From 63c29f21df5f15b7b48220a7c6859af620ff9594 Mon Sep 17 00:00:00 2001
From: Timothy Schenk <admin@rainote.dev>
Date: Mon, 14 Aug 2023 20:00:56 +0200
Subject: [PATCH] feat: adjustments to Argon2 settings

---
 Server/PacketHandlers/LoginHandler.cs       | 16 ++++++++--------
 Server/Server.csproj                        | 15 ++-------------
 Server/Services/PacketDistributorService.cs | 10 +++++-----
 3 files changed, 15 insertions(+), 26 deletions(-)

diff --git a/Server/PacketHandlers/LoginHandler.cs b/Server/PacketHandlers/LoginHandler.cs
index 05d1566..d0fc443 100644
--- a/Server/PacketHandlers/LoginHandler.cs
+++ b/Server/PacketHandlers/LoginHandler.cs
@@ -26,28 +26,28 @@ public class LoginHandler : IPacketHandler<LoginInfoPacket>
 
     public async Task HandleAsync(LoginInfoPacket packet, TcpSession session)
     {
-        var loginResponseReason = LoginResponseReason.Error;
+        LoginResponseReason loginResponseReason;
         this.logger.LogInformation("Login data: Username {Username} & Password {Password}", packet.Username,
             packet.Password);
         var account = this.wonderkingContext.Accounts.FirstOrDefault(a => a.Username == packet.Username);
 
-        // https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#argon2id
+        // https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Chea1t_Sheet.html#argon2id
         // "Use Argon2id with a minimum configuration of 19 MiB of memory, an iteration count of 2, and 1 degree of parallelism."
         var argon2Id = new Argon2id(Encoding.ASCII.GetBytes(packet.Password));
-        argon2Id.MemorySize = 1024 * 40;
-        argon2Id.Iterations = 4;
-        argon2Id.DegreeOfParallelism = 2;
+        argon2Id.MemorySize = 1024 * 19;
+        argon2Id.Iterations = 2;
+        argon2Id.DegreeOfParallelism = 1;
         if (account == null)
         {
             if (this.configuration.GetSection("Testing").GetValue<bool>("CreateAccountOnLogin"))
             {
-                argon2Id.Salt = RandomNumberGenerator.GetBytes(128);
+                argon2Id.Salt = RandomNumberGenerator.GetBytes(16);
                 var finalAccount =
                     await this.wonderkingContext.Accounts.AddAsync(new Account(packet.Username, Array.Empty<byte>(), "",
                         0, argon2Id.Salt));
                 await this.wonderkingContext.SaveChangesAsync();
                 argon2Id.AssociatedData = finalAccount.Entity.Id.ToByteArray();
-                finalAccount.Entity.Password = await argon2Id.GetBytesAsync(128);
+                finalAccount.Entity.Password = await argon2Id.GetBytesAsync(16);
                 this.wonderkingContext.Accounts.Update(finalAccount.Entity);
                 loginResponseReason = LoginResponseReason.Ok;
                 await this.wonderkingContext.SaveChangesAsync();
@@ -63,7 +63,7 @@ public class LoginHandler : IPacketHandler<LoginInfoPacket>
         {
             argon2Id.Salt = account.Salt;
             argon2Id.AssociatedData = account.Id.ToByteArray();
-            var tempPasswordBytes = await argon2Id.GetBytesAsync(128);
+            var tempPasswordBytes = await argon2Id.GetBytesAsync(16);
             loginResponseReason = tempPasswordBytes.SequenceEqual(account.Password)
                 ? LoginResponseReason.Ok
                 : LoginResponseReason.WrongPassword;
diff --git a/Server/Server.csproj b/Server/Server.csproj
index a560cca..72beef3 100644
--- a/Server/Server.csproj
+++ b/Server/Server.csproj
@@ -4,10 +4,11 @@
     <OutputType>Exe</OutputType>
     <TargetFramework>net7.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
-    <Nullable>enable</Nullable>
+    <Nullable>warnings</Nullable>
     <DockerDefaultTargetOS>Linux</DockerDefaultTargetOS>
     <RootNamespace>Server</RootNamespace>
     <LangVersion>default</LangVersion>
+    <ServerGarbageCollection>true</ServerGarbageCollection>
   </PropertyGroup>
 
   <ItemGroup>
@@ -64,18 +65,6 @@
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
-    <PackageReference Include="Roslynator.Analyzers" Version="4.4.0">
-      <PrivateAssets>all</PrivateAssets>
-      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-    </PackageReference>
-    <PackageReference Include="Roslynator.CodeAnalysis.Analyzers" Version="4.4.0">
-      <PrivateAssets>all</PrivateAssets>
-      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-    </PackageReference>
-    <PackageReference Include="Roslynator.Formatting.Analyzers" Version="4.4.0">
-      <PrivateAssets>all</PrivateAssets>
-      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-    </PackageReference>
     <PackageReference Include="Serilog.Extensions.Logging.File" Version="3.0.0"/>
   </ItemGroup>
 
diff --git a/Server/Services/PacketDistributorService.cs b/Server/Services/PacketDistributorService.cs
index e2dd552..0285469 100644
--- a/Server/Services/PacketDistributorService.cs
+++ b/Server/Services/PacketDistributorService.cs
@@ -58,9 +58,9 @@ public class PacketDistributorService : IHostedService
     private Dictionary<OperationCode, Type> GetPacketsWithId(Assembly executingAssembly)
     {
         var packetsWithId = executingAssembly.GetTypes().AsParallel()
-            .Where(type => type.GetCustomAttribute<PacketIdAttribute>() != null && type.HasInterface(typeof(IPacket)) &&
-                           !type.IsInterface)
-            .ToDictionary(packet => packet.GetCustomAttribute<PacketIdAttribute>()!.Code);
+            .Where(type => type.HasInterface(typeof(IPacket)) && !type.IsInterface && !type.IsAbstract)
+            .Where(type => type.GetCustomAttribute<PacketIdAttribute>() != null)
+            .ToDictionary(type => type.GetCustomAttribute<PacketIdAttribute>().Code);
         if (packetsWithId is not { Count: 0 })
         {
             packetsWithId.AsParallel().ForAll(packet =>
@@ -81,8 +81,8 @@ public class PacketDistributorService : IHostedService
             t is { IsClass: true, IsAbstract: false } && t
                 .GetInterfaces().Any(i =>
                     i.IsGenericType && i.GetGenericTypeDefinition() == typeof(IPacketHandler<>))).ToDictionary(type =>
-            type.GetInterfaces().First(t => t.IsGenericType && t.GetGenericTypeDefinition() == typeof(IPacketHandler<>))
-                .GetGenericArguments()[0].GetCustomAttribute<PacketIdAttribute>().Code);
+            type.GetInterfaces().First(t =>t is { IsGenericType: true} && t.GetGenericTypeDefinition() == typeof(IPacketHandler<>))
+                .GetGenericArguments().First().GetCustomAttribute<PacketIdAttribute>()!.Code);
 
         if (packetHandlersWithId is not { Count: 0 })
         {