 +01:00
Christian Kieschnick
6e25da6a19 Fixed issues detected by test suite and ci
Fixed serialization for KeeShareSettings::ScopedCertificate
Fixed tests for KeeShareSettings serialization
Fixed tests Cli features - tests translation for recycle bin since the
tests are executed with the system locale
Fixed initialization issue in ShareObserver
2019-01-04 12:04:46 +01:00
Christian Kieschnick
3d02013513 Changed KeeShareSettings to explicitly ask
KeeShareSettings now allow to trust, untrust or ask on next import from
a specific publisher with a specific container
2019-01-03 18:22:41 +01:00
Christian Kieschnick
2e18388825 Fixed bug in FileWatcher, improved unsafe sharing
BulkFileWatcher didn't recognize added files in observed directory

Improved UI for unsecured sharing only (hide certificate ui, added
warnings and adjusted indicators)
2019-01-03 17:50:36 +01:00
Christian Kieschnick
d4c391deb2 Splitted KeeShare into secure and insecure parts
KeeShare is now supported in a secure and insecure flavor (set
CMake-Flags accordingly to allow or disallow the corresponding import
and exports)
2019-01-03 10:05:08 +01:00
Jonathan White
21de6f6163
Merge branch 'develop'
Conflicts:
	src/core/Tools.cpp
	src/sshagent/SSHAgent.cpp
2018-12-30 16:32:57 -05:00
JTL
dd5665c656 Multiple macOS fixes and include keepassxc-cli in DMG (#2165)
* Fixes including keepassxc-cli when building KeePassXC dmg on Mac.
resolves #1697
* Fix Qt search path and Properties display on macOS
* Simplify packaging POST_BUILD fixups
* Various fixes to get cli to run on macos
* Correct cli tests on macOS
* Several macOS related GUI test fixes
2018-12-28 18:32:25 -05:00
Jonathan White
b96b86bfa7 Cleanup and replumb back to functional state 2018-12-28 17:54:52 -05:00
Kyle Kneitinger
4d4c839afa Customize buttons on MessageBox and confirm before recycling (#2376)
* Add confirmation prompt before moving groups to the recycling bin

Spawn a yes/no QMessage box when "Delete Group" is selected on a group
that is not already in the recycle bin (note: the prompt for deletion
from the recycle bin was already implemented).  This follows the same
pattern and language as entry deletion.

Fixes #2125

* Make prompts for destructive operations use action words on buttons

Replace yes/no, yes/cancel (and other such buttons on prompts that cause
data to be destroyed) use language that indicates the action that it is
going to take. This makes destructive/unsafe and/or irreversible operations
more clear to the user.

Address feedback on PR #2376

* Refactor MessageBox class to allow for custom buttons

Replaces arguments and return values of type QMessageBox::StandardButton(s)
with MessageBox::Button(s), which reimplements the entire set of
QMessageBox::StandardButton and allows for custom KeePassXC buttons,
such as "Skip". Modifies all calls to MessageBox functions to use
MessageBox::Button(s).

Addresses feedback on #2376

* Remove MessageBox::addButton in favor of map lookup

Replaced the switch statement mechanism in MessageBox::addButton with
a map lookup to address CodeFactor Complex Method issue. This has a
side-effect of a small performance/cleanliness increase, as an
extra QPushButton is no longer created/destroyed (to obtain it's label
text) everytime a MessageBox button based on QMessageBox::StandardButton
is created; now the text is obtained once, at application start up.
2018-12-19 23:14:11 -05:00
louib
8ac9d0a131 Add create command to keepassxc-cli (#2540)
* Add tests for CLI::Create
2018-12-19 23:10:46 -05:00
Jonathan White
9e2be34897
Merge branch 'develop'
Conflicts:
	CMakeLists.txt
	cmake/CLangFormat.cmake
	snapcraft.yaml
	src/CMakeLists.txt
	src/core/Database.cpp
	src/core/Database.h
	src/core/Tools.cpp
	src/crypto/CryptoHash.h
	src/crypto/ssh/ASN1Key.h
	src/crypto/ssh/OpenSSHKey.cpp
	src/format/Kdbx4Reader.cpp
	src/gui/DatabaseTabWidget.cpp
	src/gui/DatabaseTabWidget.h
	src/gui/DatabaseWidget.cpp
	src/gui/DatabaseWidget.h
	src/gui/DetailsWidget.cpp
	src/gui/DetailsWidget.ui
	src/gui/EditWidgetProperties.cpp
	src/gui/EntryPreviewWidget.cpp
	src/gui/EntryPreviewWidget.ui
	src/gui/FileDialog.cpp
	src/gui/dbsettings/DatabaseSettingsDialog.cpp
	src/gui/dbsettings/DatabaseSettingsDialog.h
	src/gui/group/EditGroupWidget.cpp
	src/gui/group/EditGroupWidget.h
	src/sshagent/ASN1Key.h
	src/sshagent/OpenSSHKey.cpp
	src/sshagent/SSHAgent.cpp
	tests/CMakeLists.txt
2018-12-18 22:28:56 -05:00
louib
cb3c4893dc Move unlockDatabase to CLI/Utils (#2539)
Move unlockDatabase from Database to to cli/Utils
2018-12-11 16:49:51 +01:00
Gianluca Recchia
e81841550b
Correct checks for containers' emptiness 2018-11-28 18:29:15 -05:00
Gianluca Recchia
fc930bae69
Restore correct formatting
Many lines were not conformant with the project's formatting rules.
This patch should fix all formatting and whitespace issues in the code
base.
A clang-format directive was put around the connect() calls containing
SIGNALs and SLOTs whose signatures would be denormalized because of the
formatting rules.
2018-11-28 18:29:15 -05:00
Jonathan White
d84ba23c81
Correct refactor issues with entry selection and search (#2518)
* Align entryview selection change signals with groupview
* Eliminate redundent and confusing signals/slots
* Correct group selection canceling search
2018-11-28 16:13:56 -05:00
louib
fff0f11b33 Adding --quiet option to the CLI. (#2507) 2018-11-28 11:24:12 -05:00
Janek Bevendorff
3c362ac822 Refactor DatabaseOpenWidget/Dialog and Auto-Type Database unlocking.
This patch removes redundant lock widget members of the DatabaseWidget
and consolidates all unlocking functionality into a single
DatabaseOpenWidget (with the exception of KeePass1OpenWidget).
Distinction between different unlock actions is now done via a dedicated
Intent enum class instead of using individual widgets.

Further, the DatabaseUnlockDialog has been generalized so that it is
usable for unlock intents other than just Auto-Type and is now also
used for merging databases which is less confusing to the user.

The KeePassXC main window is no longer a parent of the
DatabaseUnlockDialog and has the Qt::ForeignWindow flag set, which
should cause fewer issues with Auto-Type trying to type into KeePassXC
after unlock instead of the intended target window.

In addition, its instance has been moved into the DatabaseTabWidget
class so that it is no longer bound to individual DatabaseWidgets,
potentially allowing for database selection during Auto-Type. The actual
selection has not yet been implemented, but Auto-Type has been adjusted
to use the currently selected tab instead of the first one as an
intermediary improvement.
2018-11-24 15:51:05 +01:00
Janek Bevendorff
d612cad09a
Refactor Database and Database widgets (#2491)
The Database, DatabaseWidget, and DatabaseTabWidget classes share many responsibilities in inconsistent ways resulting in impenetrable and unmaintainable code and a diverse set of bugs and architecture restrictions. This patch reworks the architecture, responsibilities of, and dependencies between these classes.

The core changes are:

* Move loading and saving logic from widgets into the Database class
* Get rid of the DatabaseManagerStruct and move all the information contained in it into the Database
* Let database objects keep track of modifications and dirty/clean state instead of handing this to external widgets
* Move GUI interactions for loading and saving from the DatabaseTabWidget into the DatabaseWidget (resolves #2494 as a side-effect)
* Heavily clean up DatabaseTabWidget and degrade it to a slightly glorified QTabWidget
* Use QSharedPointers for all Database objects
* Remove the modifiedImmediate signal and replace it with a markAsModified() method
* Implement proper tabName() method instead of reading back titles from GUI widgets (resolves #1389 and its duplicates #2146 #855)
* Fix unwanted AES-KDF downgrade if database uses Argon2 and has CustomData
* Improve code

This patch is also the first major step towards solving issues #476 and #2322.
2018-11-22 11:47:31 +01:00
Jonathan White
340076974e
Correct logic error in EntrySearcher and add more tests 2018-11-17 09:55:57 -05:00
Jonathan White
880c3aeb34
Add search help pop-up
* Support ! modifier (same as '-')
* Create reusable PopupHelpWidget as self-contained popup that can
be positioned around a parent widget and will follow the movement
and sizing of the window
* Eliminated KEEPASSXC_MAIN_WINDOW macro and replaced with
getMainWindow() function
* Add tests to cover search help show/hide
2018-11-17 09:04:15 -05:00
Jonathan White
4b983251cb
Add advanced search term parser
* Support quoted strings & per-field searching
* Support regex and exact matching
* Simplify search sequence
* Make search widget larger
* Add regex converter to Tools namespace
2018-11-17 08:49:50 -05:00
Jonathan White
4b57fcb563
Clean up Entry Model/View code 2018-11-17 08:49:47 -05:00
Jonathan White
d8d758f0e1
Streamlined searcher code
* Remove searching of group title and notes
* End search when selecting a new group
* Correct entry searcher tests to align with new code
2018-11-17 08:49:02 -05:00
Jonathan White
ee9c71e11e
Fix multiple issues with entries and keyboard shortcuts (#2431)
* Cleanup entry change notification with entryview focus in/out
* Change Open URL shortcut to CTRL+SHIFT+U to conform with an "action" 
including SHIFT
* Change Copy URL shortcut to CTRL+U to conform with "copy" without SHIFT
* Entry specific toolbar and menu items are disabled unless the entry
row has focus (prevents unintended actions)
* Reword security setting for password visibility in entry edit view
* Add shortcut to hide/unhide usernames (CTRL+SHIFT+B)
* Organize entry menu

* Fix #1588 - show keyboard shortcuts in context menu
* Fix #2403 - Change auto-type shortcut to CTRL + SHIFT + V
* Fix #2096 - Add (CTRL+F) to search bar background
* Fix #2031 & Fix #2266 - add shortcut to hide/unhide passwords (CTRL+SHIFT+C)
* Fix #2166 - Add reveal password button to entry preview
2018-11-16 10:00:59 -05:00
louib
f06742cf41 CLI Merge: Only save database file when modified. (#2466)
* Merge: detect if database was changed.
* Adding unit test.
* Only saving on change.
2018-11-09 21:59:16 -05:00
Felix Fontein
a7dd9f19f4 CLI: add commands to show and copy TOTP to clipboard (#2454)
* Add CLI commands show --totp and totp-clip for handling TOTPs, resolves #2429.
* Adding tests for new CLI TOTP commands
* Update keepassxc-cli man page.
2018-11-09 21:58:42 -05:00
louis
b1d481893e Adding tests for modified signal on merge. 2018-11-09 19:15:15 -05:00
Jonathan White
fa687f246e
Fix issues with group functions (#2410) 2018-10-30 08:42:35 -04:00
Janek Bevendorff
7263dcddfe
Fix stdin/stdout encoding on Windows. (#2425)
QTextStream uses the system default locale, but this breaks in
various situations: (1) It does not work on the native Windows shell
(cmd.exe, Powershell), since the default Windows locale is Windows-1252,
but the shell uses Windows-850. (2) It also breaks on *nix systems where
the locale is Latin1 or C, which is the case for most CI systems or
build servers.

We allow overriding the detected codec by setting the ENCODING_OVERRIDE
environment variable, but otherwise prefer Windows-850 on Windows and
UTF-8 on any other system, even if LANG is set to something else.

This resolves #2413
2018-10-28 19:55:00 +01:00
Janek Bevendorff
77adbef401 Reformat CMakeLists.txt files 2018-10-19 22:16:44 +02:00
Janek Bevendorff
0ca7fd369a Implement review feedback 2018-10-19 22:16:44 +02:00
Janek Bevendorff
bea31f9bcc Rename TestClock to MockClock and move it to the mock directory 2018-10-19 21:49:55 +02:00
Janek Bevendorff
108e4efc8a Fix tests on Windows 2018-10-19 21:49:55 +02:00
Janek Bevendorff
113c8eb702 Add CLI tests and improve coding style and i18n
The CLI module was lacking unit test coverage and showed some severe
coding style violations, which this patch addresses.

In addition, all uses of qCritical() with untranslatble raw char*
sequences were removed in favor of proper locale strings. These are
written to STDERR through QTextStreams and support output
redirection for testing purposes. With this change, error messages don't
depend on the global Qt logging settings and targets anymore and go
directly to the terminal or into a file if needed.

This patch also fixes a bug discovered during unit test development,
where the extract command would just dump the raw XML contents without
decrypting embedded Salsa20-protected values first, making the XML
export mostly useless, since passwords are scrambled.

Lastly, all CLI commands received a dedicated -h/--help option.
2018-10-19 21:49:54 +02:00
Christian Kieschnick
eca9c658f4
Add sharing of groups between databases
* Add source folder keeshare for sharing with corresponding define WITH_XC_KEESHARE
* Move common crypto parts to src/crypto/ssh
* Extended OpenSSHKey
* Move filewatching to own file (currently in two related classes DelayedFileWatcher and BulkFileWatcher)
* Small improvements for style and code in several classes
* Sharing is secured using RSA-Keys which are generated on demand
* Publisher signs the container using their private key
* Client can verify the signed container and choose to decline an import,
import only once or trust the publisher and automatically import all
data of this source henceforth
* Integration of settings into Group-Settings, Database-Settings and Application-Settings
* Introduced dependency QuaZip as dependency to allow combined export of
key container and the (custom format) certificate
2018-10-01 10:39:37 -04:00
Jonathan White
c1e9f45df9 Introduce synchronize merge method
* Create history-based merging that keeps older data in history instead of discarding or deleting it
* Extract merge logic into the Merger class
* Allows special merge behavior
* Improve handling of deletion and changes on groups
* Enable basic change tracking while merging
* Prevent unintended timestamp changes while merging
* Handle differences in timestamp precision
* Introduce comparison operators to allow for more sophisticated comparisons (ignore special properties, ...)
* Introduce Clock class to handle datetime across the app

Merge Strategies:
* Default (use inherited/fallback method)
* Duplicate (duplicate conflicting nodes, apply all deletions)
* KeepLocal (use local values, but apply all deletions)
* KeepRemote (use remote values, but apply all deletions)
* KeepNewer (merge history only)
* Synchronize (merge history, newest value stays on top, apply all deletions)
2018-09-30 09:36:39 -04:00
Weslly
44c9469221 Remove obsolete database repair feature 2018-09-25 21:20:47 -04:00
Janek Bevendorff
e443cde452 Add a new database settings wizard
This patch implements a new database wizard to guide users through the process
of setting up a new database and choosing sane encryption settings.

It also reimplements the master key settings to be more
user-friendly. Users can now add, change, or remove individual composite
key components instead of having to set all components at once. This
avoids confusion about a password being reset if the user only wants to
add a key file.

With these changes comes a major refactor of how database composite keys and key
components are handled. Copying of keys is prohibited and each key
exists only once in memory and is referenced via shared pointers. GUI
components for changing individual keys are encapsulated into separate
classes to be more reusable. The password edit and generator widgets
have also been refactored to be more reusable.
2018-09-25 21:12:47 +02:00
Weslly
f8b997bcf4 Add support for opening file:// urls (#2311)
* Add support for opening file:// urls
* Open file urls without file:// scheme
2018-09-20 23:49:56 -04:00
Jonathan White
1dc9f10c7f
Complete refactor of TOTP integration
* Eliminate TOTP logic from GUI elements
* Consolidate TOTP functionality under the Totp namespace
* Eliminate guessing about state and encoders
* Increased test cases
* Add entry view column for TOTP [#2132]
* General code cleanup, reduction of unnecessary steps, separation of concerns
* Rename SetupTotpDialog to TotpSetupDialog for consistency
2018-09-15 12:10:26 -04:00
Jonathan White
ca27fb06d5
Merge branch 'master'
Conflicts:
	INSTALL.md
	release-tool
	src/browser/BrowserOptionDialog.cpp
	src/browser/BrowserService.cpp
	src/browser/BrowserService.h
	src/browser/NativeMessagingBase.h
	src/browser/NativeMessagingHost.h
	src/core/Uuid.cpp
	src/gui/DatabaseTabWidget.cpp
	src/gui/DatabaseWidget.cpp
	src/gui/EditWidget.cpp
	src/gui/MainWindow.cpp
	src/gui/MainWindow.ui
	src/proxy/NativeMessagingHost.h
	src/sshagent/ASN1Key.cpp
2018-08-24 09:42:38 -04:00
Jonathan White
3b1e15ea1a Disable apply button when creating new entry/group
* Workaround to prevent data loss if apply is hit but not OK or Cancel
* Refactor required to fix this issue
2018-08-18 10:31:40 -04:00
Toni Spets
07efabed03 SSH Agent: Show MD5 fingerprint of keys
Fixes #2050
2018-07-16 18:45:20 -04:00
Toni Spets
3727d37101 SSH Agent: Expect passphrases to be in UTF-8
The previous default was to expect passphrases to be ASCII or
rather Latin-1. It would be reasonable to expect modern keys to
use UTF-8 instead.

This is a non-breaking change if passphrases only use characters
that fall within ASCII.

Fixes #2102
2018-07-14 17:07:07 -04:00
Jonathan White
470a74ee24
Merge pull request #1770 from pasdam/feature/useQuuid
Replaced Uuid with QUuid
2018-07-08 20:32:54 -04:00
Jonathan White
d06819eb6c
Merge pull request #1881 from louib/disable_merge_when_locked
Disable merge button when db is locked.
2018-07-08 19:52:58 -04:00
pasdam
b4d806ad41
Fixed issues with initial commit 2018-07-06 22:23:52 -04:00
pasdam
ad4423d226
Replaced Uuid with QUuid 2018-07-06 22:23:49 -04:00
Toni Spets
8c70856a82 SSH Agent: Fix invalid iqmp output for RSA keys
This fixes loading RSA keys to Pageant.
2018-06-26 22:52:47 -04:00
Michal Kaptur
486b99b39d Add some unit tests to Tools
Clean up and test 3 methods from Tools:
- humanReadableFileSize
- isHex
- isBase64
2018-05-22 09:28:54 +02:00
Jonathan White
aae6d09fd3
Merge branch 'master' into develop
Conflicts:
	src/CMakeLists.txt
	src/autotype/xcb/AutoTypeXCB.cpp
	src/browser/BrowserAction.cpp
	src/browser/BrowserService.cpp
	src/browser/BrowserService.h
	src/browser/BrowserSettings.h
	src/browser/NativeMessagingHost.cpp
	src/browser/NativeMessagingHost.h
	src/gui/EditWidgetIcons.cpp
	src/gui/EditWidgetIcons.h
	src/gui/MainWindow.cpp
	src/proxy/NativeMessagingHost.cpp
	tests/TestOpenSSHKey.cpp
2018-05-07 23:24:30 -04:00
louib
f25c8d3d2a Adding a GUI test. 2018-04-30 17:07:07 -04:00
Steven Noonan
c21f4b5ec2 OpenSSHKey: correctly parse aes-256-cbc/ctr keys (#1682)
AES-256 uses a 32-byte (256-bit) key size. This un-breaks the loader and
tests added for AES-256-CBC and AES-256-CTR PEM keys.

* OpenSSHKey: correctly parse encrypted PEM AES-256-CBC/AES-256-CTR keys
* OpenSSHKey: use correct key derivation for AES-256
2018-04-04 21:58:34 -04:00
Louis-Bertrand Varin
8324d03f0a Formatting the code. 2018-03-31 16:01:30 -04:00
Louis-Bertrand Varin
3eb917055e Add ClangFormat exceptions 2018-03-31 12:15:09 -04:00
Jonathan White
410d88bf99
Remove KeePassHttp plugin and qhttp (#1752)
Remove KeePassHttp plugin and qhttp
2018-03-31 11:36:18 -04:00
Daniel Wilches
240939ce3b Request confirmation to discard unsaved changes
Solves #1181
2018-03-29 18:35:08 -07:00
Janek Bevendorff
e92d5e80ee
Merge branch 'release/2.3.2' into develop 2018-03-18 01:14:42 +01:00
Joan Bruguera
f305517724 Skip the tray restore/hide test of #1595 if there's no tray (fix CI build). 2018-03-12 21:30:25 +01:00
Joan Bruguera
8646586c1a Add GUI test for issue #1595 (minus the minimize at startup case). 2018-03-12 21:30:25 +01:00
Thomas Luzat
46e8e3dbbc Test speedup (#1678)
* Tests: Speed up AutoType testing

Decrease default autotype delay to 1 to improve test suite speed by
seconds. This shaves multiple seconds off the whole test suite. In some
cases, the largest part.

Also, initialize config just creating the test instance, just in case
that it ever depends on the configuration values at that point already.

* Tests: Speed up Kdbx4 testing

This speeds up the Kdbx4 tests by using parameters optimized for speed
for the key derivation functions. On an i7-6700K the tests run close to
50% faster with this change (about 1.5s vs. 3s).
2018-03-08 10:20:25 +01:00
thez3ro
10170a555e add test case for recursive placeholders 2018-03-06 15:56:27 +01:00
thez3ro
5f9f27604b fix autotype custom attributes 2018-03-04 23:08:58 +01:00
Janek Bevendorff
199f0932bf Add additional KDBX4 upgrade tests for composite key integrity 2018-03-01 19:26:18 -05:00
Janek Bevendorff
e6c19fdcb1 Add MockChallengeResponseKey and additional composite key component test 2018-03-01 19:26:18 -05:00
Janek Bevendorff
0d4aff55bc Don't upgrade to KDBX 4 when CustomData are present only in meta data section, resolves #1565 2018-03-01 17:59:01 +01:00
Janek Bevendorff
7fbdcd3fed Add tests for newline sanitization 2018-02-26 17:27:17 +01:00
Janek Bevendorff
da52da37b3 Add additional tests for saving and reading KDBX files with custom data 2018-02-21 13:23:14 +01:00
Janek Bevendorff
5410d78bbb Properly save custom header data
Ensure adding custom data upgrades to KDBX4
Implement review feedback
2018-02-21 13:23:14 +01:00
Janek Bevendorff
114f00e1e8 Add CustomData regression tests 2018-02-21 13:23:14 +01:00
Janek Bevendorff
698b44f71c Update zxcvbn library 2018-02-21 06:18:33 -05:00
Jonathan White
397d804cdd Add tests & minor edits 2018-02-21 09:04:46 +01:00
Nick Spain
7dfcad6f8f Write regression test for #1447 2018-02-18 16:17:12 +01:00
thez3ro
7713a7b750 Add test case for reference resolution in cloned entries
Improve test suite to use smart pointers where possible
2018-02-17 18:04:29 +01:00
Toni Spets
d58e3ca34d SSH Agent: Support old AES-128-CBC encrypted keys 2018-02-11 15:31:06 +01:00
Toni Spets
d2359df2b0 SymmetricCipher: Add support for AES-128-CBC 2018-02-11 15:31:06 +01:00
thez3ro
a76c92ed9a
change inAutotype logic, preventing multiple autotype call 2018-02-04 23:13:15 +01:00
thez3ro
a9479fd662
refactor autotype sequences and entry-point functions 2018-02-04 23:13:15 +01:00
thez3ro
065a85e05c
fix effective autotype sequence 2018-02-04 23:13:15 +01:00
Toni Spets
cbb70cdc7c SSH Agent: Support old unencrypted DSA and RSA keys 2018-02-04 15:59:08 +02:00
Janek Bevendorff
17e3f1c21f Create history item when setting up a TOTP seed, resolves #1445 2018-02-01 19:16:17 +01:00
Jonathan White
8c8a61ddfe
Disable auto save for GUI tests 2018-01-28 14:06:17 -05:00
Janek Bevendorff
b7c5283a66
Move duplicate attachment test to TestKeePass2Format, so it's also run for KDBX3 2018-01-25 02:27:42 +01:00
Janek Bevendorff
6a97a6dafc
Add test for catching KDBX4 attachment mapping errors 2018-01-25 01:49:19 +01:00
Janek Bevendorff
7a6850d5fe Move useful QTest template specializations to global header file
Fix KDBX test linker errors on Windows
2018-01-24 13:32:37 +01:00
Janek Bevendorff
8dd6cdeb69
Fix history truncation based on max size and extend unit tests 2018-01-23 02:31:29 +01:00
Christian Kieschnick
258438f01f
Fix code-style issues
Fixed issues pointed out during review
2018-01-23 00:57:04 +01:00
Christian Kieschnick
943dc6cdd6
Add tests for modified, fix history for autotype
Added tests to ensure #1387 works
Fixed issue detected during testing - AutoTypeAssociations were not
pushed to history
2018-01-23 00:57:01 +01:00
Fonic
8c78aca69e Code cleanup
Comprehensive code cleanup:
- formatting
- comments
- obsolete code
2018-01-21 15:17:05 +01:00
Fonic
9ff648177c Update entry model test to account for additional column 'Paperclip'
Update comparison values of modelProxy->columnCount() to account for
additional column 'Paperclip'
2018-01-21 15:17:05 +01:00
Fonic
66291ecc38 Update GUI test to account for changed column indices
Update clicks within entry view referencing column indices to account
for changed column indices due to new way of showing/hiding column Entry
Model::ParentGroup. This column now has fixed index 0 wether it's shown
or hidden, thus all indices need to be shifted by +1 when not in search
mode
2018-01-21 15:17:05 +01:00
Fonic
268035ff9e Update entry model test to account for additional columns
Update comparison values of modelProxy->columnCount() to account for
additional columns 'Password', 'Notes', 'Expires', 'Created', 'Modified',
'Accessed' and 'Attachments'
2018-01-21 15:17:05 +01:00
Janek Bevendorff
e20cecf7aa
Remove obsolete ToDbExporter tests 2018-01-18 01:51:41 +01:00
Janek Bevendorff
679a7b6ec2
Add test for KDBX 2 -> 3 upgrade 2018-01-18 01:51:39 +01:00
Janek Bevendorff
a595239624
Refactor and extend file format tests 2018-01-18 01:51:37 +01:00
Janek Bevendorff
cdefc7ea9b
Fix KDBX reader tests not being executed 2018-01-18 01:51:34 +01:00
Janek Bevendorff
98591c3bc0 Add tests for FileKey::Type 2018-01-14 18:26:28 -05:00
Janek Bevendorff
90380adc90
Fix test compilation errors
* Use legacy AES-KDF mode for KeePass1Reader
2018-01-13 14:25:02 -05:00
Janek Bevendorff
a6ddc22fb8
Refactor database readers/writers and XML handling
* Refactor Kdbx*Reader
* Refactor KdbxWriter
* Refactor KdbxXmlReader
* Refactor KdbxXmlWriter
2018-01-13 14:24:58 -05:00
Janek Bevendorff
72a1c65d00
Fix memory leaks in tests 2018-01-13 14:24:58 -05:00
Janek Bevendorff
ccfd7a065c
Fix coding style and GUI test 2018-01-13 14:24:57 -05:00
angelsl
564188b0d3
Report database read failure reason in tests 2018-01-13 14:24:55 -05:00
Jonathan White
bef7ba2cfe
Implements KDBX4 format with Argon2 KDF
* Adds KDBX4 reader/writer interfaces
* Adds KDBX4 XML reader/write interfaces
* Implements test cases for KDBX4
* Fully compatible with KeePass2
* Corrects minor issues with Argon2 KDF
2018-01-13 14:24:55 -05:00
Jonathan White
7dba788d09
Correct failure in GUI tests due to widget name 2018-01-13 14:24:54 -05:00
Jonathan White
9140893cd3
Correct Endian function use in Random tests 2018-01-13 14:23:29 -05:00
Janek Bevendorff
15648991fc
Refactor Kdf class, remove fields concept 2018-01-13 14:23:28 -05:00
angelsl
3461cbfb06
Rename KeePass2{,Xml}{R,W} to Kdbx3{,Xml}{R,W}, and add a redirection class
This class will in future select Kdbx4{R,W} as appropriate.
2018-01-13 14:23:26 -05:00
angelsl
6a0d05e1ef
Add support for various algorithms for kdbx4
* Add SHA512 support to CryptoHash
* Add ChaCha20 support
* Add HMAC support
* Add new HmacBlockStream, used in KDBX 4
* Add support for ChaCha20 protected stream
2018-01-13 14:23:26 -05:00
angelsl
4532108678
Add support for KDFs and cyphers to the db settings widget 2018-01-13 14:23:25 -05:00
angelsl
2e19af5032
Pull out KDFs into their own class hierarchy
In preparation for multiple KDFs in KDBX 4
2018-01-13 14:23:20 -05:00
frostasm
3720c5ef79 Add test for drag and drop database files into main window 2018-01-03 16:12:05 +02:00
thez3ro
6d046f251e
Remove minus since it's an invalid literal 2018-01-03 12:56:18 +01:00
thez3ro
e803076063
improve regex filtering 2018-01-03 12:56:18 +01:00
thez3ro
a02a49a184
add test for syntax checking 2018-01-03 12:56:18 +01:00
Janek Bevendorff
60b3037e4a Add additional unit tests for key file generation 2017-12-27 01:21:49 +01:00
Jonathan White
d217da421f Correct test failures in mingw 2017-12-25 11:10:30 -05:00
frostasm
ed0bda98a6 Fix failing entry model test for attachment name and size 2017-12-25 14:36:41 +02:00
Aleksa Sarai
9f8943c89b keepassxc-cli show: resolve references in output (#1280)
* core: database: make UUID searching case-insensitive

4c4d8a5e84 ("Implement search for reference placeholder based on
fields other than ID") changed the semantics of searching-by-reference
in KeePassXC. Unforuntately it contained a bug where it implicitly
became case-sensitive to UUIDs, which broke existing databases that used
references (especially since the default reference format uses a
different case to the UUID used while searching).

The tests didn't catch this because ->toHex() preserves the case that it
was provided, they have been updated to check that UUIDs are case
insensitive.

* cli: show: resolve references in output

Previously, `keepassxc-cli show` would not resolve references. This
would make it quite hard to script around its output (since there's not
interface to resolve references manually either). Fix this by using
resolveMultiplePlaceholders as with all other users of ->password() and
related entry fields.

Fixes: keepassxreboot/keepassxc#1260

* tests: entry: add tests for ref-cloned entries

This ensures that the most "intuitive" current usage of references
(through the clone feature of the GUI) remains self-consistent and
always produces the correct results. In addition, explicitly test that
case insensitivity works as expected. These should avoid similar
regressions in reference handling in the future.

* http: resolve references in AccessControlDialog

The access control dialog previously would not show the "real" username
or "real" title when asking for permission to give access to entries.
Fix this by resolving it, as we do in many other places.

Fixes: keepassxreboot/keepassxc#1269


Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2017-12-17 10:44:12 -05:00
Jonathan White
0141fa2f1c
Correct memory leaks in TestGroup.cpp 2017-12-12 23:46:25 -05:00
Jonathan White
28ad6ed552 Merge branch 'master' into develop 2017-12-11 21:10:25 -05:00
frostasm
d99dee9c40 Small refactoring related to references placeholders 2017-11-30 20:07:16 +02:00
Martin Unzner
d4d0f4c131 Add failing test for complete entry resolution 2017-11-30 20:07:16 +02:00
frostasm
4c4d8a5e84 Implement search for reference placeholder based on fields other than ID 2017-11-30 20:07:16 +02:00
frostasm
806dd5d783 Add unit test to search for referenced entries based on fields other than ID 2017-11-30 20:07:16 +02:00
Michal Kaptur
0ff75e7a88 Fixed memory leaks in non-gui tests
Fixed 2 memory leaks in production code and a few in testcases. As a
result leak_check_at_exit ASAN option does not need to turned off for
non-gui tests.
Smart pointers should be used elsewhere for consistency, but the sooner
this fixes are delivered, the lesser memory leaks are introduced.
2017-11-27 23:36:09 +01:00
Janek Bevendorff
8651736e61
Merge branch 'release/2.2.3' into develop 2017-11-26 18:23:48 +01:00
Toni Spets
a0bfa710be Add missing crypto init to OpenSSHKey test 2017-11-25 11:32:13 +02:00
Louis-Bertrand Varin
f25c23c051 Adding tests for Group::clone 2017-11-21 14:24:24 -05:00
Louis-Bertrand Varin
9603c91877 Merge : Synchronising groups. 2017-11-21 14:06:40 -05:00
Weslly
19ac36b965
Change QTotp class name to Totp 2017-11-20 22:25:09 -02:00
Joel Smith
8ca52ba8f9 Add initial Steam TOTP support
* Add the concept of custom TOTP encoders, each with potential for custom
  code alphabet, length, step interval and code direction (i.e. reversed)
* Select custom encoder via overload of the digits field of a loaded entry
* Allow selection of custom encoders via the "TOTP Settings" field's
  size, as currently done by KeeTrayTOTP for Steam. Use "S" for the
  short name of the Steam custom encoder
* Allow selection of custom encoders via the "otp" field by appending
  a "&encoder=<name>" field to the URL query. For example,
  "&encoder=steam"
* Update TOTP set-up dialog to permit selection between (default,
  steam, custom) settings.
2017-11-20 17:08:01 -07:00
Toni Spets
4840c2c64f SSH agent support 2017-11-19 14:38:59 +02:00
Toni Spets
a81a5fa31b SymmetricCipher: Support CTR mode
Includes AES-256-CTR non-stream tests
2017-11-19 14:38:59 +02:00
thez3ro
d6e8e1be6e
use QTemporaryFile when creating a database for guitest 2017-11-02 20:07:41 +01:00
thez3ro
c3c67f18b8
add test for DB creation 2017-11-02 20:07:41 +01:00
Jonathan White
4e7f2c6a4f
Fix apply button not saving new entries 2017-10-28 09:23:45 -04:00
frostasm
1f5a0c0130 Add test for resolved placeholders in window association title 2017-10-23 22:55:22 +03:00
Jonathan White
1a4303bbce Added tests for retention of entry history after merge 2017-10-21 22:49:20 -04:00
Janek Bevendorff
b510243dd8
Merge branch 'release/2.2.2' into develop 2017-10-21 22:23:27 +02:00
Adolfo E. García
f1d99dd0ed Improve testing of Base32 2017-10-21 13:15:02 +02:00
Adolfo E. García
24f560aaa2 Replace Optional with QVariant 2017-10-21 13:15:02 +02:00