Changed the way the master password hashing works

Switched from Bcrypt to Scrypt for master password hashing Changed models to use new sizes for hashes and salts, doubled the size of enc_login and enc_passwd for accounts Created new function to check master password validity Increased salt sizes for accounts and master passwords Removed bcrypt from requirements
2022-11-04 00:34:01 +03:00
parent 66ab13b45d
commit a1bed9014d
5 changed files with 38 additions and 31 deletions
--- a/src/database/models.py
+++ b/src/database/models.py
@ -8,10 +8,10 @@ class MasterPass(sqlmodel.SQLModel, table=True):
    id: Optional[int] = sqlmodel.Field(primary_key=True)
    user_id: int = sqlmodel.Field(nullable=False, index=True, unique=True)
    salt: bytes = sqlmodel.Field(
-        sa_column=sqlmodel.Column(sqlmodel.VARBINARY(255), nullable=False)
+        sa_column=sqlmodel.Column(sqlmodel.BINARY(64), nullable=False)
    )
    passwd: bytes = sqlmodel.Field(
-        sa_column=sqlmodel.Column(sqlmodel.VARBINARY(255), nullable=False)
+        sa_column=sqlmodel.Column(sqlmodel.BINARY(128), nullable=False)
    )


@ -22,11 +22,11 @@ class Account(sqlmodel.SQLModel, table=True):
    user_id: int = sqlmodel.Field(nullable=False, index=True)
    name: str = sqlmodel.Field(nullable=False, index=True, max_length=255)
    salt: bytes = sqlmodel.Field(
-        sa_column=sqlmodel.Column(sqlmodel.VARBINARY(255), nullable=False)
+        sa_column=sqlmodel.Column(sqlmodel.BINARY(64), nullable=False)
    )
    enc_login: bytes = sqlmodel.Field(
-        sa_column=sqlmodel.Column(sqlmodel.VARBINARY(255), nullable=False)
+        sa_column=sqlmodel.Column(sqlmodel.VARBINARY(500), nullable=False)
    )
    enc_pass: bytes = sqlmodel.Field(
-        sa_column=sqlmodel.Column(sqlmodel.VARBINARY(255), nullable=False)
+        sa_column=sqlmodel.Column(sqlmodel.VARBINARY(500), nullable=False)
    )