diff --git a/src/Core/Abstractions/ICryptoService.cs b/src/Core/Abstractions/ICryptoService.cs index f1dc19692..2c605f034 100644 --- a/src/Core/Abstractions/ICryptoService.cs +++ b/src/Core/Abstractions/ICryptoService.cs @@ -31,7 +31,7 @@ namespace Bit.Core.Abstractions Task GetPrivateKeyAsync(); Task GetPublicKeyAsync(); Task HasEncKeyAsync(); - Task HashPasswordAsync(string password, SymmetricCryptoKey key); + Task HashPasswordAsync(string password, SymmetricCryptoKey key, HashPurpose? hashPurpose); Task HasKeyAsync(); Task> MakeEncKeyAsync(SymmetricCryptoKey key); Task MakeKeyAsync(string password, string salt, KdfType? kdf, int? kdfIterations); diff --git a/src/Core/Enums/HashPurpose.cs b/src/Core/Enums/HashPurpose.cs new file mode 100644 index 000000000..c37779d14 --- /dev/null +++ b/src/Core/Enums/HashPurpose.cs @@ -0,0 +1,8 @@ +namespace Bit.Core.Enums +{ + public enum HashPurpose : byte + { + ServerAuthorization = 1, + LocalAuthorization = 2, + } +} diff --git a/src/Core/Services/CryptoService.cs b/src/Core/Services/CryptoService.cs index 3c21925cc..374f66132 100644 --- a/src/Core/Services/CryptoService.cs +++ b/src/Core/Services/CryptoService.cs @@ -433,7 +433,7 @@ namespace Bit.Core.Services return new SymmetricCryptoKey(sendKey); } - public async Task HashPasswordAsync(string password, SymmetricCryptoKey key) + public async Task HashPasswordAsync(string password, SymmetricCryptoKey key, HashPurpose? hashPurpose) { if (key == null) { @@ -443,7 +443,8 @@ namespace Bit.Core.Services { throw new Exception("Invalid parameters."); } - var hash = await _cryptoFunctionService.Pbkdf2Async(key.Key, password, CryptoHashAlgorithm.Sha256, 1); + var iterations = hashPurpose == HashPurpose.LocalAuthorization ? 2 : 1; + var hash = await _cryptoFunctionService.Pbkdf2Async(key.Key, password, CryptoHashAlgorithm.Sha256, iterations); return Convert.ToBase64String(hash); }