Provide API to retrieve hasher settings of encoded hash

[lunikon]

It would be nice to have an official API to retrieve the settings with which a hash has been generated. While these are encoded in the hash and it would be relatively easy to extract them manually, it would be nicer if the library provided a proper abstraction over this and left said parsing to the backend/actual implementations.

Motivation: I would like to automatically re-hash verified passwords if the currently used settings differ from those used when the password was originally hashed. At the moment, determining whether the settings have changed is relatively cumbersome.

[kosprov]

Would adding the following method on the Hasher interface be sufficient for your use-case?

    /**
     * Tests whether this hasher configuration matches with properties found encoded in the given hash.
     *
     * @param encodedHash An Argon2 encoded hash
     * @return <code>true</code>, if this hasher properties and encodedHash properties match (type, version, memory
     * cost, time cost, parallelism, salt length and hash length)
     */
    boolean propertiesMatch(String encodedHash);

It essentially tells if encodedHash could have been produced by this hasher.

Then, you could use it like:

    boolean passwordValid = verifier.password(password).hash(encodedHash).verifyEncoded();
    if (passwordValid && !hasher.propertiesMatch(encodedHash)) {
        String newHash = hasher.password(password).encodedHash();
        // store newHash
    }
    // continue login

[lunikon]

Yes, something like this would be perfect!

[kosprov]

Just deployed API version v1.1.0 to Maven central.

Change your api dependency to:

<dependency>
    <groupId>com.kosprov.jargon2</groupId>
    <artifactId>jargon2-api</artifactId>
    <version>1.1.0</version>
</dependency>

[lunikon]

Damn, that was quick! Thanks a lot!