diff options
| author | wolfbeast <mcwerewolf@gmail.com> | 2018-04-18 14:05:21 +0200 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@gmail.com> | 2018-04-18 14:05:21 +0200 |
| commit | 1ef526f0f0ea664518789c5ab73ed9de140714ad (patch) | |
| tree | a9a54cd23d9a4465e0181dd212809c17745c5af6 /security/nss | |
| parent | 8058e08926afc5ec6528d233cf8cc5f7404dad38 (diff) | |
| download | UXP-1ef526f0f0ea664518789c5ab73ed9de140714ad.tar UXP-1ef526f0f0ea664518789c5ab73ed9de140714ad.tar.gz UXP-1ef526f0f0ea664518789c5ab73ed9de140714ad.tar.lz UXP-1ef526f0f0ea664518789c5ab73ed9de140714ad.tar.xz UXP-1ef526f0f0ea664518789c5ab73ed9de140714ad.zip | |
Strengthen the use of the Master Password.
- Use 30k iterations instead of 1.
- Enforce minimum password length of 8 characters.
- Adjust strength meter accordingly.
This resolves #82.
Diffstat (limited to 'security/nss')
| -rw-r--r-- | security/nss/lib/softoken/sftkpwd.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/security/nss/lib/softoken/sftkpwd.c b/security/nss/lib/softoken/sftkpwd.c index e0d2df9ab..07b6922dc 100644 --- a/security/nss/lib/softoken/sftkpwd.c +++ b/security/nss/lib/softoken/sftkpwd.c @@ -273,7 +273,7 @@ sftkdb_EncryptAttribute(PLArenaPool *arena, SECItem *passKey, RNG_GenerateGlobalRandomBytes(saltData, cipherValue.salt.len); param = nsspkcs5_NewParam(cipherValue.alg, HASH_AlgSHA1, &cipherValue.salt, - 1); + 30000); if (param == NULL) { rv = SECFailure; goto loser; @@ -444,7 +444,7 @@ sftkdb_SignAttribute(PLArenaPool *arena, SECItem *passKey, RNG_GenerateGlobalRandomBytes(saltData, prfLength); /* initialize our pkcs5 parameter */ - param = nsspkcs5_NewParam(signValue.alg, HASH_AlgSHA1, &signValue.salt, 1); + param = nsspkcs5_NewParam(signValue.alg, HASH_AlgSHA1, &signValue.salt, 30000); if (param == NULL) { rv = SECFailure; goto loser; |