diff options
author | Jesse Luehrs <doy@tozt.net> | 2023-03-25 22:01:37 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-03-25 22:01:37 -0500 |
commit | c12c7643779bc495ff5f26cfe0e924586ced3f2c (patch) | |
tree | 5207ee6eab126594e2b2af4a12af09ec97165e5c /src/bin | |
parent | 2f9bd4eb45c57ce8e8d3011d7660223c05b50f98 (diff) | |
parent | 7b57f928e5fb345e02f6101d07d5cbbc7e540458 (diff) | |
download | rbw-c12c7643779bc495ff5f26cfe0e924586ced3f2c.tar.gz rbw-c12c7643779bc495ff5f26cfe0e924586ced3f2c.zip |
Merge pull request #109 from quexten/feature/argon2
Implement argon2 kdf
Diffstat (limited to 'src/bin')
-rw-r--r-- | src/bin/rbw-agent/actions.rs | 43 |
1 files changed, 41 insertions, 2 deletions
diff --git a/src/bin/rbw-agent/actions.rs b/src/bin/rbw-agent/actions.rs index 88236ba..361009b 100644 --- a/src/bin/rbw-agent/actions.rs +++ b/src/bin/rbw-agent/actions.rs @@ -1,4 +1,5 @@ use anyhow::Context as _; +use rbw::api::KdfType; pub async fn register( sock: &mut crate::sock::Sock, @@ -123,7 +124,10 @@ pub async fn login( Ok(( access_token, refresh_token, + kdf, iterations, + memory, + parallelism, protected_key, )) => { login_success( @@ -131,7 +135,10 @@ pub async fn login( state, access_token, refresh_token, + kdf, iterations, + memory, + parallelism, protected_key, password, db, @@ -151,7 +158,10 @@ pub async fn login( let ( access_token, refresh_token, + kdf, iterations, + memory, + parallelism, protected_key, ) = two_factor( tty, @@ -165,7 +175,10 @@ pub async fn login( state, access_token, refresh_token, + kdf, iterations, + memory, + parallelism, protected_key, password, db, @@ -205,7 +218,7 @@ async fn two_factor( email: &str, password: rbw::locked::Password, provider: rbw::api::TwoFactorProviderType, -) -> anyhow::Result<(String, String, u32, String)> { +) -> anyhow::Result<(String, String, KdfType, u32, Option<u32>, Option<u32>, String)> { let mut err_msg = None; for i in 1_u8..=3 { let err = if i > 1 { @@ -235,11 +248,14 @@ async fn two_factor( ) .await { - Ok((access_token, refresh_token, iterations, protected_key)) => { + Ok((access_token, refresh_token, kdf, iterations, memory, parallelism, protected_key)) => { return Ok(( access_token, refresh_token, + kdf, iterations, + memory, + parallelism, protected_key, )) } @@ -280,7 +296,10 @@ async fn login_success( state: std::sync::Arc<tokio::sync::RwLock<crate::agent::State>>, access_token: String, refresh_token: String, + kdf: KdfType, iterations: u32, + memory: Option<u32>, + parallelism: Option<u32>, protected_key: String, password: rbw::locked::Password, mut db: rbw::db::Db, @@ -288,7 +307,10 @@ async fn login_success( ) -> anyhow::Result<()> { db.access_token = Some(access_token.to_string()); db.refresh_token = Some(refresh_token.to_string()); + db.kdf = Some(kdf); db.iterations = Some(iterations); + db.memory = memory; + db.parallelism = parallelism; db.protected_key = Some(protected_key.to_string()); save_db(&db).await?; @@ -305,7 +327,10 @@ async fn login_success( let res = rbw::actions::unlock( &email, &password, + kdf, iterations, + memory, + parallelism, &protected_key, &protected_private_key, &db.protected_org_keys, @@ -331,12 +356,23 @@ pub async fn unlock( if state.read().await.needs_unlock() { let db = load_db().await?; + let Some(kdf) = db.kdf + else { + return Err(anyhow::anyhow!( + "failed to find kdf type in db" + )); + }; + let Some(iterations) = db.iterations else { return Err(anyhow::anyhow!( "failed to find number of iterations in db" )); }; + + let memory= db.memory; + let parallelism = db.parallelism; + let Some(protected_key) = db.protected_key else { return Err(anyhow::anyhow!( @@ -377,7 +413,10 @@ pub async fn unlock( match rbw::actions::unlock( &email, &password, + kdf, iterations, + memory, + parallelism, &protected_key, &protected_private_key, &db.protected_org_keys, |