Keepassxc: Adding support for KDBX4 file format
KeePass 2.35 introduces version 4 of the KDBX file format. This new format features both improvements and new capabilities. These are outlined in the following sections.
TheZ3ro
All 26 comments
That's gonna be a doozy to implement... looks like a fun challenge!
droidmonkey
on 9 Jan 2017
Yep, I think the same :smile:
TheZ3ro
on 9 Jan 2017
Dependency wise it requires ChaCha20 and Argon2.
ChaCha20 is implemented in libgcrypt 1.7 but the release is less than a year old so not widely supported in current Linux distros.
For Argon2 embedding https://github.com/P-H-C/phc-winner-argon2 seems to be the best option for now.
debfx
on 9 Jan 2017
Just include library statically, you do not have to folow Linux rules to stay behind with development.
fcore117
on 11 Jan 2017
KeePassX related PR https://github.com/keepassx/keepassx/pull/200
TheZ3ro
on 14 Mar 2017
Didn't see this sorry, so please keep us updated on your progress :). I appreciate your work on KDBX 4 support.
Diapolo
on 15 Jun 2017
Wouldn't the PR in @TheZ3ro's comment actually resolve this?
grinapo
on 6 Oct 2017
It kind of does, but the way it was implemented was not very good. It intertwined the code between kdbx3 and kdbx4 instead of building a new reader/writer class specifically for kdbx4.
droidmonkey
on 6 Oct 2017
O ChaCha20, where art thou?
sergeevabc
on 24 Dec 2017
We are basically through all the ground work and will add new ciphers from here: https://github.com/keepassxreboot/keepassxc/pull/1230
phoerious
on 24 Dec 2017
Is there any way to keep building the develop branch of KPXC on current Ubuntu LTS based Linux distros? Due to the lack of Argon2 and the required gcrypt libs, this looks like a dead end, at least until April this year.
I've been using the develop branch since a long time ago. Probably the suggestion would be to use the master branch, but there is a long list of features/bugfixes that are only in the develop branch as the most "stable" one (more than 6 months of code).
Perhaps due to the intrinsic complications of the KDBX4 implementation, I'm missing something and this WIP with no ETA can't be done in a feature branch.
Any suggestions are welcome, thanks
MyXelf
on 19 Jan 2018
Why don鈥檛 you just build argon2 yourself? See #1401.
ArchangeGabriel
on 19 Jan 2018
Ubuntu ships libargon2-0-dev starting with 16.04. For 14.04 you can install it from our PPA: https://launchpad.net/~phoerious/+archive/ubuntu/keepassxc
We also ship the required versions of libgcrypt20 and libgpg-error for both 14.04 and 16.04 through that PPA.
phoerious
on 19 Jan 2018
Thanks for the suggestions. I'll try those.
MyXelf
on 19 Jan 2018
I updated the wiki page: https://github.com/keepassxreboot/keepassxc/wiki/Set-up-Build-Environment-on-Linux
phoerious
on 19 Jan 2018
Is there a Windows build available with implemented KDBX4 features?
sergeevabc
on 10 Feb 2018
Not yet. We will release a beta version soon.
phoerious
on 10 Feb 2018
The FAQ should be updated: https://keepassxc.org/docs/#faq-kdbx4.
ArchangeGabriel
on 28 Feb 2018
Done. Thanks for the reminder.
phoerious
on 28 Feb 2018
Why not make argon2 by default KDF?
antimech
on 13 Dec 2018
It's going to be the default in 2.4.
phoerious
on 13 Dec 2018
@phoerious thanks for your answer!
antimech
on 13 Dec 2018
@phoerious, btw. Where can I find upcoming release dates?
antimech
on 13 Dec 2018
Generator
on 13 Dec 2018
@Generator, thanks!
antimech
on 13 Dec 2018
The release dates set for milestones are not accurate. They are merely ballpark guesses of when we think we'll be finished.
phoerious
on 13 Dec 2018
Related issues
bleepnetworks
路
3Comments
MisterY
路
3Comments
nfnty
路
3Comments
shaneknysh
路
3Comments
n1trux
路
3Comments
Most helpful comment
Dependency wise it requires ChaCha20 and Argon2.
ChaCha20 is implemented in libgcrypt 1.7 but the release is less than a year old so not widely supported in current Linux distros.
For Argon2 embedding https://github.com/P-H-C/phc-winner-argon2 seems to be the best option for now.