mirror of
https://github.com/bitwarden/browser
synced 2025-12-15 07:43:35 +00:00
[PM-14542] Move kdf to km ownership (#11877)
* Move kdf to km ownership * Fix duplicate import * Remove whitespace * Fix double imports * Fix desktop build * Fix test error * Fix imports * Move ownership of kdftype to km * Fix imports --------- Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
This commit is contained in:
Bernd Schoolmann
GitHub
@@ -1,10 +0,0 @@
|
||||
import { Observable } from "rxjs";
|
||||
|
||||
import { UserId } from "../../types/guid";
|
||||
import { KdfConfig } from "../models/domain/kdf-config";
|
||||
|
||||
export abstract class KdfConfigService {
|
||||
abstract setKdfConfig(userId: UserId, KdfConfig: KdfConfig): Promise<void>;
|
||||
abstract getKdfConfig(): Promise<KdfConfig>;
|
||||
abstract getKdfConfig$(userId: UserId): Observable<KdfConfig>;
|
||||
}
|
||||
@@ -1,128 +0,0 @@
|
||||
import { Jsonify } from "type-fest";
|
||||
|
||||
import { KdfType } from "../../../platform/enums/kdf-type.enum";
|
||||
import { RangeWithDefault } from "../../../platform/misc/range-with-default";
|
||||
|
||||
/**
|
||||
* Represents a type safe KDF configuration.
|
||||
*/
|
||||
export type KdfConfig = PBKDF2KdfConfig | Argon2KdfConfig;
|
||||
|
||||
/**
|
||||
* Password-Based Key Derivation Function 2 (PBKDF2) KDF configuration.
|
||||
*/
|
||||
export class PBKDF2KdfConfig {
|
||||
static ITERATIONS = new RangeWithDefault(600_000, 2_000_000, 600_000);
|
||||
static PRELOGIN_ITERATIONS_MIN = 5000;
|
||||
kdfType: KdfType.PBKDF2_SHA256 = KdfType.PBKDF2_SHA256;
|
||||
iterations: number;
|
||||
|
||||
constructor(iterations?: number) {
|
||||
this.iterations = iterations ?? PBKDF2KdfConfig.ITERATIONS.defaultValue;
|
||||
}
|
||||
|
||||
/**
|
||||
* Validates the PBKDF2 KDF configuration for updating the KDF config.
|
||||
* A Valid PBKDF2 KDF configuration has KDF iterations between the 600_000 and 2_000_000.
|
||||
*/
|
||||
validateKdfConfigForSetting(): void {
|
||||
if (!PBKDF2KdfConfig.ITERATIONS.inRange(this.iterations)) {
|
||||
throw new Error(
|
||||
`PBKDF2 iterations must be between ${PBKDF2KdfConfig.ITERATIONS.min} and ${PBKDF2KdfConfig.ITERATIONS.max}`,
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Validates the PBKDF2 KDF configuration for pre-login.
|
||||
* A Valid PBKDF2 KDF configuration has KDF iterations between the 5000 and 2_000_000.
|
||||
*/
|
||||
validateKdfConfigForPrelogin(): void {
|
||||
if (PBKDF2KdfConfig.PRELOGIN_ITERATIONS_MIN > this.iterations) {
|
||||
throw new Error(
|
||||
`PBKDF2 iterations must be at least ${PBKDF2KdfConfig.PRELOGIN_ITERATIONS_MIN}, but was ${this.iterations}; possible pre-login downgrade attack detected.`,
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
static fromJSON(json: Jsonify<PBKDF2KdfConfig>): PBKDF2KdfConfig {
|
||||
return new PBKDF2KdfConfig(json.iterations);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Argon2 KDF configuration.
|
||||
*/
|
||||
export class Argon2KdfConfig {
|
||||
static MEMORY = new RangeWithDefault(16, 1024, 64);
|
||||
static PARALLELISM = new RangeWithDefault(1, 16, 4);
|
||||
static ITERATIONS = new RangeWithDefault(2, 10, 3);
|
||||
|
||||
static PRELOGIN_MEMORY_MIN = 16;
|
||||
static PRELOGIN_PARALLELISM_MIN = 1;
|
||||
static PRELOGIN_ITERATIONS_MIN = 2;
|
||||
|
||||
kdfType: KdfType.Argon2id = KdfType.Argon2id;
|
||||
iterations: number;
|
||||
memory: number;
|
||||
parallelism: number;
|
||||
|
||||
constructor(iterations?: number, memory?: number, parallelism?: number) {
|
||||
this.iterations = iterations ?? Argon2KdfConfig.ITERATIONS.defaultValue;
|
||||
this.memory = memory ?? Argon2KdfConfig.MEMORY.defaultValue;
|
||||
this.parallelism = parallelism ?? Argon2KdfConfig.PARALLELISM.defaultValue;
|
||||
}
|
||||
|
||||
/**
|
||||
* Validates the Argon2 KDF configuration for updating the KDF config.
|
||||
* A Valid Argon2 KDF configuration has iterations between 2 and 10, memory between 16mb and 1024mb, and parallelism between 1 and 16.
|
||||
*/
|
||||
validateKdfConfigForSetting(): void {
|
||||
if (!Argon2KdfConfig.ITERATIONS.inRange(this.iterations)) {
|
||||
throw new Error(
|
||||
`Argon2 iterations must be between ${Argon2KdfConfig.ITERATIONS.min} and ${Argon2KdfConfig.ITERATIONS.max}`,
|
||||
);
|
||||
}
|
||||
|
||||
if (!Argon2KdfConfig.MEMORY.inRange(this.memory)) {
|
||||
throw new Error(
|
||||
`Argon2 memory must be between ${Argon2KdfConfig.MEMORY.min} MiB and ${Argon2KdfConfig.MEMORY.max} MiB`,
|
||||
);
|
||||
}
|
||||
|
||||
if (!Argon2KdfConfig.PARALLELISM.inRange(this.parallelism)) {
|
||||
throw new Error(
|
||||
`Argon2 parallelism must be between ${Argon2KdfConfig.PARALLELISM.min} and ${Argon2KdfConfig.PARALLELISM.max}.`,
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Validates the Argon2 KDF configuration for pre-login.
|
||||
*/
|
||||
validateKdfConfigForPrelogin(): void {
|
||||
if (Argon2KdfConfig.PRELOGIN_ITERATIONS_MIN > this.iterations) {
|
||||
throw new Error(
|
||||
`Argon2 iterations must be at least ${Argon2KdfConfig.PRELOGIN_ITERATIONS_MIN}, but was ${this.iterations}; possible pre-login downgrade attack detected.`,
|
||||
);
|
||||
}
|
||||
|
||||
if (Argon2KdfConfig.PRELOGIN_MEMORY_MIN > this.memory) {
|
||||
throw new Error(
|
||||
`Argon2 memory must be at least ${Argon2KdfConfig.PRELOGIN_MEMORY_MIN} MiB, but was ${this.memory} MiB; possible pre-login downgrade attack detected.`,
|
||||
);
|
||||
}
|
||||
|
||||
if (Argon2KdfConfig.PRELOGIN_PARALLELISM_MIN > this.parallelism) {
|
||||
throw new Error(
|
||||
`Argon2 parallelism must be at least ${Argon2KdfConfig.PRELOGIN_PARALLELISM_MIN}, but was ${this.parallelism}; possible pre-login downgrade attack detected.`,
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
static fromJSON(json: Jsonify<Argon2KdfConfig>): Argon2KdfConfig {
|
||||
return new Argon2KdfConfig(json.iterations, json.memory, json.parallelism);
|
||||
}
|
||||
}
|
||||
|
||||
export const DEFAULT_KDF_CONFIG = new PBKDF2KdfConfig(PBKDF2KdfConfig.ITERATIONS.defaultValue);
|
||||
@@ -1,5 +1,6 @@
|
||||
import { KdfType } from "@bitwarden/key-management";
|
||||
|
||||
import { KeysRequest } from "../../../../models/request/keys.request";
|
||||
import { KdfType } from "../../../../platform/enums";
|
||||
import { EncryptedString } from "../../../../platform/models/domain/enc-string";
|
||||
|
||||
export class RegisterFinishRequest {
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
import { KdfConfig, KdfType } from "@bitwarden/key-management";
|
||||
|
||||
import { KeysRequest } from "../../../models/request/keys.request";
|
||||
import { KdfType } from "../../../platform/enums";
|
||||
import { KdfConfig } from "../domain/kdf-config";
|
||||
|
||||
export class SetKeyConnectorKeyRequest {
|
||||
key: string;
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
import { KdfType } from "@bitwarden/key-management";
|
||||
|
||||
import { KeysRequest } from "../../../models/request/keys.request";
|
||||
import { KdfType } from "../../../platform/enums";
|
||||
|
||||
export class SetPasswordRequest {
|
||||
masterPasswordHash: string;
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
import { KdfType } from "@bitwarden/key-management";
|
||||
|
||||
import { BaseResponse } from "../../../models/response/base.response";
|
||||
import { KdfType } from "../../../platform/enums";
|
||||
|
||||
import { MasterPasswordPolicyResponse } from "./master-password-policy.response";
|
||||
import { UserDecryptionOptionsResponse } from "./user-decryption-options/user-decryption-options.response";
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
import { KdfType } from "@bitwarden/key-management";
|
||||
|
||||
import { BaseResponse } from "../../../models/response/base.response";
|
||||
import { KdfType } from "../../../platform/enums";
|
||||
|
||||
export class PreloginResponse extends BaseResponse {
|
||||
kdf: KdfType;
|
||||
|
||||
@@ -1,132 +0,0 @@
|
||||
import { FakeAccountService, FakeStateProvider, mockAccountServiceWith } from "../../../spec";
|
||||
import { Utils } from "../../platform/misc/utils";
|
||||
import { UserId } from "../../types/guid";
|
||||
import { Argon2KdfConfig, PBKDF2KdfConfig } from "../models/domain/kdf-config";
|
||||
|
||||
import { KdfConfigService } from "./kdf-config.service";
|
||||
|
||||
describe("KdfConfigService", () => {
|
||||
let sutKdfConfigService: KdfConfigService;
|
||||
|
||||
let fakeStateProvider: FakeStateProvider;
|
||||
let fakeAccountService: FakeAccountService;
|
||||
const mockUserId = Utils.newGuid() as UserId;
|
||||
|
||||
beforeEach(() => {
|
||||
jest.clearAllMocks();
|
||||
|
||||
fakeAccountService = mockAccountServiceWith(mockUserId);
|
||||
fakeStateProvider = new FakeStateProvider(fakeAccountService);
|
||||
sutKdfConfigService = new KdfConfigService(fakeStateProvider);
|
||||
});
|
||||
|
||||
it("setKdfConfig(): should set the KDF config", async () => {
|
||||
const kdfConfig: PBKDF2KdfConfig = new PBKDF2KdfConfig(600_000);
|
||||
await sutKdfConfigService.setKdfConfig(mockUserId, kdfConfig);
|
||||
await expect(sutKdfConfigService.getKdfConfig()).resolves.toEqual(kdfConfig);
|
||||
});
|
||||
|
||||
it("setKdfConfig(): should get the KDF config", async () => {
|
||||
const kdfConfig: Argon2KdfConfig = new Argon2KdfConfig(3, 64, 4);
|
||||
await sutKdfConfigService.setKdfConfig(mockUserId, kdfConfig);
|
||||
await expect(sutKdfConfigService.getKdfConfig()).resolves.toEqual(kdfConfig);
|
||||
});
|
||||
|
||||
it("setKdfConfig(): should throw error KDF cannot be null", async () => {
|
||||
const kdfConfig: Argon2KdfConfig = null;
|
||||
try {
|
||||
await sutKdfConfigService.setKdfConfig(mockUserId, kdfConfig);
|
||||
} catch (e) {
|
||||
expect(e).toEqual(new Error("kdfConfig cannot be null"));
|
||||
}
|
||||
});
|
||||
|
||||
it("setKdfConfig(): should throw error userId cannot be null", async () => {
|
||||
const kdfConfig: Argon2KdfConfig = new Argon2KdfConfig(3, 64, 4);
|
||||
try {
|
||||
await sutKdfConfigService.setKdfConfig(null, kdfConfig);
|
||||
} catch (e) {
|
||||
expect(e).toEqual(new Error("userId cannot be null"));
|
||||
}
|
||||
});
|
||||
|
||||
it("getKdfConfig(): should throw error KdfConfig for active user account state is null", async () => {
|
||||
try {
|
||||
await sutKdfConfigService.getKdfConfig();
|
||||
} catch (e) {
|
||||
expect(e).toEqual(new Error("KdfConfig for active user account state is null"));
|
||||
}
|
||||
});
|
||||
|
||||
it("validateKdfConfigForSetting(): should validate the PBKDF2 KDF config", () => {
|
||||
const kdfConfig: PBKDF2KdfConfig = new PBKDF2KdfConfig(600_000);
|
||||
expect(() => kdfConfig.validateKdfConfigForSetting()).not.toThrow();
|
||||
});
|
||||
|
||||
it("validateKdfConfigForSetting(): should validate the Argon2id KDF config", () => {
|
||||
const kdfConfig: Argon2KdfConfig = new Argon2KdfConfig(3, 64, 4);
|
||||
expect(() => kdfConfig.validateKdfConfigForSetting()).not.toThrow();
|
||||
});
|
||||
|
||||
it("validateKdfConfigForSetting(): should throw an error for invalid PBKDF2 iterations", () => {
|
||||
const kdfConfig: PBKDF2KdfConfig = new PBKDF2KdfConfig(100000);
|
||||
expect(() => kdfConfig.validateKdfConfigForSetting()).toThrow(
|
||||
`PBKDF2 iterations must be between ${PBKDF2KdfConfig.ITERATIONS.min} and ${PBKDF2KdfConfig.ITERATIONS.max}`,
|
||||
);
|
||||
});
|
||||
|
||||
it("validateKdfConfigForSetting(): should throw an error for invalid Argon2 iterations", () => {
|
||||
const kdfConfig: Argon2KdfConfig = new Argon2KdfConfig(11, 64, 4);
|
||||
expect(() => kdfConfig.validateKdfConfigForSetting()).toThrow(
|
||||
`Argon2 iterations must be between ${Argon2KdfConfig.ITERATIONS.min} and ${Argon2KdfConfig.ITERATIONS.max}`,
|
||||
);
|
||||
});
|
||||
|
||||
it("validateKdfConfigForSetting(): should throw an error for invalid Argon2 parallelism", () => {
|
||||
const kdfConfig: Argon2KdfConfig = new Argon2KdfConfig(3, 64, 17);
|
||||
expect(() => kdfConfig.validateKdfConfigForSetting()).toThrow(
|
||||
`Argon2 parallelism must be between ${Argon2KdfConfig.PARALLELISM.min} and ${Argon2KdfConfig.PARALLELISM.max}`,
|
||||
);
|
||||
});
|
||||
|
||||
it("validateKdfConfigForPrelogin(): should validate the PBKDF2 KDF config", () => {
|
||||
const kdfConfig: PBKDF2KdfConfig = new PBKDF2KdfConfig(600_000);
|
||||
expect(() => kdfConfig.validateKdfConfigForPrelogin()).not.toThrow();
|
||||
});
|
||||
|
||||
it("validateKdfConfigForPrelogin(): should validate the Argon2id KDF config", () => {
|
||||
const kdfConfig: Argon2KdfConfig = new Argon2KdfConfig(3, 64, 4);
|
||||
expect(() => kdfConfig.validateKdfConfigForPrelogin()).not.toThrow();
|
||||
});
|
||||
|
||||
it("validateKdfConfigForPrelogin(): should throw an error for too low PBKDF2 iterations", () => {
|
||||
const kdfConfig: PBKDF2KdfConfig = new PBKDF2KdfConfig(
|
||||
PBKDF2KdfConfig.PRELOGIN_ITERATIONS_MIN - 1,
|
||||
);
|
||||
expect(() => kdfConfig.validateKdfConfigForPrelogin()).toThrow(
|
||||
`PBKDF2 iterations must be at least ${PBKDF2KdfConfig.PRELOGIN_ITERATIONS_MIN}, but was ${kdfConfig.iterations}; possible pre-login downgrade attack detected.`,
|
||||
);
|
||||
});
|
||||
|
||||
it("validateKdfConfigForPrelogin(): should throw an error for too low Argon2 iterations", () => {
|
||||
const kdfConfig: Argon2KdfConfig = new Argon2KdfConfig(
|
||||
Argon2KdfConfig.PRELOGIN_ITERATIONS_MIN - 1,
|
||||
64,
|
||||
4,
|
||||
);
|
||||
expect(() => kdfConfig.validateKdfConfigForPrelogin()).toThrow(
|
||||
`Argon2 iterations must be at least ${Argon2KdfConfig.PRELOGIN_ITERATIONS_MIN}, but was ${kdfConfig.iterations}; possible pre-login downgrade attack detected.`,
|
||||
);
|
||||
});
|
||||
|
||||
it("validateKdfConfigForPrelogin(): should throw an error for too low Argon2 memory", () => {
|
||||
const kdfConfig: Argon2KdfConfig = new Argon2KdfConfig(
|
||||
3,
|
||||
Argon2KdfConfig.PRELOGIN_MEMORY_MIN - 1,
|
||||
4,
|
||||
);
|
||||
expect(() => kdfConfig.validateKdfConfigForPrelogin()).toThrow(
|
||||
`Argon2 memory must be at least ${Argon2KdfConfig.PRELOGIN_MEMORY_MIN} MiB, but was ${kdfConfig.memory} MiB; possible pre-login downgrade attack detected.`,
|
||||
);
|
||||
});
|
||||
});
|
||||
@@ -1,45 +0,0 @@
|
||||
import { firstValueFrom, Observable } from "rxjs";
|
||||
|
||||
import { KdfType } from "../../platform/enums/kdf-type.enum";
|
||||
import { KDF_CONFIG_DISK, StateProvider, UserKeyDefinition } from "../../platform/state";
|
||||
import { UserId } from "../../types/guid";
|
||||
import { KdfConfigService as KdfConfigServiceAbstraction } from "../abstractions/kdf-config.service";
|
||||
import { Argon2KdfConfig, KdfConfig, PBKDF2KdfConfig } from "../models/domain/kdf-config";
|
||||
|
||||
export const KDF_CONFIG = new UserKeyDefinition<KdfConfig>(KDF_CONFIG_DISK, "kdfConfig", {
|
||||
deserializer: (kdfConfig: KdfConfig) => {
|
||||
if (kdfConfig == null) {
|
||||
return null;
|
||||
}
|
||||
return kdfConfig.kdfType === KdfType.PBKDF2_SHA256
|
||||
? PBKDF2KdfConfig.fromJSON(kdfConfig)
|
||||
: Argon2KdfConfig.fromJSON(kdfConfig);
|
||||
},
|
||||
clearOn: ["logout"],
|
||||
});
|
||||
|
||||
export class KdfConfigService implements KdfConfigServiceAbstraction {
|
||||
constructor(private stateProvider: StateProvider) {}
|
||||
async setKdfConfig(userId: UserId, kdfConfig: KdfConfig) {
|
||||
if (!userId) {
|
||||
throw new Error("userId cannot be null");
|
||||
}
|
||||
if (kdfConfig === null) {
|
||||
throw new Error("kdfConfig cannot be null");
|
||||
}
|
||||
await this.stateProvider.setUserState(KDF_CONFIG, kdfConfig, userId);
|
||||
}
|
||||
|
||||
async getKdfConfig(): Promise<KdfConfig> {
|
||||
const userId = await firstValueFrom(this.stateProvider.activeUserId$);
|
||||
const state = await firstValueFrom(this.stateProvider.getUser(userId, KDF_CONFIG).state$);
|
||||
if (state === null) {
|
||||
throw new Error("KdfConfig for active user account state is null");
|
||||
}
|
||||
return state;
|
||||
}
|
||||
|
||||
getKdfConfig$(userId: UserId): Observable<KdfConfig> {
|
||||
return this.stateProvider.getUser(userId, KDF_CONFIG).state$;
|
||||
}
|
||||
}
|
||||
@@ -1,8 +1,14 @@
|
||||
import { firstValueFrom } from "rxjs";
|
||||
|
||||
import { LogoutReason } from "@bitwarden/auth/common";
|
||||
import {
|
||||
Argon2KdfConfig,
|
||||
KdfConfig,
|
||||
PBKDF2KdfConfig,
|
||||
KeyService,
|
||||
KdfType,
|
||||
} from "@bitwarden/key-management";
|
||||
|
||||
import { KeyService } from "../../../../key-management/src/abstractions/key.service";
|
||||
import { ApiService } from "../../abstractions/api.service";
|
||||
import { OrganizationService } from "../../admin-console/abstractions/organization/organization.service.abstraction";
|
||||
import { OrganizationUserType } from "../../admin-console/enums";
|
||||
@@ -10,7 +16,6 @@ import { Organization } from "../../admin-console/models/domain/organization";
|
||||
import { KeysRequest } from "../../models/request/keys.request";
|
||||
import { KeyGenerationService } from "../../platform/abstractions/key-generation.service";
|
||||
import { LogService } from "../../platform/abstractions/log.service";
|
||||
import { KdfType } from "../../platform/enums/kdf-type.enum";
|
||||
import { Utils } from "../../platform/misc/utils";
|
||||
import { SymmetricCryptoKey } from "../../platform/models/domain/symmetric-crypto-key";
|
||||
import {
|
||||
@@ -25,7 +30,6 @@ import { AccountService } from "../abstractions/account.service";
|
||||
import { KeyConnectorService as KeyConnectorServiceAbstraction } from "../abstractions/key-connector.service";
|
||||
import { InternalMasterPasswordServiceAbstraction } from "../abstractions/master-password.service.abstraction";
|
||||
import { TokenService } from "../abstractions/token.service";
|
||||
import { Argon2KdfConfig, KdfConfig, PBKDF2KdfConfig } from "../models/domain/kdf-config";
|
||||
import { KeyConnectorUserKeyRequest } from "../models/request/key-connector-user-key.request";
|
||||
import { SetKeyConnectorKeyRequest } from "../models/request/set-key-connector-key.request";
|
||||
import { IdentityTokenResponse } from "../models/response/identity-token.response";
|
||||
|
||||
@@ -7,8 +7,9 @@ import {
|
||||
UserDecryptionOptions,
|
||||
UserDecryptionOptionsServiceAbstraction,
|
||||
} from "@bitwarden/auth/common";
|
||||
import { KdfConfig, KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { KeyService } from "../../../../../key-management/src/abstractions/key.service";
|
||||
import { KdfConfigService } from "../../../../../key-management/src/abstractions/kdf-config.service";
|
||||
import { FakeAccountService, mockAccountServiceWith } from "../../../../spec";
|
||||
import { VaultTimeoutSettingsService } from "../../../abstractions/vault-timeout/vault-timeout-settings.service";
|
||||
import { I18nService } from "../../../platform/abstractions/i18n.service";
|
||||
@@ -18,11 +19,9 @@ import { HashPurpose } from "../../../platform/enums";
|
||||
import { Utils } from "../../../platform/misc/utils";
|
||||
import { UserId } from "../../../types/guid";
|
||||
import { MasterKey } from "../../../types/key";
|
||||
import { KdfConfigService } from "../../abstractions/kdf-config.service";
|
||||
import { InternalMasterPasswordServiceAbstraction } from "../../abstractions/master-password.service.abstraction";
|
||||
import { UserVerificationApiServiceAbstraction } from "../../abstractions/user-verification/user-verification-api.service.abstraction";
|
||||
import { VerificationType } from "../../enums/verification-type";
|
||||
import { KdfConfig } from "../../models/domain/kdf-config";
|
||||
import { MasterPasswordPolicyResponse } from "../../models/response/master-password-policy.response";
|
||||
import { MasterPasswordVerification } from "../../types/verification";
|
||||
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
import { firstValueFrom, map } from "rxjs";
|
||||
|
||||
import { UserDecryptionOptionsServiceAbstraction } from "@bitwarden/auth/common";
|
||||
import { KdfConfigService, KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { PinServiceAbstraction } from "../../../../../auth/src/common/abstractions/pin.service.abstraction";
|
||||
import { KeyService } from "../../../../../key-management/src/abstractions/key.service";
|
||||
import { VaultTimeoutSettingsService as VaultTimeoutSettingsServiceAbstraction } from "../../../abstractions/vault-timeout/vault-timeout-settings.service";
|
||||
import { I18nService } from "../../../platform/abstractions/i18n.service";
|
||||
import { LogService } from "../../../platform/abstractions/log.service";
|
||||
@@ -13,7 +13,6 @@ import { KeySuffixOptions } from "../../../platform/enums/key-suffix-options.enu
|
||||
import { UserId } from "../../../types/guid";
|
||||
import { UserKey } from "../../../types/key";
|
||||
import { AccountService } from "../../abstractions/account.service";
|
||||
import { KdfConfigService } from "../../abstractions/kdf-config.service";
|
||||
import { InternalMasterPasswordServiceAbstraction } from "../../abstractions/master-password.service.abstraction";
|
||||
import { UserVerificationApiServiceAbstraction } from "../../abstractions/user-verification/user-verification-api.service.abstraction";
|
||||
import { UserVerificationService as UserVerificationServiceAbstraction } from "../../abstractions/user-verification/user-verification.service.abstraction";
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
import { KdfType } from "@bitwarden/key-management";
|
||||
|
||||
import { PasswordRequest } from "../../auth/models/request/password.request";
|
||||
import { KdfType } from "../../platform/enums";
|
||||
|
||||
export class KdfRequest extends PasswordRequest {
|
||||
kdf: KdfType;
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
import { KdfType } from "@bitwarden/key-management";
|
||||
|
||||
import { CaptchaProtectedRequest } from "../../auth/models/request/captcha-protected.request";
|
||||
import { KdfType } from "../../platform/enums";
|
||||
|
||||
import { KeysRequest } from "./keys.request";
|
||||
import { ReferenceEventRequest } from "./reference-event.request";
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
import { KdfConfig } from "../../auth/models/domain/kdf-config";
|
||||
import { KdfConfig } from "@bitwarden/key-management";
|
||||
|
||||
import { CsprngArray } from "../../types/csprng";
|
||||
import { SymmetricCryptoKey } from "../models/domain/symmetric-crypto-key";
|
||||
|
||||
|
||||
@@ -2,7 +2,6 @@ export * from "./encryption-type.enum";
|
||||
export * from "./file-upload-type.enum";
|
||||
export * from "./hash-purpose.enum";
|
||||
export * from "./html-storage-location.enum";
|
||||
export * from "./kdf-type.enum";
|
||||
export * from "./key-suffix-options.enum";
|
||||
export * from "./log-level-type.enum";
|
||||
export * from "./storage-location.enum";
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
export enum KdfType {
|
||||
PBKDF2_SHA256 = 0,
|
||||
Argon2id = 1,
|
||||
}
|
||||
@@ -1,6 +1,7 @@
|
||||
import { mock } from "jest-mock-extended";
|
||||
|
||||
import { Argon2KdfConfig, PBKDF2KdfConfig } from "../../auth/models/domain/kdf-config";
|
||||
import { PBKDF2KdfConfig, Argon2KdfConfig } from "@bitwarden/key-management";
|
||||
|
||||
import { CsprngArray } from "../../types/csprng";
|
||||
import { CryptoFunctionService } from "../abstractions/crypto-function.service";
|
||||
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
import { Argon2KdfConfig, KdfConfig, PBKDF2KdfConfig } from "../../auth/models/domain/kdf-config";
|
||||
import { KdfConfig, PBKDF2KdfConfig, Argon2KdfConfig, KdfType } from "@bitwarden/key-management";
|
||||
|
||||
import { CsprngArray } from "../../types/csprng";
|
||||
import { CryptoFunctionService } from "../abstractions/crypto-function.service";
|
||||
import { KeyGenerationService as KeyGenerationServiceAbstraction } from "../abstractions/key-generation.service";
|
||||
import { KdfType } from "../enums";
|
||||
import { Utils } from "../misc/utils";
|
||||
import { SymmetricCryptoKey } from "../models/domain/symmetric-crypto-key";
|
||||
|
||||
|
||||
@@ -1,13 +1,11 @@
|
||||
import { mock, MockProxy } from "jest-mock-extended";
|
||||
import { BehaviorSubject, firstValueFrom, of } from "rxjs";
|
||||
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
import { KdfConfigService, KeyService, PBKDF2KdfConfig } from "@bitwarden/key-management";
|
||||
import { BitwardenClient } from "@bitwarden/sdk-internal";
|
||||
|
||||
import { ApiService } from "../../../abstractions/api.service";
|
||||
import { AccountInfo, AccountService } from "../../../auth/abstractions/account.service";
|
||||
import { KdfConfigService } from "../../../auth/abstractions/kdf-config.service";
|
||||
import { PBKDF2KdfConfig } from "../../../auth/models/domain/kdf-config";
|
||||
import { UserId } from "../../../types/guid";
|
||||
import { UserKey } from "../../../types/key";
|
||||
import { Environment, EnvironmentService } from "../../abstractions/environment.service";
|
||||
|
||||
@@ -11,7 +11,7 @@ import {
|
||||
catchError,
|
||||
} from "rxjs";
|
||||
|
||||
import { KeyService } from "@bitwarden/key-management";
|
||||
import { KeyService, KdfConfigService, KdfConfig, KdfType } from "@bitwarden/key-management";
|
||||
import {
|
||||
BitwardenClient,
|
||||
ClientSettings,
|
||||
@@ -22,8 +22,6 @@ import {
|
||||
import { ApiService } from "../../../abstractions/api.service";
|
||||
import { EncryptedOrganizationKeyData } from "../../../admin-console/models/data/encrypted-organization-key.data";
|
||||
import { AccountInfo, AccountService } from "../../../auth/abstractions/account.service";
|
||||
import { KdfConfigService } from "../../../auth/abstractions/kdf-config.service";
|
||||
import { KdfConfig } from "../../../auth/models/domain/kdf-config";
|
||||
import { DeviceType } from "../../../enums/device-type.enum";
|
||||
import { OrganizationId, UserId } from "../../../types/guid";
|
||||
import { UserKey } from "../../../types/key";
|
||||
@@ -31,7 +29,6 @@ import { Environment, EnvironmentService } from "../../abstractions/environment.
|
||||
import { PlatformUtilsService } from "../../abstractions/platform-utils.service";
|
||||
import { SdkClientFactory } from "../../abstractions/sdk/sdk-client-factory";
|
||||
import { SdkService } from "../../abstractions/sdk/sdk.service";
|
||||
import { KdfType } from "../../enums";
|
||||
import { compareValues } from "../../misc/compare-values";
|
||||
import { EncryptedString } from "../../models/domain/enc-string";
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
import { Observable, concatMap, distinctUntilChanged, firstValueFrom, map } from "rxjs";
|
||||
|
||||
import { KeyService } from "../../../../../key-management/src/abstractions/key.service";
|
||||
import { PBKDF2KdfConfig } from "../../../auth/models/domain/kdf-config";
|
||||
import { PBKDF2KdfConfig, KeyService } from "@bitwarden/key-management";
|
||||
|
||||
import { EncryptService } from "../../../platform/abstractions/encrypt.service";
|
||||
import { I18nService } from "../../../platform/abstractions/i18n.service";
|
||||
import { KeyGenerationService } from "../../../platform/abstractions/key-generation.service";
|
||||
|
||||
@@ -1,12 +1,5 @@
|
||||
{
|
||||
"extends": "../shared/tsconfig.libs",
|
||||
"include": [
|
||||
"src",
|
||||
"spec",
|
||||
"./custom-matchers.d.ts",
|
||||
"../key-management/src/key.service.spec.ts",
|
||||
"../key-management/src/key.service.ts",
|
||||
"../key-management/src/abstractions/key.service.ts"
|
||||
],
|
||||
"include": ["src", "spec", "./custom-matchers.d.ts", "../key-management/src/index.ts"],
|
||||
"exclude": ["node_modules", "dist"]
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user