Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
addCustomIcon(iconData) {
const uuid = kdbxweb.KdbxUuid.random();
this.db.meta.customIcons[uuid] = kdbxweb.ByteUtils.arrayToBuffer(
kdbxweb.ByteUtils.base64ToBytes(iconData)
);
return uuid.toString();
}
toDataUrl(iconData) {
return iconData
? 'data:image/png;base64,' + kdbxweb.ByteUtils.bytesToBase64(iconData)
: null;
}
};
.map(([name, data]) => {
if (data && data.ref) {
data = data.value;
}
if (data) {
const base64 = kdbxweb.ByteUtils.bytesToBase64(data);
data = 'data:application/octet-stream;base64,' + base64;
}
return { name, data };
})
.filter(att => att.name && att.data);
return new Promise((resolve, reject) => {
const algo = { name: 'RSASSA-PKCS1-v1_5', hash: { name: 'SHA-256' } };
try {
if (!pk) {
pk = this.getPublicKey();
}
if (typeof signature === 'string') {
signature = kdbxweb.ByteUtils.base64ToBytes(signature);
}
const subtle = window.crypto.subtle;
const keyFormat = 'spki';
pk = kdbxweb.ByteUtils.base64ToBytes(pk);
subtle
.importKey(keyFormat, pk, algo, false, ['verify'])
.then(cryptoKey => {
try {
subtle
.verify(
algo,
cryptoKey,
kdbxweb.ByteUtils.arrayToBuffer(signature),
kdbxweb.ByteUtils.arrayToBuffer(data)
)
.then(isValid => {
get() {
const pseudoValue = this.pseudoValue;
const salt = this.salt;
const len = pseudoValue.length;
let byteLength = 0;
const valueBytes = new Uint8Array(len * 4);
const saltBytes = kdbxweb.Random.getBytes(len * 4);
let ch;
let bytes;
for (let i = 0; i < len; i++) {
ch = String.fromCharCode(pseudoValue.charCodeAt(i) ^ salt[i]);
bytes = kdbxweb.ByteUtils.stringToBytes(ch);
for (let j = 0; j < bytes.length; j++) {
valueBytes[byteLength] = bytes[j] ^ saltBytes[byteLength];
byteLength++;
}
}
return new kdbxweb.ProtectedValue(
valueBytes.buffer.slice(0, byteLength),
saltBytes.buffer.slice(0, byteLength)
);
}
});
verifySignature(gallery) {
const dataToVerify = JSON.stringify(gallery, null, 2).replace(gallery.signature, '');
return SignatureVerifier.verify(
kdbxweb.ByteUtils.stringToBytes(dataToVerify),
gallery.signature
)
.then(isValid => {
if (isValid) {
return gallery;
}
this.logger.error('JSON signature invalid');
})
.catch(e => {
this.logger.error('Error verifying plugins signature', e);
});
},
.then(db => {
this.db = db;
this.readModel();
this.setOpenFile({ passwordLength: password ? password.textLength : 0 });
if (keyFileData) {
kdbxweb.ByteUtils.zeroBuffer(keyFileData);
}
logger.info(
'Opened file ' +
this.name +
': ' +
logger.ts(ts) +
', ' +
this.kdfArgsToString(db.header) +
', ' +
Math.round(fileData.byteLength / 1024) +
' kB'
);
callback();
})
.catch(err => {
this.params.id = null;
this.params.fileData = e.target.result;
this.params.name = file.name.replace(/(.+)\.\w+$/i, '$1');
this.params.path = file.path || null;
this.params.storage = file.path ? 'file' : null;
this.params.rev = null;
if (!this.params.keyFileData) {
this.params.keyFileName = null;
}
this.displayOpenFile();
this.displayOpenKeyFile();
success = true;
break;
case 'xml':
this.params.id = null;
this.params.fileXml = kdbxweb.ByteUtils.bytesToString(e.target.result);
this.params.name = file.name.replace(/\.\w+$/i, '');
this.params.path = null;
this.params.storage = null;
this.params.rev = null;
this.importDbWithXml();
success = true;
break;
case 'kdb':
Alerts.error({
header: Locale.openWrongFile,
body: Locale.openKdbFileBody
});
break;
default:
Alerts.error({
header: Locale.openWrongFile,
return Promise.resolve().then(() => {
const text = kdbxweb.ByteUtils.bytesToString(data);
const id = 'plugin-css-' + name;
this.createElementInHead('style', id, 'text/css', text);
if (theme) {
const locKey = this.getThemeLocaleKey(theme.name);
SettingsManager.allThemes[theme.name] = locKey;
BaseLocale[locKey] = theme.title;
for (const styleSheet of Array.from(document.styleSheets)) {
if (styleSheet.ownerNode.id === id) {
this.processThemeStyleSheet(styleSheet, theme);
break;
}
}
}
this.logger.debug('Plugin style installed');
});
}
readKdfParams() {
const kdfParameters = this.db.header.kdfParameters;
if (!kdfParameters) {
return undefined;
}
let uuid = kdfParameters.get('$UUID');
if (!uuid) {
return undefined;
}
uuid = kdbxweb.ByteUtils.bytesToBase64(uuid);
switch (uuid) {
case kdbxweb.Consts.KdfId.Argon2:
return {
parallelism: kdfParameters.get('P').valueOf(),
iterations: kdfParameters.get('I').valueOf(),
memory: kdfParameters.get('M').valueOf()
};
case kdbxweb.Consts.KdfId.Aes:
return {
rounds: kdfParameters.get('R').valueOf()
};
default:
return undefined;
}
}