From de182678e017f0a169314410d92de7a2eebd960e Mon Sep 17 00:00:00 2001
From: Ken Friesen <ken.friesen@siriusxm.com>
Date: Wed, 6 Mar 2024 16:39:17 +0000
Subject: [PATCH 1/2] fix addRandomSalt

---
 src/main/java/com/password4j/HashBuilder.java   |  4 ++--
 src/test/com/password4j/Argon2FunctionTest.java | 10 ++++++++++
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/password4j/HashBuilder.java b/src/main/java/com/password4j/HashBuilder.java
index e8715d20..6610ad29 100755
--- a/src/main/java/com/password4j/HashBuilder.java
+++ b/src/main/java/com/password4j/HashBuilder.java
@@ -95,7 +95,7 @@ public HashBuilder addSalt(byte[] saltAsBytes)
      */
     public HashBuilder addRandomSalt()
     {
-        this.salt = SaltGenerator.generate();
+        addSalt(new String(SaltGenerator.generate(), Utils.DEFAULT_CHARSET));
         return this;
     }
 
@@ -117,7 +117,7 @@ public HashBuilder addRandomSalt(int length)
         }
         else
         {
-            this.salt = SaltGenerator.generate(length);
+            addSalt(new String(SaltGenerator.generate(length), Utils.DEFAULT_CHARSET));
         }
         return this;
     }
diff --git a/src/test/com/password4j/Argon2FunctionTest.java b/src/test/com/password4j/Argon2FunctionTest.java
index 5566d203..33aecab6 100755
--- a/src/test/com/password4j/Argon2FunctionTest.java
+++ b/src/test/com/password4j/Argon2FunctionTest.java
@@ -147,6 +147,16 @@ public void test()
         }
     }
 
+    @Test
+    public void testWithGeneratedSalt()
+    {
+        for (TestCase test : CASES)
+        {
+            Argon2Function f = getFunction(test.memory, test.iterations, test.parallelism, test.outLength, test.type, test.version);
+            Hash hash = Password.hash(test.plainTextPassword).addRandomSalt(128).with(f);
+            assertTrue(Password.check(test.plainTextPassword, hash));
+        }
+    }
 
     @Test
     public void parallelTest() throws InterruptedException, ExecutionException

From c02443279d8f1afc4ab440d382f578a9d01ef25d Mon Sep 17 00:00:00 2001
From: Ken Friesen <ken.friesen@siriusxm.com>
Date: Wed, 6 Mar 2024 16:42:19 +0000
Subject: [PATCH 2/2] add test for variable length salt

---
 src/test/com/password4j/Argon2FunctionTest.java | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/test/com/password4j/Argon2FunctionTest.java b/src/test/com/password4j/Argon2FunctionTest.java
index 33aecab6..3fb26d95 100755
--- a/src/test/com/password4j/Argon2FunctionTest.java
+++ b/src/test/com/password4j/Argon2FunctionTest.java
@@ -149,6 +149,17 @@ public void test()
 
     @Test
     public void testWithGeneratedSalt()
+    {
+        for (TestCase test : CASES)
+        {
+            Argon2Function f = getFunction(test.memory, test.iterations, test.parallelism, test.outLength, test.type, test.version);
+            Hash hash = Password.hash(test.plainTextPassword).addRandomSalt().with(f);
+            assertTrue(Password.check(test.plainTextPassword, hash));
+        }
+    }
+
+    @Test
+    public void testWithGeneratedSaltAndSetLenght()
     {
         for (TestCase test : CASES)
         {