Merge pull request #1098 from hifi/feature/sshagent

SSH agent client support (KeeAgent compatible)

CMakeLists.txt

@@ -43,6 +43,7 @@ option(WITH_APP_BUNDLE "Enable Application Bundle for macOS" ON)
 option(WITH_XC_AUTOTYPE "Include Auto-Type." ON)
 option(WITH_XC_HTTP "Include KeePassHTTP and Custom Icon Downloads." OFF)
 option(WITH_XC_YUBIKEY "Include YubiKey support." OFF)
+option(WITH_XC_SSHAGENT "Include SSH agent support." OFF)
 
 # Process ui files automatically from source files
 set(CMAKE_AUTOUIC ON)

COPYING

@@ -175,6 +175,7 @@ Files: share/icons/application/*/actions/application-exit.png
        share/icons/application/*/actions/view-history.png
        share/icons/application/*/apps/internet-web-browser.png
        share/icons/application/*/apps/preferences-desktop-icons.png
+       share/icons/application/*/apps/utilities-terminal.png
        share/icons/application/*/categories/preferences-other.png
        share/icons/application/*/status/dialog-error.png
        share/icons/application/*/status/dialog-information.png

src/CMakeLists.txt

@@ -177,6 +177,7 @@ set(keepassx_SOURCES_MAINEXE
 add_feature_info(AutoType WITH_XC_AUTOTYPE "Automatic password typing")
 add_feature_info(KeePassHTTP WITH_XC_HTTP "Browser integration compatible with ChromeIPass and PassIFox")
 add_feature_info(YubiKey WITH_XC_YUBIKEY "YubiKey HMAC-SHA1 challenge-response")
+add_feature_info(SSHAgent WITH_XC_SSHAGENT "SSH agent integration compatible with KeeAgent")
 
 add_subdirectory(http)
 if(WITH_XC_HTTP)
@@ -186,6 +187,11 @@ endif()
 add_subdirectory(autotype)
 add_subdirectory(cli)
 
+add_subdirectory(sshagent)
+if(WITH_XC_SSHAGENT)
+    set(sshagent_LIB sshagent)
+endif()
+
 set(autotype_SOURCES
     core/Tools.cpp
     autotype/AutoType.cpp
@@ -222,6 +228,7 @@ set_target_properties(keepassx_core PROPERTIES COMPILE_DEFINITIONS KEEPASSX_BUIL
 target_link_libraries(keepassx_core
                       ${keepasshttp_LIB}
                       ${autotype_LIB}
+                      ${sshagent_LIB}
                       ${YUBIKEY_LIBRARIES}
                       ${ZXCVBN_LIBRARIES}
                       Qt5::Core

src/config-keepassx.h.cmake

@@ -15,6 +15,7 @@
 #cmakedefine WITH_XC_HTTP
 #cmakedefine WITH_XC_AUTOTYPE
 #cmakedefine WITH_XC_YUBIKEY
+#cmakedefine WITH_XC_SSHAGENT
 
 #cmakedefine KEEPASSXC_DIST
 #cmakedefine KEEPASSXC_DIST_TYPE "@KEEPASSXC_DIST_TYPE@"

src/crypto/SymmetricCipher.cpp

@@ -74,6 +74,11 @@ bool SymmetricCipher::reset()
     return m_backend->reset();
 }
 
+int SymmetricCipher::keySize() const
+{
+    return m_backend->keySize();
+}
+
 int SymmetricCipher::blockSize() const
 {
     return m_backend->blockSize();

src/crypto/SymmetricCipher.h

@@ -38,6 +38,7 @@ class SymmetricCipher
     enum Mode
     {
         Cbc,
+        Ctr,
         Ecb,
         Stream
     };
@@ -69,6 +70,7 @@ class SymmetricCipher
     }
 
     bool reset();
+    int keySize() const;
     int blockSize() const;
     QString errorString() const;
 

src/crypto/SymmetricCipherBackend.h

@@ -33,6 +33,7 @@ class SymmetricCipherBackend
     Q_REQUIRED_RESULT virtual bool processInPlace(QByteArray& data, quint64 rounds) = 0;
 
     virtual bool reset() = 0;
+    virtual int keySize() const = 0;
     virtual int blockSize() const = 0;
 
     virtual QString errorString() const = 0;

src/crypto/SymmetricCipherGcrypt.cpp

@@ -26,7 +26,6 @@ SymmetricCipherGcrypt::SymmetricCipherGcrypt(SymmetricCipher::Algorithm algo, Sy
     , m_algo(gcryptAlgo(algo))
     , m_mode(gcryptMode(mode))
     , m_direction(direction)
-    , m_blockSize(-1)
 {
 }
 
@@ -62,6 +61,9 @@ int SymmetricCipherGcrypt::gcryptMode(SymmetricCipher::Mode mode)
     case SymmetricCipher::Cbc:
         return GCRY_CIPHER_MODE_CBC;
 
+    case SymmetricCipher::Ctr:
+        return GCRY_CIPHER_MODE_CTR;
+
     case SymmetricCipher::Stream:
         return GCRY_CIPHER_MODE_STREAM;
 
@@ -92,14 +94,6 @@ bool SymmetricCipherGcrypt::init()
         return false;
     }
 
-    size_t blockSizeT;
-    error = gcry_cipher_algo_info(m_algo, GCRYCTL_GET_BLKLEN, nullptr, &blockSizeT);
-    if (error != 0) {
-        setErrorString(error);
-        return false;
-    }
-
-    m_blockSize = blockSizeT;
     return true;
 }
 
@@ -119,7 +113,13 @@ bool SymmetricCipherGcrypt::setKey(const QByteArray& key)
 bool SymmetricCipherGcrypt::setIv(const QByteArray& iv)
 {
     m_iv = iv;
-    gcry_error_t error = gcry_cipher_setiv(m_ctx, m_iv.constData(), m_iv.size());
+    gcry_error_t error;
+
+    if (m_mode == GCRY_CIPHER_MODE_CTR) {
+        error = gcry_cipher_setctr(m_ctx, m_iv.constData(), m_iv.size());
+    } else {
+        error = gcry_cipher_setiv(m_ctx, m_iv.constData(), m_iv.size());
+    }
 
     if (error != 0) {
         setErrorString(error);
@@ -228,9 +228,28 @@ bool SymmetricCipherGcrypt::reset()
     return true;
 }
 
+int SymmetricCipherGcrypt::keySize() const
+{
+    gcry_error_t error;
+    size_t keySizeT;
+
+    error = gcry_cipher_algo_info(m_algo, GCRYCTL_GET_KEYLEN, nullptr, &keySizeT);
+    if (error != 0)
+        return -1;
+
+    return keySizeT;
+}
+
 int SymmetricCipherGcrypt::blockSize() const
 {
-    return m_blockSize;
+    gcry_error_t error;
+    size_t blockSizeT;
+
+    error = gcry_cipher_algo_info(m_algo, GCRYCTL_GET_BLKLEN, nullptr, &blockSizeT);
+    if (error != 0)
+        return -1;
+
+    return blockSizeT;
 }
 
 QString SymmetricCipherGcrypt::errorString() const

src/crypto/SymmetricCipherGcrypt.h

@@ -39,6 +39,7 @@ class SymmetricCipherGcrypt : public SymmetricCipherBackend
     Q_REQUIRED_RESULT bool processInPlace(QByteArray& data, quint64 rounds);
 
     bool reset();
+    int keySize() const;
     int blockSize() const;
 
     QString errorString() const;
@@ -54,7 +55,6 @@ class SymmetricCipherGcrypt : public SymmetricCipherBackend
     const SymmetricCipher::Direction m_direction;
     QByteArray m_key;
     QByteArray m_iv;
-    int m_blockSize;
     QString m_errorString;
 };
 

src/gui/AboutDialog.cpp

@@ -87,6 +87,9 @@ AboutDialog::AboutDialog(QWidget* parent)
 #ifdef WITH_XC_YUBIKEY
     extensions += "\n- YubiKey";
 #endif
+#ifdef WITH_XC_SSHAGENT
+    extensions += "\n- SSH Agent";
+#endif
 
     if (extensions.isEmpty())
         extensions = " None";

src/gui/DatabaseWidget.cpp

@@ -57,6 +57,12 @@
 #include "gui/group/EditGroupWidget.h"
 #include "gui/group/GroupView.h"
 
+#include "config-keepassx.h"
+
+#ifdef WITH_XC_SSHAGENT
+#include "sshagent/SSHAgent.h"
+#endif
+
 DatabaseWidget::DatabaseWidget(Database* db, QWidget* parent)
     : QStackedWidget(parent)
     , m_db(db)
@@ -210,6 +216,13 @@ DatabaseWidget::DatabaseWidget(Database* db, QWidget* parent)
     m_searchCaseSensitive = false;
     m_searchLimitGroup = config()->get("SearchLimitGroup", false).toBool();
 
+#ifdef WITH_XC_SSHAGENT
+    if (config()->get("SSHAgent", false).toBool()) {
+        connect(this, SIGNAL(currentModeChanged(DatabaseWidget::Mode)), SSHAgent::instance(), SLOT(databaseModeChanged(DatabaseWidget::Mode)));
+        connect(this, SIGNAL(closeRequest()), SSHAgent::instance(), SLOT(databaseModeChanged()));
+    }
+#endif
+
     setCurrentWidget(m_mainWidget);
 }
 

src/gui/MainWindow.cpp

@@ -49,6 +49,11 @@
 #include "http/OptionDialog.h"
 #endif
 
+#ifdef WITH_XC_SSHAGENT
+#include "sshagent/AgentSettingsPage.h"
+#include "sshagent/SSHAgent.h"
+#endif
+
 #include "gui/SettingsWidget.h"
 #include "gui/PasswordGeneratorWidget.h"
 
@@ -121,6 +126,10 @@ MainWindow::MainWindow()
     #ifdef WITH_XC_HTTP
     m_ui->settingsWidget->addSettingsPage(new HttpPlugin(m_ui->tabWidget));
     #endif
+    #ifdef WITH_XC_SSHAGENT
+    SSHAgent::init(this);
+    m_ui->settingsWidget->addSettingsPage(new AgentSettingsPage(m_ui->tabWidget));
+    #endif
 
     setWindowIcon(filePath()->applicationIcon());
     m_ui->globalMessageWidget->setHidden(true);