nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-04 17:42:49 -05:00
Code Activity

[PM-3565] Enforce higher minimum KDF (#3304)

Browse Source 
Extract KDF logic into a new Range class. Increase minimum iterations for PBKDF.
This commit is contained in:
Oscar Hinton
2023-12-05 17:21:46 +01:00
committed by GitHub
parent 26e6093c14
commit eedc96263a
10 changed files with 132 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/Api/Auth/Models/Request/Accounts/SetKeyConnectorKeyRequestModel.cs
View File

@ -2,11 +2,10 @@
using Bit.Core.Auth.Models.Api.Request.Accounts;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Utilities;
namespace Bit.Api.Auth.Models.Request.Accounts;
public class SetKeyConnectorKeyRequestModel : IValidatableObject
public class SetKeyConnectorKeyRequestModel
{
[Required]
public string Key { get; set; }
@ -31,9 +30,4 @@ public class SetKeyConnectorKeyRequestModel : IValidatableObject
Keys.ToUser(existingUser);
return existingUser;
}
public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
{
return KdfSettingsValidator.Validate(Kdf, KdfIterations, KdfMemory, KdfParallelism);
}
}

8
src/Api/Auth/Models/Request/Accounts/SetPasswordRequestModel.cs
View File

@ -2,11 +2,10 @@
using Bit.Core.Auth.Models.Api.Request.Accounts;
using Bit.Core.Entities;
using Bit.Core.Enums;
using Bit.Core.Utilities;
namespace Bit.Api.Auth.Models.Request.Accounts;
public class SetPasswordRequestModel : IValidatableObject
public class SetPasswordRequestModel
{
[Required]
[StringLength(300)]
@ -35,9 +34,4 @@ public class SetPasswordRequestModel : IValidatableObject
Keys?.ToUser(existingUser);
return existingUser;
}
public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
{
return KdfSettingsValidator.Validate(Kdf, KdfIterations, KdfMemory, KdfParallelism);
}
}

2
src/Api/Controllers/AccountsController.cs
View File

@ -113,7 +113,7 @@ public class AccountsController : Controller
kdfInformation = new UserKdfInformation
{
Kdf = KdfType.PBKDF2_SHA256,
KdfIterations = 100000,
KdfIterations = AuthConstants.PBKDF2_ITERATIONS.Default,
};
}
return new PreloginResponseModel(kdfInformation);