[PS-2267] Add KdfMemory and KDFParallelism fields (#2583)

* Add KdfMemory and KDFParallelism fields * Revise argon2 support This pull request makes the new attribues for argon2, kdfMemory and kdfParallelism optional. Furthermore it adds checks for the argon2 parametrs and improves the database migration script. * Add validation for argon2 in RegisterRequestModel * update validation messages * update sql scripts * register data protection with migration factories * add ef migrations * update kdf option validation * adjust validation * Centralize and Test KDF Validation Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com> Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com> Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
2025-07-01 08:02:49 -05:00 · 2023-01-25 13:56:54 +01:00
parent 59f5285c88
commit cb1ba50ce2
36 changed files with 6935 additions and 35 deletions
--- a/src/Core/Services/IUserService.cs
+++ b/src/Core/Services/IUserService.cs
@ -36,7 +36,7 @@ public interface IUserService
    Task<IdentityResult> AdminResetPasswordAsync(OrganizationUserType type, Guid orgId, Guid id, string newMasterPassword, string key);
    Task<IdentityResult> UpdateTempPasswordAsync(User user, string newMasterPassword, string key, string hint);
    Task<IdentityResult> ChangeKdfAsync(User user, string masterPassword, string newMasterPassword, string key,
-        KdfType kdf, int kdfIterations);
+        KdfType kdf, int kdfIterations, int? kdfMemory, int? kdfParallelism);
    Task<IdentityResult> UpdateKeyAsync(User user, string masterPassword, string key, string privateKey,
        IEnumerable<Cipher> ciphers, IEnumerable<Folder> folders, IEnumerable<Send> sends);
    Task<IdentityResult> RefreshSecurityStampAsync(User user, string masterPasswordHash);
--- a/src/Core/Services/Implementations/UserService.cs
+++ b/src/Core/Services/Implementations/UserService.cs
@ -824,7 +824,7 @@ public class UserService : UserManager<User>, IUserService, IDisposable
    }

    public async Task<IdentityResult> ChangeKdfAsync(User user, string masterPassword, string newMasterPassword,
-        string key, KdfType kdf, int kdfIterations)
+        string key, KdfType kdf, int kdfIterations, int? kdfMemory, int? kdfParallelism)
    {
        if (user == null)
        {
@ -843,6 +843,8 @@ public class UserService : UserManager<User>, IUserService, IDisposable
            user.Key = key;
            user.Kdf = kdf;
            user.KdfIterations = kdfIterations;
+            user.KdfMemory = kdfMemory;
+            user.KdfParallelism = kdfParallelism;
            await _userRepository.ReplaceAsync(user);
            await _pushService.PushLogOutAsync(user.Id);
            return IdentityResult.Success;