Improved logging of password generation.

[IMPROVED]  Trace-level logging during password generation.

.gitignore

@@ -20,6 +20,11 @@
 !/*.xcodeproj/project.xcworkspace/*
 /*.xcodeproj/project.xcworkspace/xcuserdata
 
+# Media
+Press/Background.png
+Press/Front-Page.png
+Press/MasterPassword_PressKit/MasterPassword_pressrelease_*.pdf
+
 # IPA
 /sendipa/*
 !/sendipa/sendipa.conf

.gitmodules

@@ -6,4 +6,7 @@
 	url = git://github.com/futuretap/InAppSettingsKit.git
 [submodule "External/iCloudStoreManager"]
 	path = External/iCloudStoreManager
-	url = git://github.com/alekseyn/iCloudStoreManager.git
+	url = git://github.com/lhunath/iCloudStoreManager.git
+[submodule "External/FontReplacer"]
+	path = External/FontReplacer
+	url = git://github.com/0xced/FontReplacer.git

.idea/inspectionProfiles/Project_Default.xml

@@ -0,0 +1,9 @@
+<component name="InspectionProjectProfileManager">
+  <profile version="1.0" is_locked="false">
+    <option name="myName" value="Project Default" />
+    <option name="myLocal" value="false" />
+    <inspection_tool class="LossyEncoding" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="OCUnusedMethodInspection" enabled="false" level="WARNING" enabled_by_default="false" />
+    <inspection_tool class="UnusedLocalVariable" enabled="false" level="WARNING" enabled_by_default="false" />
+  </profile>
+</component>

.idea/inspectionProfiles/profiles_settings.xml

@@ -0,0 +1,7 @@
+<component name="InspectionProjectProfileManager">
+  <settings>
+    <option name="PROJECT_PROFILE" value="Project Default" />
+    <option name="USE_PROJECT_PROFILE" value="true" />
+    <version value="1.0" />
+  </settings>
+</component>

Crashlytics/Crashlytics.framework/Versions/A/Headers/Crashlytics.h

@@ -7,6 +7,46 @@
 
 #import <Foundation/Foundation.h>
 
+/**
+ *
+ * The CLS_LOG macro provides as easy way to gather more information in your log messages that are 
+ * sent with your crash data. CLS_LOG prepends your custom log message with the function name and 
+ * line number where the macro was used. If your app was built with the DEBUG preprocessor macro 
+ * defined CLS_LOG uses the CLSNSLog function which forwards your log message to NSLog and CLSLog. 
+ * If the DEBUG preprocessor macro is not defined CLS_LOG uses CLSLog only.
+ *
+ * Example output:
+ * -[AppDelegate login:] line 134 $ login start
+ *
+ * If you would like to change this macro, create a new header file, unset our define and then define
+ * your own version. Make sure this new header file is imported after the Crashlytics header file.
+ *
+ * #undef CLS_LOG
+ * #define CLS_LOG(__FORMAT__, ...) CLSNSLog...
+ *
+ **/
+#ifdef DEBUG
+	#define CLS_LOG(__FORMAT__, ...) CLSNSLog((@"%s line %d $ " __FORMAT__), __PRETTY_FUNCTION__, __LINE__, ##__VA_ARGS__);
+#else
+	#define CLS_LOG(__FORMAT__, ...) CLSLog((@"%s line %d $ " __FORMAT__), __PRETTY_FUNCTION__, __LINE__, ##__VA_ARGS__);
+#endif
+
+/**
+ * 
+ * Add logging that will be sent with your crash data. This logging will not show up in the system.log
+ * and will only be visible in your Crashlytics dashboard.
+ *
+ **/
+void CLSLog(NSString *format, ...);
+
+/**
+ *
+ * Add logging that will be sent with your crash data. This logging will show up in the system.log
+ * and your Crashlytics dashboard. It is not reccomended for Release builds.
+ *
+ **/
+void CLSNSLog(NSString *format, ...);
+
 @protocol CrashlyticsDelegate;
 
 @interface Crashlytics : NSObject {
@@ -63,6 +103,49 @@
  **/
 - (void)crash;
 
+/**
+ *
+ * Many of our customers have requested the ability to tie crashes to specific end-users of their 
+ * application in order to facilitate responses to support requests or permit the ability to reach 
+ * out for more information. We allow you to specify up to three separate values for display within 
+ * the Crashlytics UI - but please be mindful of your end-user's privacy.
+ *
+ * We recommend specifying a user identifier - an arbitrary string that ties an end-user to a record 
+ * in your system. This could be a database id, hash, or other value that is meaningless to a 
+ * third-party observer but can be indexed and queried by you.
+ *
+ * Optionally, you may also specify the end-user's name or username, as well as email address if you 
+ * do not have a system that works well with obscured identifiers.
+ *
+ * Pursuant to our EULA, this data is transferred securely throughout our system and we will not 
+ * disseminate end-user data unless required to by law. That said, if you choose to provide end-user 
+ * contact information, we strongly recommend that you disclose this in your application's privacy 
+ * policy. Data privacy is of our utmost concern.
+ *
+ **/
+- (void)setUserIdentifier:(NSString *)identifier;
+- (void)setUserName:(NSString *)name;
+- (void)setUserEmail:(NSString *)email;
+
++ (void)setUserIdentifier:(NSString *)identifier;
++ (void)setUserName:(NSString *)name;
++ (void)setUserEmail:(NSString *)email;
+
+/**
+ *
+ * Set a value for a key to be associated with your crash data.
+ *
+ **/
+- (void)setObjectValue:(id)value forKey:(NSString *)key;
+- (void)setIntValue:(int)value forKey:(NSString *)key;
+- (void)setBoolValue:(BOOL)value forKey:(NSString *)key;
+- (void)setFloatValue:(float)value forKey:(NSString *)key;
+
++ (void)setObjectValue:(id)value forKey:(NSString *)key;
++ (void)setIntValue:(int)value forKey:(NSString *)key;
++ (void)setBoolValue:(BOOL)value forKey:(NSString *)key;
++ (void)setFloatValue:(float)value forKey:(NSString *)key;
+
 @end
 
 /**
@@ -80,7 +163,7 @@
  *
  * Called once a Crashlytics instance has determined that the last execution of the 
  * application ended in a crash.  This is called some time after the crash reporting
- * process has begun.  If you have specififed a delay in one of the
+ * process has begun.  If you have specified a delay in one of the
  * startWithAPIKey:... calls, this will take at least that long to be invoked.
  *
  **/

Crashlytics/Crashlytics.framework/Versions/A/Resources/Info.plist

@@ -17,7 +17,7 @@
 	<key>CFBundlePackageType</key>
 	<string>FMWK</string>
 	<key>CFBundleShortVersionString</key>
-	<string>1.0.1.3</string>
+	<string>1.1.3</string>
 	<key>CFBundleSignature</key>
 	<string>????</string>
 	<key>CFBundleSupportedPlatforms</key>
@@ -25,7 +25,7 @@
 		<string>iPhoneOS</string>
 	</array>
 	<key>CFBundleVersion</key>
-	<string>0100.01.03</string>
+	<string>0101.03.00</string>
 	<key>CrashlyticsAPIKey</key>
 	<string>0d10c90776f5ef5acd01ddbeaca9a6cba4814560</string>
 	<key>DTCompiler</key>

MasterPassword-iOS.xcodeproj/xcshareddata/xcschemes/MasterPassword (App Store).xcscheme

@@ -63,14 +63,23 @@
       shouldUseLaunchSchemeArgsEnv = "YES"
       savedToolIdentifier = ""
       useCustomWorkingDirectory = "NO"
-      buildConfiguration = "Production"
+      buildConfiguration = "AppStore"
       debugDocumentVersioning = "YES">
+      <BuildableProductRunnable>
+         <BuildableReference
+            BuildableIdentifier = "primary"
+            BlueprintIdentifier = "DA5BFA43147E415C00F98B1E"
+            BuildableName = "MasterPassword.app"
+            BlueprintName = "MasterPassword"
+            ReferencedContainer = "container:MasterPassword-iOS.xcodeproj">
+         </BuildableReference>
+      </BuildableProductRunnable>
    </ProfileAction>
    <AnalyzeAction
       buildConfiguration = "Debug">
    </AnalyzeAction>
    <ArchiveAction
-      buildConfiguration = "Production"
+      buildConfiguration = "AppStore"
       revealArchiveInOrganizer = "YES">
    </ArchiveAction>
 </Scheme>

MasterPassword-iOS.xcodeproj/xcshareddata/xcschemes/MasterPassword (Development).xcscheme

@@ -28,6 +28,16 @@
       shouldUseLaunchSchemeArgsEnv = "YES"
       buildConfiguration = "Debug">
       <Testables>
+         <TestableReference
+            skipped = "NO">
+            <BuildableReference
+               BuildableIdentifier = "primary"
+               BlueprintIdentifier = "DA3EF17815A47744003ABF4E"
+               BuildableName = "Tests.octest"
+               BlueprintName = "Tests"
+               ReferencedContainer = "container:MasterPassword-iOS.xcodeproj">
+            </BuildableReference>
+         </TestableReference>
       </Testables>
       <MacroExpansion>
          <BuildableReference
@@ -40,8 +50,8 @@
       </MacroExpansion>
    </TestAction>
    <LaunchAction
-      selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.GDB"
-      selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.GDB"
+      selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+      selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
       launchStyle = "0"
       useCustomWorkingDirectory = "NO"
       buildConfiguration = "Debug"
@@ -57,12 +67,6 @@
             ReferencedContainer = "container:MasterPassword-iOS.xcodeproj">
          </BuildableReference>
       </BuildableProductRunnable>
-      <CommandLineArguments>
-         <CommandLineArgument
-            argument = "-com.apple.coredata.ubiquity.logLevel 3"
-            isEnabled = "NO">
-         </CommandLineArgument>
-      </CommandLineArguments>
       <AdditionalOptions>
          <AdditionalOption
             key = "NSZombieEnabled"
@@ -75,7 +79,7 @@
       shouldUseLaunchSchemeArgsEnv = "YES"
       savedToolIdentifier = ""
       useCustomWorkingDirectory = "NO"
-      buildConfiguration = "AdHoc"
+      buildConfiguration = "Debug"
       debugDocumentVersioning = "YES">
       <BuildableProductRunnable>
          <BuildableReference

MasterPassword/Java/masterpassword-algorithm/pom.xml

@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <!-- PROJECT METADATA -->
+    <parent>
+        <groupId>com.lyndir.lhunath.masterpassword</groupId>
+        <artifactId>masterpassword</artifactId>
+        <version>GIT-SNAPSHOT</version>
+    </parent>
+
+    <name>Master Password Algorithm Implementation</name>
+    <description>The implementation of the Master Password algorithm</description>
+
+    <groupId>com.lyndir.lhunath.masterpassword</groupId>
+    <artifactId>masterpassword-algorithm</artifactId>
+    <packaging>jar</packaging>
+
+    <!-- DEPENDENCY MANAGEMENT -->
+    <dependencies>
+
+        <!-- PROJECT REFERENCES -->
+        <dependency>
+            <groupId>com.lyndir.lhunath.opal</groupId>
+            <artifactId>opal-system</artifactId>
+            <version>GIT-SNAPSHOT</version>
+        </dependency>
+        <dependency>
+            <groupId>com.lyndir.lhunath.opal</groupId>
+            <artifactId>opal-crypto</artifactId>
+            <version>GIT-SNAPSHOT</version>
+        </dependency>
+
+        <!-- EXTERNAL DEPENDENCIES -->
+        <dependency>
+            <groupId>net.sf.plist</groupId>
+            <artifactId>property-list</artifactId>
+            <version>svn-SNAPSHOT</version>
+        </dependency>
+        <dependency>
+            <groupId>com.lambdaworks</groupId>
+            <artifactId>scrypt</artifactId>
+            <version>1.3.2</version>
+        </dependency>
+
+    </dependencies>
+
+</project>

MasterPassword/Java/masterpassword-algorithm/src/main/java/com/lyndir/lhunath/masterpassword/MPElementFeature.java

@@ -0,0 +1,14 @@
+package com.lyndir.lhunath.masterpassword;
+
+/**
+ * <i>07 04, 2012</i>
+ *
+ * @author lhunath
+ */
+public enum MPElementFeature {
+
+    /** Export the key-protected content data. */
+    ExportContent,
+    /** Never export content. */
+    DevicePrivate,
+}

MasterPassword/Java/masterpassword-algorithm/src/main/java/com/lyndir/lhunath/masterpassword/MPElementType.java

@@ -0,0 +1,79 @@
+package com.lyndir.lhunath.masterpassword;
+
+import com.google.common.collect.ImmutableSet;
+import com.lyndir.lhunath.opal.system.logging.Logger;
+import java.util.Set;
+
+
+/**
+ * <i>07 04, 2012</i>
+ *
+ * @author lhunath
+ */
+public enum MPElementType {
+
+    GeneratedMaximum( "Maximum Security Password", "Maximum", "20 characters, contains symbols.", MPElementTypeClass.Generated ),
+    GeneratedLong( "Long Password", "Long", "Copy-friendly, 14 characters, contains symbols.", MPElementTypeClass.Generated ),
+    GeneratedMedium( "Medium Password", "Medium", "Copy-friendly, 8 characters, contains symbols.", MPElementTypeClass.Generated ),
+    GeneratedShort( "Short Password", "Short", "Copy-friendly, 4 characters, no symbols.", MPElementTypeClass.Generated ),
+    GeneratedBasic( "Basic Password", "Basic", "8 characters, no symbols.", MPElementTypeClass.Generated ),
+    GeneratedPIN( "PIN", "PIN", "4 numbers.", MPElementTypeClass.Generated ),
+
+    StoredPersonal( "Personal Password", "Personal", "AES-encrypted, exportable.", MPElementTypeClass.Stored, MPElementFeature.ExportContent ),
+    StoredDevicePrivate( "Device Private Password", "Private", "AES-encrypted, not exported.", MPElementTypeClass.Stored, MPElementFeature.DevicePrivate );
+
+    static final Logger logger = Logger.get( MPElementType.class );
+
+    private final   MPElementTypeClass    typeClass;
+    private final   Set<MPElementFeature> typeFeatures;
+    private final   String                name;
+    private final   String                shortName;
+    private final String                description;
+
+    MPElementType(final String name, final String shortName, final String description, final MPElementTypeClass typeClass, final MPElementFeature... typeFeatures) {
+
+        this.name = name;
+        this.shortName = shortName;
+        this.typeClass = typeClass;
+        this.description = description;
+
+        ImmutableSet.Builder<MPElementFeature> typeFeaturesBuilder = ImmutableSet.builder();
+        for (final MPElementFeature typeFeature : typeFeatures)
+            typeFeaturesBuilder.add( typeFeature );
+        this.typeFeatures = typeFeaturesBuilder.build();
+    }
+
+    public MPElementTypeClass getTypeClass() {
+
+        return typeClass;
+    }
+
+    public Set<MPElementFeature> getTypeFeatures() {
+
+        return typeFeatures;
+    }
+
+    public String getName() {
+
+        return name;
+    }
+
+    public String getShortName() {
+
+        return shortName;
+    }
+
+    public String getDescription() {
+
+        return description;
+    }
+
+    public static MPElementType forName(final String name) {
+
+        for (final MPElementType type : values())
+            if (type.getName().equals( name ))
+                return type;
+
+        throw logger.bug( "Element type not known: %s", name );
+    }
+}

MasterPassword/Java/masterpassword-algorithm/src/main/java/com/lyndir/lhunath/masterpassword/MPElementTypeClass.java

@@ -0,0 +1,27 @@
+package com.lyndir.lhunath.masterpassword;
+
+import com.lyndir.lhunath.masterpassword.entity.*;
+
+
+/**
+ * <i>07 04, 2012</i>
+ *
+ * @author lhunath
+ */
+public enum MPElementTypeClass {
+
+    Generated(MPElementGeneratedEntity.class),
+    Stored(MPElementStoredEntity.class);
+
+    private final Class<? extends MPElementEntity> entityClass;
+
+    MPElementTypeClass(final Class<? extends MPElementEntity> entityClass) {
+
+        this.entityClass = entityClass;
+    }
+
+    public Class<? extends MPElementEntity> getEntityClass() {
+
+        return entityClass;
+    }
+}

MasterPassword/Java/masterpassword-algorithm/src/main/java/com/lyndir/lhunath/masterpassword/MPTemplate.java

@@ -0,0 +1,41 @@
+package com.lyndir.lhunath.masterpassword;
+
+import com.google.common.collect.ImmutableList;
+import com.lyndir.lhunath.opal.system.util.MetaObject;
+import java.util.List;
+import java.util.Map;
+
+
+/**
+ * <i>07 04, 2012</i>
+ *
+ * @author lhunath
+ */
+public class MPTemplate extends MetaObject {
+
+    private final List<MPTemplateCharacterClass> template;
+
+    public MPTemplate(final String template, final Map<Character, MPTemplateCharacterClass> characterClasses) {
+
+        ImmutableList.Builder<MPTemplateCharacterClass> builder = ImmutableList.<MPTemplateCharacterClass>builder();
+        for (int i = 0; i < template.length(); ++i)
+            builder.add( characterClasses.get( template.charAt( i ) ) );
+
+        this.template = builder.build();
+    }
+
+    public MPTemplate(final List<MPTemplateCharacterClass> template) {
+
+        this.template = template;
+    }
+
+    public MPTemplateCharacterClass getCharacterClassAtIndex(final int index) {
+
+        return template.get( index );
+    }
+
+    public int length() {
+
+        return template.size();
+    }
+}

MasterPassword/Java/masterpassword-algorithm/src/main/java/com/lyndir/lhunath/masterpassword/MPTemplateCharacterClass.java

@@ -0,0 +1,33 @@
+package com.lyndir.lhunath.masterpassword;
+
+import com.lyndir.lhunath.opal.system.util.MetaObject;
+import com.lyndir.lhunath.opal.system.util.ObjectMeta;
+
+
+/**
+ * <i>07 04, 2012</i>
+ *
+ * @author lhunath
+ */
+public class MPTemplateCharacterClass extends MetaObject {
+
+    private final char   identifier;
+    @ObjectMeta(useFor = { })
+    private final char[] characters;
+
+    public MPTemplateCharacterClass(final char identifier, final char[] characters) {
+
+        this.identifier = identifier;
+        this.characters = characters;
+    }
+
+    public char getIdentifier() {
+
+        return identifier;
+    }
+
+    public char getCharacterAtRollingIndex(final int index) {
+
+        return characters[index % characters.length];
+    }
+}

MasterPassword/Java/masterpassword-algorithm/src/main/java/com/lyndir/lhunath/masterpassword/MPTemplates.java

@@ -0,0 +1,103 @@
+package com.lyndir.lhunath.masterpassword;
+
+import com.google.common.base.Preconditions;
+import com.google.common.base.Throwables;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.io.Closeables;
+import com.lyndir.lhunath.opal.system.logging.Logger;
+import com.lyndir.lhunath.opal.system.util.MetaObject;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.List;
+import java.util.Map;
+import net.sf.plist.*;
+import net.sf.plist.io.PropertyListException;
+import net.sf.plist.io.PropertyListParser;
+
+
+/**
+ * <i>07 04, 2012</i>
+ *
+ * @author lhunath
+ */
+public class MPTemplates extends MetaObject {
+
+    static final Logger logger = Logger.get( MPTemplates.class );
+
+    private final Map<MPElementType, List<MPTemplate>> templates;
+
+    public MPTemplates(final Map<MPElementType, List<MPTemplate>> templates) {
+
+        this.templates = templates;
+    }
+
+    public static MPTemplates loadFromPList(final String templateResource) {
+
+        @SuppressWarnings("IOResourceOpenedButNotSafelyClosed")
+        InputStream templateStream = Thread.currentThread().getContextClassLoader().getResourceAsStream( templateResource );
+        try {
+            NSObject plistObject = PropertyListParser.parse( templateStream );
+            Preconditions.checkState( NSDictionary.class.isAssignableFrom( plistObject.getClass() ) );
+            NSDictionary plist = (NSDictionary) plistObject;
+
+            NSDictionary characterClassesDict = (NSDictionary) plist.get( "MPCharacterClasses" );
+            NSDictionary templatesDict = (NSDictionary) plist.get( "MPElementGeneratedEntity" );
+
+            ImmutableMap.Builder<Character, MPTemplateCharacterClass> characterClassesBuilder = ImmutableMap.builder();
+            for (final Map.Entry<String, NSObject> characterClassEntry : characterClassesDict.entrySet()) {
+                String key = characterClassEntry.getKey();
+                NSObject value = characterClassEntry.getValue();
+                Preconditions.checkState( key.length() == 1 );
+                Preconditions.checkState( NSString.class.isAssignableFrom( value.getClass() ));
+
+                char character = key.charAt( 0 );
+                char[] characterClass = ((NSString)value).getValue().toCharArray();
+                characterClassesBuilder.put( character, new MPTemplateCharacterClass( character, characterClass ) );
+            }
+            ImmutableMap<Character, MPTemplateCharacterClass> characterClasses = characterClassesBuilder.build();
+
+            ImmutableMap.Builder<MPElementType, List<MPTemplate>> templatesBuilder = ImmutableMap.builder();
+            for (final Map.Entry<String, NSObject> template : templatesDict.entrySet()) {
+                String key = template.getKey();
+                NSObject value = template.getValue();
+                Preconditions.checkState( NSArray.class.isAssignableFrom( value.getClass() ) );
+
+                MPElementType type = MPElementType.forName( key );
+                List<NSObject> templateStrings = ((NSArray) value).getValue();
+
+                ImmutableList.Builder<MPTemplate> typeTemplatesBuilder = ImmutableList.<MPTemplate>builder();
+                for (final NSObject templateString : templateStrings)
+                    typeTemplatesBuilder.add( new MPTemplate( ((NSString) templateString).getValue(), characterClasses ) );
+
+                templatesBuilder.put( type, typeTemplatesBuilder.build() );
+            }
+            ImmutableMap<MPElementType, List<MPTemplate>> templates = templatesBuilder.build();
+
+            return new MPTemplates( templates );
+        }
+        catch (PropertyListException e) {
+            logger.err( e, "Could not parse templates from: %s", templateResource );
+            throw Throwables.propagate( e );
+        }
+        catch (IOException e) {
+            logger.err( e, "Could not read templates from: %s", templateResource );
+            throw Throwables.propagate( e );
+        }
+        finally {
+            Closeables.closeQuietly( templateStream );
+        }
+    }
+
+    public MPTemplate getTemplateForTypeAtRollingIndex(final MPElementType type, final int templateIndex) {
+
+        List<MPTemplate> typeTemplates = templates.get( type );
+
+        return typeTemplates.get( templateIndex % typeTemplates.size() );
+    }
+
+    public static void main(final String... arguments) {
+
+        loadFromPList( "templates.plist" );
+    }
+}

MasterPassword/Java/masterpassword-algorithm/src/main/java/com/lyndir/lhunath/masterpassword/MasterPassword.java

@@ -0,0 +1,128 @@
+package com.lyndir.lhunath.masterpassword;
+
+import com.google.common.base.Charsets;
+import com.google.common.base.Preconditions;
+import com.google.common.primitives.Bytes;
+import com.lambdaworks.crypto.SCrypt;
+import com.lyndir.lhunath.opal.crypto.CryptUtils;
+import com.lyndir.lhunath.opal.system.*;
+import com.lyndir.lhunath.opal.system.logging.Logger;
+import java.nio.ByteBuffer;
+import java.nio.ByteOrder;
+import java.nio.charset.Charset;
+import java.security.GeneralSecurityException;
+
+
+/**
+ * Implementation of the Master Password algorithm.
+ *
+ * <i>07 04, 2012</i>
+ *
+ * @author lhunath
+ */
+public abstract class MasterPassword {
+
+    static final         Logger                       logger       = Logger.get( MasterPassword.class );
+    private static final int                          MP_N         = 32768;
+    private static final int                          MP_r         = 8;
+    private static final int                          MP_p         = 2;
+    private static final int                          MP_dkLen     = 64;
+    private static final Charset                      MP_charset   = Charsets.UTF_8;
+    private static final ByteOrder                    MP_byteOrder = ByteOrder.BIG_ENDIAN;
+    private static final MessageDigests               MP_hash      = MessageDigests.SHA256;
+    private static final MessageAuthenticationDigests MP_mac       = MessageAuthenticationDigests.HmacSHA256;
+    private static final MPTemplates                  templates    = MPTemplates.loadFromPList( "templates.plist" );
+
+    public static byte[] keyForPassword(final String password, final String username) {
+
+        long start = System.currentTimeMillis();
+        byte[] nusernameLengthBytes = ByteBuffer.allocate( Integer.SIZE / Byte.SIZE )
+                                                .order( MP_byteOrder )
+                                                .putInt( username.length() )
+                                                .array();
+        byte[] salt = Bytes.concat( "com.lyndir.masterpassword".getBytes( MP_charset ), //
+                                    nusernameLengthBytes, //
+                                    username.getBytes( MP_charset ) );
+
+        try {
+            byte[] key = SCrypt.scrypt( password.getBytes( MP_charset ), salt, MP_N, MP_r, MP_p, MP_dkLen );
+            logger.trc( "User: %s, password: %s derives to key ID: %s (took %.2fs)", username, password,
+                        CodeUtils.encodeHex( keyIDForKey( key ) ), (double) (System.currentTimeMillis() - start) / 1000 );
+
+            return key;
+        }
+        catch (GeneralSecurityException e) {
+            throw logger.bug( e );
+        }
+    }
+
+    public static byte[] subkeyForKey(final byte[] key, final int subkeyLength) {
+
+        byte[] subkey = new byte[Math.min( subkeyLength, key.length )];
+        System.arraycopy( key, 0, subkey, 0, subkey.length );
+
+        return subkey;
+    }
+
+    public static byte[] keyIDForPassword(final String password, final String username) {
+
+        return keyIDForKey( keyForPassword( password, username ) );
+    }
+
+    public static byte[] keyIDForKey(final byte[] key) {
+
+        return MP_hash.of( key );
+    }
+
+    public static String generateContent(final MPElementType type, final String name, final byte[] key, int counter) {
+
+        Preconditions.checkArgument( type.getTypeClass() == MPElementTypeClass.Generated );
+        Preconditions.checkArgument( !name.isEmpty() );
+        Preconditions.checkArgument( key.length > 0 );
+
+        if (counter == 0)
+            counter = (int) (System.currentTimeMillis() / (300 * 1000)) * 300;
+
+        byte[] nameLengthBytes = ByteBuffer.allocate( Integer.SIZE / Byte.SIZE ).order( MP_byteOrder ).putInt( name.length() ).array();
+        byte[] counterBytes = ByteBuffer.allocate( Integer.SIZE / Byte.SIZE ).order( MP_byteOrder ).putInt( counter ).array();
+        logger.trc( "seed from: hmac-sha256(%s, 'com.lyndir.masterpassword' | %s | %s | %s)", CryptUtils.encodeBase64( key ),
+                    CodeUtils.encodeHex( nameLengthBytes ), name, CodeUtils.encodeHex( counterBytes ) );
+        byte[] seed = MP_mac.of( key, Bytes.concat( "com.lyndir.masterpassword".getBytes( MP_charset ), //
+                                                    nameLengthBytes, //
+                                                    name.getBytes( MP_charset ), //
+                                                    counterBytes ) );
+        logger.trc( "seed is: %s", CryptUtils.encodeBase64( seed ) );
+
+        Preconditions.checkState( seed.length > 0 );
+        int templateIndex = seed[0] & 0xFF; // Mask the integer's sign.
+        MPTemplate template = templates.getTemplateForTypeAtRollingIndex( type, templateIndex );
+        logger.trc( "type: %s, template: %s", type, template );
+
+        StringBuilder password = new StringBuilder( template.length() );
+        for (int i = 0; i < template.length(); ++i) {
+            int characterIndex = seed[i + 1] & 0xFF; // Mask the integer's sign.
+            MPTemplateCharacterClass characterClass = template.getCharacterClassAtIndex( i );
+            char passwordCharacter = characterClass.getCharacterAtRollingIndex( characterIndex );
+            logger.trc( "class: %s, index: %d, byte: 0x%02X, chosen password character: %s", characterClass, characterIndex, seed[i + 1],
+                        passwordCharacter );
+
+            password.append( passwordCharacter );
+        }
+
+        return password.toString();
+    }
+
+    public static void main(final String... arguments) {
+
+        String masterPassword = "test-mp";
+        String username = "test-user";
+        String siteName = "test-site";
+        MPElementType siteType = MPElementType.GeneratedLong;
+        int siteCounter = 42;
+
+        String sitePassword = generateContent( siteType, siteName, keyForPassword( masterPassword, username ), siteCounter );
+
+        logger.inf( "master password: %s, username: %s\nsite name: %s, site type: %s, site counter: %d\n    => site password: %s",
+                    masterPassword, username, siteName, siteType, siteCounter, sitePassword );
+    }
+}

MasterPassword/Java/masterpassword-algorithm/src/main/java/com/lyndir/lhunath/masterpassword/entity/MPElementEntity.java

@@ -0,0 +1,10 @@
+package com.lyndir.lhunath.masterpassword.entity;
+
+/**
+ * <i>07 04, 2012</i>
+ *
+ * @author lhunath
+ */
+public class MPElementEntity {
+
+}

MasterPassword/Java/masterpassword-algorithm/src/main/java/com/lyndir/lhunath/masterpassword/entity/MPElementGeneratedEntity.java

@@ -0,0 +1,10 @@
+package com.lyndir.lhunath.masterpassword.entity;
+
+/**
+ * <i>07 04, 2012</i>
+ *
+ * @author lhunath
+ */
+public class MPElementGeneratedEntity extends MPElementEntity {
+
+}

MasterPassword/Java/masterpassword-algorithm/src/main/java/com/lyndir/lhunath/masterpassword/entity/MPElementStoredEntity.java

@@ -0,0 +1,10 @@
+package com.lyndir.lhunath.masterpassword.entity;
+
+/**
+ * <i>07 04, 2012</i>
+ *
+ * @author lhunath
+ */
+public class MPElementStoredEntity extends MPElementEntity {
+
+}

MasterPassword/Java/masterpassword-algorithm/src/main/resources/templates.plist

@@ -0,0 +1 @@
+../../../../../../Resources/ciphers.plist

MasterPassword/Java/masterpassword-algorithm/target/classes/templates.plist

@@ -0,0 +1,78 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>MPElementGeneratedEntity</key>
+	<dict>
+		<key>Maximum Security Password</key>
+		<array>
+			<string>anoxxxxxxxxxxxxxxxxx</string>
+			<string>axxxxxxxxxxxxxxxxxno</string>
+		</array>
+		<key>Long Password</key>
+		<array>
+            <string>CvcvnoCvcvCvcv</string>
+			<string>CvcvCvcvnoCvcv</string>
+			<string>CvcvCvcvCvcvno</string>
+            <string>CvccnoCvcvCvcv</string>
+			<string>CvccCvcvnoCvcv</string>
+			<string>CvccCvcvCvcvno</string>
+            <string>CvcvnoCvccCvcv</string>
+			<string>CvcvCvccnoCvcv</string>
+			<string>CvcvCvccCvcvno</string>
+            <string>CvcvnoCvcvCvcc</string>
+			<string>CvcvCvcvnoCvcc</string>
+			<string>CvcvCvcvCvccno</string>
+            <string>CvccnoCvccCvcv</string>
+			<string>CvccCvccnoCvcv</string>
+			<string>CvccCvccCvcvno</string>
+            <string>CvcvnoCvccCvcc</string>
+			<string>CvcvCvccnoCvcc</string>
+			<string>CvcvCvccCvccno</string>
+            <string>CvccnoCvcvCvcc</string>
+			<string>CvccCvcvnoCvcc</string>
+			<string>CvccCvcvCvccno</string>
+		</array>
+		<key>Medium Password</key>
+		<array>
+			<string>CvcnoCvc</string>
+			<string>CvcCvcno</string>
+		</array>
+		<key>Short Password</key>
+		<array>
+			<string>Cvcn</string>
+		</array>
+		<key>Basic Password</key>
+		<array>
+			<string>aaanaaan</string>
+			<string>aannaaan</string>
+			<string>aaannaaa</string>
+		</array>
+		<key>PIN</key>
+		<array>
+			<string>nnnn</string>
+		</array>
+	</dict>
+	<key>MPCharacterClasses</key>
+	<dict>
+		<key>V</key>
+		<string>AEIOU</string>
+		<key>C</key>
+		<string>BCDFGHJKLMNPQRSTVWXYZ</string>
+		<key>v</key>
+		<string>aeiou</string>
+		<key>c</key>
+		<string>bcdfghjklmnpqrstvwxyz</string>
+		<key>A</key>
+		<string>AEIOUBCDFGHJKLMNPQRSTVWXYZ</string>
+		<key>a</key>
+		<string>AEIOUaeiouBCDFGHJKLMNPQRSTVWXYZbcdfghjklmnpqrstvwxyz</string>
+		<key>n</key>
+		<string>0123456789</string>
+		<key>o</key>
+        <string>@&amp;%?,=[]_:-+*$#!'^~;()/.</string>
+		<key>x</key>
+		<string>AEIOUaeiouBCDFGHJKLMNPQRSTVWXYZbcdfghjklmnpqrstvwxyz0123456789!@#$%^&amp;*()</string>
+	</dict>
+</dict>
+</plist>

MasterPassword/Java/masterpassword-algorithm/target/maven-archiver/pom.properties

@@ -0,0 +1,5 @@
+#Generated by Maven
+#Wed Jul 04 23:49:38 CEST 2012
+version=GIT-SNAPSHOT
+groupId=com.lyndir.lhunath.masterpassword
+artifactId=masterpassword-algorithm

MasterPassword/Java/masterpassword-cli/pom.xml

@@ -0,0 +1,80 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <!-- PROJECT METADATA -->
+    <parent>
+        <groupId>com.lyndir.lhunath.masterpassword</groupId>
+        <artifactId>masterpassword</artifactId>
+        <version>GIT-SNAPSHOT</version>
+    </parent>
+
+    <name>Master Password CLI</name>
+    <description>A CLI interface to the Master Password algorithm</description>
+
+    <groupId>com.lyndir.lhunath.masterpassword</groupId>
+    <artifactId>masterpassword-cli</artifactId>
+    <packaging>jar</packaging>
+
+    <!-- BUILD CONFIGURATION -->
+    <build>
+        <resources>
+            <resource>
+                <directory>src/main/scripts</directory>
+                <filtering>true</filtering>
+                <targetPath>${project.build.directory}</targetPath>
+            </resource>
+        </resources>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-jar-plugin</artifactId>
+                <configuration>
+                    <archive>
+                        <manifest>
+                            <mainClass>com.lyndir.lhunath.masterpassword.CLI</mainClass>
+                            <addClasspath>true</addClasspath>
+                            <classpathPrefix>lib/</classpathPrefix>
+                        </manifest>
+                    </archive>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-dependency-plugin</artifactId>
+                <version>2.4</version>
+                <executions>
+                    <execution>
+                        <id>copy-dependencies</id>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>copy-dependencies</goal>
+                        </goals>
+                        <configuration>
+                            <outputDirectory>${project.build.directory}/lib</outputDirectory>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+
+    <!-- DEPENDENCY MANAGEMENT -->
+    <dependencies>
+
+        <!-- PROJECT REFERENCES -->
+        <dependency>
+            <groupId>com.lyndir.lhunath.masterpassword</groupId>
+            <artifactId>masterpassword-algorithm</artifactId>
+            <version>GIT-SNAPSHOT</version>
+        </dependency>
+
+        <dependency>
+            <groupId>ch.qos.logback</groupId>
+            <artifactId>logback-classic</artifactId>
+        </dependency>
+
+    </dependencies>
+
+</project>

MasterPassword/Java/masterpassword-cli/src/main/java/com/lyndir/lhunath/masterpassword/CLI.java

@@ -0,0 +1,108 @@
+/*
+ *   Copyright 2008, Maarten Billemont
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
+package com.lyndir.lhunath.masterpassword;
+
+import com.google.common.io.LineReader;
+import com.lyndir.lhunath.opal.system.logging.Logger;
+import com.lyndir.lhunath.opal.system.util.ConversionUtils;
+import java.io.*;
+import java.util.Arrays;
+
+
+/**
+ * <p> <i>Jun 10, 2008</i> </p>
+ *
+ * @author mbillemo
+ */
+public class CLI {
+
+    static final Logger logger = Logger.get( CLI.class );
+
+    public static void main(final String[] args)
+            throws IOException {
+
+        InputStream in = System.in;
+
+        /* Arguments. */
+        String userName = null, siteName = null;
+        int counter = 1;
+        MPElementType type = MPElementType.GeneratedLong;
+        boolean typeArg = false, counterArg = false, userNameArg = false;
+        for (final String arg : Arrays.asList( args ))
+            if ("-t".equals( arg ) || "--type".equals( arg ))
+                typeArg = true;
+            else if (typeArg) {
+                if ("list".equalsIgnoreCase( arg )) {
+                    System.out.format( "%30s | %s\n", "type", "description" );
+                    for (final MPElementType aType : MPElementType.values())
+                        System.out.format( "%30s | %s\n", aType.getName(), aType.getDescription() );
+                    System.exit( 0 );
+                }
+
+                type = MPElementType.forName( arg );
+                typeArg = false;
+            } else if ("-c".equals( arg ) || "--counter".equals( arg ))
+                counterArg = true;
+            else if (counterArg) {
+                counter = ConversionUtils.toIntegerNN( arg );
+                counterArg = false;
+            } else if ("-u".equals( arg ) || "--username".equals( arg ))
+                userNameArg = true;
+            else if (userNameArg) {
+                userName = arg;
+                userNameArg = false;
+            } else if ("-h".equals( arg ) || "--help".equals( arg )) {
+                System.out.println();
+                System.out.println( "\tMaster Password CLI" );
+                System.out.println( "\t\tLyndir" );
+
+                System.out.println( "[options] [site name]" );
+                System.out.println();
+                System.out.println( "Available options:" );
+                System.out.println( "\t-t | --type [site password type]" );
+                System.out.format( "\t\tDefault: %s.  The password type to use for this site.\n", type.getName() );
+                System.out.println( "\t\tUse 'list' to see the available types." );
+
+                System.out.println();
+                System.out.println( "\t-c | --counter [site counter]" );
+                System.out.format( "\t\tDefault: %d.  The counter to use for this site.\n", counter );
+                System.out.println( "\t\tIncrement the counter if you need a new password." );
+
+                System.out.println();
+                System.out.println( "\t-u | --username [user's name]" );
+                System.out.println( "\t\tDefault: asked.  The name of the current user." );
+
+                System.out.println();
+                return;
+            } else
+                siteName = arg;
+        LineReader lineReader = new LineReader( new InputStreamReader( System.in ) );
+        if (siteName == null) {
+            System.out.print( "Site name: " );
+            siteName = lineReader.readLine();
+        }
+        if (userName == null) {
+            System.out.print( "User's name: " );
+            userName = lineReader.readLine();
+        }
+        System.out.print( "User's master password: " );
+        String masterPassword = lineReader.readLine();
+
+        String sitePassword = MasterPassword.generateContent( type, siteName, MasterPassword.keyForPassword( masterPassword, userName ),
+                                                              counter );
+        System.out.println( sitePassword );
+    }
+}

MasterPassword/Java/masterpassword-cli/src/main/resources/logback.xml

@@ -0,0 +1,19 @@
+<configuration scan="true">
+
+    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+        <layout class="ch.qos.logback.classic.PatternLayout">
+            <Pattern>%-8relative %22c{0} [%-5level] %msg%n</Pattern>
+        </layout>
+    </appender>
+
+    <logger name="com.lyndir" level="TRACE" />
+
+    <!--
+    <logger name="org.apache.wicket" level="DEBUG" />
+    -->
+
+    <root level="INFO">
+        <appender-ref ref="STDOUT" />
+    </root>
+
+</configuration>

MasterPassword/Java/masterpassword-cli/src/main/scripts/mpw

@@ -0,0 +1,4 @@
+#!/usr/bin/env bash
+
+cd "${BASH_SOURCE[0]%/*}"
+java -jar masterpassword-cli-GIT-SNAPSHOT.jar "$@"

MasterPassword/Java/masterpassword-cli/target/maven-archiver/pom.properties

@@ -0,0 +1,5 @@
+#Generated by Maven
+#Wed Jul 04 23:49:39 CEST 2012
+version=GIT-SNAPSHOT
+groupId=com.lyndir.lhunath.masterpassword
+artifactId=masterpassword-cli

MasterPassword/Java/masterpassword-cli/target/mpw

@@ -0,0 +1,4 @@
+#!/usr/bin/env bash
+
+cd "${BASH_SOURCE[0]%/*}"
+java -jar masterpassword-cli-GIT-SNAPSHOT.jar "$@"

MasterPassword/Java/pom.xml

@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <!-- PROJECT METADATA -->
+    <parent>
+        <groupId>com.lyndir.lhunath</groupId>
+        <artifactId>lyndir</artifactId>
+        <version>GIT-SNAPSHOT</version>
+    </parent>
+
+    <name>Master Password</name>
+    <description>A Java implementation of the Master Password algorithm.</description>
+
+    <groupId>com.lyndir.lhunath.masterpassword</groupId>
+    <artifactId>masterpassword</artifactId>
+    <version>GIT-SNAPSHOT</version>
+    <packaging>pom</packaging>
+
+    <modules>
+        <module>masterpassword-algorithm</module>
+        <module>masterpassword-cli</module>
+    </modules>
+
+</project>

MasterPassword/MPAppDelegate_Key.h

@@ -10,13 +10,10 @@
 
 @interface MPAppDelegate_Shared (Key)
 
-- (void)loadStoredKey;
-- (IBAction)signOut:(id)sender;
+- (BOOL)signInAsUser:(MPUserEntity *)user usingMasterPassword:(NSString *)password;
+- (void)signOutAnimated:(BOOL)animated;
 
-- (BOOL)tryMasterPassword:(NSString *)tryPassword;
-- (void)updateKey:(NSData *)key;
-- (void)forgetKey;
-
-- (NSData *)keyWithLength:(NSUInteger)keyLength;
+- (void)storeSavedKeyFor:(MPUserEntity *)user;
+- (void)forgetSavedKeyFor:(MPUserEntity *)user;
 
 @end

MasterPassword/MPAppDelegate_Key.m

@@ -6,153 +6,170 @@
 //  Copyright (c) 2011 Lyndir. All rights reserved.
 //
 
-#import "MPConfig.h"
+#import <Crashlytics/Crashlytics.h>
 #import "MPAppDelegate_Key.h"
-#import "MPElementEntity.h"
+#import "MPAppDelegate_Store.h"
+#import "LocalyticsSession.h"
 
 @implementation MPAppDelegate_Shared (Key)
 
-static NSDictionary *keyQuery() {
+static NSDictionary *keyQuery(MPUserEntity *user) {
 
-    static NSDictionary *MPKeyQuery = nil;
-    if (!MPKeyQuery)
-        MPKeyQuery = [PearlKeyChain createQueryForClass:kSecClassGenericPassword
+    return [PearlKeyChain createQueryForClass:kSecClassGenericPassword
                                    attributes:[NSDictionary dictionaryWithObjectsAndKeys:
                                                              @"Saved Master Password", (__bridge id)kSecAttrService,
-                                                         @"default",                    (__bridge id)kSecAttrAccount,
+                                                             user.name, (__bridge id)kSecAttrAccount,
                                                              nil]
                                    matches:nil];
-    
-    return MPKeyQuery;
 }
 
-static NSDictionary *keyIDQuery() {
+- (NSData *)loadSavedKeyFor:(MPUserEntity *)user {
 
-    static NSDictionary *MPKeyIDQuery = nil;
-    if (!MPKeyIDQuery)
-        MPKeyIDQuery = [PearlKeyChain createQueryForClass:kSecClassGenericPassword
-                                               attributes:[NSDictionary dictionaryWithObjectsAndKeys:
-                                                           @"Master Password Check",    (__bridge id)kSecAttrService,
-                                                           @"default",                  (__bridge id)kSecAttrAccount,
-                                                           nil]
-                                                  matches:nil];
+    NSData *key = [PearlKeyChain dataOfItemForQuery:keyQuery(user)];
+    if (key)
+    inf(@"Found key in keychain for: %@", user.userID);
 
-    return MPKeyIDQuery;
+    else {
+        user.saveKey = NO;
+        inf(@"No key found in keychain for: %@", user.userID);
+    }
+
+    return key;
 }
 
-- (void)forgetKey {
+- (void)storeSavedKeyFor:(MPUserEntity *)user {
 
-    inf(@"Deleting key and ID from keychain.");
-    if ([PearlKeyChain deleteItemForQuery:keyQuery()] != errSecItemNotFound)
-        inf(@"Removed key from keychain.");
-    if ([PearlKeyChain deleteItemForQuery:keyIDQuery()] != errSecItemNotFound)
-        inf(@"Removed key ID from keychain.");
+    if (user.saveKey) {
+        NSData *existingKey = [PearlKeyChain dataOfItemForQuery:keyQuery(user)];
+
+        if (![existingKey isEqualToData:self.key]) {
+            inf(@"Saving key in keychain for: %@", user.userID);
+
+            [PearlKeyChain addOrUpdateItemForQuery:keyQuery(user)
+                                    withAttributes:[NSDictionary dictionaryWithObjectsAndKeys:
+                                                                  self.key, (__bridge id)kSecValueData,
+                                                                  #if TARGET_OS_IPHONE
+                                                                  kSecAttrAccessibleWhenUnlockedThisDeviceOnly, (__bridge id)kSecAttrAccessible,
+                                                                  #endif
+                                                                  nil]];
+        }
+    }
+}
+
+- (void)forgetSavedKeyFor:(MPUserEntity *)user {
+
+    OSStatus result = [PearlKeyChain deleteItemForQuery:keyQuery(user)];
+    if (result == noErr || result == errSecItemNotFound) {
+        user.saveKey = NO;
+
+        if (result == noErr) {
+            inf(@"Removed key from keychain for: %@", user.userID);
 
             [[NSNotificationCenter defaultCenter] postNotificationName:MPNotificationKeyForgotten object:self];
 #ifdef TESTFLIGHT_SDK_VERSION
-    [TestFlight passCheckpoint:MPTestFlightCheckpointMPForgotten];
+            [TestFlight passCheckpoint:MPCheckpointForgetSavedKey];
 #endif
+        }
+    }
 }
 
-- (IBAction)signOut:(id)sender {
+- (void)signOutAnimated:(BOOL)animated {
 
-    [MPConfig get].saveKey = [NSNumber numberWithBool:NO];
-    [self updateKey:nil];
+    if (self.key)
+        self.key = nil;
+
+    if (self.activeUser) {
+        self.activeUser = nil;
+        [[NSNotificationCenter defaultCenter] postNotificationName:MPNotificationSignedOut object:self userInfo:
+         [NSDictionary dictionaryWithObject:PearlBool(animated) forKey:@"animated"]];
+    }
 }
 
-- (void)loadStoredKey {
+- (BOOL)signInAsUser:(MPUserEntity *)user usingMasterPassword:(NSString *)password {
 
-    if ([[MPConfig get].saveKey boolValue]) {
-        // Key is stored in keychain.  Load it.
-        [self updateKey:[PearlKeyChain dataOfItemForQuery:keyQuery()]];
-        inf(@"Looking for key in keychain: %@.", self.key? @"found": @"missing");
-    } else {
+    NSData *tryKey = nil;
+
+    // Method 1: When the user has no keyID set, set a new key from the given master password.
+    if (!user.keyID) {
+        if ([password length])
+            if ((tryKey = keyForPassword(password, user.name))) {
+                user.keyID = keyIDForKey(tryKey);
+                [[MPAppDelegate_Shared get] saveContext];
+            }
+    }
+
+    // Method 2: Depending on the user's saveKey, load or remove the key from the keychain.
+    if (!user.saveKey)
      // Key should not be stored in keychain.  Delete it.
-        if ([PearlKeyChain deleteItemForQuery:keyQuery()] != errSecItemNotFound)
-            inf(@"Removed key from keychain.");
-#ifdef TESTFLIGHT_SDK_VERSION
-        [TestFlight passCheckpoint:MPTestFlightCheckpointMPUnstored];
-#endif
+        [self forgetSavedKeyFor:user];
+
+    else
+        if (!tryKey) {
+            // Key should be saved in keychain.  Load it.
+            if ((tryKey = [self loadSavedKeyFor:user]))
+                if (![user.keyID isEqual:keyIDForKey(tryKey)]) {
+                    // Loaded password doesn't match user's keyID.  Forget saved password: it is incorrect.
+                    inf(@"Saved password doesn't match keyID for: %@", user.userID);
+                    
+                    tryKey = nil;
+                    [self forgetSavedKeyFor:user];
                 }
-}
-
-- (BOOL)tryMasterPassword:(NSString *)tryPassword {
-    
-    if (![tryPassword length])
-        return NO;
-    
-    NSData *tryKey = keyForPassword(tryPassword);
-    NSData *tryKeyID = keyIDForKey(tryKey);
-    NSData *keyID = [PearlKeyChain dataOfItemForQuery:keyIDQuery()];
-    inf(@"Key ID known? %@.", keyID? @"YES": @"NO");
-    if (keyID)
-        // A key ID is known -> a password is set.
-        // Make sure the user's entered password matches it.
-        if (![keyID isEqual:tryKeyID]) {
-            wrn(@"Key ID mismatch. Expected: %@, answer: %@.", [keyID encodeHex], [tryKeyID encodeHex]);
-            
-#ifdef TESTFLIGHT_SDK_VERSION
-            [TestFlight passCheckpoint:MPTestFlightCheckpointMPMismatch];
-#endif
-            return NO;
         }
 
-#ifdef TESTFLIGHT_SDK_VERSION
-    [TestFlight passCheckpoint:MPTestFlightCheckpointMPEntered];
-#endif
+    // Method 3: Check the given master password string.
+    if (!tryKey) {
+        if ([password length])
+            if ((tryKey = keyForPassword(password, user.name)))
+                if (![user.keyID isEqual:keyIDForKey(tryKey)]) {
+                    inf(@"Key derived from password doesn't match keyID for: %@", user.userID);
+
+                    tryKey = nil;
+                }
+    }
+
+    // No more methods left, fail if key still not known.
+    if (!tryKey) {
+        if (password) {
+            inf(@"Login failed for: %@", user.userID);
+            
+#ifdef TESTFLIGHT_SDK_VERSION
+            [TestFlight passCheckpoint:MPCheckpointSignInFailed];
+#endif
+            [[LocalyticsSession sharedLocalyticsSession] tagEvent:MPCheckpointSignInFailed attributes:nil];
+        }
+
+        return NO;
+    }
+    inf(@"Logged in: %@", user.userID);
+
+    if (![self.key isEqualToData:tryKey]) {
+        self.key = tryKey;
+        [self storeSavedKeyFor:user];
+    }
+
+    @try {
+        if ([[MPiOSConfig get].sendInfo boolValue]) {
+            [TestFlight addCustomEnvironmentInformation:user.userID forKey:@"username"];
+            [[Crashlytics sharedInstance] setObjectValue:user.userID forKey:@"username"];
+        }
+    }
+    @catch (id exception) {
+        err(@"While setting username: %@", exception);
+    }
+
+
+    user.lastUsed   = [NSDate date];
+    self.activeUser = user;
+    [[MPAppDelegate_Shared get] saveContext];
+
+    [[NSNotificationCenter defaultCenter] postNotificationName:MPNotificationSignedIn object:self];
+#ifdef TESTFLIGHT_SDK_VERSION
+    [TestFlight passCheckpoint:MPCheckpointSignedIn];
+#endif
+    [[LocalyticsSession sharedLocalyticsSession] tagEvent:MPCheckpointSignedIn
+                                               attributes:nil];
 
-    [self updateKey:tryKey];
     return YES;
 }
 
-- (void)updateKey:(NSData *)key {
-    
-    if (self.key != key) {
-        self.key = key;
-        
-        if (key)
-            [[NSNotificationCenter defaultCenter] postNotificationName:MPNotificationKeySet object:self];
-        else
-            [[NSNotificationCenter defaultCenter] postNotificationName:MPNotificationKeyUnset object:self];
-    }
-    
-    if (self.key) {
-        self.keyID = keyIDForKey(self.key);
-        
-        NSData *existingKeyID = [PearlKeyChain dataOfItemForQuery:keyIDQuery()];
-        if (![existingKeyID isEqualToData:self.keyID]) {
-            inf(@"Updating key ID in keychain.");
-            [PearlKeyChain addOrUpdateItemForQuery:keyIDQuery()
-                                    withAttributes:[NSDictionary dictionaryWithObjectsAndKeys:
-                                                    self.keyID,                                       (__bridge id)kSecValueData,
-#if TARGET_OS_IPHONE
-                                                    kSecAttrAccessibleWhenUnlocked,                     (__bridge id)kSecAttrAccessible,
-#endif
-                                                    nil]];
-        }
-        if ([[MPConfig get].saveKey boolValue]) {
-            NSData *existingKey = [PearlKeyChain dataOfItemForQuery:keyQuery()];
-            if (![existingKey isEqualToData:self.key]) {
-                inf(@"Updating key in keychain.");
-                [PearlKeyChain addOrUpdateItemForQuery:keyQuery()
-                                        withAttributes:[NSDictionary dictionaryWithObjectsAndKeys:
-                                                        self.key,                                       (__bridge id)kSecValueData,
-#if TARGET_OS_IPHONE
-                                                        kSecAttrAccessibleWhenUnlocked,                 (__bridge id)kSecAttrAccessible,
-#endif
-                                                        nil]];
-            }
-        }
-        
-#ifdef TESTFLIGHT_SDK_VERSION
-        [TestFlight passCheckpoint:MPTestFlightCheckpointSetKey];
-#endif
-    }
-}
-
-- (NSData *)keyWithLength:(NSUInteger)keyLength {
-    
-    return [self.key subdataWithRange:NSMakeRange(0, MIN(keyLength, self.key.length))];
-}
-
 @end

MasterPassword/MPAppDelegate_Shared.h

@@ -6,14 +6,17 @@
 //  Copyright (c) 2011 Lyndir. All rights reserved.
 //
 
+#import "MPEntities.h"
+
 #if TARGET_OS_IPHONE
+
 @interface MPAppDelegate_Shared : PearlAppDelegate
 #else
 @interface MPAppDelegate_Shared : NSObject <PearlConfigDelegate>
 #endif
 
+@property (strong, nonatomic) MPUserEntity *activeUser;
 @property (strong, nonatomic) NSData       *key;
-@property (strong, nonatomic) NSData                *keyID;
 
 + (MPAppDelegate_Shared *)get;
 

MasterPassword/MPAppDelegate_Shared.m

@@ -11,7 +11,7 @@
 @implementation MPAppDelegate_Shared
 
 @synthesize key;
-@synthesize keyID;
+@synthesize activeUser;
 
 + (MPAppDelegate_Shared *)get {
 

MasterPassword/MPAppDelegate_Store.h

@@ -18,7 +18,7 @@ typedef enum {
     MPImportResultInternalError,
 } MPImportResult;
 
-@interface MPAppDelegate_Shared (Store) <UbiquityStoreManagerDelegate>
+@interface MPAppDelegate_Shared (Store)<UbiquityStoreManagerDelegate>
 
 + (NSManagedObjectContext *)managedObjectContext;
 + (NSManagedObjectModel *)managedObjectModel;
@@ -27,7 +27,6 @@ typedef enum {
 
 - (UbiquityStoreManager *)storeManager;
 - (void)saveContext;
-- (void)printStore;
 
 - (MPImportResult)importSites:(NSString *)importedSitesString withPassword:(NSString *)password
               askConfirmation:(BOOL(^)(NSUInteger importCount, NSUInteger deleteCount))confirmation;

MasterPassword/MPAppDelegate_Store.m

@@ -7,13 +7,10 @@
 //
 
 #import "MPAppDelegate_Store.h"
-#import "MPElementEntity.h"
-#import "MPConfig.h"
+#import "LocalyticsSession.h"
 
 @implementation MPAppDelegate_Shared (Store)
 
-static NSDateFormatter *rfc3339DateFormatter = nil;
-
 #pragma mark - Core Data setup
 
 + (NSManagedObjectContext *)managedObjectContext {
@@ -42,12 +39,9 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
     if (managedObjectContext)
         return managedObjectContext;
 
-    NSPersistentStoreCoordinator *coordinator = [self persistentStoreCoordinator];
-    assert(coordinator);
-    
     managedObjectContext = [[NSManagedObjectContext alloc] initWithConcurrencyType:NSMainQueueConcurrencyType];
     [managedObjectContext performBlockAndWait:^{
-        managedObjectContext.persistentStoreCoordinator = coordinator;
+        managedObjectContext.persistentStoreCoordinator = [self persistentStoreCoordinator];
         managedObjectContext.mergePolicy                = NSMergeByPropertyObjectTrumpMergePolicy;
     }];
 
@@ -56,13 +50,13 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
 
 - (NSPersistentStoreCoordinator *)persistentStoreCoordinator {
 
-    // Wait until the storeManager is ready.
-    for(__block BOOL isReady = [self storeManager].isReady; !isReady;)
-        dispatch_sync(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), ^{
-            isReady = [self storeManager].isReady;
-        });
+    // Start loading the store.
+    [self storeManager];
+
+    // Wait until the storeManager is ready.
+    while (![self storeManager].isReady)
+        [NSThread sleepForTimeInterval:0.1];
 
-    assert([self storeManager].isReady);
     return [self storeManager].persistentStoreCoordinator;
 }
 
@@ -76,7 +70,8 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
                                           localStoreURL:[[self applicationFilesDirectory] URLByAppendingPathComponent:@"MasterPassword.sqlite"]
                                           containerIdentifier:@"HL3Q45LX9N.com.lyndir.lhunath.MasterPassword.shared"
 #if TARGET_OS_IPHONE
-                                                     additionalStoreOptions:[NSDictionary dictionaryWithObject:NSFileProtectionComplete forKey:NSPersistentStoreFileProtectionKey]
+                                       additionalStoreOptions:[NSDictionary dictionaryWithObject:NSFileProtectionComplete
+                                                                                          forKey:NSPersistentStoreFileProtectionKey]
 #else
                                                      additionalStoreOptions:nil
 #endif
@@ -125,51 +120,6 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
     }];
 }
 
-- (void)printStore {
-    
-    if (![self managedObjectModel] || ![self managedObjectContext]) {
-        trc(@"Not printing store: store not initialized.");
-        return;
-    }
-    
-    [self.managedObjectContext performBlock:^{
-        trc(@"=== All entities ===");
-        for(NSEntityDescription *entity in [[self managedObjectModel] entities]) {
-            NSFetchRequest *request = [NSFetchRequest new];
-            [request setEntity:entity];
-            NSError *error;
-            NSArray *results = [[self managedObjectContext] executeFetchRequest:request error:&error];
-            for(NSManagedObject *o in results) {
-                if ([o isKindOfClass:[MPElementEntity class]]) {
-                    MPElementEntity *e = (MPElementEntity *)o;
-                    trc(@"For descriptor: %@, found: %@: %@ (%@)", entity.name, [o class], e.name, e.keyID);
-                } else {
-                    trc(@"For descriptor: %@, found: %@", entity.name, [o class]);
-                }
-            }
-        }
-        trc(@"---");
-        if ([MPAppDelegate_Shared get].keyID) {
-            trc(@"=== Known sites ===");
-            NSFetchRequest *fetchRequest = [[self managedObjectModel]
-                                            fetchRequestFromTemplateWithName:@"MPElements"
-                                            substitutionVariables:[NSDictionary dictionaryWithObjectsAndKeys:
-                                                                   @"",                                     @"query",
-                                                                   [MPAppDelegate_Shared get].keyID,        @"keyID",
-                                                                   nil]];
-            [fetchRequest setSortDescriptors:
-             [NSArray arrayWithObject:[[NSSortDescriptor alloc] initWithKey:@"uses" ascending:NO]]];
-            
-            NSError *error = nil;
-            for (MPElementEntity *e in [[self managedObjectContext] executeFetchRequest:fetchRequest error:&error]) {
-                trc(@"Found site: %@ (%@): %@", e.name, e.keyID, e);
-            }
-            trc(@"---");
-        } else
-            trc(@"Not printing sites: master password not set.");
-    }];
-}
-
 #pragma mark - UbiquityStoreManagerDelegate
 
 - (NSManagedObjectContext *)managedObjectContextForUbiquityStoreManager:(UbiquityStoreManager *)usm {
@@ -184,23 +134,27 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
 
 - (void)ubiquityStoreManager:(UbiquityStoreManager *)manager didSwitchToiCloud:(BOOL)iCloudEnabled {
 
-    // manager.iCloudEnabled is more reliable (eg. iOS tampers with didSwitch a bit)
+    // manager.iCloudEnabled is more reliable (eg. iOS' MPAppDelegate tampers with didSwitch a bit)
     iCloudEnabled = manager.iCloudEnabled;
+    inf(@"Using iCloud? %@", iCloudEnabled? @"YES": @"NO");
 
 #ifdef TESTFLIGHT_SDK_VERSION
-    [TestFlight passCheckpoint:iCloudEnabled? MPTestFlightCheckpointCloudEnabled: MPTestFlightCheckpointCloudDisabled];
+    [TestFlight passCheckpoint:iCloudEnabled? MPCheckpointCloudEnabled: MPCheckpointCloudDisabled];
 #endif
+    [[LocalyticsSession sharedLocalyticsSession] tagEvent:MPCheckpointCloud
+                                               attributes:[NSDictionary dictionaryWithObject:iCloudEnabled? @"YES": @"NO" forKey:@"enabled"]];
 
-    inf(@"Using iCloud? %@", iCloudEnabled? @"YES": @"NO");
     [MPConfig get].iCloud = [NSNumber numberWithBool:iCloudEnabled];
 }
 
-- (void)ubiquityStoreManager:(UbiquityStoreManager *)manager didEncounterError:(NSError *)error cause:(UbiquityStoreManagerErrorCause)cause context:(id)context {
+- (void)ubiquityStoreManager:(UbiquityStoreManager *)manager didEncounterError:(NSError *)error cause:(UbiquityStoreManagerErrorCause)cause
+                     context:(id)context {
+
+    err(@"StoreManager: cause=%d, context=%@, error=%@", cause, context, error);
 
 #ifdef TESTFLIGHT_SDK_VERSION
-    [TestFlight passCheckpoint:PearlString(@"MPTestFlightCheckpointMPErrorUbiquity_%d", cause)];
+    [TestFlight passCheckpoint:PearlString(@"MPCheckpointMPErrorUbiquity_%d", cause)];
 #endif
-    err(@"StoreManager: cause=%d, context=%@, error=%@", cause, context, error);
 
     switch (cause) {
         case UbiquityStoreManagerErrorCauseDeleteStore:
@@ -209,10 +163,13 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
         case UbiquityStoreManagerErrorCauseClearStore:
             break;
         case UbiquityStoreManagerErrorCauseOpenLocalStore: {
-#ifdef TESTFLIGHT_SDK_VERSION
-            [TestFlight passCheckpoint:MPTestFlightCheckpointLocalStoreIncompatible];
-#endif
             wrn(@"Local store could not be opened, resetting it.");
+
+#ifdef TESTFLIGHT_SDK_VERSION
+            [TestFlight passCheckpoint:MPCheckpointLocalStoreIncompatible];
+#endif
+            [[LocalyticsSession sharedLocalyticsSession] tagEvent:MPCheckpointLocalStoreIncompatible
+                                                       attributes:nil];
             manager.hardResetEnabled = YES;
             [manager hardResetLocalStorage];
 
@@ -220,10 +177,13 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
             return;
         }
         case UbiquityStoreManagerErrorCauseOpenCloudStore: {
-#ifdef TESTFLIGHT_SDK_VERSION
-            [TestFlight passCheckpoint:MPTestFlightCheckpointCloudStoreIncompatible];
-#endif
             wrn(@"iCloud store could not be opened, resetting it.");
+
+#ifdef TESTFLIGHT_SDK_VERSION
+            [TestFlight passCheckpoint:MPCheckpointCloudStoreIncompatible];
+#endif
+            [[LocalyticsSession sharedLocalyticsSession] tagEvent:MPCheckpointCloudStoreIncompatible
+                                                       attributes:nil];
             manager.hardResetEnabled = YES;
             [manager hardResetCloudStorage];
             break;
@@ -233,22 +193,10 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
 
 #pragma mark - Import / Export
 
-- (void)loadRFC3339DateFormatter {
-    
-    if (rfc3339DateFormatter)
-        return;
-    
-    rfc3339DateFormatter = [NSDateFormatter new];
-    NSLocale *enUSPOSIXLocale = [[NSLocale alloc] initWithLocaleIdentifier:@"en_US_POSIX"];
-    [rfc3339DateFormatter setLocale:enUSPOSIXLocale];
-    [rfc3339DateFormatter setDateFormat:@"yyyy'-'MM'-'dd'T'HH':'mm':'ss'Z'"];
-    [rfc3339DateFormatter setTimeZone:[NSTimeZone timeZoneForSecondsFromGMT:0]];
-}
-
 - (MPImportResult)importSites:(NSString *)importedSitesString withPassword:(NSString *)password
               askConfirmation:(BOOL(^)(NSUInteger importCount, NSUInteger deleteCount))confirmation {
 
-    [self loadRFC3339DateFormatter];
+    inf(@"Importing sites.");
 
     static NSRegularExpression *headerPattern, *sitePattern;
     __autoreleasing NSError *error;
@@ -269,13 +217,15 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
     if (!headerPattern || !sitePattern)
         return MPImportResultInternalError;
 
-    NSString *keyIDHex = nil;
-    BOOL headerStarted = NO, headerEnded = NO;
+    NSData *key = nil;
+    NSString *keyIDHex = nil, *userName = nil;
+    MPUserEntity *user = nil;
+    BOOL headerStarted = NO, headerEnded = NO, clearText = NO;
     NSArray        *importedSiteLines    = [importedSitesString componentsSeparatedByCharactersInSet:[NSCharacterSet newlineCharacterSet]];
     NSMutableSet   *elementsToDelete     = [NSMutableSet set];
     NSMutableArray *importedSiteElements = [NSMutableArray arrayWithCapacity:[importedSiteLines count]];
     NSFetchRequest *fetchRequest         = [NSFetchRequest fetchRequestWithEntityName:NSStringFromClass([MPElementEntity class])];
-    for(NSString *importedSiteLine in importedSiteLines) {
+    for (NSString  *importedSiteLine in importedSiteLines) {
         if ([importedSiteLine hasPrefix:@"#"]) {
             // Comment or header
             if (!headerStarted) {
@@ -295,19 +245,32 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
                 err(@"Invalid header format in line: %@", importedSiteLine);
                 return MPImportResultMalformedInput;
             }
-            NSTextCheckingResult *headerElements = [[headerPattern matchesInString:importedSiteLine options:0 range:NSMakeRange(0, [importedSiteLine length])] lastObject];
-            NSString *key = [importedSiteLine substringWithRange:[headerElements rangeAtIndex:1]];
-            NSString *value = [importedSiteLine substringWithRange:[headerElements rangeAtIndex:2]];
-            if ([key isEqualToString:@"Key ID"]) {
-                if (![(keyIDHex = value) isEqualToString:[keyIDForPassword(password) encodeHex]])
+            NSTextCheckingResult *headerElements = [[headerPattern matchesInString:importedSiteLine options:0
+                                                                             range:NSMakeRange(0, [importedSiteLine length])] lastObject];
+            NSString             *headerName            = [importedSiteLine substringWithRange:[headerElements rangeAtIndex:1]];
+            NSString             *headerValue          = [importedSiteLine substringWithRange:[headerElements rangeAtIndex:2]];
+            if ([headerName isEqualToString:@"User Name"]) {
+                userName = headerValue;
+                key = keyForPassword(password, userName);
+
+                NSFetchRequest *userFetchRequest = [NSFetchRequest fetchRequestWithEntityName:NSStringFromClass([MPUserEntity class])];
+                userFetchRequest.predicate = [NSPredicate predicateWithFormat:@"name == %@", userName];
+                user = [[self.managedObjectContext executeFetchRequest:fetchRequest error:&error] lastObject];
+            }
+            if ([headerName isEqualToString:@"Key ID"]) {
+                if (![(keyIDHex = headerValue) isEqualToString:[keyIDForKey(key) encodeHex]])
                     return MPImportResultInvalidPassword;
             }
+            if ([headerName isEqualToString:@"Passwords"]) {
+                if ([headerValue isEqualToString:@"VISIBLE"])
+                    clearText = YES;
+            }
 
             continue;
         }
         if (!headerEnded)
             continue;
-        if (!keyIDHex)
+        if (!keyIDHex || ![userName length])
             return MPImportResultMalformedInput;
         if (![importedSiteLine length])
             continue;
@@ -317,7 +280,8 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
             err(@"Invalid site format in line: %@", importedSiteLine);
             return MPImportResultMalformedInput;
         }
-        NSTextCheckingResult *siteElements = [[sitePattern matchesInString:importedSiteLine options:0 range:NSMakeRange(0, [importedSiteLine length])] lastObject];
+        NSTextCheckingResult *siteElements  = [[sitePattern matchesInString:importedSiteLine options:0
+                                                                      range:NSMakeRange(0, [importedSiteLine length])] lastObject];
         NSString             *lastUsed      = [importedSiteLine substringWithRange:[siteElements rangeAtIndex:1]];
         NSString             *uses          = [importedSiteLine substringWithRange:[siteElements rangeAtIndex:2]];
         NSString             *type          = [importedSiteLine substringWithRange:[siteElements rangeAtIndex:3]];
@@ -325,20 +289,29 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
         NSString             *exportContent = [importedSiteLine substringWithRange:[siteElements rangeAtIndex:5]];
 
         // Find existing site.
-        fetchRequest.predicate = [NSPredicate predicateWithFormat:@"name == %@ AND keyID == %@", name, keyIDHex];
+        if (user) {
+            fetchRequest.predicate = [NSPredicate predicateWithFormat:@"name == %@ AND user == %@", name, user];
             NSArray *existingSites = [self.managedObjectContext executeFetchRequest:fetchRequest error:&error];
             if (error)
             err(@"Couldn't search existing sites: %@", error);
-        if (!existingSites)
+            if (!existingSites) {
+                err(@"Lookup of existing sites failed for site: %@, user: %@", name, user.userID);
                 return MPImportResultInternalError;
+            }
 
             [elementsToDelete addObjectsFromArray:existingSites];
             [importedSiteElements addObject:[NSArray arrayWithObjects:lastUsed, uses, type, name, exportContent, nil]];
         }
+    }
+
+    inf(@"Importing %u sites, deleting %u sites, for user: %@",
+    [importedSiteElements count], [elementsToDelete count], [MPUserEntity idFor:userName]);
 
     // Ask for confirmation to import these sites.
-    if (!confirmation([importedSiteElements count], [elementsToDelete count]))
+    if (!confirmation([importedSiteElements count], [elementsToDelete count])) {
+        inf(@"Import cancelled.");
         return MPImportResultCancelled;
+    }
 
     // Delete existing sites.
     [elementsToDelete enumerateObjectsUsingBlock:^(id obj, BOOL *stop) {
@@ -348,37 +321,48 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
     [self saveContext];
 
     // Import new sites.
+    if (!user) {
+        user = [NSEntityDescription insertNewObjectForEntityForName:NSStringFromClass([MPUserEntity class])
+                                    inManagedObjectContext:self.managedObjectContext];
+        user.name  = userName;
+        user.keyID = [keyIDHex decodeHex];
+    }
     for (NSArray *siteElements in importedSiteElements) {
-        NSDate *lastUsed        = [rfc3339DateFormatter dateFromString:[siteElements objectAtIndex:0]];
-        NSInteger uses          = [[siteElements objectAtIndex:1] integerValue];
-        MPElementType type      = (unsigned)[[siteElements objectAtIndex:2] integerValue];
+        NSDate *lastUsed = [[NSDateFormatter rfc3339DateFormatter] dateFromString:[siteElements objectAtIndex:0]];
+        NSUInteger    uses = (unsigned)[[siteElements objectAtIndex:1] integerValue];
+        MPElementType type = (MPElementType)[[siteElements objectAtIndex:2] integerValue];
         NSString *name          = [siteElements objectAtIndex:3];
         NSString *exportContent = [siteElements objectAtIndex:4];
 
         // Create new site.
-        inf(@"Importing site: name=%@, lastUsed=%@, uses=%d, type=%u, keyID=%@", name, lastUsed, uses, type, keyIDHex);
         MPElementEntity *element = [NSEntityDescription insertNewObjectForEntityForName:ClassNameFromMPElementType(type)
                                                                  inManagedObjectContext:self.managedObjectContext];
         element.name     = name;
-        element.keyID = [keyIDHex decodeHex];
+        element.user     = user;
         element.type     = type;
         element.uses     = uses;
-        element.lastUsed = [lastUsed timeIntervalSinceReferenceDate];
+        element.lastUsed = lastUsed;
         if ([exportContent length])
-            [element importContent:exportContent];
+            if (clearText)
+                [element importClearTextContent:exportContent usingKey:key];
+            else
+                [element importProtectedContent:exportContent];
     }
     [self saveContext];
 
+    inf(@"Import completed successfully.");
 #ifdef TESTFLIGHT_SDK_VERSION
-    [TestFlight passCheckpoint:MPTestFlightCheckpointSitesImported];
+    [TestFlight passCheckpoint:MPCheckpointSitesImported];
 #endif
+    [[LocalyticsSession sharedLocalyticsSession] tagEvent:MPCheckpointSitesImported
+                                               attributes:nil];
 
     return MPImportResultSuccess;
 }
 
 - (NSString *)exportSitesShowingPasswords:(BOOL)showPasswords {
 
-    [self loadRFC3339DateFormatter];
+    inf(@"Exporting sites, %@, for: %@", showPasswords? @"showing passwords": @"omitting passwords", self.activeUser.userID);
 
     // Header.
     NSMutableString *export = [NSMutableString new];
@@ -390,8 +374,9 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
     [export appendFormat:@"# \n"];
     [export appendFormat:@"##\n"];
     [export appendFormat:@"# Version: %@\n", [PearlInfoPlist get].CFBundleVersion];
-    [export appendFormat:@"# Key ID: %@\n", [self.keyID encodeHex]];
-    [export appendFormat:@"# Date: %@\n", [rfc3339DateFormatter stringFromDate:[NSDate date]]];
+    [export appendFormat:@"# User Name: %@\n", self.activeUser.name];
+    [export appendFormat:@"# Key ID: %@\n", [self.activeUser.keyID encodeHex]];
+    [export appendFormat:@"# Date: %@\n", [[NSDateFormatter rfc3339DateFormatter] stringFromDate:[NSDate date]]];
     if (showPasswords)
         [export appendFormat:@"# Passwords: VISIBLE\n"];
     else
@@ -402,18 +387,10 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
     [export appendFormat:@"#               used      used      type                  name\tpassword\n"];
 
     // Sites.
-    NSFetchRequest *fetchRequest    = [NSFetchRequest fetchRequestWithEntityName:NSStringFromClass([MPElementEntity class])];
-    fetchRequest.sortDescriptors    = [NSArray arrayWithObject:[[NSSortDescriptor alloc] initWithKey:@"uses" ascending:NO]];
-    fetchRequest.predicate = [NSPredicate predicateWithFormat:@"keyID == %@", self.keyID];
-    __autoreleasing NSError *error = nil;
-    NSArray *elements = [self.managedObjectContext executeFetchRequest:fetchRequest error:&error];
-    if (error)
-        err(@"Error fetching sites for export: %@", error);
-    
-    for (MPElementEntity *element in elements) {
-        NSTimeInterval lastUsed = element.lastUsed;
-        int16_t uses  = element.uses;
-        MPElementType type = (unsigned)element.type;
+    for (MPElementEntity *element in self.activeUser.elements) {
+        NSDate *lastUsed = element.lastUsed;
+        NSUInteger    uses = element.uses;
+        MPElementType type = element.type;
         NSString *name    = element.name;
         NSString *content = nil;
 
@@ -421,17 +398,20 @@ static NSDateFormatter *rfc3339DateFormatter = nil;
         if (!(type & MPElementFeatureDevicePrivate)) {
             if (showPasswords)
                 content = element.content;
-            else if (type & MPElementFeatureExportContent)
+            else
+                if (type & MPElementFeatureExportContent)
                     content = element.exportContent;
         }
 
         [export appendFormat:@"%@  %8d  %8d  %20s\t%@\n",
-         [rfc3339DateFormatter stringFromDate:[NSDate dateWithTimeIntervalSinceReferenceDate:lastUsed]], uses, type, [name cStringUsingEncoding:NSUTF8StringEncoding], content? content: @""];
+                             [[NSDateFormatter rfc3339DateFormatter] stringFromDate:lastUsed], uses, type, [name cStringUsingEncoding:NSUTF8StringEncoding], content
+         ? content: @""];
     }
 
 #ifdef TESTFLIGHT_SDK_VERSION
-    [TestFlight passCheckpoint:MPTestFlightCheckpointSitesExported];
+    [TestFlight passCheckpoint:MPCheckpointSitesExported];
 #endif
+    [[LocalyticsSession sharedLocalyticsSession] tagEvent:MPCheckpointSitesExported attributes:nil];
 
     return export;
 }

MasterPassword/MPConfig.h

@@ -6,10 +6,11 @@
 //  Copyright (c) 2012 Lyndir. All rights reserved.
 //
 
+#import "Pearl.h"
+
 @interface MPConfig : PearlConfig
 
-@property (nonatomic, retain) NSNumber *saveKey;
-@property (nonatomic, retain) NSNumber *rememberKey;
+@property (nonatomic, retain) NSNumber *rememberLogin;
 
 @property (nonatomic, retain) NSNumber *iCloud;
 @property (nonatomic, retain) NSNumber *iCloudDecided;

MasterPassword/MPConfig.m

@@ -6,22 +6,20 @@
 //  Copyright (c) 2012 Lyndir. All rights reserved.
 //
 
-#import "MPConfig.h"
 #import "MPAppDelegate.h"
 
 @implementation MPConfig
-@dynamic saveKey, rememberKey, iCloud, iCloudDecided;
+@dynamic rememberLogin, iCloud, iCloudDecided;
 
 - (id)init {
 
-    if(!(self = [super init]))
+    if (!(self = [super init]))
         return nil;
 
     [self.defaults registerDefaults:[NSDictionary dictionaryWithObjectsAndKeys:
                                                    [NSNumber numberWithBool:YES], NSStringFromSelector(@selector(askForReviews)),
 
-                                     [NSNumber numberWithBool:NO],                          NSStringFromSelector(@selector(saveKey)),
-                                     [NSNumber numberWithBool:YES],                         NSStringFromSelector(@selector(rememberKey)),
+                                                   [NSNumber numberWithBool:NO], NSStringFromSelector(@selector(rememberLogin)),
                                                    [NSNumber numberWithBool:NO], NSStringFromSelector(@selector(iCloud)),
                                                    [NSNumber numberWithBool:NO], NSStringFromSelector(@selector(iCloudDecided)),
                                                    nil]];

MasterPassword/MPElementEntity.h

@@ -1,27 +1,23 @@
 //
 //  MPElementEntity.h
-//  MasterPassword
+//  MasterPassword-iOS
 //
-//  Created by Maarten Billemont on 02/01/12.
+//  Created by Maarten Billemont on 11/06/12.
 //  Copyright (c) 2012 Lyndir. All rights reserved.
 //
 
 #import <Foundation/Foundation.h>
 #import <CoreData/CoreData.h>
 
+@class MPUserEntity;
 
 @interface MPElementEntity : NSManagedObject
 
-@property (nonatomic, retain) NSString *name;
-@property (nonatomic, retain) NSData *keyID;
-@property (nonatomic, assign) int16_t type;
-@property (nonatomic, assign) int16_t uses;
-@property (nonatomic, assign) NSTimeInterval lastUsed;
-
-@property (nonatomic, retain, readonly) id content;
-
-- (int16_t)use;
-- (NSString *)exportContent;
-- (void)importContent:(NSString *)content;
+@property (nonatomic, retain) id content;
+@property (nonatomic, retain) NSDate * lastUsed;
+@property (nonatomic, retain) NSString * name;
+@property (nonatomic, retain) NSNumber * type_;
+@property (nonatomic, retain) NSNumber * uses_;
+@property (nonatomic, retain) MPUserEntity *user;
 
 @end

MasterPassword/MPElementEntity.m

@@ -1,51 +1,22 @@
 //
 //  MPElementEntity.m
-//  MasterPassword
+//  MasterPassword-iOS
 //
-//  Created by Maarten Billemont on 02/01/12.
+//  Created by Maarten Billemont on 11/06/12.
 //  Copyright (c) 2012 Lyndir. All rights reserved.
 //
 
 #import "MPElementEntity.h"
+#import "MPUserEntity.h"
 
 
 @implementation MPElementEntity
 
-@dynamic name;
-@dynamic keyID;
-@dynamic type;
-@dynamic uses;
+@dynamic content;
 @dynamic lastUsed;
-
-- (int16_t)use {
-    
-    self.lastUsed = [[NSDate date] timeIntervalSinceReferenceDate];
-    return ++self.uses;
-}
-
-- (id)content {
-    
-    @throw [NSException exceptionWithName:NSInternalInconsistencyException reason:@"Content implementation missing." userInfo:nil];
-}
-
-- (NSString *)exportContent {
-    
-    return nil;
-}
-
-- (void)importContent:(NSString *)content {
-    
-}
-
-- (NSString *)description {
-    
-    return PearlString(@"%@:%@", [self class], [self name]);
-}
-
-- (NSString *)debugDescription {
-    
-    return PearlString(@"{%@: name=%@, keyID=%@, type=%d, uses=%d, lastUsed=%@}",
-                       NSStringFromClass([self class]), self.name, self.keyID, self.type, self.uses, self.lastUsed);
-}
+@dynamic name;
+@dynamic type_;
+@dynamic uses_;
+@dynamic user;
 
 @end

MasterPassword/MPElementGeneratedEntity.h

@@ -1,8 +1,8 @@
 //
 //  MPElementGeneratedEntity.h
-//  MasterPassword
+//  MasterPassword-iOS
 //
-//  Created by Maarten Billemont on 16/01/12.
+//  Created by Maarten Billemont on 11/06/12.
 //  Copyright (c) 2012 Lyndir. All rights reserved.
 //
 
@@ -13,6 +13,6 @@
 
 @interface MPElementGeneratedEntity : MPElementEntity
 
-@property (nonatomic, assign) int32_t counter;
+@property (nonatomic, retain) NSNumber * counter_;
 
 @end

MasterPassword/MPElementGeneratedEntity.m

@@ -1,31 +1,16 @@
 //
 //  MPElementGeneratedEntity.m
-//  MasterPassword
+//  MasterPassword-iOS
 //
-//  Created by Maarten Billemont on 16/01/12.
+//  Created by Maarten Billemont on 11/06/12.
 //  Copyright (c) 2012 Lyndir. All rights reserved.
 //
 
 #import "MPElementGeneratedEntity.h"
-#import "MPAppDelegate.h"
-#import "MPAppDelegate_Key.h"
 
 
 @implementation MPElementGeneratedEntity
 
-@dynamic counter;
-
-- (id)content {
-
-    if (!(self.type & MPElementTypeClassGenerated)) {
-        err(@"Corrupt element: %@, type: %d is not in MPElementTypeClassGenerated", self.name, self.type);
-        return nil;
-    }
-    
-    if (![self.name length])
-        return nil;
-    
-    return MPCalculateContent((unsigned)self.type, self.name, [MPAppDelegate get].key, self.counter);
-}
+@dynamic counter_;
 
 @end

MasterPassword/MPElementStoredEntity.h

@@ -1,8 +1,8 @@
 //
 //  MPElementStoredEntity.h
-//  MasterPassword
+//  MasterPassword-iOS
 //
-//  Created by Maarten Billemont on 02/01/12.
+//  Created by Maarten Billemont on 11/06/12.
 //  Copyright (c) 2012 Lyndir. All rights reserved.
 //
 
@@ -13,6 +13,6 @@
 
 @interface MPElementStoredEntity : MPElementEntity
 
-@property (nonatomic, retain, readwrite) id content;
+@property (nonatomic, retain) id contentObject;
 
 @end

MasterPassword/MPElementStoredEntity.m

@@ -1,76 +1,16 @@
 //
 //  MPElementStoredEntity.m
-//  MasterPassword
+//  MasterPassword-iOS
 //
-//  Created by Maarten Billemont on 02/01/12.
+//  Created by Maarten Billemont on 11/06/12.
 //  Copyright (c) 2012 Lyndir. All rights reserved.
 //
 
 #import "MPElementStoredEntity.h"
-#import "MPAppDelegate.h"
-#import "MPAppDelegate_Key.h"
 
-@interface MPElementStoredEntity ()
-
-@property (nonatomic, retain, readwrite) id contentObject;
-
-@end
 
 @implementation MPElementStoredEntity
 
 @dynamic contentObject;
 
-+ (NSDictionary *)queryForDevicePrivateElementNamed:(NSString *)name {
-    
-    return [PearlKeyChain createQueryForClass:kSecClassGenericPassword
-                              attributes:[NSDictionary dictionaryWithObjectsAndKeys:
-                                          @"DevicePrivate",  (__bridge id)kSecAttrService,
-                                          name,              (__bridge id)kSecAttrAccount,
-                                          nil]
-                                 matches:nil];
-}
-
-- (id)content {
-    
-    assert(self.type & MPElementTypeClassStored);
-    
-    NSData *encryptedContent;
-    if (self.type & MPElementFeatureDevicePrivate)
-        encryptedContent = [PearlKeyChain dataOfItemForQuery:[MPElementStoredEntity queryForDevicePrivateElementNamed:self.name]];
-    else
-        encryptedContent = self.contentObject;
-    
-    NSData *decryptedContent = [encryptedContent decryptWithSymmetricKey:[[MPAppDelegate get] keyWithLength:PearlCryptKeySize]
-                                                                 padding:YES];
-    return [[NSString alloc] initWithBytes:decryptedContent.bytes length:decryptedContent.length encoding:NSUTF8StringEncoding];
-}
-
-- (void)setContent:(id)content {
-    
-    NSData *encryptedContent = [[content description] encryptWithSymmetricKey:[[MPAppDelegate get] keyWithLength:PearlCryptKeySize]
-                                                                      padding:YES];
-    
-    if (self.type & MPElementFeatureDevicePrivate) {
-        [PearlKeyChain addOrUpdateItemForQuery:[MPElementStoredEntity queryForDevicePrivateElementNamed:self.name]
-                           withAttributes:[NSDictionary dictionaryWithObjectsAndKeys:
-                                           encryptedContent,                                (__bridge id)kSecValueData,
-#if TARGET_OS_IPHONE
-                                           kSecAttrAccessibleWhenUnlockedThisDeviceOnly,    (__bridge id)kSecAttrAccessible,
-#endif
-                                           nil]];
-        self.contentObject = nil;
-    } else
-        self.contentObject = encryptedContent;
-}
-
-- (NSString *)exportContent {
-    
-    return [self.contentObject encodeBase64];
-}
-
-- (void)importContent:(NSString *)content {
-    
-    self.contentObject = [content decodeBase64];
-}
-
 @end

MasterPassword/MPEntities.h

@@ -0,0 +1,44 @@
+//
+//  MPElementEntities.h
+//  MasterPassword-iOS
+//
+//  Created by Maarten Billemont on 31/05/12.
+//  Copyright (c) 2012 Lyndir. All rights reserved.
+//
+
+#import <Foundation/Foundation.h>
+#import "MPElementEntity.h"
+#import "MPElementStoredEntity.h"
+#import "MPElementGeneratedEntity.h"
+#import "MPUserEntity.h"
+
+#define MPAvatarCount 19
+
+@interface MPElementEntity (MP)
+
+@property (assign) MPElementType type;
+@property (assign) NSUInteger    uses;
+
+- (NSUInteger)use;
+- (NSString *)exportContent;
+- (void)importProtectedContent:(NSString *)protectedContent;
+- (void)importClearTextContent:(NSString *)clearContent usingKey:(NSData *)key;
+
+@end
+
+@interface MPElementGeneratedEntity (MP)
+
+@property (assign) NSUInteger counter;
+
+@end
+
+@interface MPUserEntity (MP)
+
+@property (assign) NSUInteger avatar;
+@property (assign) BOOL       saveKey;
+@property (assign) MPElementType defaultType;
+@property (readonly) NSString *userID;
+
++ (NSString *)idFor:(NSString *)userName;
+
+@end

MasterPassword/MPEntities.m

@@ -0,0 +1,218 @@
+//
+//  MPElementEntities.m
+//  MasterPassword-iOS
+//
+//  Created by Maarten Billemont on 31/05/12.
+//  Copyright (c) 2012 Lyndir. All rights reserved.
+//
+
+#import "MPEntities.h"
+#import "MPAppDelegate.h"
+#import "MPAppDelegate_Key.h"
+#import "MPUserEntity.h"
+
+@implementation MPElementEntity (MP)
+
+- (MPElementType)type {
+
+    return (MPElementType)[self.type_ unsignedIntegerValue];
+}
+
+- (void)setType:(MPElementType)aType {
+
+    self.type_ = PearlUnsignedInteger(aType);
+}
+
+- (NSUInteger)uses {
+
+    return [self.uses_ unsignedIntegerValue];
+}
+
+- (void)setUses:(NSUInteger)anUses {
+
+    self.uses_ = PearlUnsignedInteger(anUses);
+}
+
+
+- (NSUInteger)use {
+
+    self.lastUsed = [NSDate date];
+    return ++self.uses;
+}
+
+- (id)content {
+
+    @throw [NSException exceptionWithName:NSInternalInconsistencyException reason:@"Content implementation missing." userInfo:nil];
+}
+
+- (NSString *)exportContent {
+
+    return nil;
+}
+
+- (void)importProtectedContent:(NSString *)content {
+
+}
+
+- (void)importClearTextContent:(NSString *)content usingKey:(NSData *)key {
+    
+}
+
+- (NSString *)description {
+
+    return PearlString(@"%@:%@", [self class], [self name]);
+}
+
+- (NSString *)debugDescription {
+
+    return PearlString(@"{%@: name=%@, user=%@, type=%d, uses=%d, lastUsed=%@}",
+                       NSStringFromClass([self class]), self.name, self.user.name, self.type, self.uses, self.lastUsed);
+}
+
+@end
+
+@implementation MPElementGeneratedEntity (MP)
+
+- (NSUInteger)counter {
+
+    return [self.counter_ unsignedIntegerValue];
+}
+
+- (void)setCounter:(NSUInteger)aCounter {
+
+    self.counter_ = PearlUnsignedInteger(aCounter);
+}
+
+- (id)content {
+
+    if (!(self.type & MPElementTypeClassGenerated)) {
+        err(@"Corrupt element: %@, type: %d is not in MPElementTypeClassGenerated", self.name, self.type);
+        return nil;
+    }
+
+    if (![self.name length])
+        return nil;
+
+    return MPCalculateContent(self.type, self.name, [MPAppDelegate get].key, self.counter);
+}
+
+@end
+
+@implementation MPElementStoredEntity (MP)
+
++ (NSDictionary *)queryForDevicePrivateElementNamed:(NSString *)name {
+
+    return [PearlKeyChain createQueryForClass:kSecClassGenericPassword
+                                   attributes:[NSDictionary dictionaryWithObjectsAndKeys:
+                                                             @"DevicePrivate", (__bridge id)kSecAttrService,
+                                                             name, (__bridge id)kSecAttrAccount,
+                                                             nil]
+                                   matches:nil];
+}
+
+- (id)content {
+    
+    return [self contentUsingKey:[MPAppDelegate get].key];
+}
+
+- (void)setContent:(id)content {
+    
+    [self setContent:content usingKey:[MPAppDelegate get].key];
+}
+
+- (id)contentUsingKey:(NSData *)key {
+
+    assert(self.type & MPElementTypeClassStored);
+    assert([keyIDForKey(key) isEqualToData:self.user.keyID]);
+
+    NSData *encryptedContent;
+    if (self.type & MPElementFeatureDevicePrivate)
+        encryptedContent = [PearlKeyChain dataOfItemForQuery:[MPElementStoredEntity queryForDevicePrivateElementNamed:self.name]];
+    else
+        encryptedContent = self.contentObject;
+
+    NSData *decryptedContent = [encryptedContent decryptWithSymmetricKey:subkeyForKey(key, PearlCryptKeySize) padding:YES];
+    return [[NSString alloc] initWithBytes:decryptedContent.bytes length:decryptedContent.length encoding:NSUTF8StringEncoding];
+}
+
+- (void)setContent:(id)content usingKey:(NSData *)key {
+
+    assert(self.type & MPElementTypeClassStored);
+    assert([keyIDForKey(key) isEqualToData:self.user.keyID]);
+
+    NSData *encryptedContent = [[content description] encryptWithSymmetricKey:subkeyForKey(key, PearlCryptKeySize) padding:YES];
+
+    if (self.type & MPElementFeatureDevicePrivate) {
+        [PearlKeyChain addOrUpdateItemForQuery:[MPElementStoredEntity queryForDevicePrivateElementNamed:self.name]
+                       withAttributes:[NSDictionary dictionaryWithObjectsAndKeys:
+                                                     encryptedContent, (__bridge id)kSecValueData,
+                                                     #if TARGET_OS_IPHONE
+                                                     kSecAttrAccessibleWhenUnlockedThisDeviceOnly, (__bridge id)kSecAttrAccessible,
+                                                     #endif
+                                                     nil]];
+        self.contentObject = nil;
+    } else
+        self.contentObject = encryptedContent;
+}
+
+- (NSString *)exportContent {
+
+    return [self.contentObject encodeBase64];
+}
+
+- (void)importProtectedContent:(NSString *)protectedContent {
+
+    self.contentObject = [protectedContent decodeBase64];
+}
+
+- (void)importClearTextContent:(NSString *)clearContent usingKey:(NSData *)key {
+    
+    [self setContent:clearContent usingKey:key];
+}
+
+@end
+
+@implementation MPUserEntity (MP)
+
+- (NSUInteger)avatar {
+
+    return [self.avatar_ unsignedIntegerValue];
+}
+
+- (void)setAvatar:(NSUInteger)anAvatar {
+
+    self.avatar_ = PearlUnsignedInteger(anAvatar);
+}
+
+- (BOOL)saveKey {
+
+    return [self.saveKey_ boolValue];
+}
+
+- (void)setSaveKey:(BOOL)aSaveKey {
+
+    self.saveKey_ = [NSNumber numberWithBool:aSaveKey];
+}
+
+- (MPElementType)defaultType {
+
+    return (MPElementType)[self.defaultType_ unsignedIntegerValue];
+}
+
+- (NSString *)userID {
+
+    return [MPUserEntity idFor:self.name];
+}
+
+
+- (void)setDefaultType:(MPElementType)aDefaultType {
+
+    self.defaultType_ = PearlUnsignedInteger(aDefaultType);
+}
+
++ (NSString *)idFor:(NSString *)userName {
+
+    return [[userName hashWith:PearlHashSHA1] encodeHex];
+}
+
+@end

MasterPassword/MPTypes.h

@@ -31,55 +31,58 @@ typedef enum {
 } MPElementFeature;
 
 typedef enum {
-    MPElementTypeGeneratedLong          = 0x0 | MPElementTypeClassGenerated   | 0x0,
-    MPElementTypeGeneratedMedium        = 0x1 | MPElementTypeClassGenerated   | 0x0,
-    MPElementTypeGeneratedShort         = 0x2 | MPElementTypeClassGenerated   | 0x0,
-    MPElementTypeGeneratedBasic         = 0x3 | MPElementTypeClassGenerated   | 0x0,
-    MPElementTypeGeneratedPIN           = 0x4 | MPElementTypeClassGenerated   | 0x0,
+    MPElementTypeGeneratedMaximum = 0x0 | MPElementTypeClassGenerated | 0x0,
+    MPElementTypeGeneratedLong    = 0x1 | MPElementTypeClassGenerated | 0x0,
+    MPElementTypeGeneratedMedium  = 0x2 | MPElementTypeClassGenerated | 0x0,
+    MPElementTypeGeneratedShort   = 0x3 | MPElementTypeClassGenerated | 0x0,
+    MPElementTypeGeneratedBasic   = 0x4 | MPElementTypeClassGenerated | 0x0,
+    MPElementTypeGeneratedPIN     = 0x5 | MPElementTypeClassGenerated | 0x0,
 
     MPElementTypeStoredPersonal      = 0x0 | MPElementTypeClassStored | MPElementFeatureExportContent,
     MPElementTypeStoredDevicePrivate = 0x1 | MPElementTypeClassStored | MPElementFeatureDevicePrivate,
 } MPElementType;
 
-#define MPTestFlightCheckpointAction                    @"MPTestFlightCheckpointAction"
-#define MPTestFlightCheckpointHelpChapter               @"MPTestFlightCheckpointHelpChapter_%@"
-#define MPTestFlightCheckpointCopyToPasteboard          @"MPTestFlightCheckpointCopyToPasteboard"
-#define MPTestFlightCheckpointResetPasswordCounter      @"MPTestFlightCheckpointResetPasswordCounter"
-#define MPTestFlightCheckpointIncrementPasswordCounter  @"MPTestFlightCheckpointIncrementPasswordCounter"
-#define MPTestFlightCheckpointEditPassword              @"MPTestFlightCheckpointEditPassword"
-#define MPTestFlightCheckpointCloseAlert                @"MPTestFlightCheckpointCloseAlert"
-#define MPTestFlightCheckpointSelectType                @"MPTestFlightCheckpointSelectType_%@"
-#define MPTestFlightCheckpointSelectElement             @"MPTestFlightCheckpointSelectElement"
-#define MPTestFlightCheckpointDeleteElement             @"MPTestFlightCheckpointDeleteElement"
-#define MPTestFlightCheckpointCancelSearch              @"MPTestFlightCheckpointCancelSearch"
-#define MPTestFlightCheckpointExternalLink              @"MPTestFlightCheckpointExternalLink"
-#define MPTestFlightCheckpointLaunched                  @"MPTestFlightCheckpointLaunched"
-#define MPTestFlightCheckpointActivated                 @"MPTestFlightCheckpointActivated"
-#define MPTestFlightCheckpointDeactivated               @"MPTestFlightCheckpointDeactivated"
-#define MPTestFlightCheckpointTerminated                @"MPTestFlightCheckpointTerminated"
-#define MPTestFlightCheckpointShowGuide                 @"MPTestFlightCheckpointShowGuide"
-#define MPTestFlightCheckpointMPForgotten               @"MPTestFlightCheckpointMPForgotten"
-#define MPTestFlightCheckpointMPChanged                 @"MPTestFlightCheckpointMPChanged"
-#define MPTestFlightCheckpointMPUnstored                @"MPTestFlightCheckpointMPUnstored"
-#define MPTestFlightCheckpointMPMismatch                @"MPTestFlightCheckpointMPMismatch"
-#define MPTestFlightCheckpointMPEntered                 @"MPTestFlightCheckpointMPEntered"
-#define MPTestFlightCheckpointLocalStoreIncompatible    @"MPTestFlightCheckpointLocalStoreIncompatible"
-#define MPTestFlightCheckpointCloudStoreIncompatible    @"MPTestFlightCheckpointCloudStoreIncompatible"
-#define MPTestFlightCheckpointSetKey                    @"MPTestFlightCheckpointSetKey"
-#define MPTestFlightCheckpointCloudEnabled              @"MPTestFlightCheckpointCloudEnabled"
-#define MPTestFlightCheckpointCloudDisabled             @"MPTestFlightCheckpointCloudDisabled"
-#define MPTestFlightCheckpointSitesImported             @"MPTestFlightCheckpointSitesImported"
-#define MPTestFlightCheckpointSitesExported             @"MPTestFlightCheckpointSitesExported"
+#define MPCheckpointAction                    @"MPCheckpointAction"
+#define MPCheckpointHelpChapter               @"MPCheckpointHelpChapter"
+#define MPCheckpointCopyToPasteboard          @"MPCheckpointCopyToPasteboard"
+#define MPCheckpointResetPasswordCounter      @"MPCheckpointResetPasswordCounter"
+#define MPCheckpointIncrementPasswordCounter  @"MPCheckpointIncrementPasswordCounter"
+#define MPCheckpointEditPassword              @"MPCheckpointEditPassword"
+#define MPCheckpointCloseAlert                @"MPCheckpointCloseAlert"
+#define MPCheckpointUseType                   @"MPCheckpointUseType"
+#define MPCheckpointDeleteElement             @"MPCheckpointDeleteElement"
+#define MPCheckpointCancelSearch              @"MPCheckpointCancelSearch"
+#define MPCheckpointExternalLink              @"MPCheckpointExternalLink"
+#define MPCheckpointLaunched                  @"MPCheckpointLaunched"
+#define MPCheckpointActivated                 @"MPCheckpointActivated"
+#define MPCheckpointDeactivated               @"MPCheckpointDeactivated"
+#define MPCheckpointTerminated                @"MPCheckpointTerminated"
+#define MPCheckpointShowGuide                 @"MPCheckpointShowGuide"
+#define MPCheckpointForgetSavedKey            @"MPCheckpointForgetSavedKey"
+#define MPCheckpointChangeMP                  @"MPCheckpointChangeMP"
+#define MPCheckpointLocalStoreIncompatible    @"MPCheckpointLocalStoreIncompatible"
+#define MPCheckpointCloudStoreIncompatible    @"MPCheckpointCloudStoreIncompatible"
+#define MPCheckpointSignInFailed              @"MPCheckpointSignInFailed"
+#define MPCheckpointSignedIn                  @"MPCheckpointSignedIn"
+#define MPCheckpointConfig                    @"MPCheckpointConfig"
+#define MPCheckpointCloud                     @"MPCheckpointCloud"
+#define MPCheckpointCloudEnabled              @"MPCheckpointCloudEnabled"
+#define MPCheckpointCloudDisabled             @"MPCheckpointCloudDisabled"
+#define MPCheckpointSitesImported             @"MPCheckpointSitesImported"
+#define MPCheckpointSitesExported             @"MPCheckpointSitesExported"
 
 #define MPNotificationStoreUpdated            @"MPNotificationStoreUpdated"
-#define MPNotificationKeySet                            @"MPNotificationKeySet"
-#define MPNotificationKeyUnset                          @"MPNotificationKeyUnset"
+#define MPNotificationSignedIn                @"MPNotificationKeySet"
+#define MPNotificationSignedOut               @"MPNotificationKeyUnset"
 #define MPNotificationKeyForgotten            @"MPNotificationKeyForgotten"
+#define MPNotificationElementUsed             @"MPNotificationElementUsed"
 
-NSData *keyForPassword(NSString *password);
-NSData *keyIDForPassword(NSString *password);
+NSData   *keyForPassword(NSString *password, NSString *username);
+NSData   *subkeyForKey(NSData *key, NSUInteger subkeyLength);
+NSData   *keyIDForPassword(NSString *password, NSString *username);
 NSData   *keyIDForKey(NSData *key);
 NSString *NSStringFromMPElementType(MPElementType type);
+NSString *NSStringShortFromMPElementType(MPElementType type);
 NSString *ClassNameFromMPElementType(MPElementType type);
 Class ClassFromMPElementType(MPElementType type);
-NSString *MPCalculateContent(MPElementType type, NSString *name, NSData *key, int32_t counter);
+NSString *MPCalculateContent(MPElementType type, NSString *name, NSData *key, uint32_t counter);

MasterPassword/MPTypes.m

@@ -6,40 +6,57 @@
 //  Copyright (c) 2012 Lyndir. All rights reserved.
 //
 
-#import "MPTypes.h"
-#import "MPElementGeneratedEntity.h"
-#import "MPElementStoredEntity.h"
+#import "MPEntities.h"
 
 
-#define MP_salt     nil
-#define MP_N        16384
+#define MP_N        32768
 #define MP_r        8
-#define MP_p        1
+#define MP_p        2
 #define MP_dkLen    64
-#define MP_hash     PearlDigestSHA256
+#define MP_hash     PearlHashSHA256
 
-NSData *keyForPassword(NSString *password) {
+NSData *keyForPassword(NSString *password, NSString *username) {
 
+    uint32_t nusernameLength = htonl(username.length);
+    NSDate *start = [NSDate date];
     NSData *key = [PearlSCrypt deriveKeyWithLength:MP_dkLen fromPassword:[password dataUsingEncoding:NSUTF8StringEncoding]
-                                         usingSalt:MP_salt N:MP_N r:MP_r p:MP_p];
+                                                            usingSalt:[NSData dataByConcatenatingDatas:
+                                                                               [@"com.lyndir.masterpassword" dataUsingEncoding:NSUTF8StringEncoding],
+                                                                               [NSData dataWithBytes:&nusernameLength
+                                                                                              length:sizeof(nusernameLength)],
+                                                                               [username dataUsingEncoding:NSUTF8StringEncoding],
+                                                                               nil] N:MP_N r:MP_r p:MP_p];
 
-    trc(@"Password: %@ derives to key ID: %@", password, [keyIDForKey(key) encodeHex]);
+    trc(@"User: %@, password: %@ derives to key ID: %@ (took %0.2fs)", username, password, [keyIDForKey(key) encodeHex], -[start timeIntervalSinceNow]);
     return key;
 }
-NSData *keyIDForPassword(NSString *password) {
 
-    return keyIDForKey(keyForPassword(password));
+
+NSData *subkeyForKey(NSData *key, NSUInteger subkeyLength) {
+
+    return [key subdataWithRange:NSMakeRange(0, MIN(subkeyLength, key.length))];
 }
+
+
+NSData *keyIDForPassword(NSString *password, NSString *username) {
+
+    return keyIDForKey(keyForPassword(password, username));
+}
+
 NSData *keyIDForKey(NSData *key) {
 
     return [key hashWith:MP_hash];
 }
+
 NSString *NSStringFromMPElementType(MPElementType type) {
 
     if (!type)
         return nil;
 
     switch (type) {
+        case MPElementTypeGeneratedMaximum:
+            return @"Maximum Security Password";
+
         case MPElementTypeGeneratedLong:
             return @"Long Password";
 
@@ -62,7 +79,42 @@ NSString *NSStringFromMPElementType(MPElementType type) {
             return @"Device Private Password";
 
         default:
-            [NSException raise:NSInternalInconsistencyException format:@"Type not supported: %d", type];
+            Throw(@"Type not supported: %d", type);
+    }
+}
+
+NSString *NSStringShortFromMPElementType(MPElementType type) {
+
+    if (!type)
+        return nil;
+
+    switch (type) {
+        case MPElementTypeGeneratedMaximum:
+            return @"Maximum";
+
+        case MPElementTypeGeneratedLong:
+            return @"Long";
+
+        case MPElementTypeGeneratedMedium:
+            return @"Medium";
+
+        case MPElementTypeGeneratedShort:
+            return @"Short";
+
+        case MPElementTypeGeneratedBasic:
+            return @"Basic";
+
+        case MPElementTypeGeneratedPIN:
+            return @"PIN";
+
+        case MPElementTypeStoredPersonal:
+            return @"Personal";
+
+        case MPElementTypeStoredDevicePrivate:
+            return @"Device";
+
+        default:
+            Throw(@"Type not supported: %d", type);
     }
 }
 
@@ -72,6 +124,9 @@ Class ClassFromMPElementType(MPElementType type) {
         return nil;
 
     switch (type) {
+        case MPElementTypeGeneratedMaximum:
+            return [MPElementGeneratedEntity class];
+
         case MPElementTypeGeneratedLong:
             return [MPElementGeneratedEntity class];
 
@@ -94,7 +149,7 @@ Class ClassFromMPElementType(MPElementType type) {
             return [MPElementStoredEntity class];
 
         default:
-            [NSException raise:NSInternalInconsistencyException format:@"Type not supported: %d", type];
+            Throw(@"Type not supported: %d", type);
     }
 }
 
@@ -104,39 +159,43 @@ NSString *ClassNameFromMPElementType(MPElementType type) {
 }
 
 static NSDictionary *MPTypes_ciphers = nil;
-NSString *MPCalculateContent(MPElementType type, NSString *name, NSData *key, int32_t counter) {
+
+NSString *MPCalculateContent(MPElementType type, NSString *name, NSData *key, uint32_t counter) {
 
     if (!(type & MPElementTypeClassGenerated)) {
         err(@"Incorrect type (is not MPElementTypeClassGenerated): %d, for: %@", type, name);
         return nil;
     }
-    if (!name) {
+    if (!name.length) {
         err(@"Missing name.");
         return nil;
     }
-    if (!key) {
-        err(@"Key not set.");
+    if (!key.length) {
+        err(@"Missing key.");
         return nil;
     }
-    uint32_t salt = (unsigned)counter;
     if (!counter)
      // Counter unset, go into OTP mode.
      // Get the UNIX timestamp of the start of the interval of 5 minutes that the current time is in.
-        salt = ((uint32_t)([[NSDate date] timeIntervalSince1970] / 300)) * 300;
+        counter = ((uint32_t)([[NSDate date] timeIntervalSince1970] / 300)) * 300;
 
     if (MPTypes_ciphers == nil)
         MPTypes_ciphers = [NSDictionary dictionaryWithContentsOfURL:[[NSBundle mainBundle] URLForResource:@"ciphers"
                                                                                             withExtension:@"plist"]];
 
-    // Determine the seed whose bytes will be used for calculating a password: sha1(name . '\0' . key . '\0' . salt)
-    uint32_t nsalt = htonl(salt);
-    trc(@"seed from: sha1(%@, %@, %u)", name, key, nsalt);
-    NSData *seed = [[NSData dataByConcatenatingWithDelimitor:'\0' datas:
+    // Determine the seed whose bytes will be used for calculating a password
+    uint32_t ncounter = htonl(counter), nnameLength = htonl(name.length);
+    NSData *counterBytes = [NSData dataWithBytes:&ncounter length:sizeof(ncounter)];
+    NSData *nameLengthBytes = [NSData dataWithBytes:&nnameLength length:sizeof(nnameLength)];
+    trc(@"seed from: hmac-sha256(%@, 'com.lyndir.masterpassword' | %@ | %@ | %@)", [key encodeBase64], [nameLengthBytes encodeHex], name, [counterBytes encodeHex]);
+    NSData *seed = [[NSData dataByConcatenatingDatas:
+                             [@"com.lyndir.masterpassword" dataUsingEncoding:NSUTF8StringEncoding],
+                             nameLengthBytes,
                              [name dataUsingEncoding:NSUTF8StringEncoding],
-                     key,
-                     [NSData dataWithBytes:&nsalt length:sizeof(nsalt)],
-                     nil] hashWith:PearlDigestSHA1];
-    trc(@"seed is: %@", seed);
+                             counterBytes,
+                             nil]
+                             hmacWith:PearlHashSHA256 key:key];
+    trc(@"seed is: %@", [seed encodeBase64]);
     const char *seedBytes = seed.bytes;
 
     // Determine the cipher from the first seed byte.
@@ -153,9 +212,10 @@ NSString *MPCalculateContent(MPElementType type, NSString *name, NSData *key, in
         uint16_t keyByte = htons(seedBytes[c + 1]);
         NSString *cipherClass           = [cipher substringWithRange:NSMakeRange(c, 1)];
         NSString *cipherClassCharacters = [[MPTypes_ciphers valueForKey:@"MPCharacterClasses"] valueForKey:cipherClass];
-        NSString *character = [cipherClassCharacters substringWithRange:NSMakeRange(keyByte % [cipherClassCharacters length], 1)];
+        NSString *character             = [cipherClassCharacters substringWithRange:NSMakeRange(keyByte % [cipherClassCharacters length],
+                                                                                                1)];
 
-        trc(@"class %@ has characters: %@, selected: %@", cipherClass, cipherClassCharacters, character);
+        trc(@"class %@ has characters: %@, index: %u, selected: %@", cipherClass, cipherClassCharacters, keyByte, character);
         [content appendString:character];
     }
 

MasterPassword/MPUserEntity.h

@@ -0,0 +1,32 @@
+//
+//  MPUserEntity.h
+//  MasterPassword-iOS
+//
+//  Created by Maarten Billemont on 11/06/12.
+//  Copyright (c) 2012 Lyndir. All rights reserved.
+//
+
+#import <Foundation/Foundation.h>
+#import <CoreData/CoreData.h>
+
+@class MPElementEntity;
+
+@interface MPUserEntity : NSManagedObject
+
+@property (nonatomic, retain) NSNumber * avatar_;
+@property (nonatomic, retain) NSData * keyID;
+@property (nonatomic, retain) NSDate * lastUsed;
+@property (nonatomic, retain) NSString * name;
+@property (nonatomic, retain) NSNumber * saveKey_;
+@property (nonatomic, retain) NSNumber * defaultType_;
+@property (nonatomic, retain) NSSet *elements;
+@end
+
+@interface MPUserEntity (CoreDataGeneratedAccessors)
+
+- (void)addElementsObject:(MPElementEntity *)value;
+- (void)removeElementsObject:(MPElementEntity *)value;
+- (void)addElements:(NSSet *)values;
+- (void)removeElements:(NSSet *)values;
+
+@end

MasterPassword/MPUserEntity.m

@@ -0,0 +1,23 @@
+//
+//  MPUserEntity.m
+//  MasterPassword-iOS
+//
+//  Created by Maarten Billemont on 11/06/12.
+//  Copyright (c) 2012 Lyndir. All rights reserved.
+//
+
+#import "MPUserEntity.h"
+#import "MPElementEntity.h"
+
+
+@implementation MPUserEntity
+
+@dynamic avatar_;
+@dynamic keyID;
+@dynamic lastUsed;
+@dynamic name;
+@dynamic saveKey_;
+@dynamic defaultType_;
+@dynamic elements;
+
+@end

MasterPassword/Mac/MPAppDelegate.h

@@ -10,7 +10,7 @@
 #import "MPAppDelegate_Shared.h"
 #import "MPPasswordWindowController.h"
 
-@interface MPAppDelegate : MPAppDelegate_Shared <NSApplicationDelegate>
+@interface MPAppDelegate : MPAppDelegate_Shared<NSApplicationDelegate>
 
 @property (strong) NSStatusItem               *statusItem;
 @property (strong) MPPasswordWindowController *passwordWindow;

MasterPassword/Mac/MPAppDelegate.m

@@ -27,8 +27,10 @@
 @synthesize key;
 @synthesize keyID;
 
-#pragma GCC diagnostic ignored "-Wfour-char-constants"
-static EventHotKeyID MPShowHotKey = { .signature = 'show', .id = 1 };
+#pragma clang diagnostic push
+#pragma clang diagnostic ignored "-Wfour-char-constants"
+static EventHotKeyID MPShowHotKey = {.signature = 'show', .id = 1};
+#pragma clang diagnostic pop
 
 + (void)initialize {
 
@@ -44,12 +46,12 @@ static EventHotKeyID MPShowHotKey = { .signature = 'show', .id = 1 };
     return (MPAppDelegate *)[super get];
 }
 
-static OSStatus MPHotKeyHander(EventHandlerCallRef nextHandler, EventRef theEvent, void *userData){
+static OSStatus MPHotKeyHander(EventHandlerCallRef nextHandler, EventRef theEvent, void *userData) {
 
     // Extract the hotkey ID.
     EventHotKeyID hotKeyID;
-	GetEventParameter(theEvent,kEventParamDirectObject,typeEventHotKeyID,
-                      NULL,sizeof(hotKeyID),NULL,&hotKeyID);
+    GetEventParameter(theEvent, kEventParamDirectObject, typeEventHotKeyID,
+     NULL, sizeof(hotKeyID), NULL, &hotKeyID);
 
     // Check which hotkey this was.
     if (hotKeyID.signature == MPShowHotKey.signature && hotKeyID.id == MPShowHotKey.id) {
@@ -133,13 +135,14 @@ static OSStatus MPHotKeyHander(EventHandlerCallRef nextHandler, EventRef theEven
 
     // Global hotkey.
     EventHotKeyRef hotKeyRef;
-    EventTypeSpec hotKeyEvents[1] = { { .eventClass = kEventClassKeyboard, .eventKind = kEventHotKeyPressed } };
-    OSStatus status = InstallApplicationEventHandler(NewEventHandlerUPP(MPHotKeyHander), GetEventTypeCount(hotKeyEvents), hotKeyEvents,
+    EventTypeSpec  hotKeyEvents[1] = {{.eventClass = kEventClassKeyboard, .eventKind = kEventHotKeyPressed}};
+    OSStatus       status          = InstallApplicationEventHandler(NewEventHandlerUPP(MPHotKeyHander), GetEventTypeCount(hotKeyEvents),
+                                                                    hotKeyEvents,
                                                                     (__bridge void *)self, NULL);
-	if(status != noErr)
+    if (status != noErr)
     err(@"Error installing application event handler: %d", status);
     status = RegisterEventHotKey(35 /* p */, controlKey + cmdKey, MPShowHotKey, GetApplicationEventTarget(), 0, &hotKeyRef);
-	if(status != noErr)
+    if (status != noErr)
     err(@"Error registering hotkey: %d", status);
 }
 
@@ -164,8 +167,7 @@ static OSStatus MPHotKeyHander(EventHandlerCallRef nextHandler, EventRef theEven
         self.key = nil;
 }
 
-- (NSApplicationTerminateReply)applicationShouldTerminate:(NSApplication *)sender
-{
+- (NSApplicationTerminateReply)applicationShouldTerminate:(NSApplication *)sender {
     // Save changes in the application's managed object context before the application terminates.
 
     if (![self managedObjectContext]) {

MasterPassword/Mac/MPPasswordWindowController.h

@@ -8,7 +8,7 @@
 
 #import <Cocoa/Cocoa.h>
 
-@interface MPPasswordWindowController : NSWindowController <NSTextFieldDelegate> {
+@interface MPPasswordWindowController : NSWindowController<NSTextFieldDelegate> {
 
     NSString *_content;
 }

MasterPassword/Mac/MPPasswordWindowController.m

@@ -80,7 +80,7 @@
         });
 }
 
-- (void) alertDidEnd:(NSAlert *)alert returnCode:(NSInteger)returnCode contextInfo:(void *)contextInfo {
+- (void)alertDidEnd:(NSAlert *)alert returnCode:(NSInteger)returnCode contextInfo:(void *)contextInfo {
 
     switch (returnCode) {
         case NSAlertAlternateReturn:
@@ -92,7 +92,8 @@
                                                                                              @"Note that you will only see the sites and passwords for the master password you log in with.\n"
                                                                                              @"If you log in with a different master password, your current sites will be unavailable.\n\n"
                                                                                              @"You can always change back to your current master password later.\n"
-                  @"Your current sites and passwords will then become available again."] runModal] == 1)
+                                                                                             @"Your current sites and passwords will then become available again."] runModal]
+             == 1)
                 [[MPAppDelegate get] forgetKey];
             break;
 
@@ -107,16 +108,17 @@
     }
 }
 
-- (NSArray *)control:(NSControl *)control textView:(NSTextView *)textView completions:(NSArray *)words forPartialWordRange:(NSRange)charRange indexOfSelectedItem:(NSInteger *)index {
+- (NSArray *)control:(NSControl *)control textView:(NSTextView *)textView completions:(NSArray *)words
+ forPartialWordRange:(NSRange)charRange indexOfSelectedItem:(NSInteger *)index {
 
     NSString *query = [[control stringValue] substringWithRange:charRange];
     if (![query length] || ![MPAppDelegate get].keyID)
         return nil;
 
     NSFetchRequest *fetchRequest = [NSFetchRequest fetchRequestWithEntityName:NSStringFromClass([MPElementEntity class])];
-    fetchRequest.sortDescriptors = [NSArray arrayWithObject:[[NSSortDescriptor alloc] initWithKey:@"uses" ascending:NO]];
-    fetchRequest.predicate = [NSPredicate predicateWithFormat:@"(%@ == '' OR name BEGINSWITH[cd] %@) AND keyID == %@",
-                              query, query, [MPAppDelegate get].keyID];
+    fetchRequest.sortDescriptors = [NSArray arrayWithObject:[[NSSortDescriptor alloc] initWithKey:@"uses_" ascending:NO]];
+    fetchRequest.predicate       = [NSPredicate predicateWithFormat:@"(%@ == '' OR name BEGINSWITH[cd] %@) AND user == %@",
+                                                                    query, query, [MPAppDelegate get].activeUser];
 
     NSError *error = nil;
     self.siteResults = [[MPAppDelegate managedObjectContext] executeFetchRequest:fetchRequest error:&error];

MasterPassword/Mac/MasterPassword-Prefix.pch

@@ -3,7 +3,9 @@
 //
 
 #ifdef __OBJC__
-    #import <Cocoa/Cocoa.h>
+
+#import <Cocoa/Cocoa.h>
+
 #endif
 
 #import "Pearl-Prefix.pch"

MasterPassword/Mac/main.m

@@ -8,7 +8,7 @@
 
 #import <Cocoa/Cocoa.h>
 
-int main(int argc, char *argv[])
-{
+int main(int argc, char *argv[]) {
+
     return NSApplicationMain(argc, (const char **)argv);
 }

MasterPassword/MasterPassword.xcdatamodeld/MasterPassword.xcdatamodel/contents

@@ -1,21 +1,32 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 <model name="" userDefinedModelVersionIdentifier="" type="com.apple.IDECoreDataModeler.DataModel" documentVersion="1.0" lastSavedToolsVersion="1171" systemVersion="11E53" minimumToolsVersion="Automatic" macOSVersion="Automatic" iOSVersion="Automatic">
     <entity name="MPElementEntity" representedClassName="MPElementEntity" isAbstract="YES" syncable="YES">
-        <attribute name="keyID" attributeType="Binary" indexed="YES" syncable="YES" isSyncIdentityProperty="YES"/>
+        <attribute name="content" optional="YES" transient="YES" attributeType="Transformable" syncable="YES"/>
         <attribute name="lastUsed" attributeType="Date" syncable="YES"/>
-        <attribute name="name" attributeType="String" minValueString="1" indexed="YES" syncable="YES" isSyncIdentityProperty="YES"/>
-        <attribute name="type" attributeType="Integer 16" defaultValueString="16" syncable="YES"/>
-        <attribute name="uses" attributeType="Integer 16" defaultValueString="0" syncable="YES"/>
+        <attribute name="name" attributeType="String" minValueString="1" indexed="YES" syncable="YES"/>
+        <attribute name="type_" attributeType="Integer 16" defaultValueString="17" syncable="YES"/>
+        <attribute name="uses_" attributeType="Integer 16" defaultValueString="0" syncable="YES"/>
+        <relationship name="user" minCount="1" maxCount="1" deletionRule="Nullify" destinationEntity="MPUserEntity" inverseName="elements" inverseEntity="MPUserEntity" syncable="YES"/>
     </entity>
     <entity name="MPElementGeneratedEntity" representedClassName="MPElementGeneratedEntity" parentEntity="MPElementEntity" syncable="YES">
-        <attribute name="counter" optional="YES" attributeType="Integer 32" defaultValueString="1" syncable="YES"/>
+        <attribute name="counter_" optional="YES" attributeType="Integer 32" defaultValueString="1" syncable="YES"/>
     </entity>
     <entity name="MPElementStoredEntity" representedClassName="MPElementStoredEntity" parentEntity="MPElementEntity" syncable="YES">
         <attribute name="contentObject" optional="YES" attributeType="Transformable" storedInTruthFile="YES" syncable="YES"/>
     </entity>
+    <entity name="MPUserEntity" representedClassName="MPUserEntity" syncable="YES">
+        <attribute name="avatar_" attributeType="Integer 16" defaultValueString="0" syncable="YES"/>
+        <attribute name="defaultType_" attributeType="Integer 16" defaultValueString="17" syncable="YES"/>
+        <attribute name="keyID" optional="YES" attributeType="Binary" syncable="YES"/>
+        <attribute name="lastUsed" optional="YES" attributeType="Date" syncable="YES"/>
+        <attribute name="name" attributeType="String" syncable="YES"/>
+        <attribute name="saveKey_" attributeType="Boolean" defaultValueString="NO"/>
+        <relationship name="elements" optional="YES" toMany="YES" deletionRule="Cascade" destinationEntity="MPElementEntity" inverseName="user" inverseEntity="MPElementEntity" syncable="YES"/>
+    </entity>
     <elements>
-        <element name="MPElementEntity" positionX="160" positionY="192" width="128" height="120"/>
+        <element name="MPElementEntity" positionX="160" positionY="192" width="128" height="135"/>
         <element name="MPElementGeneratedEntity" positionX="160" positionY="192" width="128" height="60"/>
         <element name="MPElementStoredEntity" positionX="160" positionY="192" width="128" height="60"/>
+        <element name="MPUserEntity" positionX="160" positionY="192" width="128" height="150"/>
     </elements>
 </model>

MasterPassword/iOS/MPAppDelegate.h

@@ -10,13 +10,14 @@
 #import <MessageUI/MessageUI.h>
 #import "MPAppDelegate_Shared.h"
 
-@interface MPAppDelegate : MPAppDelegate_Shared <MFMailComposeViewControllerDelegate>
+@interface MPAppDelegate : MPAppDelegate_Shared<MFMailComposeViewControllerDelegate>
 
 + (MPAppDelegate *)get;
 
+- (void)checkConfig;
 - (void)showGuide;
-- (void)loadKey:(BOOL)animated;
 
 - (void)export;
+- (void)changeMasterPasswordFor:(MPUserEntity *)user;
 
 @end

MasterPassword/iOS/MPAppDelegate.m

@@ -10,21 +10,18 @@
 #import "MPAppDelegate_Key.h"
 #import "MPAppDelegate_Store.h"
 
-#import "MPMainViewController.h"
 #import "IASKSettingsReader.h"
 #import "LocalyticsSession.h"
-#import "TestFlight.h"
-#import <Crashlytics/Crashlytics.h>
 
 @interface MPAppDelegate ()
 
-- (NSString *)testFlightInfo;
+- (NSDictionary *)testFlightInfo;
 - (NSString *)testFlightToken;
 
-- (NSString *)crashlyticsInfo;
+- (NSDictionary *)crashlyticsInfo;
 - (NSString *)crashlyticsAPIKey;
 
-- (NSString *)localyticsInfo;
+- (NSDictionary *)localyticsInfo;
 - (NSString *)localyticsKey;
 
 @end
@@ -47,144 +44,73 @@
     return (MPAppDelegate *)[super get];
 }
 
-- (void)showGuide {
-    
-    [self.navigationController performSegueWithIdentifier:@"MP_Guide" sender:self];
-    
-    [TestFlight passCheckpoint:MPTestFlightCheckpointShowGuide];
-}
-
-- (void)loadKey:(BOOL)animated {
-    
-    if (!self.key)
-        // Try and load the key from the keychain.
-        [self loadStoredKey];
-    
-    if (!self.key)
-        // Ask the user to set the key through his master password.
-        if ([NSThread isMainThread])
-            [self.navigationController presentViewController:
-             [self.navigationController.storyboard instantiateViewControllerWithIdentifier:@"MPUnlockViewController"]
-                                                    animated:animated completion:nil];
-        else
-            dispatch_async(dispatch_get_main_queue(), ^{
-                [self.navigationController presentViewController:
-                 [self.navigationController.storyboard instantiateViewControllerWithIdentifier:@"MPUnlockViewController"]
-                                                        animated:animated completion:nil];
-            });
-}
-
-- (void)export {
-    
-    [PearlAlert showNotice:
-     @"This will export all your site names.\n\n"
-     @"You can open the export with a text editor to get an overview of all your sites.\n\n"
-     @"The file also acts as a personal backup of your site list in case you don't sync with iCloud/iTunes."
-         tappedButtonBlock:^(UIAlertView *alert, NSInteger buttonIndex) {
-             [PearlAlert showAlertWithTitle:@"Reveal Passwords?" message:
-              @"Would you like to make all your passwords visible in the export?\n\n"
-              @"A safe export will only include your stored passwords, in an encrypted manner, "
-              @"making the result safe from falling in the wrong hands.\n\n"
-              @"If all your passwords are shown and somebody else finds the export, "
-              @"they could gain access to all your sites!"
-                                  viewStyle:UIAlertViewStyleDefault tappedButtonBlock:^(UIAlertView *alert, NSInteger buttonIndex) {
-                                      if (buttonIndex == [alert firstOtherButtonIndex] + 0)
-                                          // Safe Export
-                                          [self exportShowPasswords:NO];
-                                      if (buttonIndex == [alert firstOtherButtonIndex] + 1)
-                                          // Safe Export
-                                          [self exportShowPasswords:YES];
-                                  } cancelTitle:[PearlStrings get].commonButtonCancel otherTitles:@"Safe Export", @"Show Passwords", nil];
-         } otherTitles:nil];
-}
-
-- (void)exportShowPasswords:(BOOL)showPasswords {
-    
-    NSString *exportedSites = [self exportSitesShowingPasswords:showPasswords];
-    NSString *message;
-    if (showPasswords)
-        message = @"Export of my Master Password sites with passwords visible.\n\nREMINDER: Make sure nobody else sees this file!\n";
-    else
-        message = @"Backup of my Master Password sites.\n";
-    
-    NSDateFormatter *exportDateFormatter = [NSDateFormatter new];
-    [exportDateFormatter setDateFormat:@"'Master Password sites ('yyyy'-'MM'-'DD').mpsites'"];
-    
-    MFMailComposeViewController *composer = [[MFMailComposeViewController alloc] init];
-    [composer setMailComposeDelegate:self];
-    [composer setSubject:@"Master Password site export"];
-    [composer setMessageBody:message isHTML:NO];
-    [composer addAttachmentData:[exportedSites dataUsingEncoding:NSUTF8StringEncoding] mimeType:@"text/plain"
-                       fileName:[exportDateFormatter stringFromDate:[NSDate date]]];
-    [self.window.rootViewController presentModalViewController:composer animated:YES];
-}
-
-#pragma mark - PearlConfigDelegate
-
-- (void)didUpdateConfigForKey:(SEL)configKey fromValue:(id)value {
-    
-    [self checkConfig];
-}
-
-- (void)checkConfig {
-    
-    if ([[MPConfig get].saveKey boolValue]) {
-        if (self.key)
-            [self updateKey:self.key];
-    } else
-        [self loadStoredKey];
-    
-    if ([[MPConfig get].iCloud boolValue] != [self.storeManager iCloudEnabled])
-        [self.storeManager useiCloudStore:[[MPConfig get].iCloud boolValue] alertUser:YES];
-}
-
-#pragma mark - UIApplicationDelegate
-
-
 - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
 
-#ifndef DEBUG
-    dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_BACKGROUND, 0), ^{
+    [[[NSBundle mainBundle] mutableInfoDictionary] setObject:@"Master Password" forKey:@"CFBundleDisplayName"];
+    [[[NSBundle mainBundle] mutableLocalizedInfoDictionary] setObject:@"Master Password" forKey:@"CFBundleDisplayName"];
+
     @try {
         NSString *testFlightToken = [self testFlightToken];
         if ([testFlightToken length]) {
-                dbg(@"Initializing TestFlight");
+            inf(@"Initializing TestFlight");
             [TestFlight addCustomEnvironmentInformation:@"Anonymous" forKey:@"username"];
+#ifdef ADHOC
+            [TestFlight setDeviceIdentifier:[(id)[UIDevice currentDevice] uniqueIdentifier]];
+#else
+            [TestFlight setDeviceIdentifier:[PearlKeyChain deviceIdentifier]];
+#endif
             [TestFlight setOptions:[NSDictionary dictionaryWithObjectsAndKeys:
                                     [NSNumber numberWithBool:NO],   @"logToConsole",
                                     [NSNumber numberWithBool:NO],   @"logToSTDERR",
                                     nil]];
             [TestFlight takeOff:testFlightToken];
             [[PearlLogger get] registerListener:^BOOL(PearlLogMessage *message) {
-                    if (message.level >= PearlLogLevelInfo)
+                PearlLogLevel level = PearlLogLevelWarn;
+                if ([[MPiOSConfig get].sendInfo boolValue])
+                    level = PearlLogLevelInfo;
+
+                if (message.level >= level)
                     TFLog(@"%@", message);
 
                 return YES;
             }];
-                [TestFlight passCheckpoint:MPTestFlightCheckpointLaunched];
         }
     }
-        @catch (NSException *exception) {
+    @catch (id exception) {
         err(@"TestFlight: %@", exception);
     }
     @try {
         NSString *crashlyticsAPIKey = [self crashlyticsAPIKey];
         if ([crashlyticsAPIKey length]) {
-                dbg(@"Initializing Crashlytics");
-                //[Crashlytics sharedInstance].debugMode = YES;
+            inf(@"Initializing Crashlytics");
+#if defined (DEBUG) || defined (ADHOC)
+            [Crashlytics sharedInstance].debugMode = YES;
+#endif
+            [[Crashlytics sharedInstance] setObjectValue:@"Anonymous" forKey:@"username"];
+            [[Crashlytics sharedInstance] setObjectValue:[PearlKeyChain deviceIdentifier] forKey:@"deviceIdentifier"];
             [Crashlytics startWithAPIKey:crashlyticsAPIKey afterDelay:0];
+            [[PearlLogger get] registerListener:^BOOL(PearlLogMessage *message) {
+                PearlLogLevel level = PearlLogLevelWarn;
+                if ([[MPiOSConfig get].sendInfo boolValue])
+                    level = PearlLogLevelInfo;
+
+                if (message.level >= level)
+                    CLSLog(@"%@", message);
+
+                return YES;
+            }];
         }
     }
-        @catch (NSException *exception) {
+    @catch (id exception) {
         err(@"Crashlytics: %@", exception);
     }
     @try {
         NSString *localyticsKey = [self localyticsKey];
         if ([localyticsKey length]) {
-                dbg(@"Initializing Localytics");
+            inf(@"Initializing Localytics");
             [[LocalyticsSession sharedLocalyticsSession] startSession:localyticsKey];
             [[PearlLogger get] registerListener:^BOOL(PearlLogMessage *message) {
-                    if (message.level >= PearlLogLevelError)
+                if (message.level >= PearlLogLevelWarn)
                     [[LocalyticsSession sharedLocalyticsSession] tagEvent:@"Problem" attributes:
                      [NSDictionary dictionaryWithObjectsAndKeys:
                       [message levelDescription],
@@ -197,11 +123,9 @@
             }];
         }
     }
-        @catch (NSException *exception) {
+    @catch (id exception) {
         err(@"Localytics exception: %@", exception);
     }
-    });
-#endif
 
     UIImage *navBarImage = [[UIImage imageNamed:@"ui_navbar_container"] resizableImageWithCapInsets:UIEdgeInsetsMake(0, 5, 0, 5)];
     [[UINavigationBar appearance] setBackgroundImage:navBarImage forBarMetrics:UIBarMetricsDefault];
@@ -253,8 +177,17 @@
 
      [[UISegmentedControl appearance] setDividerImage:segmentUnselectedUnselected forLeftSegmentState:UIControlStateNormal rightSegmentState:UIControlStateNormal barMetrics:UIBarMetricsDefault];
      [[UISegmentedControl appearance] setDividerImage:segmentSelectedUnselected forLeftSegmentState:UIControlStateSelected rightSegmentState:UIControlStateNormal barMetrics:UIBarMetricsDefault];
-     [[UISegmentedControl appearance] setDividerImage:segUnselectedSelected forLeftSegmentState:UIControlStateNormal rightSegmentState:UIControlStateSelected barMetrics:UIBarMetricsDefault];*/
+     [[UISegmentedControl appearance] setDividerImage:segUnselectedSelected forLeftSegmentState:UIControlStateNormal rightSegmentState:UIControlStateSelected barMetrics:UIBarMetricsDefault];
+     */
 
+    [[NSNotificationCenter defaultCenter] addObserverForName:MPNotificationSignedOut object:nil queue:nil
+                                                  usingBlock:^(NSNotification *note) {
+                                                      if ([[note.userInfo objectForKey:@"animated"] boolValue])
+                                                          [self.navigationController performSegueWithIdentifier:@"MP_Unlock" sender:nil];
+                                                      else
+                                                          [self.navigationController presentViewController:[self.navigationController.storyboard instantiateViewControllerWithIdentifier:@"MPUnlockViewController"]
+                                                                                     animated:NO completion:nil];
+                                                  }];
     [[NSNotificationCenter defaultCenter] addObserverForName:kIASKAppSettingChanged object:nil queue:nil
                                                   usingBlock:^(NSNotification *note) {
                                                       [self checkConfig];
@@ -268,14 +201,17 @@
      @"lhunath@lyndir.com\n"
      @"Or report detailed issues at:\n"
      @"https://youtrack.lyndir.com\n"
-                         viewStyle:UIAlertViewStyleDefault tappedButtonBlock:nil
+                         viewStyle:UIAlertViewStyleDefault initAlert:nil tappedButtonBlock:nil
                        cancelTitle:nil otherTitles:[PearlStrings get].commonButtonOkay, nil];
 #endif
 
-    [[UIApplication sharedApplication] setStatusBarHidden:NO
-                                            withAnimation:UIStatusBarAnimationSlide];
+    [super application:application didFinishLaunchingWithOptions:launchOptions];
 
-    return [super application:application didFinishLaunchingWithOptions:launchOptions];
+    inf(@"Started up with device identifier: %@", [PearlKeyChain deviceIdentifier]);
+    [TestFlight passCheckpoint:MPCheckpointLaunched];
+    [[LocalyticsSession sharedLocalyticsSession] tagEvent:MPCheckpointLaunched];
+
+    return YES;
 }
 
 - (BOOL)application:(UIApplication *)application openURL:(NSURL *)url
@@ -293,7 +229,7 @@
     NSString *importedSitesString = [[NSString alloc] initWithData:importedSitesData encoding:NSUTF8StringEncoding];
     [PearlAlert showAlertWithTitle:@"Import Password" message:
                                                        @"Enter the master password for this export:"
-                         viewStyle:UIAlertViewStyleSecureTextInput tappedButtonBlock:
+                         viewStyle:UIAlertViewStyleSecureTextInput initAlert:nil tappedButtonBlock:
      ^(UIAlertView *alert, NSInteger buttonIndex) {
          dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), ^{
              MPImportResult result = [self importSites:importedSitesString withPassword:[alert textFieldAtIndex:0].text
@@ -304,10 +240,14 @@
                                                                                dispatch_group_enter(confirmationGroup);
                                                                                dispatch_async(dispatch_get_main_queue(), ^{
                                                                                    [PearlAlert showAlertWithTitle:@"Import Sites?"
-                                                                      message:PearlLocalize(@"Import %d sites, overwriting %d existing sites?", importCount, deleteCount)
+                                                                                                          message:PearlString(
+                                                                                                           @"Import %d sites, overwriting %d existing sites?",
+                                                                                                           importCount, deleteCount)
                                                                                                         viewStyle:UIAlertViewStyleDefault
-                                                            tappedButtonBlock:^(UIAlertView *alert, NSInteger buttonIndex) {
-                                                                if (buttonIndex != [alert cancelButtonIndex])
+                                                                                                        initAlert:nil
+                                                                                                tappedButtonBlock:^(UIAlertView *alert_, NSInteger buttonIndex_) {
+                                                                                                    if (buttonIndex_
+                                                                                                     != [alert_ cancelButtonIndex])
                                                                                                         confirmation = YES;
 
                                                                                                     dispatch_group_leave(confirmationGroup);
@@ -315,7 +255,8 @@
                                                                                                 cancelTitle:[PearlStrings get].commonButtonCancel
                                                                                                 otherTitles:@"Import", nil];
                                                                                });
-                                           dispatch_group_wait(confirmationGroup, DISPATCH_TIME_FOREVER);
+                                                                               dispatch_group_wait(
+                                                                                confirmationGroup, DISPATCH_TIME_FOREVER);
 
                                                                                return confirmation;
                                                                            }];
@@ -343,14 +284,15 @@
 
 - (void)applicationDidBecomeActive:(UIApplication *)application {
 
+    inf(@"Re-activated");
+    [[MPAppDelegate get] checkConfig];
+
     if ([[MPiOSConfig get].showQuickStart boolValue])
         [self showGuide];
-    else {
-        [self loadKey:NO];
-        [self checkConfig];
-    }
 
-    [TestFlight passCheckpoint:MPTestFlightCheckpointActivated];
+    [TestFlight passCheckpoint:MPCheckpointActivated];
+
+    [super applicationDidBecomeActive:application];
 }
 
 - (void)applicationDidEnterBackground:(UIApplication *)application {
@@ -373,7 +315,7 @@
 
     [self saveContext];
 
-    [TestFlight passCheckpoint:MPTestFlightCheckpointTerminated];
+    [TestFlight passCheckpoint:MPCheckpointTerminated];
 
     [[LocalyticsSession sharedLocalyticsSession] close];
     [[LocalyticsSession sharedLocalyticsSession] upload];
@@ -383,14 +325,187 @@
 
 - (void)applicationWillResignActive:(UIApplication *)application {
 
+    inf(@"Will deactivate");
     [self saveContext];
 
-    if (![[MPiOSConfig get].rememberKey boolValue]) {
-        [self updateKey:nil];
-        [self loadKey:NO];
+    if (![[MPiOSConfig get].rememberLogin boolValue])
+        [self signOutAnimated:NO];
+
+    [TestFlight passCheckpoint:MPCheckpointDeactivated];
+}
+
+#pragma mark - Behavior
+
+- (void)checkConfig {
+
+    if ([[MPConfig get].iCloud boolValue] != [self.storeManager iCloudEnabled])
+        [self.storeManager useiCloudStore:[[MPConfig get].iCloud boolValue] alertUser:YES];
+    if ([[MPiOSConfig get].sendInfo boolValue]) {
+        if ([PearlLogger get].autoprintLevel > PearlLogLevelInfo)
+            [PearlLogger get].autoprintLevel = PearlLogLevelInfo;
+
+        [[Crashlytics sharedInstance] setBoolValue:[[MPConfig get].rememberLogin boolValue] forKey:@"rememberLogin"];
+        [[Crashlytics sharedInstance] setBoolValue:[[MPConfig get].iCloud boolValue] forKey:@"iCloud"];
+        [[Crashlytics sharedInstance] setBoolValue:[[MPConfig get].iCloudDecided boolValue] forKey:@"iCloudDecided"];
+        [[Crashlytics sharedInstance] setBoolValue:[[MPiOSConfig get].sendInfo boolValue] forKey:@"sendInfo"];
+        [[Crashlytics sharedInstance] setBoolValue:[[MPiOSConfig get].helpHidden boolValue] forKey:@"helpHidden"];
+        [[Crashlytics sharedInstance] setBoolValue:[[MPiOSConfig get].showQuickStart boolValue] forKey:@"showQuickStart"];
+        [[Crashlytics sharedInstance] setBoolValue:[[PearlConfig get].firstRun boolValue] forKey:@"firstRun"];
+        [[Crashlytics sharedInstance] setIntValue:[[PearlConfig get].launchCount intValue] forKey:@"launchCount"];
+        [[Crashlytics sharedInstance] setBoolValue:[[PearlConfig get].askForReviews boolValue] forKey:@"askForReviews"];
+        [[Crashlytics sharedInstance] setIntValue:[[PearlConfig get].reviewAfterLaunches intValue] forKey:@"reviewAfterLaunches"];
+        [[Crashlytics sharedInstance] setObjectValue:[PearlConfig get].reviewedVersion forKey:@"reviewedVersion"];
+
+        [TestFlight addCustomEnvironmentInformation:[[MPConfig get].rememberLogin boolValue]? @"YES": @"NO" forKey:@"rememberLogin"];
+        [TestFlight addCustomEnvironmentInformation:[[MPConfig get].iCloud boolValue]? @"YES": @"NO" forKey:@"iCloud"];
+        [TestFlight addCustomEnvironmentInformation:[[MPConfig get].iCloudDecided boolValue]? @"YES": @"NO" forKey:@"iCloudDecided"];
+        [TestFlight addCustomEnvironmentInformation:[[MPiOSConfig get].sendInfo boolValue]? @"YES": @"NO" forKey:@"sendInfo"];
+        [TestFlight addCustomEnvironmentInformation:[[MPiOSConfig get].helpHidden boolValue]? @"YES": @"NO" forKey:@"helpHidden"];
+        [TestFlight addCustomEnvironmentInformation:[[MPiOSConfig get].showQuickStart boolValue]? @"YES": @"NO" forKey:@"showQuickStart"];
+        [TestFlight addCustomEnvironmentInformation:[[PearlConfig get].firstRun boolValue]? @"YES": @"NO" forKey:@"firstRun"];
+        [TestFlight addCustomEnvironmentInformation:[[PearlConfig get].launchCount description] forKey:@"launchCount"];
+        [TestFlight addCustomEnvironmentInformation:[[PearlConfig get].askForReviews boolValue]? @"YES": @"NO" forKey:@"askForReviews"];
+        [TestFlight addCustomEnvironmentInformation:[[PearlConfig get].reviewAfterLaunches description] forKey:@"reviewAfterLaunches"];
+        [TestFlight addCustomEnvironmentInformation:[PearlConfig get].reviewedVersion forKey:@"reviewedVersion"];
+
+        [TestFlight passCheckpoint:MPCheckpointConfig];
+        [[LocalyticsSession sharedLocalyticsSession] tagEvent:MPCheckpointConfig attributes:
+                                                                                  [NSDictionary dictionaryWithObjectsAndKeys:
+                                                                                                 [[MPConfig get].rememberLogin boolValue]
+                                                                                                  ? @"YES": @"NO", @"rememberLogin",
+                                                                                                 [[MPConfig get].iCloud boolValue]? @"YES"
+                                                                                                  : @"NO", @"iCloud",
+                                                                                                 [[MPConfig get].iCloudDecided boolValue]
+                                                                                                  ? @"YES": @"NO", @"iCloudDecided",
+                                                                                                 [[MPiOSConfig get].sendInfo boolValue]
+                                                                                                  ? @"YES": @"NO", @"sendInfo",
+                                                                                                 [[MPiOSConfig get].helpHidden boolValue]
+                                                                                                  ? @"YES": @"NO", @"helpHidden",
+                                                                                                 [[MPiOSConfig get].showQuickStart boolValue]
+                                                                                                  ? @"YES": @"NO", @"showQuickStart",
+                                                                                                 [[PearlConfig get].firstRun boolValue]
+                                                                                                  ? @"YES": @"NO", @"firstRun",
+                                                                                                 [[PearlConfig get].launchCount description], @"launchCount",
+                                                                                                 [[PearlConfig get].askForReviews boolValue]
+                                                                                                  ? @"YES": @"NO", @"askForReviews",
+                                                                                                 [[PearlConfig get].reviewAfterLaunches description], @"reviewAfterLaunches",
+                                                                                                 [PearlConfig get].reviewedVersion, @"reviewedVersion",
+                                                                                                 nil]];
+    }
+}
+
+- (void)showGuide {
+
+    [self.navigationController performSegueWithIdentifier:@"MP_Guide" sender:self];
+
+    [TestFlight passCheckpoint:MPCheckpointShowGuide];
+}
+
+- (void)export {
+
+    [PearlAlert showNotice:
+                 @"This will export all your site names.\n\n"
+                  @"You can open the export with a text editor to get an overview of all your sites.\n\n"
+                  @"The file also acts as a personal backup of your site list in case you don't sync with iCloud/iTunes."
+         tappedButtonBlock:^(UIAlertView *alert, NSInteger buttonIndex) {
+             [PearlAlert showAlertWithTitle:@"Reveal Passwords?" message:
+                                                                  @"Would you like to make all your passwords visible in the export?\n\n"
+                                                                   @"A safe export will only include your stored passwords, in an encrypted manner, "
+                                                                   @"making the result safe from falling in the wrong hands.\n\n"
+                                                                   @"If all your passwords are shown and somebody else finds the export, "
+                                                                   @"they could gain access to all your sites!"
+                                  viewStyle:UIAlertViewStyleDefault initAlert:nil
+                          tappedButtonBlock:^(UIAlertView *alert_, NSInteger buttonIndex_) {
+                              if (buttonIndex_ == [alert_ firstOtherButtonIndex] + 0)
+                               // Safe Export
+                                  [self exportShowPasswords:NO];
+                              if (buttonIndex_ == [alert_ firstOtherButtonIndex] + 1)
+                               // Show Passwords
+                                  [self exportShowPasswords:YES];
+                          } cancelTitle:[PearlStrings get].commonButtonCancel otherTitles:@"Safe Export", @"Show Passwords", nil];
+         } otherTitles:nil];
+}
+
+- (void)exportShowPasswords:(BOOL)showPasswords {
+    
+    if (![MFMailComposeViewController canSendMail]) {
+        [PearlAlert showAlertWithTitle:@"Cannot Send Mail"
+                               message:
+         @"Your device is not yet set up for sending mail.\n"
+         @"Close Master Password, go into Settings and add a Mail account."
+                             viewStyle:UIAlertViewStyleDefault
+                             initAlert:nil tappedButtonBlock:nil
+                           cancelTitle:[PearlStrings get].commonButtonOkay
+                           otherTitles:nil];
+        return;
     }
 
-    [TestFlight passCheckpoint:MPTestFlightCheckpointDeactivated];
+    NSString *exportedSites = [self exportSitesShowingPasswords:showPasswords];
+    NSString *message;
+
+    if (showPasswords)
+        message = PearlString(@"Export of Master Password sites with passwords included.\n"
+                              @"REMINDER: Make sure nobody else sees this file!  Passwords are visible!\n\n\n"
+                              @"--\n"
+                              @"%@\n"
+                              @"Master Password %@, build %@",
+                              self.activeUser.name,
+                              [PearlInfoPlist get].CFBundleShortVersionString,
+                              [PearlInfoPlist get].CFBundleVersion);
+    else
+        message = PearlString(@"Backup of Master Password sites.\n\n\n"
+                              @"--\n"
+                              @"%@\n"
+                              @"Master Password %@, build %@",
+                              self.activeUser.name,
+                              [PearlInfoPlist get].CFBundleShortVersionString,
+                              [PearlInfoPlist get].CFBundleVersion);
+    
+    NSDateFormatter *exportDateFormatter = [NSDateFormatter new];
+    [exportDateFormatter setDateFormat:@"yyyy'-'MM'-'DD"];
+
+    MFMailComposeViewController *composer = [MFMailComposeViewController new];
+    [composer setMailComposeDelegate:self];
+    [composer setSubject:@"Master Password Export"];
+    [composer setMessageBody:message isHTML:NO];
+    [composer addAttachmentData:
+               [exportedSites dataUsingEncoding:NSUTF8StringEncoding] mimeType:@"text/plain"
+                                                                      fileName:PearlString(@"%@ (%@).mpsites",
+                                                                                           self.activeUser.name,
+                                                                                           [exportDateFormatter stringFromDate:[NSDate date]])];
+    [self.window.rootViewController presentModalViewController:composer animated:YES];
+}
+
+- (void)changeMasterPasswordFor:(MPUserEntity *)user {
+
+    [PearlAlert showAlertWithTitle:@"Changing Master Password"
+                           message:
+                            @"If you continue, you'll be able to set a new master password.\n\n"
+                             @"Changing your master password will cause all your generated passwords to change!\n"
+                             @"Changing the master password back to the old one will cause your passwords to revert as well."
+                         viewStyle:UIAlertViewStyleDefault
+                         initAlert:nil tappedButtonBlock:^(UIAlertView *alert, NSInteger buttonIndex) {
+        if (buttonIndex == [alert cancelButtonIndex])
+            return;
+
+        inf(@"Unsetting master password for: %@.", user.userID);
+        user.keyID = nil;
+        [self forgetSavedKeyFor:user];
+        [self signOutAnimated:YES];
+
+        [TestFlight passCheckpoint:MPCheckpointChangeMP];
+        [[LocalyticsSession sharedLocalyticsSession] tagEvent:MPCheckpointChangeMP
+                                                   attributes:nil];
+    }
+                         cancelTitle:[PearlStrings get].commonButtonAbort
+                         otherTitles:[PearlStrings get].commonButtonContinue, nil];
+}
+
+#pragma mark - PearlConfigDelegate
+
+- (void)didUpdateConfigForKey:(SEL)configKey fromValue:(id)value {
+
+    [self checkConfig];
 }
 
 #pragma mark - MFMailComposeViewControllerDelegate
@@ -407,7 +522,8 @@
             break;
 
         case MFMailComposeResultFailed:
-            [PearlAlert showError:@"A problem occurred while sending the message." tappedButtonBlock:^(UIAlertView *alert, NSInteger buttonIndex) {
+            [PearlAlert showError:@"A problem occurred while sending the message."
+                tappedButtonBlock:^(UIAlertView *alert, NSInteger buttonIndex) {
                     if (buttonIndex == [alert firstOtherButtonIndex])
                         return;
                 } otherTitles:@"Retry", nil];
@@ -431,7 +547,8 @@
                                    message:
                                     @"iCloud is now disabled.\n\n"
                                      @"It is highly recommended you enable iCloud."
-                                 viewStyle:UIAlertViewStyleDefault tappedButtonBlock:^(UIAlertView *alert, NSInteger buttonIndex) {
+                                 viewStyle:UIAlertViewStyleDefault initAlert:nil
+                         tappedButtonBlock:^(UIAlertView *alert, NSInteger buttonIndex) {
                              if (buttonIndex == [alert firstOtherButtonIndex] + 0) {
                                  [PearlAlert showAlertWithTitle:@"About iCloud"
                                                         message:
@@ -447,7 +564,7 @@
                                                           @"with your master password.\n\n"
                                                           @"Apple can never see any of your passwords."
                                                       viewStyle:UIAlertViewStyleDefault
-                                                      tappedButtonBlock:^(UIAlertView *alert, NSInteger buttonIndex) {
+                                                      initAlert:nil tappedButtonBlock:^(UIAlertView *alert_, NSInteger buttonIndex_) {
                                      [self ubiquityStoreManager:manager didSwitchToiCloud:iCloudEnabled];
                                  }
                                                       cancelTitle:[PearlStrings get].commonButtonThanks otherTitles:nil];
@@ -479,7 +596,7 @@
 
 - (NSString *)testFlightToken {
 
-    return NullToNil([[self testFlightInfo] valueForKeyPath:@"Team Token"]);
+    return NSNullToNil([[self testFlightInfo] valueForKeyPath:@"Team Token"]);
 }
 
 
@@ -498,7 +615,7 @@
 
 - (NSString *)crashlyticsAPIKey {
 
-    return NullToNil([[self crashlyticsInfo] valueForKeyPath:@"API Key"]);
+    return NSNullToNil([[self crashlyticsInfo] valueForKeyPath:@"API Key"]);
 }
 
 
@@ -518,11 +635,9 @@
 - (NSString *)localyticsKey {
 
 #ifdef DEBUG
-    return NullToNil([[self localyticsInfo] valueForKeyPath:@"Key.development"]);
-#elif defined(LITE)
-    return NullToNil([[self localyticsInfo] valueForKeyPath:@"Key.distribution.lite"]);
+    return NSNullToNil([[self localyticsInfo] valueForKeyPath:@"Key.development"]);
 #else
-    return NullToNil([[self localyticsInfo] valueForKeyPath:@"Key.distribution"]);
+    return NSNullToNil([[self localyticsInfo] valueForKeyPath:@"Key.distribution"]);
 #endif
 }
 

MasterPassword/iOS/MPGuideViewController.h

@@ -8,9 +8,10 @@
 
 #import <UIKit/UIKit.h>
 
-@interface MPGuideViewController : UIViewController
+@interface MPGuideViewController : UIViewController <UIScrollViewDelegate>
 
 @property (weak, nonatomic) IBOutlet UIScrollView *scrollView;
+@property (weak, nonatomic) IBOutlet UIPageControl *pageControl;
 
 - (IBAction)close;