Commit graph

35 commits

Author SHA1 Message Date
Jonathan White
08f7c6f863
Fix use of WITH_XC_X11 build flag 2022-10-17 22:55:11 +02:00
Dennis
233be1fc10 TouchID support refactoring (#8311)
Fixes #7695 - Properly set compile flags based on availability of watch unlock in the API.
2022-09-22 06:49:07 -04:00
louib
7cd824ae1c
Upstream Flathub patches (#7728) 2022-04-04 19:04:18 -04:00
Jonathan White
4cc5850c86 Fix broken documentation menu items 2022-03-20 13:33:32 -04:00
Jonathan White
4f0710350f Add support for Windows Hello
* Special thanks to @HexF and @smlu for their contributions towards this feature.

* Add MVP support for Windows Hello as a Quick Unlock solution using the WinRT API. This works by signing a random challenge vector with the Windows Hello protected key store (typically from TPM). The signed challenge is hashed using SHA-256 and then used as the encryption key to encrypt the database credentials. Credentials are encrypted using AES-256/GCM. This ensures the database password can only be decrypted following a successful authentication with Windows Hello in the future.

* Unify Touch ID and Windows Hello behavior under the Quick Unlock branding. Remove all timeout features of Touch ID as they are unnecessary and complicate the feature for no security gain.

* Quick Unlock is automatically reset only when the database key is changed vice whenever database settings are modified.

* Don't set database unlock dialog as always on top. This allows Touch ID and Windows Hello prompts to appear above the dialog properly.

* Prevent quick unlock when using AutoOpen or opening from the command line.
2022-02-22 17:53:50 -05:00
Jonathan White
12990e59ad KeeShare: Remove checking signed container
* Remove QuaZip dependency in favor of minizip
* Remove signature checks, but maintain signatures for backwards compatibility
* Remove UI components related to certificates except for personal certificate for backwards compatibility
* Default to unsigned containers (*.kdbx)
2021-12-14 23:23:23 -05:00
Aetf
e121f4bc28 Add Freedesktop.org Secret Storage Spec Server Side API (Fix #1403)
This plugin implements the Secret Storage specification version 0.2.
While running KeePassXC, it acts as a Secret Service server, registered
on DBus, so clients like seahorse, python-secretstorage, or other
implementations can connect and access the exposed database in KeePassXC.

Squashed commits:

- Initial code
- Add SessionAdaptor and fix build
- The skeletons for all dbus objects are in place
- Implement collection creation and deletion
- Emit collectionChanged signal
- Implement app-wise settings page
- Implement error message on GUI
- Implement settings
- Fix uuid to dbus path
- Implement app level settings
- Add freedesktop logo
- Implement database settings page
- Change database settings to a treeview
- Move all settings read/write to one place
- Rename SecretServiceOptionsPage to SettingsWidgetFdoSecrets
- Fix selected group can not be saved if the user hasn't click on the item
- Show selected group per database in app settings
- Disable editing of various readonly widgets
- Remove unused warning about non exposed database
- Fix method signature on dbus adaptors
- Fix type derived from DBusObject not recognized as QDBusContext
- Resolve a few TODOs around error handling
- Remove const when passing DBus exposed objects
- Move dismiss to PromptBase
- Implement per collection locking/unlocking
- Fix const correctness on Item::setSecret
- Implement SecretService::getSecrets
- Rework the signal connections around collections.
- Remove generateId from DBusObject
- Per spec, use encoded label as DBus object path for collections
- Fix some corner cases around collection name changes
- Implement alias
- Fix wrong alias dbus path
- Implement encryption per spec
- Cleanup SessionCipher
- Implement searchItems for SecretService
- Use Tools::uuidToHex
- Implement Item attributes and delete
- Implement createItem
- Always check if the database is unlocked before perform any operation
- Add missing ReadAlias/SetAlias on service
- Reorganize and fix OpenSession always returning empty output
- Overhaul error handling
- Make sure default alias is always present
- Remove collection aliases early in doDelete
- Handles all content types, fix setProperties not working
- Fix sometimes there is an extraneous leading zero when converting from MPI
- Fix session encryption negotiation
- Do not expose recycle bin
- Protect against the methods not called from DBus
- Also emit collectionChanged signal when lock state changes
- Show notification when entry secret is requested
- Add a README file
- Actually close session when client disconnects
- Gracefully return alternative label when collection is locked
- Reorganize, rename secretservice to fdosecrets
- Fix issues reported by clazy
- Unify UI strings and fix icon
- Implement a setting to skip confirmation when deleting entries from DBus
- Remove some unused debugging log
- Simply ignore errors when DBus context is not available. QtDBus won't set QDBusContext when deliver property get/set, and there is no way to get a QDBusMessage in property getter/setter.
- Simplify GcryptMPI using std::unique_ptr and add unit test
- Format code in fdosecrets
- Move DBusReturnImpl to details namespace
- Fix crash when locking a database: don't modify exposedGroup setting in customData when database is deleted
- Make sure Collection::searchItems works, whether it's locked or not
- Fix FdoSecrets::Collection becomes empty after a database reload
- Fix crash when looping while modifying the list
2019-05-12 12:35:42 -04:00
Jonathan White
2ffefc95ae Enhance update checker
* Reduce initial update check notification to 500 ms to prevent inappropriately stealing focus from user
* Add build flag WITH_XC_UPDATECHECK which defaults to ON
* Update checks are resolved every 7 days instead of every time the application is started
* Better checks for beta builds; ignore snapshots
* Increase test cases
2019-04-11 08:52:51 -04:00
Christian Kieschnick
d4c391deb2 Splitted KeeShare into secure and insecure parts
KeeShare is now supported in a secure and insecure flavor (set
CMake-Flags accordingly to allow or disallow the corresponding import
and exports)
2019-01-03 10:05:08 +01:00
Jonathan White
9e2be34897
Merge branch 'develop'
Conflicts:
	CMakeLists.txt
	cmake/CLangFormat.cmake
	snapcraft.yaml
	src/CMakeLists.txt
	src/core/Database.cpp
	src/core/Database.h
	src/core/Tools.cpp
	src/crypto/CryptoHash.h
	src/crypto/ssh/ASN1Key.h
	src/crypto/ssh/OpenSSHKey.cpp
	src/format/Kdbx4Reader.cpp
	src/gui/DatabaseTabWidget.cpp
	src/gui/DatabaseTabWidget.h
	src/gui/DatabaseWidget.cpp
	src/gui/DatabaseWidget.h
	src/gui/DetailsWidget.cpp
	src/gui/DetailsWidget.ui
	src/gui/EditWidgetProperties.cpp
	src/gui/EntryPreviewWidget.cpp
	src/gui/EntryPreviewWidget.ui
	src/gui/FileDialog.cpp
	src/gui/dbsettings/DatabaseSettingsDialog.cpp
	src/gui/dbsettings/DatabaseSettingsDialog.h
	src/gui/group/EditGroupWidget.cpp
	src/gui/group/EditGroupWidget.h
	src/sshagent/ASN1Key.h
	src/sshagent/OpenSSHKey.cpp
	src/sshagent/SSHAgent.cpp
	tests/CMakeLists.txt
2018-12-18 22:28:56 -05:00
Janek Bevendorff
0ca7fd369a Implement review feedback 2018-10-19 22:16:44 +02:00
Christian Kieschnick
eca9c658f4
Add sharing of groups between databases
* Add source folder keeshare for sharing with corresponding define WITH_XC_KEESHARE
* Move common crypto parts to src/crypto/ssh
* Extended OpenSSHKey
* Move filewatching to own file (currently in two related classes DelayedFileWatcher and BulkFileWatcher)
* Small improvements for style and code in several classes
* Sharing is secured using RSA-Keys which are generated on demand
* Publisher signs the container using their private key
* Client can verify the signed container and choose to decline an import,
import only once or trust the publisher and automatically import all
data of this source henceforth
* Integration of settings into Group-Settings, Database-Settings and Application-Settings
* Introduced dependency QuaZip as dependency to allow combined export of
key container and the (custom format) certificate
2018-10-01 10:39:37 -04:00
Max Kolhagen
d9fcdd2920 Add TouchID support on macOS 2018-09-18 22:42:05 -04:00
Jonathan White
410d88bf99
Remove KeePassHttp plugin and qhttp (#1752)
Remove KeePassHttp plugin and qhttp
2018-03-31 11:36:18 -04:00
Janek Bevendorff
924d472de5 Add support for pre-releases 2018-02-18 10:20:34 +01:00
Jonathan White
3e2443a861 Add support for nightly builds to release tool 2018-01-30 21:21:23 +01:00
Janek Bevendorff
f520a0f272
Deprecate KeePassHTTP and introduce WITH_XC_NETWORKING CMake option 2018-01-19 20:40:54 +01:00
varjolintu
06518c5736 keepassxc-browser 2018-01-04 21:42:20 +01:00
Toni Spets
4840c2c64f SSH agent support 2017-11-19 14:38:59 +02:00
Janek Bevendorff
ec8c99c3b2 Fix remaining uses of KEEPASSXC_SNAP_BUILD 2017-10-19 15:52:46 +02:00
Janek Bevendorff
bae9dbc407 Add distribution information to debug info screen 2017-10-19 15:52:46 +02:00
Jonathan White
91d746c5c0 Corrected issues with desktop and tray icons in snap build 2017-10-03 15:43:52 -04:00
thez3ro
65992ba6ae
Option to select extension compile-time. Fix #50 #123 2016-12-04 19:57:24 +01:00
Jonathan White
ccec84aef2 Rename application to KeePassXC and change icon (#70) 2016-11-03 00:05:30 -04:00
Felix Geyer
60daa2b41b Require libgcrypt >= 1.6.0.
Remove our own Salsa20 implementation as libgcrypt ships one
with that version.
2015-09-12 13:51:49 +02:00
Felix Geyer
eeb940c0dc Fix plugin path detection when installed with DESTDIR.
This is in no way perfect but should cover most common cases.

Closes #291
2015-05-12 22:24:59 +02:00
Felix Geyer
93ab7eb058 Use CMAKE_INSTALL_DATADIR to look for the data dir. 2015-04-08 18:07:53 +02:00
Felix Geyer
28694ae687 Add initial support for translations. 2014-05-18 01:33:22 +02:00
Felix Geyer
c2781274a0 Fix include guards of config-keepassx.h. 2014-01-18 15:30:58 +01:00
Felix Geyer
0b6b149351 Use the libgcrypt SALSA20 cipher if available. 2014-01-12 13:42:56 +01:00
Felix Geyer
fd18bc0330 Use standard GNU install dirs and make them overridable. 2013-04-29 22:17:31 +02:00
Felix Geyer
169e6327ea Disable core dumps and tracing on *nix.
But only when built in release mode.

Closes #4
2012-10-21 12:33:00 +02:00
Felix Geyer
17d0fb9963 Add include guards. 2012-01-01 21:57:13 +01:00
Felix Geyer
567dd92d4c Add built-in icons. 2010-09-19 21:22:24 +02:00
Felix Geyer
bd1ea05017 Fix parser and add unit tests. 2010-08-13 18:08:06 +02:00