Commit graph

949 commits

Author SHA1 Message Date
Jonathan White
6f112b11e4 Minor changes to Group API to make it more explicit
* Include check for group as recycle bin directly into the Group::isRecycled() function

* Return the original root group from Database::setRootGroup(...) to force memory management transfer
2024-03-09 15:21:46 -05:00
Janek Bevendorff
63b18084ac Set test locale to C 2024-03-09 15:21:46 -05:00
Jonathan White
f20b531430 Automatically detect USB device changes 2024-03-09 15:21:46 -05:00
Jonathan White
b7a1c620e4 Passkeys improvements (#10318)
Refactors the Passkey implementation to include more checks and a structure that is more aligned with the official specification.
Notable changes:
- _BrowserService_ no longer does the checks by itself. A new class _BrowserPasskeysClient_ constructs the relevant objects, acting as a client. _BrowserService_ only acts as a bridge between the client and _BrowserPasskeys_ (authenticator) and calls the relevant popups for user interaction.
- A new helper class _PasskeyUtils_ includes the actual checks and parses the objects.
- _BrowserPasskeys_ is pretty much intact, but some functions have been moved to PasskeyUtils.
- Fixes Ed25519 encoding in _BrowserCBOR_.
- Adds new error messages.
- User confirmation for Passkey retrieval is also asked even if `discouraged` is used. This goes against the specification, but currently there's no other way to verify the user.
- `cross-platform` is also accepted for compatibility. This could be removed if there's a potential issue with it.
- Extension data is now handled correctly during Authentication.
- Allowed and excluded credentials are now handled correctly.
- `KPEX_PASSKEY_GENERATED_USER_ID` is renamed to `KPEX_PASSKEY_CREDENTIAL_ID`
- Adds a new option "Allow localhost with Passkeys" to Browser Integration -> Advanced tab. By default it's not allowed to access HTTP sites, but `http://localhost` can be allowed for debugging and testing purposes for local servers.
- Add tag `Passkey` to a Passkey entry, or an entry with an imported Passkey.

Fixes #10287.
2024-03-09 15:21:46 -05:00
f4lkensmaz3
53d06f127d Prevent duplicate characters in "Also choose from" field of password generator (#9803)
* Fixes #9797
2024-02-04 11:50:52 -05:00
Jonathan White
b504c72563 Fix database merge crash when fdosecrets is enabled (#10136)
* Entry: re-parent before adding to new group

Adding the Entry to the Group will emit signals about the action.
Present the object with the correct parent already.

* fdosecrets: Item::Create() can fail

If an entry cannot be registered on DBus, Item::Create() will return a
nullptr. Basically, this can only happen if there is already an item
with the same UUID in the collection. The only viable option here is to
ignore the new entry.

* Merger: prevent duplicate entry when merging histories

If the source entry is newer, a copy of the entry is made. But before
moving the merged entry to the target group, it must be removed.
Otherwise there will be briefly two entries with the same UUID
in the same group/database.

Even though this is only the case during the transaction, it can still
be observed because the operations emit signals. A notable problem is
the fdosecrets feature that relies on the uniqueness of the UUID or will
otherwise run into problems because the UUID is used as part of the DBus
path.
2024-02-04 11:50:52 -05:00
Jonathan White
b1168d0233 Fix multiple TOTP issues
* Fix #9847 - don't provide TOTP values if settings are blank or completely wrong
* Fix #6838 - don't reset the ui when creating a new entry and applying TOTP to it
* Move totp source into the core folder
2024-02-04 11:50:52 -05:00
Jonathan White
c477f43c40 Passkeys: Add support for importing Passkey to entry (#9987)
---------
Co-authored-by: Jonathan White <support@dmapps.us>
2024-01-30 18:26:45 -05:00
Jonathan White
1cbbcff259 Create new UrlTools class
Includes "Fix ifdefs with UrlTools"
2024-01-30 18:26:45 -05:00
Jonathan White
416581b179 Add basic support for WebAuthn (Passkeys) (#8825)
---------

Co-authored-by: varjolintu <sami.vanttinen@protonmail.com>
Co-authored-by: droidmonkey <support@dmapps.us>
2024-01-30 18:26:45 -05:00
Jonathan White
82c1bf4ddb Fix support for referenced URL fields 2024-01-30 18:26:45 -05:00
Jonathan White
f293aad74f
Enable save button when not auto-saving non-data changes (#9634)
* Fix #9501
* Also fix bug where context menu did not update when entry moved to very top or bottom of list
2023-08-14 07:04:33 -04:00
varjolintu
cdf6cd7cd2
Disable entry level Auto-Type 2023-08-05 07:29:14 -04:00
Jonathan White
2fe647fd7a
Fix potential crash in search if an entry doesn't have a group (#9633) 2023-08-05 07:28:42 -04:00
aceArt-GmbH
13a71ff1c8
Add uuid search (#9571)
Co-authored-by: lukas <lukas.walter@aceart.de>
2023-07-15 15:28:16 -04:00
Jonathan White
b225b85644
Greatly improve performance when rendering entry view (#9398)
* Fixes #9390
* Create one QCollator per entry view instead of creating one on every sort request. This greatly improves the speed of sorting and displaying entries.
* Rewrite recursive multiple placeholder replacement to use QRegularExpression
2023-05-07 23:19:48 -04:00
Jonathan White
ebc0b3ff5f
Add support for Botan3 (#8994)
Fix Botan 3 build (#9388)

* SymmetricCipher: Fix Botan 3 build

Botan commit 819cf8fe6278a19b8266f449228f02fc28a4f784 changed Botan::Cipher_Dir to be a scoped enumeration, so the users must be adapted.

This change causes no issues with Botan 2 because normal enumeration values can also be referred to the same way scoped enumeration values are accessed.

* Auto detect Botan3

* AsyncTask: Do not use `std::result_of`

`std::result_of` was deprecated in C++17 and then it was subsequently removed in C++20. One could use `std::invoke_result_t`, but let Qt figure out the return type instead.

* Collapse Botan2 and Botan3 find package into one

* Update COPYING
2023-05-07 23:19:18 -04:00
Jonathan White
28e2806e07
Make open folder icon exempt from "Apply group icon to entry"
* Fix #9201
2023-04-16 07:16:25 -04:00
Jonathan White
86550f2253
Fix bugs with preview widget
* Add configuration to hide TOTP in preview widget (shown by default).

* Retain the visibility of TOTP and other fields when the same entry remains selected in the preview panel.

* Fix disconnecting signals when switch entries / groups. This likely is going to fix crashes because we were compounding signals when focusing in on the main window.
2023-04-03 23:21:24 -04:00
Hugo Osvaldo Barrera
102ce04b2d
Turn search reset off by default
This is more user friendly, especially to newcomers.

Fixes: https://github.com/keepassxreboot/keepassxc/issues/9145
2023-02-25 14:21:01 -05:00
Dmytro
c20104e67c
Fix db history when adding new db (#9022)
Fixes https://github.com/keepassxreboot/keepassxc/issues/8375
2023-02-18 14:02:47 -08:00
Jonathan White
a6db8ba2db Fix potential deadlock in UI when saving
This was noted as a problem in several issues and it finally occurred to me and I traced it to the fact that a timing issue sometimes allowed the file watcher to trigger a "file changed" alert right when saving starts. I fixed this by moving where the mutex lock is made for saving and preventing database reload during a save operation.
2022-10-19 10:16:17 -04:00
Wolfram Rösler
14d0732e1d Add option to display passwords in color in preview panel
Closes #4099

* Fixed bug in Application that did not set the dark theme flag when the theme was changed from dark to light.
2022-10-16 19:17:02 -04:00
Patrick Sean Klein
3fa513a78d Increase entropy required for a "good" rating to 75. 2022-10-16 19:17:02 -04:00
Jonathan White
ee55143c4a Enhance Tags / Saved Searches
* Rename "Database Tags" to "Searches and Tags"
* Separate searching for all entries and resetting the search
* Support selecting multiple tags to search against
* Fix using escaped quotes in search terms
* Make tag searching more precise
* Support `is:expired-#` to search for entries expiring within # days. Exclude recycled entries from expired search.
* Don't list tags from entries that are recycled
* Force hide tag auto-completion menu when tag editing widget is hidden. On rare occasions the focus out signal is not called when the tag view is hidden (entry edit is closed), this resolves that problem.
* Remove spaces from before and after tags to prevent seemingly duplicate tags from being created.
* Also fix some awkward signal/slot dances that were setup over time with the entry view and preview widget.

Allow changing tags for multiple entries through context menu

* Closes #8277 - show context menu with currently available tags in database and checks those that are set on one or more selected entries. When a tag is selected it is either set or unset on all entries depending on its checked state.

* Add ability to save searches and recall them from the "Searches and Tags" view
* Add ability to remove a tag from all entries from the "Searches and Tags" view
* Cleanup tag handling and widgets
2022-09-22 06:49:07 -04:00
Jonathan White
5b923aee1a Check for write permission before entering portable mode
* Fix #7585
2022-09-22 06:49:07 -04:00
louib
e7e75c1277 Adding top-level fields to CLI commands
The top-level fields are currently not accessible from the CLI, which
makes it impossible to select entries or groups based on the UUID.
There are other top-level fields I believe, like the expiry date,
but I only added the two most critical fields for the moment.
2022-09-22 06:49:07 -04:00
Nicolas Roeser
b75abaad08 Align generator logic and UI for math symbols
In the password generator widget, the checkable push button for the math
symbols is missing the GREATER-THAN SIGN (U+003E), even though it is
among the possible characters during password generation when the button
is checked. Add the missing character to the text displayed to users.

While at it, also fix a wrong comment containing the possible
characters.
2022-09-22 06:49:07 -04:00
Patrick Sean Klein
679b93b601 Correct regex escape logic
* Fixes #7776

Implement QRegularExpression::escape within Tools::convertToRegex to allow usage on older Qt versions.

Also wrap EXACT_MODIFIER patterns in a non-capture group to prevent misinterpreted regex.
2022-09-22 06:49:07 -04:00
Jonathan White
6da7188ecf Fix file dialog not appearing on snap build
Fix #7607 - Don't disable core dumps when building for snap distribution. Doing so will not allow the xdg-desktop-portal from opening the file dialog. This is because the portal attempts to call entries from /proc/[pid]/xxxx which are restricted to root when core dumps are disabled.
2022-09-22 06:49:07 -04:00
SnipFoo
4d20cb1654 Add config variable for specifying a default file name for the database 2022-09-22 06:49:07 -04:00
Patrick Sean Klein
6f28b5e2ba Limit zxcvbn entropy estimation length
Limit the use of zxcvbn based password entropy estimation to 256 bytes. After this threshold, the average per-byte entropy from the zxcvbn calculation is added for each additional byte. In practice, this produces a slightly higher entropy calculation for purely randomized passwords than zxcvbn would normally calculate. However, the time to calculate is capped leading to a much better user experience and removing unnecessary calculations.

Fixes #7712
2022-09-22 06:49:07 -04:00
louib
7cd824ae1c
Upstream Flathub patches (#7728) 2022-04-04 19:04:18 -04:00
Jonathan White
44be95cc1b Fix crash when building history changes
* Replace rarely hit asserts with defined nullptr checks when replacing references without a group
* Fix #7603
* Replace TOTP history comparison with checking the actual TOTP output instead of a compiled string
2022-04-03 13:28:39 -04:00
Jonathan White
7d7c635423 Disable debug messages in release builds
Also correct / remove various debug messages
2022-04-03 13:26:12 -04:00
Toni Spets
2b8d670f17 SSH Agent: Fix Windows agent selection, radio buttons 2022-04-02 08:47:00 -04:00
Bernhard Kirchen
aca197a96f
Add 12 hours expiration preset (#7738)
* Add hours precision to TimeDelta

* Add 12 hours expiration preset

Fixes #7369
2022-03-31 07:02:28 -04:00
Jonathan White
02602da257 Several improvements to tags editing
* Fix #7602 - Allow spaces in tag names
* Fix #7528 - Allow pasting text into the tags field. Text is split by comma creating tags for each section of text. If there are no commas then the pasted text becomes a tag.
* Fix tags editing not causing the entry to be marked as modified.
2022-03-29 18:41:31 -04:00
Janek Bevendorff
60f7744ec6 Fix translations 2022-03-20 23:31:52 +01:00
Jonathan White
cf5429a39b Allow colon in tags and sort alphabetically
* Fix #7489 - allow colon and period in tag names
* Fix #7490 - sort tags alphabetically
2022-03-20 13:33:46 -04:00
Jonathan White
0ad75ccb8f Fix missing include in alloc preventing some secure deallocations 2022-03-07 11:15:59 -05:00
Jonathan White
4f0710350f Add support for Windows Hello
* Special thanks to @HexF and @smlu for their contributions towards this feature.

* Add MVP support for Windows Hello as a Quick Unlock solution using the WinRT API. This works by signing a random challenge vector with the Windows Hello protected key store (typically from TPM). The signed challenge is hashed using SHA-256 and then used as the encryption key to encrypt the database credentials. Credentials are encrypted using AES-256/GCM. This ensures the database password can only be decrypted following a successful authentication with Windows Hello in the future.

* Unify Touch ID and Windows Hello behavior under the Quick Unlock branding. Remove all timeout features of Touch ID as they are unnecessary and complicate the feature for no security gain.

* Quick Unlock is automatically reset only when the database key is changed vice whenever database settings are modified.

* Don't set database unlock dialog as always on top. This allows Touch ID and Windows Hello prompts to appear above the dialog properly.

* Prevent quick unlock when using AutoOpen or opening from the command line.
2022-02-22 17:53:50 -05:00
Jonathan White
a76daeb4c5 Add key serialization to support Quick Unlock 2022-02-22 17:53:50 -05:00
Toni Spets
bfbc0e5ec6 Auto-Type: Allow retyping with automatic relock
If relock after performing Auto-Type is enabled it will wait until
specified timeout before doing so.

Retype time is now configurable and is decreased from the old
hardcoded 30 seconds down to 15 seconds to keep the default a bit
more secure while still allowing the user to set it higher for
their liking.

To restore old behavior the user can set retype time to 0 which
will make the database relock instantly.

Auto-Type relock setting relocated to Auto-Type tab to group it
better with the other Auto-Type settings.
2022-02-20 16:12:16 -05:00
Jonathan White
0701d1d6cd Fix styling of database tag view in main window
* Also allow collapsing the entire left splitter instead of a dedicated option to hide the group view.
2022-02-20 15:37:22 -05:00
Toni Spets
5927821896 Auto-Type: Only match non-empty associations
Previously empty associations matched any window but since you can
use a wildcard (*) if you specifically want that this change makes
it possible to define multiple sequences for the global search
if you need to.

Additionally show empty associations in the list as "(empty)" to
better differentiate between rows if no title is set.
2022-02-08 19:07:00 -05:00
Balazs Gyurak
6897787d8f Show expired entries on DB unlock
* Show banner message about expired entries
* Add config option and expiration offset
* Only show expiry warning on first DB unlock
* Default to on with 3-day offset from expiration
2022-01-31 07:19:45 -05:00
Patrick Klein
bce8c84c26
Remove obsolete read only state from database. (#7324) 2022-01-28 21:26:53 -05:00
Jonathan White
7f92504a2d Fix wildcard window title matching in Auto-Type
* Fixes #6413
2022-01-28 19:38:30 -05:00
Xavier Valls
4a21cee98c Add tags feature
* show the tags in the entry preview
* allow searching by tag
* add a sidebar listing the tags in the database
* filter entries by tag on click
* Introduce a new TagsEdit widget that provides pill aesthetics, fast removal functionality and autocompletion
* add tests for the tags feature
* introduce the "is" tag for searching. Support for weak passwords and expired added.
2022-01-28 16:13:49 -05:00