Commit Graph

22 Commits

Author SHA1 Message Date
Sami Vänttinen
7284a8062a
Fix password generator responses (#7404)
* Respond directly to the current client instead of broadcasting

* Append requestID to generate-password response
2022-02-23 17:48:50 -05:00
varjolintu
c7cdce6e33 Support for triggering Global Auto-Type from browser extension 2021-10-10 23:41:58 -04:00
m5w6
9aec84dee7 Add "parent directory match" priority between exact and host match 2021-09-20 23:53:31 -04:00
peter
6b14b5dc27 Optimize includes across code base 2021-07-13 22:08:33 -04:00
Jonathan White
80809ace67 Replace all crypto libraries with Botan
Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out.

The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt.

Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's.

Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead.

Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan.

Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR.

NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established.

Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots.

Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG.

Greatly simplified Secret Service plugin's use of crypto functions with Botan.
2021-04-05 22:56:03 -04:00
Sami Vänttinen
c19efb5b19
Remove credential sorting from Browser Integration (#6353) 2021-03-31 23:14:29 -04:00
Jonathan White
eb6f0eb346 Add search 'by-path' url for browser 2020-10-17 18:22:47 -04:00
Jonathan White
e1c2537084
Merge branch 'release/2.6.2' into develop 2020-09-27 12:11:02 -04:00
Sami Vänttinen
e391dd182d
Fix Best-Matching ..again (#5316)
Co-authored-by: Jonathan White <support@dmapps.us>
2020-09-13 10:38:19 -04:00
Sami Vänttinen
9bab5d5a33
Don't mark URL references as invalid URL (#5380) 2020-09-05 09:00:36 -04:00
piegames
6a35bbea2f Add browser service search for entries via UUID 2020-09-02 23:19:43 -04:00
varjolintu
f73855a7f2 Adjust matching with best-matching credentials enabled 2020-07-21 07:29:02 -04:00
Jonathan White
a145bf9119 Complete refactor of Browser Integration classes
* Removed option to attach KeePassXC to the browser extension. Users must use the proxy application to communicate with KeePassXC.
* Significantly streamlined proxy code. Used same implementation of stdin/stdout interface across all platforms.
* Moved browser service entry point to BrowserService class instead of NativeMessagingHost. BrowserService now coordinates the communication to/from clients.
* Moved settings page definition out of MainWindow
* Decoupled BrowserService from DatabaseTabWidget
* Reduced complexity of various functions and cleaned the ABI (public vs private).
* Eliminated BrowserClients class, moved functionality into the BrowserService
* Renamed HostInstaller to NativeMessageInstaller and renamed NativeMessageHost to BrowserHost.
* Recognize XDG_CONFIG_HOME when installing native message file on Linux. Fix #4121 and fix #4123.
2020-05-14 17:14:17 -04:00
varjolintu
d2e76058cd Fix base domain matching 2020-01-19 18:13:12 +01:00
varjolintu
c0796d8fb1 Add option to use entry only for HTTP Basic Auth 2019-12-21 17:28:27 -05:00
varjolintu
c0f29cc790 Show UI warning for invalid URLs 2019-12-21 09:22:16 -05:00
Balazs Gyurak
c0b1c9e106 Run code formatter 2019-11-23 10:07:39 -05:00
varjolintu
e2c95f75f1 Fix subdomain matching 2019-11-23 07:53:09 -05:00
varjolintu
3d0964bce9 Fix URL matching 2019-11-10 08:43:10 -05:00
varjolintu
f726d7501f Add support for multiple URLs in an entry
* Fixes #398

The new Browser Integration entry settings page has a list view with any additional URL's. These URL's are added to the entry attributes with KP2A_URL_<counter>, which means those are directly compatible with Keepass2Android.
2019-10-16 22:20:57 -04:00
Jonathan White
1e915eef89 Run code formatter 2019-06-18 18:51:38 -04:00
varjolintu
5341a8215c Browser Integration tests 2019-05-29 09:24:22 -04:00