dreezey
commented
3 years ago Hi @jhomola79 , thanks for the report.
I have looked into this and indeed when the JSON is serialized to PasswordSecretData, the last element of the byte array seems to get lost, see this line, not entirely sure why but it may be worth reporting this to Keycloak team itself?
I have used java.util.Base64 Utility class in your function to verify with the debugger, and this one seems to properly decode it; byte[16] instead of byte[15] produced by Keycloak's Base64 utility class:
@Test
public void testArgon2iVerifyPredefinedHashFromCredentialModel() {
String rawPassword = "tekvica";
String encodedSalt = "a3I5aE5QR3N0U3VGU05peg";
byte[] salt = Base64.getDecoder().decode(encodedSalt.getBytes(StandardCharsets.UTF_8));
[X1] CredentialModel credentialModel = new CredentialModel();
credentialModel.setSecretData("{\"value\":\"$argon2i$v=19$m=16,t=2,p=1$" + encodedSalt + "$fHjVdRNXcS+bS2D4Vu+IHw\",\"salt\":\"" + encodedSalt + "\"}");
credentialModel.setCredentialData("{\"hashIterations\":1,\"algorithm\":\"argon2\"}");
PasswordCredentialModel passwordCredentialModel = PasswordCredentialModel.createFromCredentialModel(credentialModel);
[X2] boolean verified = Argon2Helper.verifyPassword(rawPassword, passwordCredentialModel);
Assert.assertTrue(verified);
}[X] = breakpoint.
[X1] => salt = byte[16]
[X2] => passwordCredentialModel.secretData.salt = byte[15]
I'll look into bypassing the Keycloak stored salt property, and instead use the one embedded in the encoded Argon2 string:
$argon2i$v=19$m=16,t=2,p=1$a3I5aE5QR3N0U3VGU05peg$fHjVdRNXcS+bS2D4Vu+IHw.
jhomola79
waweber
Hi, I have found a failing test. This way, salt is wrongly base64 decoded to only 15 bytes instead of 16 and verification fails. Probably more Keycloak bug, but maybe can interest you.