dreezey / argon2-password-hash-provider

Argon2 Password Hash Provider for Keycloak
Apache License 2.0
25 stars 16 forks source link

Argon2 Variant only numeric input allowed, no ARGON2i, ARGON2d or ARGON2id #19

Open woodyc79 opened 9 months ago

woodyc79 commented 9 months ago

In the documentation there is mentioned that you can choose one of the following versions:ARGON2i, ARGON2d or ARGON2id (default: ARGON2id)

But currently one can only input numeric values:

image

Used: argon2-password-hash-provider-2.0.1.jar and KeyCloak 23.0.5

Kind regards, Christian

Ramblurr commented 9 months ago

I'm not sure why the original author of this plugin did it this way, but the integers correspond to the enums in

[org.bouncycastle.crypto.params.Argon2Parameters])(https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/crypto/params/Argon2Parameters.java#L9-L11)

    public static final int ARGON2_d = 0x00;
    public static final int ARGON2_i = 0x01;
    public static final int ARGON2_id = 0x02;