Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for version 2 XML key files #5798

Merged
merged 1 commit into from Dec 19, 2020
Merged

Add support for version 2 XML key files #5798

merged 1 commit into from Dec 19, 2020

Conversation

phoerious
Copy link
Member

As discussed in #4317, the next KeePass2 release will ship with support for a new generation of XML key files which enable hash integrity checks.

This patch adds support for reading and generating this new format. By default, KeePass2 now uses the .keyx extension for generated key files, which was added to KeePassXC's key generation file chooser filter. We continue to generate hashed binary key files by default, but the user can explicitly save the file with the new .keyx extension to generate an XML v2 key file (currently undocumented).

When opening a database, the key file type is still determined by content negotation, so the file extension has no impact here.

As an additional change, the legacy key file warnings have been improved slightly to be less confusing and more helpful.

This change should be backported to 2.6.3.

Type of change

  • ✅ New feature (change that adds functionality)

@phoerious phoerious added this to the v2.7.0 milestone Dec 10, 2020
@phoerious
Copy link
Member Author

phoerious commented Dec 10, 2020
edited

@DReichl KeePass2 seems to always add XML schema attributes to its key files, but can read them just fine when they are missing. Is there any specific reason for that (other than .NET adds them automatically and I didn't bother removing them)? There is no linked schema anyway, so those attributes are nothing but wasted bytes.

@DReichl
Copy link

DReichl commented Dec 11, 2020

@phoerious Good point, thanks. These namespace declarations are generated by the XML serializer by default (they're used when more complex objects are serialized). In our case, they're indeed unnecessary though. Therefore, I've now added code in KeePass to generate key files without them.

droidmonkey
droidmonkey requested changes Dec 13, 2020
View reviewed changes
src/gui/DatabaseOpenWidget.cpp Outdated Show resolved Hide resolved
src/gui/databasekey/KeyFileEditWidget.cpp Outdated Show resolved Hide resolved
src/keys/FileKey.cpp Outdated Show resolved Hide resolved
@phoerious phoerious force-pushed the feature/xml-keyfile-v2 branch 3 times, most recently from b191bca to 6d88788 Compare December 16, 2020 08:10
@phoerious
Add support for version 2 XML key files.
42a5cea 
As discussed in #4317, the next KeePass2 release will ship with
support for a new generation of XML key files which enable
hash integrity checks.

This patch adds support for reading and generating this new format.
By default, KeePass2 now uses the .keyx extension for generated
key files, which was added to KeePassXC's key generation file chooser
filter. We continue to generate hashed binary key files by default,
but the user can explicitly save the file with the new .keyx
extension to generate an XML v2 key file (currently undocumented).

When opening a database, the key file type is still determined
by content negotation, so the file extension has no impact here.

As an additional change, the legacy key file warnings have been
improved slightly to be less confusing and more helpful.
@droidmonkey droidmonkey merged commit cd0084f into develop Dec 19, 2020
@droidmonkey droidmonkey deleted the feature/xml-keyfile-v2 branch December 19, 2020 14:42
@phoerious phoerious mentioned this pull request Jan 7, 2021
Merged
phoerious added a commit that referenced this pull request Jan 12, 2021
@phoerious
Release 2.6.3
beae186 
Added

- Support Argon2id KDF [#5778]
- Support XMLv2 key files [#5798]

Changed

- Improve CSV Import/Export, include time fields and TOTP [#5346]
- Support empty area dragging of the application window [#5860]
- Display default Auto-Type sequence in preview pane [#5654]
- Remove strict length limit on generated passwords [#5748]
- Hide key file path by default when unlocking database [#5779]
- Document browser extension use with Edge in managed mode [#5692]
- Windows: Prevent clipboard history and cloud sync [#5853]
- macOS: Update the application icon to Big Sur styling [#5851]

Fixed

- Re-select previously selected entry on database unlock [#5559]
- Properly save special character choice in password generator [#5610]
- Fix crash in browser integration with multiple similar entries [#5653]
- Remove offset on username field in classic theme [#5788]
- Ensure entry history is copied when drag/dropping entries and groups [#5817]
- Close modal dialogs when database is locked [#5820]
- Prevent crash when KeeShare modifies an entry that is currently being edited [#5827]
- Improve preview of entry attributes [#5834]
- Always activate/focus database open dialog preventing mistype [#5878]
- Reports: fix calculation of average password length [#5862]
- Linux: Delay startup on login to correct tray icon issues [#5724]
aswild added a commit to aswild/keepassxc that referenced this pull request Jan 13, 2021
@aswild
Merge tag '2.6.3' into unlock-dialog-2.6
e2fae06 
Release 2.6.3

Added

- Support Argon2id KDF [keepassxreboot#5778]
- Support XMLv2 key files [keepassxreboot#5798]

Changed

- Improve CSV Import/Export, include time fields and TOTP [keepassxreboot#5346]
- Support empty area dragging of the application window [keepassxreboot#5860]
- Display default Auto-Type sequence in preview pane [keepassxreboot#5654]
- Remove strict length limit on generated passwords [keepassxreboot#5748]
- Hide key file path by default when unlocking database [keepassxreboot#5779]
- Document browser extension use with Edge in managed mode [keepassxreboot#5692]
- Windows: Prevent clipboard history and cloud sync [keepassxreboot#5853]
- macOS: Update the application icon to Big Sur styling [keepassxreboot#5851]

Fixed

- Re-select previously selected entry on database unlock [keepassxreboot#5559]
- Properly save special character choice in password generator [keepassxreboot#5610]
- Fix crash in browser integration with multiple similar entries [keepassxreboot#5653]
- Remove offset on username field in classic theme [keepassxreboot#5788]
- Ensure entry history is copied when drag/dropping entries and groups [keepassxreboot#5817]
- Close modal dialogs when database is locked [keepassxreboot#5820]
- Prevent crash when KeeShare modifies an entry that is currently being edited [keepassxreboot#5827]
- Improve preview of entry attributes [keepassxreboot#5834]
- Always activate/focus database open dialog preventing mistype [keepassxreboot#5878]
- Reports: fix calculation of average password length [keepassxreboot#5862]
- Linux: Delay startup on login to correct tray icon issues [keepassxreboot#5724]
@Jabb0 Jabb0 mentioned this pull request Feb 4, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@droidmonkey droidmonkey droidmonkey approved these changes

Assignees
No one assigned
Labels
file format
Projects
None yet
Milestone
v2.7.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@phoerious @DReichl @droidmonkey