API character limit preventing use of Argon2 passphrases

[alexmoras]

Which version are you using?

v1.9.0

Which operating system are you using?

• Linux amd64 standard
• Linux amd64 Docker
• Linux arm64 standard
• Linux arm64 Docker
• Linux arm7 standard
• Linux arm7 Docker
• Linux arm6 standard
• Linux arm6 Docker
• Windows amd64 standard
• Windows amd64 Docker (WSL backend)
• macOS amd64 standard
• macOS amd64 Docker
• Other (please describe)

Describe the issue

I am using the API to configure specific stream paths. For security, I intend on using Argon2 to store all passwords within the config. When setting the srtPublishPassphrase to the relevant Argon2 hash, I see the following error returned from the API:

{
    "error": "invalid 'srtPublishPassphrase': must be between 10 and 79 characters"
}

The issue seems to relate to how the API in particular handles the expected string. In plain-text cases, the character limit would be fine. But in cases where Argon2 or SHA256 are used to create a hash, these can easily be longer than 79 characters.

Describe how to replicate the issue

1. Start server running v1.9.0 in docker.
2. Generate an Argon2 passphrase with echo -n "testpass123" | argon2 "$(openssl rand --hex 8)" -id -l 32 -e.
3. Send the API request to the server with the resulting Argon2 hash included in the payload:

curl --location 'http://localhost:9997/v3/config/paths/add/swp-test-cam' \
--header 'Content-Type: application/json' \
--data '{
    "srtPublishPassphrase": "argon2:$argon2id$v=19$m=4096,t=3,p=1$YTgwMjdmYjU5ODQ3YzJlYQ$3fQ51JBj1nsXEoodiaph3g"
}'

Did you attach the server logs?

No - reviewed debug log which only returns the same error as is returned by cURL request.

Did you attach a network dump?

No - error relates to how the API handles long strings.

[alexmoras]

Disregard - Argon2 is not used for SRT passphrase and only used for user auth.