Generate random 128-byte stream instead of legacy XML format when creating key files #1326
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
phoerious
force-pushed
the
feature/refactor-keyfile-generator
branch
from
da82670 to
0ce8e54
Compare
…ating key files Add API documentation for FileKey class Resolves #1325
phoerious
force-pushed
the
feature/refactor-keyfile-generator
branch
from
0ce8e54 to
901bf62
Compare
|
What about adding some tests? 🙌 |
|
There are tests, but I'll add some new ones. |
|
I've commented automatically without double-checking, actually there are tests already in the TestKeys file https://github.com/keepassxreboot/keepassxc/blob/develop/tests/TestKeys.cpp |
|
There is not much else I could test, but I still added some additional tests for creating and loading binary key files. |
phoerious
force-pushed
the
feature/refactor-keyfile-generator
branch
from
81fff4c to
32705fe
Compare
phoerious
force-pushed
the
feature/refactor-keyfile-generator
branch
from
32705fe to
60b3037
Compare
TheZ3ro
approved these changes
Dec 27, 2017
phoerious
added a commit
that referenced
this pull request
Feb 27, 2018
- Add support for KDBX 4.0, Argon2 and ChaCha20 [#148, #1179, #1230, #1494] - Add SSH Agent feature [#1098, #1450, #1463] - Add preview panel with details of the selected entry [#879, #1338] - Add more and configurable columns to entry table and allow copying of values by double click [#1305] - Add KeePassXC-Browser API as a replacement for KeePassHTTP [#608] - Deprecate KeePassHTTP [#1392] - Add support for Steam one-time passwords [#1206] - Add support for multiple Auto-Type sequences for a single entry [#1390] - Adjust YubiKey HMAC-SHA1 challenge-response key generation for KDBX 4.0 [#1060] - Replace qHttp with cURL for website icon downloads [#1460] - Remove lock file [#1231] - Add option to create backup file before saving [#1385] - Ask to save a generated password before closing the entry password generator [#1499] - Resolve placeholders recursively [#1078] - Add Auto-Type button to the toolbar [#1056] - Improve window focus handling for Auto-Type dialogs [#1204, #1490] - Auto-Type dialog and password generator can now be exited with ESC [#1252, #1412] - Add optional dark tray icon [#1154] - Add new "Unsafe saving" option to work around saving problems with file sync services [#1385] - Add IBus support to AppImage and additional image formats to Windows builds [#1534, #1537] - Add diceware password generator to CLI [#1406] - Add --key-file option to CLI [#816, #824] - Add DBus interface for opening and closing KeePassXC databases [#283] - Add KDBX compression options to database settings [#1419] - Discourage use of old fixed-length key files in favor of arbitrary files [#1326, #1327] - Correct reference resolution in entry fields [#1486] - Fix window state and recent databases not being remembered on exit [#1453] - Correct history item generation when configuring TOTP for an entry [#1446] - Correct multiple TOTP bugs [#1414] - Automatic saving after every change is now a default [#279] - Allow creation of new entries during search [#1398] - Correct menu issues on macOS [#1335] - Allow compilation on OpenBSD [#1328] - Improve entry attachments view [#1139, #1298] - Fix auto lock for Gnome and Xfce [#910, #1249] - Don't remember key files in file dialogs when the setting is disabled [#1188] - Improve database merging and conflict resolution [#807, #1165] - Fix macOS pasteboard issues [#1202] - Improve startup times on some platforms [#1205] - Hide the notes field by default [#1124] - Toggle main window by clicking tray icon with the middle mouse button [#992] - Fix custom icons not copied over when databases are merged [#1008] - Allow use of DEL key to delete entries [#914] - Correct intermittent crash due to stale history items [#1527] - Sanitize newline characters in title, username and URL fields [#1502] - Reopen previously opened databases in correct order [#774] - Use system's zxcvbn library if available [#701] - Implement various i18n improvements [#690, #875, #1436]
phoerious
added
pr: new feature
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Resolves #1325
This patch implements a stronger key file generator and adds API documentation for the FileKey class.
Motivation and context
The old key file generator created an XML key file with a short embedded random secret instead of a longer purely binary random byte string. The original motivation behind this was probably to be compatible with KeePass 2 (which generates the same kind of key files, apparently even with only 16 byte), but since KeePass 2 also supports usage of arbitrary files as key files, there is no reason to continue generating this kind of key files.
The new implementation generates a 128-byte blob of completely random data and no wrapping XML. The byte stream was generated using libgcrypt's cryptographic RNG. With 128 byte, the key file contents are definitely larger than the resulting 32-byte SHA-256 hash, but not immensely larger, which would give no benefits over a shorter string.
Reading of legacy XML files (and also fixed-size binary key files, another legacy format) is still supported, but marked as deprecated.
How has this been tested?
When generating a new key file, a 128 byte file is created. Contents look like random binary garbage.
Types of changes
Checklist:
-DWITH_ASAN=ON. [REQUIRED]