This change provides the most basic D-Bus support in Keysmith.
At start up, Keysmith will now register itself and abort if another
instance is already running. Full support for the xdg D-Bus activation
specification (such as URI opening) is not yet implemented.
By default this feature is disabled on Android, but enabled on 'all'
other platforms. Explicit control may be exercised by running CMake
with -DBUILD_DBUS_INTERFACE=<ON|OFF>.
Issues: #18
This new component can be used to inject an interstitial page, letting the user know something went wrong and allowing them to decide whether to continue or to quit Keysmith.
This is especially useful when Keysmith was launched automatically from some other context (i.e. another app) without the user necessarily being fully aware of it.
Issues: #7, #14
This change provides a bare minimum implementation to parse an otpauth:// type URI into its component parts.
Parsing is quite lax, and focused on what Keysmith can support or recover from in the intended UI/UX for adding accounts via QR codes.
See-Also: https://github.com/google/google-authenticator/wiki/Key-Uri-Format
Issues: #14
With this change Keysmith now prompts the user to either:
- setup a new password
- supply an existing password (if detected)
Additionally the organisation/structure of the QML is cleaned up a bit.
All QML pages are dedicated QML files and a few signals are introduced
to provide slightly better encapsulation/decouple interdependencies.
Introduce a secrets library which implements the necessary crypto using
libsodium. This change provides the basic building blocks for resolving
issue #6.
Provide a building block towards re-implementing the HOTP/TOTP
algorithms without using oath-toolkit: see issue #9.
The hmac::compute function trades simplicity (having to pre-allocate
a scratch buffer) for avoding accidental leaks of key material
(security).
This particular trade-off will help with resolving issue #6.
* do cmake_minimum_required as first thing, as recommended
* bump KF to 5.37, first release with Kirigami (Qt 5.7 matching min dep)
* use KF5_MIN_VERSION also with ECM
* include KDE CMake settings as first
* remove unused cmake includes
* remove duplicated enable_testing()
* use correct KDEInstallDirs variables
- Add a new static library "validator_lib" covering the "validators" namespace in C++
- Introduce the Base32Validator to perform input field validation with fixup support
It uses the oath-toolkit[1] provided library liboath to generate the 2FA
codes, both TOTP and HOTP based. Currently it is largely untested. From
initial rough testing it seems that auto-refreshing of code is not
working. Also button to refresh token for HOTP is also dummy at moment.
Some todo items include,
- Verify the generated oath code is correct
- Make refreshing token work
- QR code scanning
- Backup and Restore of accounts
- Clipboard support to automatically copy code.
- Encrypted storage of the secret token
This code is largely based on the authenticator-ng[2] application by the
Rodney Dawes and Michael Zanetti for the Ubuntu Touch.
[1] https://www.nongnu.org/oath-toolkit/
[2] https://github.com/dobey/authenticator-ng
Tobias Fella
Johan Ouwerkerk
Devin Lin
Nicolas Fella
Bhushan Shah
Friedrich W. H. Kossebau