Skip to content

Commit

Permalink
Add support for version 2 XML key files.
Browse files Browse the repository at this point in the history
As discussed in #4317, the next KeePass2 release will ship with
support for a new generation of XML key files which enable
hash integrity checks.

This patch adds support for reading and generating this new format.
By default, KeePass2 now uses the .keyx extension for generated
key files, which was added to KeePassXC's key generation file chooser
filter. We continue to generate hashed binary key files by default,
but the user can explicitly save the file with the new .keyx
extension to generate an XML v2 key file (currently undocumented).

When opening a database, the key file type is still determined
by content negotation, so the file extension has no impact here.

As an additional change, the legacy key file warnings have been
improved slightly to be less confusing and more helpful.
  • Loading branch information
phoerious authored and droidmonkey committed Dec 19, 2020
1 parent 404fd94 commit cd0084f
Show file tree
Hide file tree
Showing 12 changed files with 233 additions and 118 deletions.
6 changes: 3 additions & 3 deletions src/cli/Utils.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -132,9 +132,9 @@ namespace Utils
return {};
}

if (fileKey->type() != FileKey::Hashed) {
err << QObject::tr("WARNING: You are using a legacy key file format which may become\n"
"unsupported in the future.\n\n"
if (fileKey->type() != FileKey::KeePass2XMLv2 && fileKey->type() != FileKey::Hashed) {
err << QObject::tr("WARNING: You are using an old key file format which KeePassXC may\n"
"stop supporting in the future.\n\n"
"Please consider generating a new key file.")
<< endl;
}
Expand Down
14 changes: 8 additions & 6 deletions src/gui/DatabaseOpenWidget.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -301,12 +301,14 @@ QSharedPointer<CompositeKey> DatabaseOpenWidget::buildDatabaseKey()
m_ui->messageWidget->showMessage(tr("Failed to open key file: %1").arg(errorMsg), MessageWidget::Error);
return {};
}
if (key->type() != FileKey::Hashed && !config()->get(Config::Messages_NoLegacyKeyFileWarning).toBool()) {
if (key->type() != FileKey::KeePass2XMLv2 && key->type() != FileKey::Hashed
&& !config()->get(Config::Messages_NoLegacyKeyFileWarning).toBool()) {
QMessageBox legacyWarning;
legacyWarning.setWindowTitle(tr("Legacy key file format"));
legacyWarning.setText(tr("You are using a legacy key file format which may become\n"
"unsupported in the future.\n\n"
"Please consider generating a new key file."));
legacyWarning.setWindowTitle(tr("Old key file format"));
legacyWarning.setText(tr("You are using an old key file format which KeePassXC may<br>"
"stop supporting in the future.<br><br>"
"Please consider generating a new key file by going to:<br>"
"<strong>Database / Database Security / Change Key File.</strong><br>"));
legacyWarning.setIcon(QMessageBox::Icon::Warning);
legacyWarning.addButton(QMessageBox::Ok);
legacyWarning.setDefaultButton(QMessageBox::Ok);
Expand Down Expand Up @@ -355,7 +357,7 @@ void DatabaseOpenWidget::reject()

void DatabaseOpenWidget::browseKeyFile()
{
QString filters = QString("%1 (*);;%2 (*.key)").arg(tr("All files"), tr("Key files"));
QString filters = QString("%1 (*);;%2 (*.keyx; *.key)").arg(tr("All files"), tr("Key files"));
if (!config()->get(Config::RememberLastKeyFiles).toBool()) {
fileDialog()->setNextForgetDialog();
}
Expand Down
14 changes: 7 additions & 7 deletions src/gui/databasekey/KeyFileEditWidget.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -47,12 +47,12 @@ bool KeyFileEditWidget::addToCompositeKey(QSharedPointer<CompositeKey> key)
return false;
}

if (fileKey->type() != FileKey::Hashed) {
if (fileKey->type() != FileKey::KeePass2XMLv2 && fileKey->type() != FileKey::Hashed) {
QMessageBox::warning(getMainWindow(),
tr("Legacy key file format"),
tr("You are using a legacy key file format which may become\n"
"unsupported in the future.\n\n"
"Generate a new key file in the database security settings."),
tr("Old key file format"),
tr("You selected a key file in an old format which KeePassXC<br>"
"may stop supporting in the future.<br><br>"
"Please consider generating a new key file instead."),
QMessageBox::Ok);
}

Expand Down Expand Up @@ -96,7 +96,7 @@ void KeyFileEditWidget::createKeyFile()
if (!m_compEditWidget) {
return;
}
QString filters = QString("%1 (*.key);;%2 (*)").arg(tr("Key files"), tr("All files"));
QString filters = QString("%1 (*.keyx; *.key);;%2 (*)").arg(tr("Key files"), tr("All files"));
QString fileName = fileDialog()->getSaveFileName(this, tr("Create Key File..."), QString(), filters);

if (!fileName.isEmpty()) {
Expand All @@ -119,7 +119,7 @@ void KeyFileEditWidget::browseKeyFile()
if (!m_compEditWidget) {
return;
}
QString filters = QString("%1 (*.key);;%2 (*)").arg(tr("Key files"), tr("All files"));
QString filters = QString("%1 (*.keyx; *.key);;%2 (*)").arg(tr("Key files"), tr("All files"));
QString fileName = fileDialog()->getOpenFileName(this, tr("Select a key file"), QString(), filters);

if (QFileInfo(fileName).canonicalFilePath() == m_parent->getDatabase()->canonicalFilePath()) {
Expand Down
Loading

0 comments on commit cd0084f

Please sign in to comment.