Add diceware and passgen to the cli interface#1406
Conversation
src/cli/Command.cpp
Outdated
| commands.insert(QString("locate"), new Locate()); | ||
| commands.insert(QString("ls"), new List()); | ||
| commands.insert(QString("merge"), new Merge()); | ||
| commands.insert(QString("passgen"), new PassGen()); |
There was a problem hiding this comment.
@TheZ3ro what about gen or generate? We already have estimate so generate isn't more verbose.
There was a problem hiding this comment.
@louib IDK, generate and estimate both refer to password but when I read the other commands all refers to entry or database (show, add, edit...).
Using generate feels like generating an entry instead of generating a password
What do you think?
There was a problem hiding this comment.
Personally I'd go with estimate, but your call.
src/cli/Diceware.cpp
Outdated
| QCommandLineParser parser; | ||
| parser.setApplicationDescription(this->description); | ||
| QCommandLineOption wordlistFile(QStringList() << "w" | ||
| << "wordlist", |
src/cli/Diceware.cpp
Outdated
| } | ||
|
|
||
| if (!dicewareGenerator.isValid()) { | ||
| outputTextStream << parser.helpText().replace("keepassxc-cli", "keepassxc-cli passgen"); |
src/cli/PassGen.cpp
Outdated
| PasswordGenerator passwordGenerator; | ||
|
|
||
| int length = args.at(0).toInt(); | ||
| passwordGenerator.setLength(length); |
There was a problem hiding this comment.
@TheZ3ro the length should be optional and use the default defined at https://github.com/keepassxreboot/keepassxc/blob/develop/src/core/PasswordGenerator.h#L61
src/cli/PassGen.cpp
Outdated
| } | ||
|
|
||
| if (classes == 0x0) { | ||
| passwordGenerator.setCharClasses(PasswordGenerator::LowerLetters | PasswordGenerator::UpperLetters | |
There was a problem hiding this comment.
These default char classes are defined at a couple of locations in the code. We should extract them to a constant in the PasswordGenerator class, just like we did for the default password length.
There was a problem hiding this comment.
Seems like a good idea
|
|
||
| .SS "PassGen options" | ||
|
|
||
| .IP "-l" |
There was a problem hiding this comment.
@TheZ3ro we should have the same options in the add and edit commands when generating a new password. That way these options would be standard across the CLI, and this section could be renamed Password generation options
There was a problem hiding this comment.
@TheZ3ro not sure if you want to address this one in this PR, but if not, can you create an issue?
src/cli/Diceware.cpp
Outdated
| PassphraseGenerator dicewareGenerator; | ||
|
|
||
| int words = args.at(0).toInt(); | ||
| dicewareGenerator.setWordCount(words); |
There was a problem hiding this comment.
I think we should add a default word count in PasswordGenerator and make an option with the word count, using the default if the option is not set. That would be consistent with passgen.
There was a problem hiding this comment.
setWordCount already address the case where words == 0 and use a safe default. In the last commit I explicitly declare that
There was a problem hiding this comment.
I'd still use an option for the word count instead of a positional argument, to be consistent with passgen, and to not have to explicitly pass 0 to use the defaults.
There was a problem hiding this comment.
but before they were both positional 😝
ok you got me, I will fix that :)
29105ff to
b2cc34c
Compare
src/cli/keepassxc-cli.1
Outdated
| .IP "merge [options] <database1> <database2>" | ||
| Merges two databases together. The first database file is going to be replaced by the result of the merge, for that reason it is advisable to keep a backup of the two database files before attempting a merge. In the case that both databases make use of the same credentials, the \fI--same-credentials\fP or \fI-s\fP option can be used. | ||
|
|
||
| .IP "passgen [options] <length>" |
There was a problem hiding this comment.
@TheZ3ro update to generate, and length is no longer a positional argument
src/cli/keepassxc-cli.1
Outdated
| .IP "clip [options] <database> <entry> [timeout]" | ||
| Copies the password of a database entry to the clipboard. If multiple entries with the same name exist in different groups, only the password for the first one is going to be copied. For copying the password of an entry in a specific group, the group path to the entry should be specified as well, instead of just the name. Optionally, a timeout in seconds can be specified to automatically clear the clipboard. | ||
|
|
||
| .IP "diceware [options] <words>" |
|
|
||
| .SS "Diceware options" | ||
|
|
||
| .IP "-w, --word-list <path>" |
|
@TheZ3ro one last thing (I swear 😄), there are still some hardcoded password generation defaults in the http integration and the browser integration. I think we should use the defaults in |
|
@louib you mean replacing this? keepassxc/src/browser/BrowserSettings.cpp Line 264 in ee3ccf1 |
|
@TheZ3ro yep, and the defaults for the char classes are also hardcoded, for example here and here. |
2c0ba13 to
cd18a2b
Compare
|
@louib this should be it 😉 |
louib
left a comment
There was a problem hiding this comment.
Good job! some small comments, but it'll be good for merging after!
src/cli/keepassxc-cli.1
Outdated
| Extracts and prints the contents of a database to standard output in XML format. | ||
|
|
||
| .IP "generate [options]" | ||
| Generate a random password |
There was a problem hiding this comment.
@TheZ3ro missing point at the end of the description.
src/cli/Diceware.cpp
Outdated
| Diceware::Diceware() | ||
| { | ||
| this->name = QString("diceware"); | ||
| this->description = QObject::tr("Generate a new random password."); |
| classes |= PasswordGenerator::EASCII; | ||
| } | ||
|
|
||
| passwordGenerator.setCharClasses(classes); |
There was a problem hiding this comment.
@TheZ3ro shouldn't we also set the default flags? If so we should do it in edit and add also.
src/cli/Diceware.cpp
Outdated
| parser.addOption(words); | ||
| QCommandLineOption wordlistFile(QStringList() << "w" | ||
| << "word-list", | ||
| QObject::tr("Wordlist fot the diceware generator.\n[Default: EFF English]"), |
src/cli/Diceware.cpp
Outdated
| parser.process(arguments); | ||
|
|
||
| const QStringList args = parser.positionalArguments(); | ||
| if (args.size() != 0) { |
src/cli/Generate.cpp
Outdated
| Generate::Generate() | ||
| { | ||
| this->name = QString("generate"); | ||
| this->description = QObject::tr("Generate a new random password."); |
There was a problem hiding this comment.
Remove explicit this (why don't you use the constructor's initializer list anyway?)
There was a problem hiding this comment.
Because this is like all other cli Command do it, do I have to change them all?
There was a problem hiding this comment.
Also fixed this for every cli command 🎉
There was a problem hiding this comment.
Removing this is one thing, but both statements should actually be moved to the initializer list.
src/cli/Generate.cpp
Outdated
| QObject::tr("length")); | ||
| parser.addOption(len); | ||
| QCommandLineOption lower(QStringList() << "l", | ||
| QObject::tr("Use lowercase in the generated password.")); |
src/cli/Generate.cpp
Outdated
| QObject::tr("Use lowercase in the generated password.")); | ||
| parser.addOption(lower); | ||
| QCommandLineOption upper(QStringList() << "u", | ||
| QObject::tr("Use uppercase in the generated password.")); |
src/cli/Generate.cpp
Outdated
| QObject::tr("Use special characters in the generated password.")); | ||
| parser.addOption(special); | ||
| QCommandLineOption extended(QStringList() << "e", | ||
| QObject::tr("Use extended ascii in the generated password.")); |
src/cli/keepassxc-cli.1
Outdated
| Use special characters for the generated password. [Default: Disabled] | ||
|
|
||
| .IP "-e" | ||
| Use extended ascii characters for the generated password. [Default: Disabled] |
src/core/PasswordGenerator.h
Outdated
| static const bool DefaultSpecial = (DefaultCharset & SpecialCharacters) != 0; | ||
| static const bool DefaultEASCII = (DefaultCharset & EASCII) != 0; | ||
| static const bool DefaultLookAlike = (DefaultFlags & ExcludeLookAlike) != 0; | ||
| static const bool DefaultFromEveryGroup = (DefaultFlags & CharFromEveryGroup) != 0; |
| CharFromEveryGroup = 0x2 | ||
| CharFromEveryGroup = 0x2, | ||
| DefaultFlags = ExcludeLookAlike | CharFromEveryGroup | ||
| }; |
There was a problem hiding this comment.
I think it makes sense to convert these two enums to enum classes.
There was a problem hiding this comment.
This is a pretty big change, maybe we can ship this specific one in 2.4.0 or a 2.3 minor
There was a problem hiding this comment.
It should be more or less an automatic refactor. You may have to add the class name at several locations where this enum is used without its full name, but if you encounter an instance where this creates problems, because both enums were mixed, you most certainly found a bug.
There was a problem hiding this comment.
The thing is that with enum class you don't have automatic casting error: no match for ‘operator&’ (operand types are PasswordGenerator::CharClass’ and ‘PasswordGenerator::CharClass’)
so we have to replace all the calls with static_casts.
There was a problem hiding this comment.
Okay, I'm fine with leaving it as-is for now.
src/cli/Generate.cpp
Outdated
| { | ||
| } | ||
|
|
||
| int Generate::execute(QStringList arguments) |
There was a problem hiding this comment.
Fixed this for every cli command
37aba58 to
3027288
Compare
|
Rebased. Ready to merge |
explicitly state the wordcount default value
…I to XC_HTTP generator
3027288 to
1bfbb92
Compare
- Add support for KDBX 4.0, Argon2 and ChaCha20 [#148, #1179, #1230, #1494] - Add SSH Agent feature [#1098, #1450, #1463] - Add preview panel with details of the selected entry [#879, #1338] - Add more and configurable columns to entry table and allow copying of values by double click [#1305] - Add KeePassXC-Browser API as a replacement for KeePassHTTP [#608] - Deprecate KeePassHTTP [#1392] - Add support for Steam one-time passwords [#1206] - Add support for multiple Auto-Type sequences for a single entry [#1390] - Adjust YubiKey HMAC-SHA1 challenge-response key generation for KDBX 4.0 [#1060] - Replace qHttp with cURL for website icon downloads [#1460] - Remove lock file [#1231] - Add option to create backup file before saving [#1385] - Ask to save a generated password before closing the entry password generator [#1499] - Resolve placeholders recursively [#1078] - Add Auto-Type button to the toolbar [#1056] - Improve window focus handling for Auto-Type dialogs [#1204, #1490] - Auto-Type dialog and password generator can now be exited with ESC [#1252, #1412] - Add optional dark tray icon [#1154] - Add new "Unsafe saving" option to work around saving problems with file sync services [#1385] - Add IBus support to AppImage and additional image formats to Windows builds [#1534, #1537] - Add diceware password generator to CLI [#1406] - Add --key-file option to CLI [#816, #824] - Add DBus interface for opening and closing KeePassXC databases [#283] - Add KDBX compression options to database settings [#1419] - Discourage use of old fixed-length key files in favor of arbitrary files [#1326, #1327] - Correct reference resolution in entry fields [#1486] - Fix window state and recent databases not being remembered on exit [#1453] - Correct history item generation when configuring TOTP for an entry [#1446] - Correct multiple TOTP bugs [#1414] - Automatic saving after every change is now a default [#279] - Allow creation of new entries during search [#1398] - Correct menu issues on macOS [#1335] - Allow compilation on OpenBSD [#1328] - Improve entry attachments view [#1139, #1298] - Fix auto lock for Gnome and Xfce [#910, #1249] - Don't remember key files in file dialogs when the setting is disabled [#1188] - Improve database merging and conflict resolution [#807, #1165] - Fix macOS pasteboard issues [#1202] - Improve startup times on some platforms [#1205] - Hide the notes field by default [#1124] - Toggle main window by clicking tray icon with the middle mouse button [#992] - Fix custom icons not copied over when databases are merged [#1008] - Allow use of DEL key to delete entries [#914] - Correct intermittent crash due to stale history items [#1527] - Sanitize newline characters in title, username and URL fields [#1502] - Reopen previously opened databases in correct order [#774] - Use system's zxcvbn library if available [#701] - Implement various i18n improvements [#690, #875, #1436]
Description
This PR adds the following keepassxc-cli commands:
Usage:
keepassxc-cli diceware 7Will generate a passphrase of 7 words from the default wordlist, you can specify a custom wordlist with
-w/--wordlistkeepassxc-cli passgen -lunes 20Will generate a password of 20 letters with lowercase, uppercase, numbers, special chars and extended ascii chars
keepassxc-cli passgen -l 20Will generate a password of 20 letters with only lowercase chars
How has this been tested?
Manually
Types of changes
Checklist:
-DWITH_ASAN=ON. [REQUIRED]