From 77cc99acd3de0ff1e3df24403eeb136e5faaeb0a Mon Sep 17 00:00:00 2001
From: Kyle Manna <kyle@kylemanna.com>
Date: Sun, 7 Sep 2014 16:37:46 -0700
Subject: [PATCH] YubiKey: Clean-up master seed challenge

* Tweak the logic so it more closely resembles other code (i.e.
  trasnformKey()). Matches existing style better.
* Save the challengeResponseKey in the database structure so that
  it can be referred to later (i.e. database unlocking).

Signed-off-by: Kyle Manna <kyle@kylemanna.com>
---
 src/core/Database.cpp         | 9 +++++++--
 src/core/Database.h           | 4 +++-
 src/format/KeePass2Reader.cpp | 5 ++---
 src/format/KeePass2Writer.cpp | 5 ++---
 4 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/src/core/Database.cpp b/src/core/Database.cpp
index fd9e02dd1..5297c2ad3 100644
--- a/src/core/Database.cpp
+++ b/src/core/Database.cpp
@@ -176,9 +176,14 @@ QByteArray Database::transformedMasterKey() const
     return m_data.transformedMasterKey;
 }
 
-bool Database::challengeMasterSeed(const QByteArray& masterSeed, QByteArray& result) const
+QByteArray Database::challengeResponseKey() const
 {
-    return m_data.key.challenge(masterSeed, result);
+    return m_data.challengeResponseKey;
+}
+
+bool Database::challengeMasterSeed(const QByteArray& masterSeed)
+{
+    return m_data.key.challenge(masterSeed, m_data.challengeResponseKey);
 }
 
 void Database::setCipher(const Uuid& cipher)
diff --git a/src/core/Database.h b/src/core/Database.h
index e2eb0fb14..be022ae39 100644
--- a/src/core/Database.h
+++ b/src/core/Database.h
@@ -59,6 +59,7 @@ public:
         QByteArray transformedMasterKey;
         CompositeKey key;
         bool hasKey;
+        QByteArray challengeResponseKey;
     };
 
     Database();
@@ -89,7 +90,8 @@ public:
     quint64 transformRounds() const;
     QByteArray transformedMasterKey() const;
     const CompositeKey & key() const;
-    bool challengeMasterSeed(const QByteArray& masterSeed, QByteArray& result) const;
+    QByteArray challengeResponseKey() const;
+    bool challengeMasterSeed(const QByteArray& masterSeed);
 
     void setCipher(const Uuid& cipher);
     void setCompressionAlgo(Database::CompressionAlgorithm algo);
diff --git a/src/format/KeePass2Reader.cpp b/src/format/KeePass2Reader.cpp
index 8ac983276..73960a7a1 100644
--- a/src/format/KeePass2Reader.cpp
+++ b/src/format/KeePass2Reader.cpp
@@ -113,15 +113,14 @@ Database* KeePass2Reader::readDatabase(QIODevice* device, const CompositeKey& ke
         return nullptr;
     }
 
-    QByteArray challengeResult;
-    if (m_db->challengeMasterSeed(m_masterSeed, challengeResult) == false) {
+    if (m_db->challengeMasterSeed(m_masterSeed) == false) {
         raiseError(tr("Unable to issue challenge-response."));
         return Q_NULLPTR;
     }
 
     CryptoHash hash(CryptoHash::Sha256);
     hash.addData(m_masterSeed);
-    hash.addData(challengeResult);
+    hash.addData(m_db->challengeResponseKey());
     hash.addData(m_db->transformedMasterKey());
     QByteArray finalKey = hash.result();
 
diff --git a/src/format/KeePass2Writer.cpp b/src/format/KeePass2Writer.cpp
index 6c0bf2e1b..6bb316bac 100644
--- a/src/format/KeePass2Writer.cpp
+++ b/src/format/KeePass2Writer.cpp
@@ -51,15 +51,14 @@ void KeePass2Writer::writeDatabase(QIODevice* device, Database* db)
     QByteArray startBytes = randomGen()->randomArray(32);
     QByteArray endOfHeader = "\r\n\r\n";
 
-    QByteArray challengeResult;
-    if (db->challengeMasterSeed(masterSeed, challengeResult) == false) {
+    if (db->challengeMasterSeed(masterSeed) == false) {
         raiseError("Unable to issue challenge-response.");
         return;
     }
 
     CryptoHash hash(CryptoHash::Sha256);
     hash.addData(masterSeed);
-    hash.addData(challengeResult);
+    hash.addData(db->challengeResponseKey());
     Q_ASSERT(!db->transformedMasterKey().isEmpty());
     hash.addData(db->transformedMasterKey());
     QByteArray finalKey = hash.result();