KDBX4 Allows Yubikey Auth Removal

When using a KDBX 4 DB (Argon2 or AES-KDF does not matter), Yubikey auth can be removed by editing and saving an entry, while the Yubikey is unplugged.

## Expected Behavior
Similar to KDBX 3.1 an error message should be displayed when the Yubikey is unplugged.

## Current Behavior
The database is saved with challenge-response disabled.

## Steps to Reproduce (for bugs)
1. Create a new DB, with password and challenge-response
2. Create e new entry and save
3. Change key derivation function to KDBX 4 (does not matter whether Argon2 or AES-KDF is used)
4. Unplug Yubikey
5. Open entry, change password
6. Save entry
7. Close DB
8. Open DB with password only

## Debug Info
KeePassXC - Version 2.3.0
Revision: 4c0ed74

Libraries:
- Qt 5.10.1
- libgcrypt 1.8.2

Operating system: Arch Linux
CPU architecture: x86_64
Kernel: linux 4.15.6-1-ARCH

Enabled extensions:
- Auto-Type
- Browser Integration
- Legacy Browser Integration (KeePassHTTP)
- SSH Agent
- YubiKey


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

KDBX4 Allows Yubikey Auth Removal #1656

Expected Behavior

Current Behavior

Steps to Reproduce (for bugs)

Debug Info

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

KDBX4 Allows Yubikey Auth Removal #1656

Description

Expected Behavior

Current Behavior

Steps to Reproduce (for bugs)

Debug Info

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions