From 9d5c2d9151c4cf99ebe7b697962994255d7a9bb4 Mon Sep 17 00:00:00 2001
From: Roman Trapickin <8594293+rntrp@users.noreply.github.com>
Date: Mon, 21 Apr 2025 10:44:17 +0200
Subject: [PATCH 1/2] Fix IllegalArgumentException message for unknown Argon2
 types

Array index 0 points to an empty string. Use index 1 instead.

Signed-off-by: Roman Trapickin <8594293+rntrp@users.noreply.github.com>
---
 .../security/crypto/argon2/Argon2EncodingUtils.java            | 2 +-
 .../security/crypto/argon2/Argon2EncodingUtilsTests.java       | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/crypto/src/main/java/org/springframework/security/crypto/argon2/Argon2EncodingUtils.java b/crypto/src/main/java/org/springframework/security/crypto/argon2/Argon2EncodingUtils.java
index 4b27d90318a..9f06c8bb245 100644
--- a/crypto/src/main/java/org/springframework/security/crypto/argon2/Argon2EncodingUtils.java
+++ b/crypto/src/main/java/org/springframework/security/crypto/argon2/Argon2EncodingUtils.java
@@ -111,7 +111,7 @@ static Argon2Hash decode(String encodedHash) throws IllegalArgumentException {
 			case "argon2d" -> new Argon2Parameters.Builder(Argon2Parameters.ARGON2_d);
 			case "argon2i" -> new Argon2Parameters.Builder(Argon2Parameters.ARGON2_i);
 			case "argon2id" -> new Argon2Parameters.Builder(Argon2Parameters.ARGON2_id);
-			default -> throw new IllegalArgumentException("Invalid algorithm type: " + parts[0]);
+			default -> throw new IllegalArgumentException("Invalid algorithm type: " + parts[1]);
 		};
 		if (parts[currentPart].startsWith("v=")) {
 			paramsBuilder.withVersion(Integer.parseInt(parts[currentPart].substring(2)));
diff --git a/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2EncodingUtilsTests.java b/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2EncodingUtilsTests.java
index abae39532f9..b4c0b9a3d02 100644
--- a/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2EncodingUtilsTests.java
+++ b/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2EncodingUtilsTests.java
@@ -95,7 +95,8 @@ public void decodeWhenNotAnArgon2HashThenThrowException() {
 	@Test
 	public void decodeWhenNonexistingAlgorithmThenThrowException() {
 		assertThatIllegalArgumentException().isThrownBy(() -> Argon2EncodingUtils
-			.decode("$argon2x$v=19$m=1024,t=3,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs"));
+			.decode("$argon2x$v=19$m=1024,t=3,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs"))
+			.withMessageContaining("argon2x");
 	}
 
 	@Test

From 8ea9b486e70a45cb3f2a6ddabeced7601cb061c8 Mon Sep 17 00:00:00 2001
From: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
Date: Wed, 23 Apr 2025 12:21:59 -0600
Subject: [PATCH 2/2] Fix Formatting

---
 .../security/crypto/argon2/Argon2EncodingUtilsTests.java     | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2EncodingUtilsTests.java b/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2EncodingUtilsTests.java
index b4c0b9a3d02..265527e71e1 100644
--- a/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2EncodingUtilsTests.java
+++ b/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2EncodingUtilsTests.java
@@ -94,8 +94,9 @@ public void decodeWhenNotAnArgon2HashThenThrowException() {
 
 	@Test
 	public void decodeWhenNonexistingAlgorithmThenThrowException() {
-		assertThatIllegalArgumentException().isThrownBy(() -> Argon2EncodingUtils
-			.decode("$argon2x$v=19$m=1024,t=3,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs"))
+		assertThatIllegalArgumentException()
+			.isThrownBy(() -> Argon2EncodingUtils.decode(
+					"$argon2x$v=19$m=1024,t=3,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs"))
 			.withMessageContaining("argon2x");
 	}