wip

kee-org · Feb 22, 2024 · a1362cb · a1362cb
1 parent 537ae6e
commit a1362cb
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 11 deletions.
diff --git a/lib/extension_methods.dart b/lib/extension_methods.dart
@@ -62,6 +62,14 @@ extension KdbxFileKDF on KdbxFile {
     final argon2Args = createArgon2Args(credentials.getHash(), KdfType.Argon2d, header.readKdfParameters);
     return await KeeVaultKdfCache().argon2ArgumentsKey(argon2Args);
   }
+
+  bool ensureLatestVersion() {
+    if (header.version < KdbxVersion.V4_1) {
+      upgrade(4, 1);
+      return true;
+    }
+    return false;
+  }
 }
 
 extension KdbxEntryColor on KdbxEntry {

diff --git a/lib/local_vault_repository.dart b/lib/local_vault_repository.dart
@@ -333,15 +333,13 @@ class LocalVaultRepository {
       //and Google are able to offer a suitable API.
       final kdbxToMergeInto = (await vault.files.pending) ?? vault.files.current;
 
-      // may have just downloaded an old version or an old autofill kdbx might have been
-      // left over from an autofill operation in progress before user updated to this version of Kee Vault 2
-      if (kdbxToMergeInto.header.version < KdbxVersion.V4_1) {
-        //TODO: date formats need to be left as is if already in v4 format
-        //TODO: upgrade as part of file load operations
-        //TODO: ios ignore entries in trash
-        //TODO: ios find out why edited bbc entry fails to open for editing... corrupt settings?
-        kdbxToMergeInto.upgrade(4, 1);
-      }
+      //TODO: date formats need to be left as is if already in v4 format
+      //TODO: upgrade as part of file load operations - done for v2; pending v1
+
+      //TODO: ios ignore entries in trash
+      //TODO: ios find out why edited bbc entry fails to open for editing... corrupt settings?
+      //TODO: ios above fixed? Delete all and re-import
+
       kdbxToMergeInto.merge(autofill.files.current);
       final kdbxData = await kdbxFormat().save(kdbxToMergeInto);
 

diff --git a/lib/password_strength.dart b/lib/password_strength.dart
@@ -98,6 +98,6 @@ class StrengthAssessedCredentials {
       KdfField.memory.item(argon2Params.memory),
       KdfField.version.item(argon2Params.version),
     ]);
-    return KdbxHeader.createV4()..writeKdfParameters(kdfParameters);
+    return KdbxHeader.createV4_1()..writeKdfParameters(kdfParameters);
   }
 }
diff --git a/lib/vault_file.dart b/lib/vault_file.dart
@@ -1,5 +1,6 @@
 import 'package:argon2_ffi_base/argon2_ffi_base.dart';
 import 'package:kdbx/kdbx.dart';
+import 'package:keevault/extension_methods.dart';
 
 import 'package:keevault/locked_vault_file.dart';
 
@@ -32,11 +33,14 @@ class VaultFileVersions {
 
   Future<KdbxFile> unlock(LockedVaultFile locked) async {
     final kdbx = await VaultFile._kdbxFormat().read(locked.kdbxBytes, locked.credentials!);
+    kdbx.ensureLatestVersion();
     return kdbx;
   }
 
   Future<List<KdbxFile>> unlockTwice(LockedVaultFile locked) async {
     final kdbxList = await VaultFile._kdbxFormat().readTwice(locked.kdbxBytes, locked.credentials!);
+    kdbxList[0].ensureLatestVersion();
+    kdbxList[1].ensureLatestVersion();
     return kdbxList;
   }
 
@@ -64,7 +68,9 @@ class VaultFileVersions {
     );
   }
 
-//  remoteMergeTarget and current are identical at this time because user has just supplied a new password through the UI so can't have any outstanding modifications in the current vault file. There must also be no pending files.
+//  remoteMergeTarget and current are identical at this time because user has just
+// supplied a new password through the UI so can't have any outstanding modifications
+// in the current vault file. There must also be no pending files.
   Future<VaultFileVersions> copyWithNewCredentials(Credentials credentials) async {
     // final unlockedFiles = await unlockTwice(this.remoteMergeTargetLocked!);
     // final unlockedCurrent = unlockedFiles[0];
@@ -129,6 +135,7 @@ class RemoteVaultFile extends VaultFile {
 
   static Future<RemoteVaultFile> unlock(LockedVaultFile lockedKdbx) async {
     final kdbx = await VaultFile._kdbxFormat().read(lockedKdbx.kdbxBytes, lockedKdbx.credentials!);
+    kdbx.ensureLatestVersion();
     return RemoteVaultFile(
       kdbx,
       DateTime.now(),
@@ -147,6 +154,7 @@ class DemoVaultFile extends VaultFile {
 
   static Future<DemoVaultFile> unlock(LockedVaultFile lockedKdbx) async {
     final kdbx = await VaultFile._kdbxFormat().read(lockedKdbx.kdbxBytes, lockedKdbx.credentials!);
+    kdbx.ensureLatestVersion();
     return DemoVaultFile(
       kdbx,
       DateTime.now(),
@@ -174,13 +182,26 @@ class LocalVaultFile extends VaultFile {
   static Future<LocalVaultFile> unlock(LockedVaultFile lockedKdbx, {bool importOnly = false}) async {
     KdbxFile current;
     KdbxFile? remoteMergeTarget;
+    bool versionWasUpdated = false;
     if (importOnly) {
       current = await VaultFile._kdbxFormat().read(lockedKdbx.kdbxBytes, lockedKdbx.credentials!);
+      if (current.ensureLatestVersion()) {
+        versionWasUpdated = true;
+      }
     } else {
       final files = await VaultFile._kdbxFormat().readTwice(lockedKdbx.kdbxBytes, lockedKdbx.credentials!);
+      if (files[0].ensureLatestVersion()) {
+        versionWasUpdated = true;
+      }
+      files[1].ensureLatestVersion();
       current = files[0];
       remoteMergeTarget = files[1];
     }
+    if (versionWasUpdated) {
+      // just in case the lockedKdbx is uploaded, exported, etc. we will do a
+      // full save and use the upgraded bytes instead
+      lockedKdbx = lockedKdbx.copyWith(kdbxBytes: await current.save());
+    }
     return LocalVaultFile(
       VaultFileVersions(
         current: current,