Commit graph

10 commits

Author SHA1 Message Date
Jonathan White
6d141d4a5e
Refactor: Move to simple default builds
* Remove individual feature flags in favor of a single `KPXC_MINIMAL` flag that removes advanced features from the build. Basic features are no longer guarded by feature flags.
* Basic features: Auto-Type, Yubikey, KeeShare
* Advanced features include: Browser (and passkeys), SSH Agent, and Secret Service
* Networking, Documentation, and Update Checking remain as feature flags to accommodate various distro requirements.

This change also cleans up the main CMakeLists.txt by re-arranging some content and placing macros into a dedicated include file. The minimum CMake version was bumped to 3.16.0 to conform to our minimum Ubuntu support of Focal (20.04). This also allows us to default to C++20, we fall back to C++17 for Qt versions less than 5.15.0 due to lack of support.

Lastly this change removes the KEEPASSXC_BUILD_TYPE="PreRelease" which is never used. We only support "Snapshot" and "Release" now.
2025-05-10 15:42:26 -04:00
Jonathan White
e07eb2c82c Overhaul action states and add icons to toolbar
* Fixes #10981
2024-10-06 23:22:18 -04:00
Sami Vänttinen
6f2354c0e9
Add basic support for WebAuthn (Passkeys) (#8825)
---------

Co-authored-by: varjolintu <sami.vanttinen@protonmail.com>
Co-authored-by: droidmonkey <support@dmapps.us>
2023-10-25 10:12:55 -04:00
Thomas Hobson
f93adaa854 Add Polkit Quick Unlock Support
Closes #5991
Closes #3337 - Support fingerprint readers on Linux

Polkit allows for authentication of many means, including fingerprint scanning. Furthermore, a common interface for Quick Unlocking has been implemented, and has been replaced throughout to make implementing other quick unlock strategies easier.

Refactor QuickUnlock to use UUID stored in headers. This is a new feature using the KDBX 4 standard to store a randomly generated UUID in the public headers of the database. This enables identification of KDBX file without relying on path or filename and will eventually support persistent Quick Unlock.
2023-10-23 23:07:27 -04:00
Rosen Penev
52af8a5e2a
clang-tidy: use = default (#7999) 2023-01-29 15:47:13 -05:00
Jonathan White
4f0710350f Add support for Windows Hello
* Special thanks to @HexF and @smlu for their contributions towards this feature.

* Add MVP support for Windows Hello as a Quick Unlock solution using the WinRT API. This works by signing a random challenge vector with the Windows Hello protected key store (typically from TPM). The signed challenge is hashed using SHA-256 and then used as the encryption key to encrypt the database credentials. Credentials are encrypted using AES-256/GCM. This ensures the database password can only be decrypted following a successful authentication with Windows Hello in the future.

* Unify Touch ID and Windows Hello behavior under the Quick Unlock branding. Remove all timeout features of Touch ID as they are unnecessary and complicate the feature for no security gain.

* Quick Unlock is automatically reset only when the database key is changed vice whenever database settings are modified.

* Don't set database unlock dialog as always on top. This allows Touch ID and Windows Hello prompts to appear above the dialog properly.

* Prevent quick unlock when using AutoOpen or opening from the command line.
2022-02-22 17:53:50 -05:00
Sami Vänttinen
cd642e7fee
Add support for Browser statistics (#7197)
Co-authored-by: Jonathan White <support@dmapps.us>
2021-12-30 07:31:06 -05:00
peter
6b14b5dc27 Optimize includes across code base 2021-07-13 22:08:33 -04:00
Wolfram Rösler
83ed9a8d4e
Check passwords against the HIBP online service (#4438)
* Fixes #1083

* Add online HIBP checker dialog to the database reports widget. Permission is requested from the user prior to performing any network operations. 
* The number of times a password has been found in a breach is shown to the user.
* If no passwords are breached then a positive message is presented.

* Source of HIBP icon: https://github.com/simple-icons/simple-icons/blob/develop/icons/haveibeenpwned.svg

Authored-by: Wolfram Rösler <wolfram@roesler-ac.de>
Co-authored-by: Jonathan White <support@dmapps.us>
2020-03-29 09:39:06 -04:00
Wolfram Rösler
a81c6469a8 Implement Password Health Report
Introduce a password health check to the application that evaluates every entry in a database. Entries that fail  various tests are listed for user review and action. Also moves the statistics panel to the new Database -> Reports  widget. Recycled entries are excluded from the results.

We now have two classes, PasswordHealth to deal with a single password and HealthChecker to deal with all passwords of a database.

Tests include passwords that are expired, re-used, and weak.

* Closes #551

* Move zxcvbn usage to a centralized class (PasswordHealth)  and replace its usages across the application to ensure standardized interpretation of entropy calculations.

* Add new icons for the database reports view

* Updated the demo database to show off the reports
2020-02-01 09:30:12 -05:00