mirror of
https://github.com/keepassxreboot/keepassxc.git
synced 2024-12-27 08:19:47 -05:00
e121f4bc28
This plugin implements the Secret Storage specification version 0.2. While running KeePassXC, it acts as a Secret Service server, registered on DBus, so clients like seahorse, python-secretstorage, or other implementations can connect and access the exposed database in KeePassXC. Squashed commits: - Initial code - Add SessionAdaptor and fix build - The skeletons for all dbus objects are in place - Implement collection creation and deletion - Emit collectionChanged signal - Implement app-wise settings page - Implement error message on GUI - Implement settings - Fix uuid to dbus path - Implement app level settings - Add freedesktop logo - Implement database settings page - Change database settings to a treeview - Move all settings read/write to one place - Rename SecretServiceOptionsPage to SettingsWidgetFdoSecrets - Fix selected group can not be saved if the user hasn't click on the item - Show selected group per database in app settings - Disable editing of various readonly widgets - Remove unused warning about non exposed database - Fix method signature on dbus adaptors - Fix type derived from DBusObject not recognized as QDBusContext - Resolve a few TODOs around error handling - Remove const when passing DBus exposed objects - Move dismiss to PromptBase - Implement per collection locking/unlocking - Fix const correctness on Item::setSecret - Implement SecretService::getSecrets - Rework the signal connections around collections. - Remove generateId from DBusObject - Per spec, use encoded label as DBus object path for collections - Fix some corner cases around collection name changes - Implement alias - Fix wrong alias dbus path - Implement encryption per spec - Cleanup SessionCipher - Implement searchItems for SecretService - Use Tools::uuidToHex - Implement Item attributes and delete - Implement createItem - Always check if the database is unlocked before perform any operation - Add missing ReadAlias/SetAlias on service - Reorganize and fix OpenSession always returning empty output - Overhaul error handling - Make sure default alias is always present - Remove collection aliases early in doDelete - Handles all content types, fix setProperties not working - Fix sometimes there is an extraneous leading zero when converting from MPI - Fix session encryption negotiation - Do not expose recycle bin - Protect against the methods not called from DBus - Also emit collectionChanged signal when lock state changes - Show notification when entry secret is requested - Add a README file - Actually close session when client disconnects - Gracefully return alternative label when collection is locked - Reorganize, rename secretservice to fdosecrets - Fix issues reported by clazy - Unify UI strings and fix icon - Implement a setting to skip confirmation when deleting entries from DBus - Remove some unused debugging log - Simply ignore errors when DBus context is not available. QtDBus won't set QDBusContext when deliver property get/set, and there is no way to get a QDBusMessage in property getter/setter. - Simplify GcryptMPI using std::unique_ptr and add unit test - Format code in fdosecrets - Move DBusReturnImpl to details namespace - Fix crash when locking a database: don't modify exposedGroup setting in customData when database is deleted - Make sure Collection::searchItems works, whether it's locked or not - Fix FdoSecrets::Collection becomes empty after a database reload - Fix crash when looping while modifying the list
93 lines
3.6 KiB
C++
93 lines
3.6 KiB
C++
/*
|
|
* Copyright (C) 2019 Aetf <aetf@unlimitedcodeworks.xyz>
|
|
*
|
|
* This program is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, either version 2 or (at your option)
|
|
* version 3 of the License.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#include "TestFdoSecrets.h"
|
|
|
|
#include "TestGlobal.h"
|
|
|
|
#include "fdosecrets/GcryptMPI.h"
|
|
#include "fdosecrets/objects/SessionCipher.h"
|
|
|
|
#include "crypto/Crypto.h"
|
|
|
|
QTEST_GUILESS_MAIN(TestFdoSecrets)
|
|
|
|
void TestFdoSecrets::initTestCase()
|
|
{
|
|
QVERIFY(Crypto::init());
|
|
}
|
|
|
|
void TestFdoSecrets::cleanupTestCase()
|
|
{
|
|
}
|
|
|
|
void TestFdoSecrets::testGcryptMPI()
|
|
{
|
|
auto bytes = QByteArray::fromHex(QByteArrayLiteral("DEADBEEF"));
|
|
|
|
auto mpi = MpiFromBytes(bytes);
|
|
auto another = MpiFromHex("DEADBEEF");
|
|
|
|
// verify it can parse the bytes in USG mode
|
|
QVERIFY(mpi.get());
|
|
QVERIFY(another.get());
|
|
|
|
// verify the number is of the correct value
|
|
QCOMPARE(gcry_mpi_cmp_ui(mpi.get(), 0xdeadbeef), 0);
|
|
QCOMPARE(gcry_mpi_cmp_ui(another.get(), 0xdeadbeef), 0);
|
|
|
|
// verify it can convert back
|
|
QCOMPARE(MpiToBytes(mpi), bytes);
|
|
QCOMPARE(MpiToBytes(another), bytes);
|
|
}
|
|
|
|
void TestFdoSecrets::testDhIetf1024Sha256Aes128CbcPkcs7()
|
|
{
|
|
auto clientPublic = MpiFromHex("40a0c8d27012c651bf270ebd96890a538"
|
|
"396fae3852aef69c0c19bae420d667577"
|
|
"ed471cd8ba5a49ef0ec91b568b95f87f0"
|
|
"9ec31d271f1699ed140c5b38644c42f60"
|
|
"ef84b5a6c406e17c07cd3208e5a605626"
|
|
"a5266153b447529946be2394dd43e5638"
|
|
"5ffbc4322902c2942391d1a36e8d125dc"
|
|
"809e3e406a2f5c2dcf39d3da2");
|
|
auto serverPublic = MpiFromHex("e407997e8b918419cf851cf3345358fdf"
|
|
"ffb9564a220ac9c3934efd277cea20d17"
|
|
"467ecdc56e817f75ac39501f38a4a04ff"
|
|
"64d627e16c09981c7ad876da255b61c8e"
|
|
"6a8408236c2a4523cfe6961c26dbdfc77"
|
|
"c1a27a5b425ca71a019e829fae32c0b42"
|
|
"0e1b3096b48bc2ce9ccab1d1ff13a5eb4"
|
|
"b263cee30bdb1a57af9bfa93f");
|
|
auto serverPrivate = MpiFromHex("013f4f3381ef0ca11c4c7363079577b56"
|
|
"99b238644e0aba47e24bdba6173590216"
|
|
"4f1e12dd0944800a373e090e63192f53b"
|
|
"93583e9a9e50bb9d792aafaa3a0f5ae77"
|
|
"de0c3423f5820848d88ee3bdd01c889f2"
|
|
"7af58a02f5b6693d422b9d189b300d7b1"
|
|
"be5076b5795cf8808c31e2e2898368d18"
|
|
"ab5c26b0ea3480c9aba8154cf");
|
|
|
|
std::unique_ptr<FdoSecrets::DhIetf1024Sha256Aes128CbcPkcs7> cipher{new FdoSecrets::DhIetf1024Sha256Aes128CbcPkcs7};
|
|
|
|
cipher->initialize(std::move(clientPublic), std::move(serverPublic), std::move(serverPrivate));
|
|
|
|
QVERIFY(cipher->isValid());
|
|
|
|
QCOMPARE(cipher->m_aesKey.toHex(), QByteArrayLiteral("6b8f5ee55138eac37118508be21e7834"));
|
|
}
|