Add challenge response to key before transformation, resolves #1060

* Re-implement KDBX4 challenge-response key assembly with transform
seed instead of master seed

src/format/Kdbx4Reader.cpp

@@ -20,7 +20,6 @@
 #include <QBuffer>
 
 #include "core/Group.h"
-#include "core/Database.h"
 #include "core/Endian.h"
 #include "crypto/CryptoHash.h"
 #include "format/KeePass2RandomStream.h"
@@ -48,19 +47,13 @@ Database* Kdbx4Reader::readDatabaseImpl(QIODevice* device, const QByteArray& hea
         return nullptr;
     }
 
-    if (!m_db->setKey(key, false)) {
+    if (!m_db->setKey(key, false, false)) {
         raiseError(tr("Unable to calculate master key"));
         return nullptr;
     }
 
-    if (!m_db->challengeMasterSeed(m_masterSeed)) {
-        raiseError(tr("Unable to issue challenge-response."));
-        return nullptr;
-    }
-
     CryptoHash hash(CryptoHash::Sha256);
     hash.addData(m_masterSeed);
-    hash.addData(m_db->challengeResponseKey());
     hash.addData(m_db->transformedMasterKey());
     QByteArray finalKey = hash.result();
 

src/format/Kdbx4Writer.cpp

@@ -51,11 +51,6 @@ bool Kdbx4Writer::writeDatabase(QIODevice* device, Database* db)
     QByteArray startBytes;
     QByteArray endOfHeader = "\r\n\r\n";
 
-    if (!db->challengeMasterSeed(masterSeed)) {
-        raiseError(tr("Unable to issue challenge-response."));
-        return false;
-    }
-
     if (!db->setKey(db->key(), false, true)) {
         raiseError(tr("Unable to calculate master key"));
         return false;
@@ -64,7 +59,6 @@ bool Kdbx4Writer::writeDatabase(QIODevice* device, Database* db)
     // generate transformed master key
     CryptoHash hash(CryptoHash::Sha256);
     hash.addData(masterSeed);
-    hash.addData(db->challengeResponseKey());
     Q_ASSERT(!db->transformedMasterKey().isEmpty());
     hash.addData(db->transformedMasterKey());
     QByteArray finalKey = hash.result();