bitwarden_core/auth/password/
mod.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
use bitwarden_crypto::{CryptoError, HashPurpose, Kdf, MasterKey};

mod policy;
pub(crate) use policy::satisfies_policy;
pub use policy::MasterPasswordPolicyOptions;
mod validate;
pub(crate) use validate::{validate_password, validate_password_user_key};
mod strength;
pub(crate) use strength::password_strength;

pub(crate) fn determine_password_hash(
    email: &str,
    kdf: &Kdf,
    password: &str,
    purpose: HashPurpose,
) -> Result<String, CryptoError> {
    let master_key = MasterKey::derive(password, email, kdf)?;
    master_key.derive_master_key_hash(password.as_bytes(), purpose)
}

#[cfg(test)]
mod tests {
    use std::num::NonZeroU32;

    use super::*;

    #[test]
    fn test_determine_password_hash() {
        use super::determine_password_hash;

        let password = "password123";
        let email = "[email protected]";
        let kdf = Kdf::PBKDF2 {
            iterations: NonZeroU32::new(100_000).unwrap(),
        };
        let purpose = HashPurpose::LocalAuthorization;

        let result = determine_password_hash(email, &kdf, password, purpose).unwrap();

        assert_eq!(result, "7kTqkF1pY/3JeOu73N9kR99fDDe9O1JOZaVc7KH3lsU=");
    }
}