New Feature: KDBX4 #1230
Merged
New Feature: KDBX4 #1230
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Be sure to pick up the rest of the KDBX 4 changes as well. |
phoerious
force-pushed
the
feature/kdbx4
branch
2 times, most recently
from
a5ddf93
to
06179bc
Compare
|
Reminder to implement #1060 |
|
Aye. |
phoerious
force-pushed
the
feature/kdbx4
branch
2 times, most recently
from
356c6df
to
c57a878
Compare
adolfogc
reviewed
Dec 28, 2017
src/format/Kdbx3Reader.cpp
Outdated
|
|
||
| if (xmlReader.hasError()) { | ||
| raiseError(xmlReader.errorString()); | ||
| if (keepDatabase) { |
There was a problem hiding this comment.
I think this reads better as:
return keepDatabase ? db.take() : nullptr;
adolfogc
reviewed
Dec 30, 2017
src/format/Kdbx3Reader.cpp
Outdated
| } | ||
|
|
||
| QIODevice* xmlDevice; | ||
| QScopedPointer<QtIOCompressor> ioCompressor; |
There was a problem hiding this comment.
What do you think of replacing QtIOCompressor with KCompressionDevice from KF5Archive?
There was a problem hiding this comment.
Remove the embedded version.
There was a problem hiding this comment.
I'm against adding new dependencies here if not really needed.
There was a problem hiding this comment.
Ok; makes sense. I've also noticed there is no package available for Ubuntu Trusty. Please disregard.
droidmonkey
force-pushed
the
feature/kdbx4
branch
from
90e7479
to
da617c0
Compare
phoerious
commented
Jan 6, 2018
src/crypto/kdf/Argon2Kdf.cpp
Outdated
| Argon2Kdf::Argon2Kdf() | ||
| : Kdf::Kdf(KeePass2::KDF_ARGON2) | ||
| , m_version(0x13) | ||
| , m_memory(1<<16) |
src/crypto/kdf/Argon2Kdf.cpp
Outdated
| bool Argon2Kdf::setMemory(quint64 kibibytes) | ||
| { | ||
| // MIN=8KB; MAX=2,147,483,648KB | ||
| if (kibibytes >= 8 && kibibytes < (1ULL<<32)) { |
src/crypto/kdf/Argon2Kdf.cpp
Outdated
| bool Argon2Kdf::setParallelism(quint32 threads) | ||
| { | ||
| // MIN=1; MAX=16,777,215 | ||
| if (threads >= 1 && threads < (1<<24)) { |
src/format/Kdbx3Reader.cpp
Outdated
| { | ||
| if (data.size() != 32) { | ||
| raiseError("Invalid master seed size"); | ||
| } else { |
src/format/Kdbx3Reader.cpp
Outdated
| { | ||
| if (data.size() != 4) { | ||
| raiseError("Invalid compression flags length"); | ||
| } else { |
There was a problem hiding this comment.
return here, drop else.
src/streams/HmacBlockStream.cpp
Outdated
| } | ||
|
|
||
| m_bufferPos = 0; | ||
| m_blockIndex++; |
| m_buffer.resize(blockSize() - padLength); | ||
| return true; | ||
| } | ||
| } else { |
| int SymmetricCipherStream::blockSize() const { | ||
| if (m_streamCipher) { | ||
| return 1024; | ||
| } else { |
|
|
||
| void TestKeePass2Reader::testFormat400() | ||
| { | ||
| QString filename = QString(KEEPASSX_TEST_DATA_DIR).append("/Format400.kdbx"); |
There was a problem hiding this comment.
Was this file generated by KeePass2? We should use that as reference.
| reader.setStrictMode(true); | ||
| QString xmlFile = QString(KEEPASSX_TEST_DATA_DIR).append("/NewDatabase.xml"); | ||
| m_db = reader.readDatabase(xmlFile); | ||
| QVERIFY(m_db); | ||
| QVERIFY(!reader.hasError()); | ||
| } | ||
|
|
||
| void TestKdbx3XmlReader::readDatabase(QString path, bool strictMode, Database*& db, bool& hasError, QString& errorString) |
There was a problem hiding this comment.
hasError should be the return value.
phoerious
force-pushed
the
feature/kdbx4
branch
from
95fb856
to
b94567e
Compare
TheZ3ro
reviewed
Jan 7, 2018
src/format/KeePass2.cpp
Outdated
| } | ||
|
|
||
| Q_ASSERT_X(false, "uuidToKdf", "Invalid UUID"); | ||
| return nullptr; |
phoerious
force-pushed
the
feature/kdbx4
branch
2 times, most recently
from
e58326d
to
bafaf3c
Compare
phoerious
force-pushed
the
feature/kdbx4
branch
2 times, most recently
from
3950750
to
b4e42fc
Compare
Note: This implementation is not yet connected to the database itself and will corrupt existing kdbx3 db's. * Implemented memory and parallelism parameters for Argon2Kdf * Using libargon2; libsodium does not support Argon2d algorithm * Moved basic rounds parameter into Kdf class * Reimplemented benchmark algorithm; previous was utterly broken
* Adds KDBX4 reader/writer interfaces * Adds KDBX4 XML reader/write interfaces * Implements test cases for KDBX4 * Fully compatible with KeePass2 * Corrects minor issues with Argon2 KDF
Increase default AES-KDF rounds to 100k
* Refactor Kdbx*Reader * Refactor KdbxWriter * Refactor KdbxXmlReader * Refactor KdbxXmlWriter
* Re-implement KDBX4 challenge-response key assembly with transform seed instead of master seed
…o number of available processors
…h AES-KDF back to KDBX3 when saving
* Use legacy AES-KDF mode for KeePass1Reader
droidmonkey
force-pushed
the
feature/kdbx4
branch
from
193de9c
to
96e271e
Compare
droidmonkey
requested changes
Jan 13, 2018
src/format/KeePass2.cpp
Outdated
| }; | ||
|
|
||
| const QList<QPair<Uuid, QString>> KeePass2::KDFS{ | ||
| qMakePair(KeePass2::KDF_ARGON2, QObject::tr("Argon2 (recommended)")), |
There was a problem hiding this comment.
I think this should be "Argon2 (KDBX 4 - recommended)"
| m_uiEncryption->parallelismSpinBox->setValue(argon2Kdf->parallelism()); | ||
| } | ||
|
|
||
| m_uiGeneral->dbNameEdit->setFocus(); |
There was a problem hiding this comment.
Need to add m_ui->categoryList->setCurrentCategory(0); after this line to highlight the first category by default.
…base settings by default
droidmonkey
approved these changes
Jan 13, 2018
phoerious
added a commit
that referenced
this pull request
Feb 27, 2018
- Add support for KDBX 4.0, Argon2 and ChaCha20 [#148, #1179, #1230, #1494] - Add SSH Agent feature [#1098, #1450, #1463] - Add preview panel with details of the selected entry [#879, #1338] - Add more and configurable columns to entry table and allow copying of values by double click [#1305] - Add KeePassXC-Browser API as a replacement for KeePassHTTP [#608] - Deprecate KeePassHTTP [#1392] - Add support for Steam one-time passwords [#1206] - Add support for multiple Auto-Type sequences for a single entry [#1390] - Adjust YubiKey HMAC-SHA1 challenge-response key generation for KDBX 4.0 [#1060] - Replace qHttp with cURL for website icon downloads [#1460] - Remove lock file [#1231] - Add option to create backup file before saving [#1385] - Ask to save a generated password before closing the entry password generator [#1499] - Resolve placeholders recursively [#1078] - Add Auto-Type button to the toolbar [#1056] - Improve window focus handling for Auto-Type dialogs [#1204, #1490] - Auto-Type dialog and password generator can now be exited with ESC [#1252, #1412] - Add optional dark tray icon [#1154] - Add new "Unsafe saving" option to work around saving problems with file sync services [#1385] - Add IBus support to AppImage and additional image formats to Windows builds [#1534, #1537] - Add diceware password generator to CLI [#1406] - Add --key-file option to CLI [#816, #824] - Add DBus interface for opening and closing KeePassXC databases [#283] - Add KDBX compression options to database settings [#1419] - Discourage use of old fixed-length key files in favor of arbitrary files [#1326, #1327] - Correct reference resolution in entry fields [#1486] - Fix window state and recent databases not being remembered on exit [#1453] - Correct history item generation when configuring TOTP for an entry [#1446] - Correct multiple TOTP bugs [#1414] - Automatic saving after every change is now a default [#279] - Allow creation of new entries during search [#1398] - Correct menu issues on macOS [#1335] - Allow compilation on OpenBSD [#1328] - Improve entry attachments view [#1139, #1298] - Fix auto lock for Gnome and Xfce [#910, #1249] - Don't remember key files in file dialogs when the setting is disabled [#1188] - Improve database merging and conflict resolution [#807, #1165] - Fix macOS pasteboard issues [#1202] - Improve startup times on some platforms [#1205] - Hide the notes field by default [#1124] - Toggle main window by clicking tray icon with the middle mouse button [#992] - Fix custom icons not copied over when databases are merged [#1008] - Allow use of DEL key to delete entries [#914] - Correct intermittent crash due to stale history items [#1527] - Sanitize newline characters in title, username and URL fields [#1502] - Reopen previously opened databases in correct order [#774] - Use system's zxcvbn library if available [#701] - Implement various i18n improvements [#690, #875, #1436]
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Working PR for KDBX4. Follows up on #1179.
Closes #148 and closes #1060
Types of changes
Checklist:
-DWITH_ASAN=ON. [REQUIRED]