[PS-2358] Add kdf configuration options (#2328)

* Implement kdf configuration * Remove unused import * Move kdf parameters to kdfConfiguration struct * Remove unused state migration service keys * Revert newline changes in PCLCryptoFunctionService * Update KdfConfiguration.cs * Add checks for argon2, clean statemigration service * Update constants * Clean up code * Further cleanup * Change KdfType to non-nullable in SetKeyConnectorKeyRequest --------- Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
2025-12-17 16:53:26 +00:00 · 2023-01-30 17:34:50 +01:00
parent 8b08f906bd
commit c3ad5f0580
20 changed files with 135 additions and 101 deletions
--- a/src/App/Pages/Accounts/SetPasswordPageViewModel.cs
+++ b/src/App/Pages/Accounts/SetPasswordPageViewModel.cs
@@ -163,9 +163,9 @@ namespace Bit.App.Pages
                return;
            }

-            var kdf = KdfType.PBKDF2_SHA256;
+            var kdfConfig = new KdfConfig(KdfType.PBKDF2_SHA256, Constants.Pbkdf2Iterations, null, null);
            var email = await _stateService.GetEmailAsync();
-            var key = await _cryptoService.MakeKeyAsync(MasterPassword, email, kdf, Constants.KdfIterations);
+            var key = await _cryptoService.MakeKeyAsync(MasterPassword, email, kdfConfig);
            var masterPasswordHash = await _cryptoService.HashPasswordAsync(MasterPassword, key, HashPurpose.ServerAuthorization);
            var localMasterPasswordHash = await _cryptoService.HashPasswordAsync(MasterPassword, key, HashPurpose.LocalAuthorization);

@@ -186,8 +186,10 @@ namespace Bit.App.Pages
                MasterPasswordHash = masterPasswordHash,
                Key = encKey.Item2.EncryptedString,
                MasterPasswordHint = Hint,
-                Kdf = kdf,
-                KdfIterations = Constants.KdfIterations,
+                Kdf = kdfConfig.Type.GetValueOrDefault(KdfType.PBKDF2_SHA256),
+                KdfIterations = kdfConfig.Iterations.GetValueOrDefault(Constants.Pbkdf2Iterations),
+                KdfMemory = kdfConfig.Memory,
+                KdfParallelism = kdfConfig.Parallelism,
                OrgIdentifier = OrgIdentifier,
                Keys = new KeysRequest
                {
@@ -201,8 +203,7 @@ namespace Bit.App.Pages
                await _deviceActionService.ShowLoadingAsync(AppResources.CreatingAccount);
                // Set Password and relevant information
                await _apiService.SetPasswordAsync(request);
-                await _stateService.SetKdfTypeAsync(kdf);
-                await _stateService.SetKdfIterationsAsync(Constants.KdfIterations);
+                await _stateService.SetKdfConfigurationAsync(kdfConfig);
                await _cryptoService.SetKeyAsync(key);
                await _cryptoService.SetKeyHashAsync(localMasterPasswordHash);
                await _cryptoService.SetEncKeyAsync(encKey.Item2.EncryptedString);