From 5eb248d4bdf3c8d85c195d3f71ef634ff5a0f4a9 Mon Sep 17 00:00:00 2001
From: Herbert Poul <herbert@codeux.design>
Date: Thu, 30 Jan 2020 22:32:57 +0100
Subject: [PATCH] proper error message for kdbx 4.x files

---
 .idea/codeStyles/Project.xml | 116 +++++++++++++++++++++++++++++++++++
 CHANGELOG.md                 |   4 ++
 lib/src/kdbx_format.dart     |   6 ++
 lib/src/kdbx_header.dart     |  10 +++
 pubspec.yaml                 |   5 +-
 test/kdbx_test.dart          |   9 +++
 test/keepassxcpasswords.kdbx | Bin 0 -> 1493 bytes
 7 files changed, 147 insertions(+), 3 deletions(-)
 create mode 100644 .idea/codeStyles/Project.xml
 create mode 100644 test/keepassxcpasswords.kdbx

diff --git a/.idea/codeStyles/Project.xml b/.idea/codeStyles/Project.xml
new file mode 100644
index 0000000..681f41a
--- /dev/null
+++ b/.idea/codeStyles/Project.xml
@@ -0,0 +1,116 @@
+<component name="ProjectCodeStyleConfiguration">
+  <code_scheme name="Project" version="173">
+    <codeStyleSettings language="XML">
+      <indentOptions>
+        <option name="CONTINUATION_INDENT_SIZE" value="4" />
+      </indentOptions>
+      <arrangement>
+        <rules>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>xmlns:android</NAME>
+                  <XML_ATTRIBUTE />
+                  <XML_NAMESPACE>^$</XML_NAMESPACE>
+                </AND>
+              </match>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>xmlns:.*</NAME>
+                  <XML_ATTRIBUTE />
+                  <XML_NAMESPACE>^$</XML_NAMESPACE>
+                </AND>
+              </match>
+              <order>BY_NAME</order>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>.*:id</NAME>
+                  <XML_ATTRIBUTE />
+                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
+                </AND>
+              </match>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>.*:name</NAME>
+                  <XML_ATTRIBUTE />
+                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
+                </AND>
+              </match>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>name</NAME>
+                  <XML_ATTRIBUTE />
+                  <XML_NAMESPACE>^$</XML_NAMESPACE>
+                </AND>
+              </match>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>style</NAME>
+                  <XML_ATTRIBUTE />
+                  <XML_NAMESPACE>^$</XML_NAMESPACE>
+                </AND>
+              </match>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>.*</NAME>
+                  <XML_ATTRIBUTE />
+                  <XML_NAMESPACE>^$</XML_NAMESPACE>
+                </AND>
+              </match>
+              <order>BY_NAME</order>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>.*</NAME>
+                  <XML_ATTRIBUTE />
+                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
+                </AND>
+              </match>
+              <order>ANDROID_ATTRIBUTE_ORDER</order>
+            </rule>
+          </section>
+          <section>
+            <rule>
+              <match>
+                <AND>
+                  <NAME>.*</NAME>
+                  <XML_ATTRIBUTE />
+                  <XML_NAMESPACE>.*</XML_NAMESPACE>
+                </AND>
+              </match>
+              <order>BY_NAME</order>
+            </rule>
+          </section>
+        </rules>
+      </arrangement>
+    </codeStyleSettings>
+  </code_scheme>
+</component>
\ No newline at end of file
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1a8e0bd..0c016f4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.2.1
+
+- Throw unsupported exception when trying to read kdbx 4.x files.
+
 ## 0.2.0
 
 - Fixed writing of packet index for payload.
diff --git a/lib/src/kdbx_format.dart b/lib/src/kdbx_format.dart
index 4fd2f12..d5df660 100644
--- a/lib/src/kdbx_format.dart
+++ b/lib/src/kdbx_format.dart
@@ -304,6 +304,12 @@ class KdbxFormat {
   static KdbxFile read(Uint8List input, Credentials credentials) {
     final reader = ReaderHelper(input);
     final header = KdbxHeader.read(reader);
+    if (header.versionMajor != 3) {
+      _logger.finer('Unsupported version for $header');
+      throw KdbxUnsupportedException('Unsupported kdbx version '
+          '${header.versionMajor}.${header.versionMinor}.'
+          ' Only 3.x is supported.');
+    }
     return _loadV3(header, reader, credentials);
   }
 
diff --git a/lib/src/kdbx_header.dart b/lib/src/kdbx_header.dart
index c02ab1d..e3f68cc 100644
--- a/lib/src/kdbx_header.dart
+++ b/lib/src/kdbx_header.dart
@@ -236,6 +236,11 @@ class KdbxHeader {
   ProtectedValueEncryption get innerRandomStreamEncryption =>
       ProtectedValueEncryption.values[ReaderHelper.singleUint32(
           fields[HeaderFields.InnerRandomStreamID].bytes)];
+
+  @override
+  String toString() {
+    return 'KdbxHeader{sig1: $sig1, sig2: $sig2, versionMajor: $versionMajor, versionMinor: $versionMinor}';
+  }
 }
 
 class KdbxException implements Exception {}
@@ -252,6 +257,11 @@ class KdbxUnsupportedException implements KdbxException {
   KdbxUnsupportedException(this.hint);
 
   final String hint;
+
+  @override
+  String toString() {
+    return 'KdbxUnsupportedException{hint: $hint}';
+  }
 }
 
 class HashedBlockReader {
diff --git a/pubspec.yaml b/pubspec.yaml
index e566b10..c43f85b 100644
--- a/pubspec.yaml
+++ b/pubspec.yaml
@@ -1,8 +1,7 @@
 name: kdbx
-description: KeepassX format implementation in pure dart. (kdbx 2.x support).
-version: 0.2.0
+description: KeepassX format implementation in pure dart. (kdbx 3.x support).
+version: 0.2.1
 homepage: https://github.com/authpass/kdbx.dart
-author: Herbert Poul <herbert@poul.at>
 
 environment:
   sdk: '>=2.4.0 <3.0.0'
diff --git a/test/kdbx_test.dart b/test/kdbx_test.dart
index f772821..30f27cc 100644
--- a/test/kdbx_test.dart
+++ b/test/kdbx_test.dart
@@ -91,4 +91,13 @@ void main() {
       File('test.kdbx').writeAsBytesSync(saved);
     });
   });
+
+  group('Unsupported version', () {
+    test('Fails with exception', () async {
+      final data = await File('test/keepassxcpasswords.kdbx').readAsBytes();
+      expect(() {
+        KdbxFormat.read(data, Credentials(ProtectedValue.fromString('asdf')));
+      }, throwsA(const TypeMatcher<KdbxUnsupportedException>()));
+    });
+  });
 }
diff --git a/test/keepassxcpasswords.kdbx b/test/keepassxcpasswords.kdbx
new file mode 100644
index 0000000000000000000000000000000000000000..69ad677291d8ca0008d10e770f34c8ec169868d3
GIT binary patch
literal 1493
zcmV;`1uFUj*`k_f`%AR|00aO65C8xGF~RcYzi~rQzE}kzYW!ON0|Wp70096100bZa
z005}|<l-eBSd6xBp+QrpreJ$Oekla)lGbO6#Go6C?hFSI0001^bsY(`(aI?YBkeY;
zG<b^(ivR!s00BY;0000aRaHqu5C8xG?_+J>j44D*k@u;j1LFz|1pxp607(b{000UA
z00000000F60000@2mk;800004000001OWg508j(~00062002S(0000}AOHXWCIm16
zPa~j$J6a-M5_04O1WaKeqNsybB<=5s^q;l(1OWg509FJ5000vJ000001ONa44GIkk
zYqQ=Y_!Q33Rl8d(Q)BT@t5eI{7H=~bQeofRG%SkpzRaR&x_OQfGrTes%DCy}v4?-y
z^=!dfJKqA?ALc#;f-h=@M}s0bi2cG`W3kjLXD8BZ0Gl3~;Ei=J-a1BiPy_$~k3@NX
zdOa#-*56MFzI+fS5%RIM$k?<x#S+~I^+p?FiXT>;6F`5$>_k|B=b-yNU*GXl=^iP)
z4}6~4M)P!=Q)iNBv<(UiInYSmN^N;($fiWiV9cdN1U$_9U<FnX)#{SP;Zyi?Z*f&J
z5Sv!q=iq-JFj)LjgC&iz=S2b}#Lq`_QVc-+GA&GF%pK3~Ishyi73EF3HFGwO8{VQY
ztFwqgRa)?&9l-VgH6XHDWHDT5%OI)^Qn0*n;vRXqI*J-ntNr&sV=RH8Qto+T<S-c}
zih5FR4hW(N&oyN4Vw@3J?*t{5S(56Coxun^+PRn>7>9#jz5#9g%FMQ7nEe}veSltb
zpCIb|{DF58SZ!8TxV&sg+Q|$kD^sDhmF?2Wryt3onmo>sx!IbDt{kriQGO#I5yaXE
zidR#4_JTf+AWA{YD5Q@PHjrZvD5>^@mWv~@YbfLRcs?F1=2mr{5zCB|Luh@~0GL%;
zLIpGV)*J!=xZdeF$`^|G-v$5nIgnsIK4qGZDEm(K<2pwv>v2Dt;|I}6-V)wIyM=&n
zXi&hFCkj*oeQDzXZ~SB~gdQhKT=nsevlu!ZN~`6lu68flK)|{h^o80`^@#9mKbQN`
z0%mf#LZJY;Wr8g#!x@WKv=t@foAIA&lN<=9Q;t?|0mNTp-^+m67pIlw9w>hwa47Jc
zY&F{XJlgw~UkU7F9-~qQ*cze@K*>)t)T+~0M5u^xK42T?=LT8OLn+5?SV6t?md)c9
zpWqqWy!NlrA;EpJ3++g8`NAuD#fo?nreJhq{OP}Rxuavs+lZAYs3v^mbU<OU-NMF&
zbMw6jZL?UJ5k+*Zr_ox$Xor@u52j1#kIFis?VP>G10EaiS5=H`d)_UMc}KmBi$t#|
zHe%Rjj@!ib+Y**6r?W+u-$x@<cA{{~<IgH2k1c?&o>v+eogocPyI{ph1x2XWuBedw
zWktAk?25?Nwg+JKMa1hJ=(w{rqv4sekE{DF9!IDB2M!61a@AOa;=dW0c(1YcZ4HkM
zjoH#@r|;qpvPErYA{1!15GIlP_`fzkvX?nD)4YRGspDI$N<V13V%+WGG$kQH=PdUY
z?cku(G-J|!`jmi^wcyNV-e9N0?UWhH`D2nL3&#NbPcx1Z!A*T*=8bVwplMoi$F*Uf
zU&XjTZK9N?GA<u3#23Z@ehp~lY{rIPVSodDi5j9GXQ8}@48~V030B!kW;+g^&va3Y
zJW!J8o9O!XziIhI%+#D#%~{NGGQSBCcoPI0%_(SV<S{abv=4Y_=zt2tDSFddvC_K^
zWC65qP)}-uR73>*StQLG@>CJySe9!7Z-x!)wT9>DB($v{VcChrK9iQ=G~gNUbIuVf
z)~xz;F{X3tGbrOHjY0r<-OTNo{TfTcsfC$lVlbk44aL{!9zL_8jv7(aX&>n8dJ<{V
v)Y8cPY|WnuaEZcbE}Od4^>asT5jW&Gd+X`#^X=mA`cM6HimMGD00000Oc$b;

literal 0
HcmV?d00001