summaryrefslogtreecommitdiff
path: root/security/nss
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-04-18 14:05:21 +0200
committerwolfbeast <mcwerewolf@gmail.com>2018-04-18 14:05:21 +0200
commit1ef526f0f0ea664518789c5ab73ed9de140714ad (patch)
treea9a54cd23d9a4465e0181dd212809c17745c5af6 /security/nss
parent8058e08926afc5ec6528d233cf8cc5f7404dad38 (diff)
downloaduxp-1ef526f0f0ea664518789c5ab73ed9de140714ad.tar.gz
Strengthen the use of the Master Password.
- Use 30k iterations instead of 1. - Enforce minimum password length of 8 characters. - Adjust strength meter accordingly. This resolves #82.
Diffstat (limited to 'security/nss')
-rw-r--r--security/nss/lib/softoken/sftkpwd.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/security/nss/lib/softoken/sftkpwd.c b/security/nss/lib/softoken/sftkpwd.c
index e0d2df9ab4..07b6922dca 100644
--- a/security/nss/lib/softoken/sftkpwd.c
+++ b/security/nss/lib/softoken/sftkpwd.c
@@ -273,7 +273,7 @@ sftkdb_EncryptAttribute(PLArenaPool *arena, SECItem *passKey,
RNG_GenerateGlobalRandomBytes(saltData, cipherValue.salt.len);
param = nsspkcs5_NewParam(cipherValue.alg, HASH_AlgSHA1, &cipherValue.salt,
- 1);
+ 30000);
if (param == NULL) {
rv = SECFailure;
goto loser;
@@ -444,7 +444,7 @@ sftkdb_SignAttribute(PLArenaPool *arena, SECItem *passKey,
RNG_GenerateGlobalRandomBytes(saltData, prfLength);
/* initialize our pkcs5 parameter */
- param = nsspkcs5_NewParam(signValue.alg, HASH_AlgSHA1, &signValue.salt, 1);
+ param = nsspkcs5_NewParam(signValue.alg, HASH_AlgSHA1, &signValue.salt, 30000);
if (param == NULL) {
rv = SECFailure;
goto loser;