New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for version 2 XML key files #5798
Conversation
f984a4e
to
238aa0c
Compare
@DReichl KeePass2 seems to always add XML schema attributes to its key files, but can read them just fine when they are missing. Is there any specific reason for that (other than .NET adds them automatically and I didn't bother removing them)? There is no linked schema anyway, so those attributes are nothing but wasted bytes. |
@phoerious Good point, thanks. These namespace declarations are generated by the XML serializer by default (they're used when more complex objects are serialized). In our case, they're indeed unnecessary though. Therefore, I've now added code in KeePass to generate key files without them. |
b191bca
to
6d88788
Compare
As discussed in #4317, the next KeePass2 release will ship with support for a new generation of XML key files which enable hash integrity checks. This patch adds support for reading and generating this new format. By default, KeePass2 now uses the .keyx extension for generated key files, which was added to KeePassXC's key generation file chooser filter. We continue to generate hashed binary key files by default, but the user can explicitly save the file with the new .keyx extension to generate an XML v2 key file (currently undocumented). When opening a database, the key file type is still determined by content negotation, so the file extension has no impact here. As an additional change, the legacy key file warnings have been improved slightly to be less confusing and more helpful.
6d88788
to
42a5cea
Compare
Added - Support Argon2id KDF [#5778] - Support XMLv2 key files [#5798] Changed - Improve CSV Import/Export, include time fields and TOTP [#5346] - Support empty area dragging of the application window [#5860] - Display default Auto-Type sequence in preview pane [#5654] - Remove strict length limit on generated passwords [#5748] - Hide key file path by default when unlocking database [#5779] - Document browser extension use with Edge in managed mode [#5692] - Windows: Prevent clipboard history and cloud sync [#5853] - macOS: Update the application icon to Big Sur styling [#5851] Fixed - Re-select previously selected entry on database unlock [#5559] - Properly save special character choice in password generator [#5610] - Fix crash in browser integration with multiple similar entries [#5653] - Remove offset on username field in classic theme [#5788] - Ensure entry history is copied when drag/dropping entries and groups [#5817] - Close modal dialogs when database is locked [#5820] - Prevent crash when KeeShare modifies an entry that is currently being edited [#5827] - Improve preview of entry attributes [#5834] - Always activate/focus database open dialog preventing mistype [#5878] - Reports: fix calculation of average password length [#5862] - Linux: Delay startup on login to correct tray icon issues [#5724]
Release 2.6.3 Added - Support Argon2id KDF [keepassxreboot#5778] - Support XMLv2 key files [keepassxreboot#5798] Changed - Improve CSV Import/Export, include time fields and TOTP [keepassxreboot#5346] - Support empty area dragging of the application window [keepassxreboot#5860] - Display default Auto-Type sequence in preview pane [keepassxreboot#5654] - Remove strict length limit on generated passwords [keepassxreboot#5748] - Hide key file path by default when unlocking database [keepassxreboot#5779] - Document browser extension use with Edge in managed mode [keepassxreboot#5692] - Windows: Prevent clipboard history and cloud sync [keepassxreboot#5853] - macOS: Update the application icon to Big Sur styling [keepassxreboot#5851] Fixed - Re-select previously selected entry on database unlock [keepassxreboot#5559] - Properly save special character choice in password generator [keepassxreboot#5610] - Fix crash in browser integration with multiple similar entries [keepassxreboot#5653] - Remove offset on username field in classic theme [keepassxreboot#5788] - Ensure entry history is copied when drag/dropping entries and groups [keepassxreboot#5817] - Close modal dialogs when database is locked [keepassxreboot#5820] - Prevent crash when KeeShare modifies an entry that is currently being edited [keepassxreboot#5827] - Improve preview of entry attributes [keepassxreboot#5834] - Always activate/focus database open dialog preventing mistype [keepassxreboot#5878] - Reports: fix calculation of average password length [keepassxreboot#5862] - Linux: Delay startup on login to correct tray icon issues [keepassxreboot#5724]
As discussed in #4317, the next KeePass2 release will ship with support for a new generation of XML key files which enable hash integrity checks.
This patch adds support for reading and generating this new format. By default, KeePass2 now uses the .keyx extension for generated key files, which was added to KeePassXC's key generation file chooser filter. We continue to generate hashed binary key files by default, but the user can explicitly save the file with the new .keyx extension to generate an XML v2 key file (currently undocumented).
When opening a database, the key file type is still determined by content negotation, so the file extension has no impact here.
As an additional change, the legacy key file warnings have been improved slightly to be less confusing and more helpful.
This change should be backported to 2.6.3.
Type of change