[PS-2365] Kdf Configuration Options for Argon2 (#4578)

* Implement argon2 config * Remove argon2 webassembly warning * Replace magic numbers by enum * Implement kdf configuration * Update UI according to design feedback * Further updates to follow design feedback * Add oxford comma in argon2 description * Fix typos in argon2 descriptions * move key creation into promise with API call * change casing on PBKDF2 * general improvements * kdf config on set pin component * SHA-256 hash argon2 salt * Change argon2 defaults * Change argon2 salt hash to cryptoFunctionService * Fix isLowKdfIteration check --------- Co-authored-by: Kyle Spearrin <kyle.spearrin@gmail.com> Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
2025-12-18 01:03:35 +00:00 · 2023-01-30 15:07:51 +01:00
parent b1a1068906
commit 01091fe260
35 changed files with 329 additions and 143 deletions
--- a/libs/angular/src/components/register.component.ts
+++ b/libs/angular/src/components/register.component.ts
@@ -16,7 +16,7 @@ import { LogService } from "@bitwarden/common/abstractions/log.service";
 import { PasswordGenerationService } from "@bitwarden/common/abstractions/passwordGeneration.service";
 import { PlatformUtilsService } from "@bitwarden/common/abstractions/platformUtils.service";
 import { StateService } from "@bitwarden/common/abstractions/state.service";
-import { DEFAULT_KDF_TYPE, DEFAULT_PBKDF2_ITERATIONS } from "@bitwarden/common/enums/kdfType";
+import { DEFAULT_KDF_CONFIG, DEFAULT_KDF_TYPE } from "@bitwarden/common/enums/kdfType";
 import { PasswordLogInCredentials } from "@bitwarden/common/models/domain/log-in-credentials";
 import { KeysRequest } from "@bitwarden/common/models/request/keys.request";
 import { ReferenceEventRequest } from "@bitwarden/common/models/request/reference-event.request";
@@ -269,8 +269,8 @@ export class RegisterComponent extends CaptchaProtectedComponent implements OnIn
  ): Promise<RegisterRequest> {
    const hint = this.formGroup.value.hint;
    const kdf = DEFAULT_KDF_TYPE;
-    const kdfIterations = DEFAULT_PBKDF2_ITERATIONS;
-    const key = await this.cryptoService.makeKey(masterPassword, email, kdf, kdfIterations);
+    const kdfConfig = DEFAULT_KDF_CONFIG;
+    const key = await this.cryptoService.makeKey(masterPassword, email, kdf, kdfConfig);
    const encKey = await this.cryptoService.makeEncKey(key);
    const hashedPassword = await this.cryptoService.hashPassword(masterPassword, key);
    const keys = await this.cryptoService.makeKeyPair(encKey[0]);
@@ -280,10 +280,12 @@ export class RegisterComponent extends CaptchaProtectedComponent implements OnIn
      hashedPassword,
      hint,
      encKey[1].encryptedString,
-      kdf,
-      kdfIterations,
      this.referenceData,
-      this.captchaToken
+      this.captchaToken,
+      kdf,
+      kdfConfig.iterations,
+      kdfConfig.memory,
+      kdfConfig.parallelism
    );
    request.keys = new KeysRequest(keys[0], keys[1].encryptedString);
    const orgInvite = await this.stateService.getOrganizationInvitation();