[PM-23229] Add extra validation to kdf changes + authentication data + unlock data (#6121)

* Added MasterPasswordUnlock to UserDecryptionOptions as part of identity response * Implement support for authentication data and unlock data in kdf change * Extract to kdf command and add tests * Fix namespace * Delete empty file * Fix build * Clean up tests * Fix tests * Add comments * Cleanup * Cleanup * Cleanup * Clean-up and fix build * Address feedback; force new parameters on KDF change request * Clean-up and add tests * Re-add logger * Update logger to interface * Clean up, remove Kdf Request Model * Remove kdf request model tests * Fix types in test * Address feedback to rename request model and re-add tests * Fix namespace * Move comments * Rename InnerKdfRequestModel to KdfRequestModel --------- Co-authored-by: Maciej Zieniuk <mzieniuk@bitwarden.com>
2026-02-03 23:53:19 +08:00 · 2025-09-24 05:10:46 +09:00
parent 744f11733d
commit ff092a031e
25 changed files with 729 additions and 173 deletions
--- a/src/Api/KeyManagement/Models/Requests/MasterPasswordUnlockDataRequestModel.cs
+++ b/src/Api/KeyManagement/Models/Requests/MasterPasswordUnlockDataRequestModel.cs
@@ -0,0 +1,22 @@
+using System.ComponentModel.DataAnnotations;
+using Bit.Core.KeyManagement.Models.Data;
+using Bit.Core.Utilities;
+
+namespace Bit.Api.KeyManagement.Models.Requests;
+
+public class MasterPasswordUnlockDataRequestModel
+{
+    public required KdfRequestModel Kdf { get; init; }
+    [EncryptedString] public required string MasterKeyWrappedUserKey { get; init; }
+    [StringLength(256)] public required string Salt { get; init; }
+
+    public MasterPasswordUnlockData ToData()
+    {
+        return new MasterPasswordUnlockData
+        {
+            Kdf = Kdf.ToData(),
+            MasterKeyWrappedUserKey = MasterKeyWrappedUserKey,
+            Salt = Salt
+        };
+    }
+}