[PS-2365] Kdf Configuration Options for Argon2 (#4578)

* Implement argon2 config * Remove argon2 webassembly warning * Replace magic numbers by enum * Implement kdf configuration * Update UI according to design feedback * Further updates to follow design feedback * Add oxford comma in argon2 description * Fix typos in argon2 descriptions * move key creation into promise with API call * change casing on PBKDF2 * general improvements * kdf config on set pin component * SHA-256 hash argon2 salt * Change argon2 defaults * Change argon2 salt hash to cryptoFunctionService * Fix isLowKdfIteration check --------- Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com> Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
2025-12-17 08:43:33 +00:00 · 2023-01-30 15:07:51 +01:00
parent b1a1068906
commit 01091fe260
35 changed files with 329 additions and 143 deletions
--- a/apps/cli/src/commands/login.command.ts
+++ b/apps/cli/src/commands/login.command.ts
@@ -410,7 +410,7 @@ export class LoginCommand {
      this.policyService.masterPasswordPolicyOptions$()
    );
    const kdf = await this.stateService.getKdfType();
-    const kdfIterations = await this.stateService.getKdfIterations();
+    const kdfConfig = await this.stateService.getKdfConfig();

    if (
      enforcedPolicyOptions != null &&
@@ -431,7 +431,7 @@ export class LoginCommand {
        masterPassword,
        this.email.trim().toLowerCase(),
        kdf,
-        kdfIterations
+        kdfConfig
      );
      const newPasswordHash = await this.cryptoService.hashPassword(masterPassword, newKey);

--- a/apps/cli/src/commands/unlock.command.ts
+++ b/apps/cli/src/commands/unlock.command.ts
@@ -44,8 +44,8 @@ export class UnlockCommand {
    await this.setNewSessionKey();
    const email = await this.stateService.getEmail();
    const kdf = await this.stateService.getKdfType();
-    const kdfIterations = await this.stateService.getKdfIterations();
-    const key = await this.cryptoService.makeKey(password, email, kdf, kdfIterations);
+    const kdfConfig = await this.stateService.getKdfConfig();
+    const key = await this.cryptoService.makeKey(password, email, kdf, kdfConfig);
    const storedKeyHash = await this.cryptoService.getKeyHash();

    let passwordValid = false;