wonderking/continuity
2
0
Fork 0
Code Issues Pull requests 16 Projects 1 Releases Packages 1 Wiki Activity Actions

feat: adjustments to Argon2 settings
All checks were successful
Test if Server can be built / build-server (push) Successful in 26s
Details

Browse source
This commit is contained in:
Timothy Schenk 2023-08-14 20:00:56 +02:00
parent fd47ba2db0
commit 63c29f21df
3 changed files with 15 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
Server/PacketHandlers/LoginHandler.cs
View file

@ -26,28 +26,28 @@ public class LoginHandler : IPacketHandler<LoginInfoPacket>
public async Task HandleAsync(LoginInfoPacket packet, TcpSession session)
{
var loginResponseReason = LoginResponseReason.Error;
LoginResponseReason loginResponseReason;
this.logger.LogInformation("Login data: Username {Username} & Password {Password}", packet.Username,
packet.Password);
var account = this.wonderkingContext.Accounts.FirstOrDefault(a => a.Username == packet.Username);
// https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#argon2id
// https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Chea1t_Sheet.html#argon2id
// "Use Argon2id with a minimum configuration of 19 MiB of memory, an iteration count of 2, and 1 degree of parallelism."
var argon2Id = new Argon2id(Encoding.ASCII.GetBytes(packet.Password));
argon2Id.MemorySize = 1024 * 40;
argon2Id.Iterations = 4;
argon2Id.DegreeOfParallelism = 2;
argon2Id.MemorySize = 1024 * 19;
argon2Id.Iterations = 2;
argon2Id.DegreeOfParallelism = 1;
if (account == null)
{
if (this.configuration.GetSection("Testing").GetValue<bool>("CreateAccountOnLogin"))
{
argon2Id.Salt = RandomNumberGenerator.GetBytes(128);
argon2Id.Salt = RandomNumberGenerator.GetBytes(16);
var finalAccount =
await this.wonderkingContext.Accounts.AddAsync(new Account(packet.Username, Array.Empty<byte>(), "",
0, argon2Id.Salt));
await this.wonderkingContext.SaveChangesAsync();
argon2Id.AssociatedData = finalAccount.Entity.Id.ToByteArray();
finalAccount.Entity.Password = await argon2Id.GetBytesAsync(128);
finalAccount.Entity.Password = await argon2Id.GetBytesAsync(16);
this.wonderkingContext.Accounts.Update(finalAccount.Entity);
loginResponseReason = LoginResponseReason.Ok;
await this.wonderkingContext.SaveChangesAsync();
@ -63,7 +63,7 @@ public class LoginHandler : IPacketHandler<LoginInfoPacket>
{
argon2Id.Salt = account.Salt;
argon2Id.AssociatedData = account.Id.ToByteArray();
var tempPasswordBytes = await argon2Id.GetBytesAsync(128);
var tempPasswordBytes = await argon2Id.GetBytesAsync(16);
loginResponseReason = tempPasswordBytes.SequenceEqual(account.Password)
? LoginResponseReason.Ok
: LoginResponseReason.WrongPassword;

15
Server/Server.csproj
View file

@ -4,10 +4,11 @@
<OutputType>Exe</OutputType>
<TargetFramework>net7.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
<Nullable>warnings</Nullable>
<DockerDefaultTargetOS>Linux</DockerDefaultTargetOS>
<RootNamespace>Server</RootNamespace>
<LangVersion>default</LangVersion>
<ServerGarbageCollection>true</ServerGarbageCollection>
</PropertyGroup>
<ItemGroup>
@ -64,18 +65,6 @@
<PrivateAssets>all</PrivateAssets>
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
</PackageReference>
<PackageReference Include="Roslynator.Analyzers" Version="4.4.0">
<PrivateAssets>all</PrivateAssets>
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
</PackageReference>
<PackageReference Include="Roslynator.CodeAnalysis.Analyzers" Version="4.4.0">
<PrivateAssets>all</PrivateAssets>
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
</PackageReference>
<PackageReference Include="Roslynator.Formatting.Analyzers" Version="4.4.0">
<PrivateAssets>all</PrivateAssets>
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
</PackageReference>
<PackageReference Include="Serilog.Extensions.Logging.File" Version="3.0.0"/>
</ItemGroup>

10
Server/Services/PacketDistributorService.cs
View file

@ -58,9 +58,9 @@ public class PacketDistributorService : IHostedService
private Dictionary<OperationCode, Type> GetPacketsWithId(Assembly executingAssembly)
{
var packetsWithId = executingAssembly.GetTypes().AsParallel()
.Where(type => type.GetCustomAttribute<PacketIdAttribute>() != null && type.HasInterface(typeof(IPacket)) &&
!type.IsInterface)
.ToDictionary(packet => packet.GetCustomAttribute<PacketIdAttribute>()!.Code);
.Where(type => type.HasInterface(typeof(IPacket)) && !type.IsInterface && !type.IsAbstract)
.Where(type => type.GetCustomAttribute<PacketIdAttribute>() != null)
.ToDictionary(type => type.GetCustomAttribute<PacketIdAttribute>().Code);
if (packetsWithId is not { Count: 0 })
{
packetsWithId.AsParallel().ForAll(packet =>
@ -81,8 +81,8 @@ public class PacketDistributorService : IHostedService
t is { IsClass: true, IsAbstract: false } && t
.GetInterfaces().Any(i =>
i.IsGenericType && i.GetGenericTypeDefinition() == typeof(IPacketHandler<>))).ToDictionary(type =>
type.GetInterfaces().First(t => t.IsGenericType && t.GetGenericTypeDefinition() == typeof(IPacketHandler<>))
.GetGenericArguments()[0].GetCustomAttribute<PacketIdAttribute>().Code);
type.GetInterfaces().First(t =>t is { IsGenericType: true} && t.GetGenericTypeDefinition() == typeof(IPacketHandler<>))
.GetGenericArguments().First().GetCustomAttribute<PacketIdAttribute>()!.Code);
if (packetHandlersWithId is not { Count: 0 })
{