Commit graph

11 commits

Author SHA1 Message Date
Janek Bevendorff
13eb1c0bbd Improve resilience against memory attacks
To reduce residual fragments of secret data in memory after
deallocation, this patch replaces the global delete operator with a
version that zeros out previously allocated memory. It makes use of
the new C++14 sized deallocation, but provides an unsized fallback
with platform-specific size deductions.

This change is only a minor mitigation and cannot protect against
buffer reallocations by the operating system or non-C++ libraries.
Thus, we still cannot guarantee all memory to be wiped after free.

As a further improvement, this patch uses libgcrypt and libsodium
to write long-lived master key component hashes into a secure
memory area and wipe it afterwards.

The patch also fixes compiler flags not being set properly on macOS.
2019-04-21 09:39:28 -04:00
Gianluca Recchia
fc930bae69
Restore correct formatting
Many lines were not conformant with the project's formatting rules.
This patch should fix all formatting and whitespace issues in the code
base.
A clang-format directive was put around the connect() calls containing
SIGNALs and SLOTs whose signatures would be denormalized because of the
formatting rules.
2018-11-28 18:29:15 -05:00
Janek Bevendorff
e443cde452 Add a new database settings wizard
This patch implements a new database wizard to guide users through the process
of setting up a new database and choosing sane encryption settings.

It also reimplements the master key settings to be more
user-friendly. Users can now add, change, or remove individual composite
key components instead of having to set all components at once. This
avoids confusion about a password being reset if the user only wants to
add a key file.

With these changes comes a major refactor of how database composite keys and key
components are handled. Copying of keys is prohibited and each key
exists only once in memory and is referenced via shared pointers. GUI
components for changing individual keys are encapsulated into separate
classes to be more reusable. The password edit and generator widgets
have also been refactored to be more reusable.
2018-09-25 21:12:47 +02:00
Louis-Bertrand Varin
8324d03f0a Formatting the code. 2018-03-31 16:01:30 -04:00
Janek Bevendorff
871332ecf0 Add warning when using legacy key file formats. 2018-01-14 18:26:28 -05:00
Janek Bevendorff
901bf62213 Generate random 128-byte stream instead of legacy XML format when creating key files
Add API documentation for FileKey class
Resolves #1325
2017-12-26 22:37:45 +01:00
Felix Geyer
7fa0eddc5f Make C++11 mandatory. 2015-09-12 13:55:50 +02:00
Felix Geyer
6504b6f2bd Drop Qt module name from include statements.
This is a preparation to be able to build KeePassX against Qt 5.
2013-10-03 15:18:16 +02:00
Felix Geyer
68155e8f89 Make use of Q_NULLPTR. 2012-06-29 14:15:16 +02:00
Felix Geyer
6eebd95de1 Move FileKey::isHex() to Tools. 2012-05-10 18:34:51 +02:00
Felix Geyer
f215ffa3fa Implement support for key files.
Closes #5.
2011-12-21 23:22:07 +01:00