github.com/keepassxreboot/keepassxc.git - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author
2022-02-23	Add key serialization to support Quick Unlock	Jonathan White

2021-07-14	Optimize includes across code base	peter

2021-04-06	Replace all crypto libraries with Botan	Jonathan White
	Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out. The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt. Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's. Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead. Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan. Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR. NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established. Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots. Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG. Greatly simplified Secret Service plugin's use of crypto functions with Botan.
2020-12-19	Add support for version 2 XML key files.	Janek Bevendorff
	As discussed in #4317, the next KeePass2 release will ship with support for a new generation of XML key files which enable hash integrity checks. This patch adds support for reading and generating this new format. By default, KeePass2 now uses the .keyx extension for generated key files, which was added to KeePassXC's key generation file chooser filter. We continue to generate hashed binary key files by default, but the user can explicitly save the file with the new .keyx extension to generate an XML v2 key file (currently undocumented). When opening a database, the key file type is still determined by content negotation, so the file extension has no impact here. As an additional change, the legacy key file warnings have been improved slightly to be less confusing and more helpful.
2019-04-21	Improve resilience against memory attacks	Janek Bevendorff
	To reduce residual fragments of secret data in memory after deallocation, this patch replaces the global delete operator with a version that zeros out previously allocated memory. It makes use of the new C++14 sized deallocation, but provides an unsized fallback with platform-specific size deductions. This change is only a minor mitigation and cannot protect against buffer reallocations by the operating system or non-C++ libraries. Thus, we still cannot guarantee all memory to be wiped after free. As a further improvement, this patch uses libgcrypt and libsodium to write long-lived master key component hashes into a secure memory area and wipe it afterwards. The patch also fixes compiler flags not being set properly on macOS.
2018-11-29	Restore correct formatting	Gianluca Recchia
	Many lines were not conformant with the project's formatting rules. This patch should fix all formatting and whitespace issues in the code base. A clang-format directive was put around the connect() calls containing SIGNALs and SLOTs whose signatures would be denormalized because of the formatting rules.
2018-09-25	Add a new database settings wizard	Janek Bevendorff
	This patch implements a new database wizard to guide users through the process of setting up a new database and choosing sane encryption settings. It also reimplements the master key settings to be more user-friendly. Users can now add, change, or remove individual composite key components instead of having to set all components at once. This avoids confusion about a password being reset if the user only wants to add a key file. With these changes comes a major refactor of how database composite keys and key components are handled. Copying of keys is prohibited and each key exists only once in memory and is referenced via shared pointers. GUI components for changing individual keys are encapsulated into separate classes to be more reusable. The password edit and generator widgets have also been refactored to be more reusable.
2018-03-31	Formatting the code.	Louis-Bertrand Varin

2018-01-15	Add warning when using legacy key file formats.	Janek Bevendorff

2017-12-27	Generate random 128-byte stream instead of legacy XML format when creating ↵	Janek Bevendorff
	key files Add API documentation for FileKey class Resolves #1325
2015-09-12	Make C++11 mandatory.	Felix Geyer

2013-10-03	Drop Qt module name from include statements.	Felix Geyer
	This is a preparation to be able to build KeePassX against Qt 5.
2012-06-29	Make use of Q_NULLPTR.	Felix Geyer

2012-05-10	Move FileKey::isHex() to Tools.	Felix Geyer

2011-12-22	Implement support for key files.	Felix Geyer
	Closes #5.