Skip to content

TRUNK-6693: Upgrade secrets to modern password encoding#6345

Draft
jwnasambu wants to merge 2 commits into
openmrs:2.8.xfrom
jwnasambu:TRUNK-6693
Draft

TRUNK-6693: Upgrade secrets to modern password encoding#6345
jwnasambu wants to merge 2 commits into
openmrs:2.8.xfrom
jwnasambu:TRUNK-6693

Conversation

@jwnasambu

@jwnasambu jwnasambu commented Jul 17, 2026

Copy link
Copy Markdown
Contributor

Description of what I changed

I extended the new Argon2id password encoding mechanism to support secret answers, which are human-controlled, low-entropy secrets that benefit from the same secure hashing approach as passwords. Activation keys remain on SHA-512 as they are short-lived and randomly generated tokens requiring deterministic lookup.

Issue I worked on

https://openmrs.atlassian.net/browse/TRUNK-6693

Checklist: I completed these to help reviewers :)

  • My IDE is configured to follow the code style of this project.

    No? Unsure? -> configure your IDE, format the code and add the changes with git add . && git commit --amend

  • I have added tests to cover my changes. (If you refactored
    existing code that was well tested you do not have to add tests)

    No? -> write tests and add them to this commit git add . && git commit --amend

  • I ran ./mvnw clean package right before creating this pull request and
    added all formatting changes to my commit.

    No? -> execute above command

  • All new and existing tests passed.

    No? -> figure out why and add the fix to your commit. It is your responsibility to make sure your code works.

  • My pull request is based on the latest changes of the master branch.

    No? Unsure? -> execute command git pull --rebase upstream master

@jwnasambu
jwnasambu marked this pull request as draft July 17, 2026 15:05
Comment on lines +438 to +461
/**
* Global property name for Argon2 memory cost in KB
*/
public static final String GP_ARGON2_MEMORY = "security.argon2.memory";

/**
* Global property name for Argon2 parallelism factor
*/
public static final String GP_ARGON2_PARALLELISM = "security.argon2.parallelism";

/**
* Global property name for Argon2 iterations
*/
public static final String GP_ARGON2_ITERATIONS = "security.argon2.iterations";

/**
* Global property name for Argon2 hash length in bytes
*/
public static final String GP_ARGON2_HASH_LENGTH = "security.argon2.hashLength";

/**
* Global property name for Argon2 salt length in bytes
*/
public static final String GP_ARGON2_SALT_LENGTH = "security.argon2.saltLength";

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We shouldn't make these global properties, I think. Rather, we should prefer to get these from the runtime properties (which is where we traditionally store the more security-sensitive stuff).

String token = RandomStringUtils.randomAlphanumeric(20);
long time = System.currentTimeMillis() + getValidTime();
String hashedKey = Security.encodeString(token);
String hashedKey = Security.encodeStringSHA512(token);

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

???

String answer = rs.getString("secret_answer");
String salt = rs.getString("salt");
String encryptedAnswer = Security.encodeString(answer.toLowerCase() + salt);
String encryptedAnswer = Security.encodeStringSHA512(answer.toLowerCase() + salt);

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also this?

@sonarqubecloud

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants