Commit graph

76 commits

Author SHA1 Message Date
varjolintu
8f45431ecb Create new UrlTools class 2023-10-23 22:53:59 -04:00
Patrick Sean Klein
e16c007d43 Correct regex escape logic
* Fixes #7776

Implement QRegularExpression::escape within Tools::convertToRegex to allow usage on older Qt versions.

Also wrap EXACT_MODIFIER patterns in a non-capture group to prevent misinterpreted regex.
2022-06-05 21:58:52 -04:00
Jonathan White
4f0710350f Add support for Windows Hello
* Special thanks to @HexF and @smlu for their contributions towards this feature.

* Add MVP support for Windows Hello as a Quick Unlock solution using the WinRT API. This works by signing a random challenge vector with the Windows Hello protected key store (typically from TPM). The signed challenge is hashed using SHA-256 and then used as the encryption key to encrypt the database credentials. Credentials are encrypted using AES-256/GCM. This ensures the database password can only be decrypted following a successful authentication with Windows Hello in the future.

* Unify Touch ID and Windows Hello behavior under the Quick Unlock branding. Remove all timeout features of Touch ID as they are unnecessary and complicate the feature for no security gain.

* Quick Unlock is automatically reset only when the database key is changed vice whenever database settings are modified.

* Don't set database unlock dialog as always on top. This allows Touch ID and Windows Hello prompts to appear above the dialog properly.

* Prevent quick unlock when using AutoOpen or opening from the command line.
2022-02-22 17:53:50 -05:00
Jonathan White
7f92504a2d Fix wildcard window title matching in Auto-Type
* Fixes #6413
2022-01-28 19:38:30 -05:00
varjolintu
7efaca6fbe Accept kdbx:// urls in Edit Entry view 2021-12-30 08:14:30 -05:00
osx user
15d1b2f0ab Show what changed between entry history items
* Also show what is changed on the current state
* Closes #2621
2021-12-22 05:52:54 -05:00
Jonathan White
12990e59ad KeeShare: Remove checking signed container
* Remove QuaZip dependency in favor of minizip
* Remove signature checks, but maintain signatures for backwards compatibility
* Remove UI components related to certificates except for personal certificate for backwards compatibility
* Default to unsigned containers (*.kdbx)
2021-12-14 23:23:23 -05:00
louib
004f2b6801 Removing QWidget dependency from src/core. 2021-11-12 07:41:30 -05:00
Patrick Klein
84ff6a13f9
Allow specifing database backup paths. (#7035)
- Default backupFilePath is '{DB_FILENAME}.old.kdbx' to conform to existing standards
- Implement backupPathPattern tests.
- Show tooltip on how to format database backup location text field.
2021-11-07 17:41:17 -05:00
Chih-Hsuan Yen
3b3bc42e10
Fix broken browser integration since #6899 (#7030) 2021-10-09 11:22:44 -04:00
varjolintu
4c10e516c3 Add delete-entry command to Browser Integration API 2021-09-21 04:17:14 -04:00
Jonathan White
9b2b861a2a Removed / Consolidated unnecessary header files 2021-07-13 22:08:33 -04:00
peter
6b14b5dc27 Optimize includes across code base 2021-07-13 22:08:33 -04:00
Jonathan White
80809ace67 Replace all crypto libraries with Botan
Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out.

The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt.

Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's.

Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead.

Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan.

Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR.

NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established.

Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots.

Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG.

Greatly simplified Secret Service plugin's use of crypto functions with Botan.
2021-04-05 22:56:03 -04:00
Sami Vänttinen
9bab5d5a33
Don't mark URL references as invalid URL (#5380) 2020-09-05 09:00:36 -04:00
Toni Spets
7c39907251 Substitute tilde with USERPROFILE on Windows
The substitution is now more shell-like and tilde is only replaced
from the beginning of the path if it is trailed by a slash.
2020-07-18 09:24:22 -04:00
Jonathan White
c663b5d5fc Add braces around single line statements
* Ran clang-tidy with "readability-braces-around-statements" to find missing braces around statements.
2020-02-02 08:46:18 -05:00
Toni Spets
6fc7be78ea Implement SSH key file path env substitution
Supports all platforms, including Windows with %FOO% syntax.

Fixes #3523
2020-01-27 22:57:31 -05:00
Jonathan White
9da07f2f66 Don't mark cmd:// urls as invalid
* Due to the complexity of cmd:// type url's, avoid trying to parse them for validity once the initial scheme is entered.

* Fixes #4138
2020-01-13 15:29:02 -05:00
varjolintu
c0f29cc790 Show UI warning for invalid URLs 2019-12-21 09:22:16 -05:00
Aetf
329701a34e Secret Service Integration Fixes (#3761)
* FdoSecrets: create prompt object only when necessary

* FdoSecrets: negotiationOutput should always return a valid QVariant otherwise QDBus will fail to create a reply, causing timeout in client.

* FdoSecrets: include in debug info
2019-11-07 21:28:49 -05:00
Jonathan White
0e0cba653f CLI: add 'analyze' subcommand for offline HIBP breach checks
This new subcommand checks all passwords in the given database against a given list of SHA-1 password hashes. Such lists are available from the "Have I Been Pwned" project at https://haveibeenpwned.com/Passwords.

Note that this support offline checking only. The HIBP project also provides a web API for checking specific hash ranges; this is not currently supported.
2019-06-25 15:37:40 -04:00
Jonathan White
2ee97ed191 Code formatting 2019-05-19 18:21:34 -04:00
Jonathan White
d6324feafd Fix base64 check missing '/' as valid character
* Issue introduced in 558cb3d
* Corrects loading of legacy KeePass Key Files that included a '/' in their data section. Fix #2863 and Fix #2834
2019-03-25 13:06:03 -04:00
louib
a58e3d5ee0 Adding debug info to CLI.
Adding debug info to the CLI and the general option
of the main Qt app. Also took time to:
* use `EXIT_SUCCESS`/`EXIT_FAILURE` constants
for main.cpp (this is what is used in `src/cli`);
* fixed `m_initalized` typo;
* added info on debugging mode being disabled
or not;
* regrouped Qt related stuff in the debug output.
2019-03-24 08:35:33 -04:00
Sami Vänttinen
891f67a1cd Select group when adding credentials from browser extension (#2637) 2019-01-30 09:48:22 -05:00
Jonathan White
7e1b16250c Performed project-wide code formatting
* Updated format CMake command to properly
ignore new directories and files
* Added output when command is run
* Resolves #2623
2019-01-28 22:38:59 -05:00
Jonathan White
21de6f6163
Merge branch 'develop'
Conflicts:
	src/core/Tools.cpp
	src/sshagent/SSHAgent.cpp
2018-12-30 16:32:57 -05:00
Toni Spets
c34b0069ff SSH Agent: Add support for OpenSSH for Windows (#1994)
* Fixed missing includes in Bootstrap.cpp
2018-12-25 14:28:02 -05:00
Wojtek Gumuła
c630214915 Warn user if deleting entries that are referenced. (#1744)
On warning, references can be replaced with original values or ignored.
Removal process can be also skipped for each conflicting entry. Resolves #852.
2018-12-24 18:15:46 -05:00
Jonathan White
9e2be34897
Merge branch 'develop'
Conflicts:
	CMakeLists.txt
	cmake/CLangFormat.cmake
	snapcraft.yaml
	src/CMakeLists.txt
	src/core/Database.cpp
	src/core/Database.h
	src/core/Tools.cpp
	src/crypto/CryptoHash.h
	src/crypto/ssh/ASN1Key.h
	src/crypto/ssh/OpenSSHKey.cpp
	src/format/Kdbx4Reader.cpp
	src/gui/DatabaseTabWidget.cpp
	src/gui/DatabaseTabWidget.h
	src/gui/DatabaseWidget.cpp
	src/gui/DatabaseWidget.h
	src/gui/DetailsWidget.cpp
	src/gui/DetailsWidget.ui
	src/gui/EditWidgetProperties.cpp
	src/gui/EntryPreviewWidget.cpp
	src/gui/EntryPreviewWidget.ui
	src/gui/FileDialog.cpp
	src/gui/dbsettings/DatabaseSettingsDialog.cpp
	src/gui/dbsettings/DatabaseSettingsDialog.h
	src/gui/group/EditGroupWidget.cpp
	src/gui/group/EditGroupWidget.h
	src/sshagent/ASN1Key.h
	src/sshagent/OpenSSHKey.cpp
	src/sshagent/SSHAgent.cpp
	tests/CMakeLists.txt
2018-12-18 22:28:56 -05:00
Gianluca Recchia
fc930bae69
Restore correct formatting
Many lines were not conformant with the project's formatting rules.
This patch should fix all formatting and whitespace issues in the code
base.
A clang-format directive was put around the connect() calls containing
SIGNALs and SLOTs whose signatures would be denormalized because of the
formatting rules.
2018-11-28 18:29:15 -05:00
Jonathan White
4b983251cb
Add advanced search term parser
* Support quoted strings & per-field searching
* Support regex and exact matching
* Simplify search sequence
* Make search widget larger
* Add regex converter to Tools namespace
2018-11-17 08:49:50 -05:00
Gianluca Recchia
4ac1601696
Replace old for-loops with range-based for-loops 2018-10-31 14:23:06 +01:00
Janek Bevendorff
0ca7fd369a Implement review feedback 2018-10-19 22:16:44 +02:00
Janek Bevendorff
113c8eb702 Add CLI tests and improve coding style and i18n
The CLI module was lacking unit test coverage and showed some severe
coding style violations, which this patch addresses.

In addition, all uses of qCritical() with untranslatble raw char*
sequences were removed in favor of proper locale strings. These are
written to STDERR through QTextStreams and support output
redirection for testing purposes. With this change, error messages don't
depend on the global Qt logging settings and targets anymore and go
directly to the terminal or into a file if needed.

This patch also fixes a bug discovered during unit test development,
where the extract command would just dump the raw XML contents without
decrypting embedded Salsa20-protected values first, making the XML
export mostly useless, since passwords are scrambled.

Lastly, all CLI commands received a dedicated -h/--help option.
2018-10-19 21:49:54 +02:00
Christian Kieschnick
eca9c658f4
Add sharing of groups between databases
* Add source folder keeshare for sharing with corresponding define WITH_XC_KEESHARE
* Move common crypto parts to src/crypto/ssh
* Extended OpenSSHKey
* Move filewatching to own file (currently in two related classes DelayedFileWatcher and BulkFileWatcher)
* Small improvements for style and code in several classes
* Sharing is secured using RSA-Keys which are generated on demand
* Publisher signs the container using their private key
* Client can verify the signed container and choose to decline an import,
import only once or trust the publisher and automatically import all
data of this source henceforth
* Integration of settings into Group-Settings, Database-Settings and Application-Settings
* Introduced dependency QuaZip as dependency to allow combined export of
key container and the (custom format) certificate
2018-10-01 10:39:37 -04:00
Michal Kaptur
486b99b39d Add some unit tests to Tools
Clean up and test 3 methods from Tools:
- humanReadableFileSize
- isHex
- isBase64
2018-05-22 09:28:54 +02:00
Weslly
586961013d
Disable clang-format on Tools.cpp include order 2018-04-05 08:59:42 -03:00
Weslly
9b6c589b9c
Fix build error on mac introduced on 8324d03f0a 2018-04-04 23:09:02 -03:00
Louis-Bertrand Varin
8324d03f0a Formatting the code. 2018-03-31 16:01:30 -04:00
thez3ro
a53b111182
Update and fix copyright headers 2017-06-14 15:54:43 +02:00
rockihack
cdf54b07c5 Add more detailed comment. 2017-03-02 19:24:31 +01:00
rockihack
6d69f0b547 Grant minimal access rights to the user associated with the process token. 2017-02-26 22:59:21 +01:00
rockihack
153dc620c8 Add #ifdef Q_OS_WIN guard. 2017-02-25 01:35:47 +01:00
rockihack
d0ebaff7b4 Prevent memory dumps on windows. 2017-02-25 01:12:01 +01:00
Felix Geyer
fff9e7ac46 Convert Q_FOREACH loops to C++11 for loops.
Q_FOREACH will de deprecated soon.
2016-10-02 21:45:55 -04:00
Felix Geyer
ecfbf72a57 Merge branch '2.0' 2015-12-15 21:05:00 +01:00
Felix Geyer
17ab438c5a Make sure Windows doesn't load DLLs from the current working directory. 2015-12-06 14:32:06 +01:00
Felix Geyer
2fa531745f Check XML key file for valid base64 before using it.
QByteArray::fromBase64() doesn't validate the input.

Closes #366
2015-11-01 18:32:15 +01:00