argon 2 verify issue with sqlite

[ThomasGustafson]

I am currently working on passcode verification for my program Sound Sphere but the verify method is not working for some reason. I am attaching the method I use to create a user and inset into database(that works) and the methods used to get the stored hash and the one to verify it.

Thank you for your time and any help

Thomas Gustafson

p.s. the HashPassword method is triggered on an on press through fxml.

[phxql]

Hi, what is the expected vs the actual behaviour?

Btw, you can convert a String into a char[] by calling .toCharArray on the String instance. You don't need to iterate over the chars and do the copying by yourself.

[ThomasGustafson]

The expected result is for the user to enter the username and passkey and for the Program to get the stored hash(hash in database) then use the stored hash in the argon 2. Verify function.

An example would be you make a new user let's say Bob(userName) with a passcode of 12345 When the user is created the create user function will hash the password and add it to the database(this part works) then when Bob goes to log in the password is taken and converted to a char and the stored hash is selected from the database based on the username (the selecting of the hash from the database works) then with that information the program will use the argon 2. Verify to verify the password so if Bob enters 12345 then the verify function should return true but what I get is false even when entering the correct credentials.

[phxql]

Well, I don't know where the bug in your program is. Is the code example from the argon2-jvm README working? If yes, then it's likely that this is a logic bug in your program, not in the argon2-jvm library.

[ThomasGustafson]

you are talking about the example here https://github.com/phxql/argon2-jvm/blob/master/README.md

right?

[ThomasGustafson]

how do you strip the salt from the encoded hash that is my best guess as to what is causing the problem?

[ThomasGustafson]

I got it to work I think the problem was I was using two different hashing parameters for the user creation and the verification.

Thank you for your time and help.