bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-18 09:13:33 +00:00
Code Issues Releases Wiki Activity

[PM-3565] Enforce higher minimum KDF (#6440)

Browse Source 
Changes minimum iterations for PBKDF2 to 600 000. Also converts the constants into ranges to ensure there is only a single place for all checks.
This commit is contained in:
Oscar Hinton
2023-12-05 16:55:12 +01:00
committed by GitHub
parent 56860482b1
commit 7bbdee9daa
10 changed files with 150 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
libs/common/src/platform/enums/kdf-type.enum.ts
View File

@@ -1,14 +1,15 @@
import { KdfConfig } from "../../auth/models/domain/kdf-config";
import { RangeWithDefault } from "../misc/range-with-default";
export enum KdfType {
PBKDF2_SHA256 = 0,
Argon2id = 1,
}
export const DEFAULT_ARGON2_MEMORY = 64;
export const DEFAULT_ARGON2_PARALLELISM = 4;
export const DEFAULT_ARGON2_ITERATIONS = 3;
export const ARGON2_MEMORY = new RangeWithDefault(16, 1024, 64);
export const ARGON2_PARALLELISM = new RangeWithDefault(1, 16, 4);
export const ARGON2_ITERATIONS = new RangeWithDefault(2, 10, 3);
export const DEFAULT_KDF_TYPE = KdfType.PBKDF2_SHA256;
export const DEFAULT_PBKDF2_ITERATIONS = 600000;
export const DEFAULT_KDF_CONFIG = new KdfConfig(DEFAULT_PBKDF2_ITERATIONS);
export const PBKDF2_ITERATIONS = new RangeWithDefault(600_000, 2_000_000, 600_000);
export const DEFAULT_KDF_CONFIG = new KdfConfig(PBKDF2_ITERATIONS.defaultValue);