subdavis
diff --git a/‎Gruntfile.js
+2-1 b/‎Gruntfile.js
+2-1
diff --git a/‎bower.json
+2-1 b/‎bower.json
+2-1
diff --git a/‎lib/argon2-asm.min.js
+17 b/‎lib/argon2-asm.min.js
+17
diff --git a/‎lib/argon2.js
+32 b/‎lib/argon2.js
+32
diff --git a/‎lib/kdbxweb.js
+7 b/‎lib/kdbxweb.js
+7
diff --git a/‎popups/controllers/masterPasswordController.js
+27-8 b/‎popups/controllers/masterPasswordController.js
+27-8
diff --git a/‎popups/popup.html
+3 b/‎popups/popup.html
+3
diff --git a/‎services/keepassHeader.js
+1-1 b/‎services/keepassHeader.js
+1-1
diff --git a/‎services/keepassReference.js
+6-1 b/‎services/keepassReference.js
+6-1
@@ -34,7 +34,8 @@ module.exports = function(grunt) {
           {expand: true, cwd: 'bower_components/angular-animate/', src: 'angular-animate.min.js', dest: 'lib/'},
           {expand: true, cwd: 'bower_components/angular-route/', src: 'angular-route.min.js', dest: 'lib/'},
           {expand: true, cwd: 'bower_components/angular-sanitize/', src: 'angular-sanitize.min.js', dest: 'lib/'},
-          {expand: true, cwd: 'bower_components/animate.css/', src: 'animate.css', dest: 'lib/'}
+          {expand: true, cwd: 'bower_components/animate.css/', src: 'animate.css', dest: 'lib/'},
+          {expand: true, cwd: 'bower_components/kdbxweb/dist/', src: 'kdbxweb.js', dest: 'lib/'}
           ]
       },
       appjs: {
 
@@ -28,7 +28,8 @@
     "mocha": "~2.1.0",
     "should": "shouldjs/should.js#~5.0.0",
     "sinonjs": "~1.10.2",
-    "angular-sanitize": "~1.4"
+    "angular-sanitize": "~1.4",
+    "kdbxweb": "keeweb/kdbxweb#1.0.1"
   },
   "devDependencies": {
     "angular-mocks": "~1.4"
 
@@ -0,0 +1,32 @@
+'use strict';
+
+function argon2(password, salt, memory, iterations, length, parallelism, type, version) {
+    var Module = A2Module;
+    var passwordLen = password.byteLength;
+    password = Module.allocate(new Uint8Array(password), 'i8', Module.ALLOC_NORMAL);
+    var saltLen = salt.byteLength;
+    salt = Module.allocate(new Uint8Array(salt), 'i8', Module.ALLOC_NORMAL);
+    var hash = Module.allocate(new Array(length), 'i8', Module.ALLOC_NORMAL);
+    var encodedLen = 512;
+    var encoded = Module.allocate(new Array(encodedLen), 'i8', Module.ALLOC_NORMAL);
+    // jshint camelcase:false
+    try {
+        var res = Module._argon2_hash(iterations, memory, parallelism,
+            password, passwordLen, salt, saltLen,
+            hash, length, encoded, encodedLen, type, version);
+        if (res) {
+            return Promise.reject('Argon2 error ' + res);
+        }
+        var hashArr = new Uint8Array(length);
+        for (var i = 0; i < length; i++) {
+            hashArr[i] = Module.HEAP8[hash + i];
+        }
+        Module._free(password);
+        Module._free(salt);
+        Module._free(hash);
+        Module._free(encoded);
+        return Promise.resolve(hashArr);
+    } catch (e) {
+        return Promise.reject(e);
+    }
+}
@@ -69,7 +69,14 @@ function MasterPasswordController($scope, $routeParams, $location, keepass, unlo
     //tweak UI based on what we know about the database file
     $scope.hidePassword = (usage.requiresPassword === false);
     $scope.hideKeyFile = (usage.requiresKeyfile === false);
-    passwordKey = usage.passwordKey ? Base64.decode(usage.passwordKey): undefined;
+    if (usage.passwordKey) {
+      if (usage.version >= 3)
+        passwordKey = usage.passwordKey;
+      else
+        passwordKey = Base64.decode(usage.passwordKey);
+    } else {
+      passwordKey = undefined;
+    }
     $scope.rememberedPassword = !!passwordKey;
     if ($scope.rememberedPassword) {
 	    $scope.rememberPassword = true;
@@ -147,23 +154,35 @@ function MasterPasswordController($scope, $routeParams, $location, keepass, unlo
 
     var passwordKeyPromise;
     if (!passwordKey) {
-    	passwordKeyPromise = keepass.getMasterKey($scope.masterPassword, $scope.selectedKeyFile)
+    	passwordKeyPromise = keepass.getMasterKey($scope.masterPassword, $scope.selectedKeyFile);
     } else {
 			passwordKeyPromise = Promise.resolve(passwordKey);
 		}
 
 		passwordKeyPromise.then(function(newPasswordKey) {
 			passwordKey = newPasswordKey;
-			return keepass.getPasswords(passwordKey);
-		}).then(function(entries) {
-      //remember usage for next time:
-      settings.saveCurrentDatabaseUsage({
+			return keepass.getDecryptedData(passwordKey);
+		}).then(function(decryptedData) {
+      //remember usage for next time
+      var entries = decryptedData.entries;
+      var version = decryptedData.version;
+      var databaseUsage = {
         requiresPassword: $scope.masterPassword ? true : false,
         requiresKeyfile: $scope.selectedKeyFile ? true : false,
-        passwordKey: $scope.rememberPassword ? Base64.encode(passwordKey) : undefined,
+        passwordKey: undefined,
+        version: version,
         keyFileName: $scope.selectedKeyFile ? $scope.selectedKeyFile.name : "",
         rememberPeriod: $scope.rememberPeriod
-      });
+      }
+      if ($scope.rememberPassword){
+        if (version >= 3) {
+          databaseUsage['passwordKey'] = passwordKey;
+        }
+        else {
+          databaseUsage['passwordKey'] = Base64.encode(passwordKey);
+        }
+        settings.saveCurrentDatabaseUsage(databaseUsage);
+      }
       settings.saveDefaultRememberOptions($scope.rememberPassword, $scope.rememberPeriod);
 
       if ($scope.rememberPeriod) {
 
@@ -13,8 +13,11 @@
   <script type="text/javascript" src="/lib/angular-sanitize.min.js"></script>
   <script type="text/javascript" src="/lib/pako.min.js"></script>
   <script type="text/javascript" src="/lib/salsa20.js"></script>
+  <script type="text/javascript" src="/lib/argon2-asm.min.js"></script>
+  <script type="text/javascript" src="/lib/argon2.js"></script>
   <script type="text/javascript" src="/lib/base64.js"></script>
   <script type="text/javascript" src="/lib/case.min.js"></script>
+  <script type="text/javascript" src="/lib/kdbxweb.js"></script>
   <script type="text/javascript" src="/services/settings.js"></script>
   <script type="text/javascript" src="/services/optionsLink.js"></script>
   <script type="text/javascript" src="/services/unlockedState.js"></script>
 
@@ -58,7 +58,7 @@ function KeepassHeader() {
     }
 
     if (h.sigKeePassType == DBSIG_KDBX || h.sigKeePassType == DBSIG_KDBX_ALPHA) {
-      readKdbxHeader(buf, 8, h);
+      h.kdbx = true;
     } else {
       readKdbHeader(buf, 8, h);
     }
 
@@ -62,7 +62,12 @@ function KeepassReference(streamCipher) {
 	}
 
 	my.getFieldValue = function(currentEntry, fieldName, allEntries) {
-		var plainText = streamCipher.getDecryptedFieldValue(currentEntry, fieldName);
+		// entries are JSON serializable.
+		// Convert back to a keeweb.ProtectedValue for parsing.
+		var keewebProtectedValue = new kdbxweb.ProtectedValue(
+			currentEntry['protectedData'][fieldName].value, 
+			currentEntry['protectedData'][fieldName].salt);
+		var plainText = keewebProtectedValue.getText();
 		return my.processAllReferences(plainText, currentEntry, allEntries);
 	}
Original file line number	Diff line number	Diff line change
`@@ -58,7 +58,7 @@ function KeepassHeader() {`
`58`	`58`	`}`
`59`	`59`
`60`	`60`	`if (h.sigKeePassType == DBSIG_KDBX \|\| h.sigKeePassType == DBSIG_KDBX_ALPHA) {`
`61`		`- readKdbxHeader(buf, 8, h);`
	`61`	`+ h.kdbx = true;`
`62`	`62`	`} else {`
`63`	`63`	`readKdbHeader(buf, 8, h);`
`64`	`64`	`}`
Original file line number	Diff line number	Diff line change
`@@ -62,7 +62,12 @@ function KeepassReference(streamCipher) {`
`62`	`62`	`}`
`63`	`63`
`64`	`64`	`my.getFieldValue = function(currentEntry, fieldName, allEntries) {`
`65`		`- var plainText = streamCipher.getDecryptedFieldValue(currentEntry, fieldName);`
	`65`	`+ // entries are JSON serializable.`
	`66`	`+ // Convert back to a keeweb.ProtectedValue for parsing.`
	`67`	`+ var keewebProtectedValue = new kdbxweb.ProtectedValue(`
	`68`	`+ currentEntry['protectedData'][fieldName].value,`
	`69`	`+ currentEntry['protectedData'][fieldName].salt);`
	`70`	`+ var plainText = keewebProtectedValue.getText();`
`66`	`71`	`return my.processAllReferences(plainText, currentEntry, allEntries);`
`67`	`72`	`}`
`68`	`73`