nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-07 19:50:32 -05:00
Code

PM-20532 - Add KM SendPasswordHasher

Browse Source
This commit is contained in:
Jared Snider 2025-05-30 17:24:17 -04:00
parent 61a531c9bc
commit b16ae11d9c
No known key found for this signature in database
GPG Key ID: A149DDD612516286
3 changed files with 53 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/Core/KeyManagement/Sends/ISendPasswordHasher.cs Normal file
View File

@ -0,0 +1,7 @@
namespace Bit.Core.KeyManagement.Sends;
public interface ISendPasswordHasher
{
bool VerifyPasswordHash(string sendPasswordHash, string userSubmittedPasswordHash);
string HashPasswordHash(string clientHashedPassword);
}

29
src/Core/KeyManagement/Sends/SendPasswordHasher.cs Normal file
View File

@ -0,0 +1,29 @@
using Bit.Core.Entities;
using Microsoft.AspNetCore.Identity;
namespace Bit.Core.KeyManagement.Sends;
public class SendPasswordHasher(IPasswordHasher<User> passwordHasher) : ISendPasswordHasher
{
/// <summary>
/// Verifies an existing send password hash against a new user submitted password hash.
/// </summary>
public bool VerifyPasswordHash(string sendPasswordHash, string userSubmittedPasswordHash)
{
if (string.IsNullOrWhiteSpace(sendPasswordHash) || string.IsNullOrWhiteSpace(userSubmittedPasswordHash))
{
return false;
}
var passwordResult = passwordHasher.VerifyHashedPassword(new User(), sendPasswordHash, userSubmittedPasswordHash);
return passwordResult is PasswordVerificationResult.Success or PasswordVerificationResult.SuccessRehashNeeded;
}
/// <summary>
/// Accepts a client hashed send password and returns a server hashed password.
/// </summary>
public string HashPasswordHash(string clientHashedPassword)
{
return passwordHasher.HashPassword(new User(), clientHashedPassword);
}
}

17
src/Core/KeyManagement/Sends/SendPasswordServiceCollectionExtensions.cs Normal file
View File

@ -0,0 +1,17 @@
using Bit.Core.Auth.PasswordValidation;
using Bit.Core.Entities;
using Bit.Core.KeyManagement.Sends;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.DependencyInjection.Extensions;
namespace Microsoft.Extensions.DependencyInjection;
public static class SendPasswordServiceCollectionExtensions
{
public static void AddSendPasswordServices(this IServiceCollection services)
{
services.TryAddScoped<IPasswordHasher<User>, PasswordHasher<User>>();
services.Configure<PasswordHasherOptions>(options => options.IterationCount = PasswordValidationConstants.PasswordHasherKdfIterations);
services.TryAddScoped<ISendPasswordHasher, SendPasswordHasher>();
}
}