TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 14:37:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(crypto): support for SHA2 and PHPass password hashes (#9809)

Browse Source 
# Which Problems Are Solved

- Allow users to use SHA-256 and SHA-512 hashing algorithms. These
algorithms are used by Linux's crypt(3) function.
- Allow users to import passwords using the PHPass algorithm. This
algorithm is used by older PHP systems, WordPress in particular.

# How the Problems Are Solved

- Upgrade passwap to
[v0.9.0](https://github.com/zitadel/passwap/releases/tag/v0.9.0)
- Add sha2 and phpass as a new verifier option in defaults.yaml

# Additional Changes

- Updated docs to explain the two algorithms

# Additional Context
Implements the changes in the passwap library from
https://github.com/zitadel/passwap/pull/59 and
https://github.com/zitadel/passwap/pull/60
This commit is contained in:
Juriaan Kennedy
2025-05-16 17:53:45 +02:00
committed by GitHub
parent fefe9d27a0
commit 38013d0e84
6 changed files with 233 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
go.mod
View File

@@ -73,7 +73,7 @@ require (
github.com/zitadel/exifremove v0.1.0
github.com/zitadel/logging v0.6.2
github.com/zitadel/oidc/v3 v3.36.1
github.com/zitadel/passwap v0.7.0
github.com/zitadel/passwap v0.9.0
github.com/zitadel/saml v0.3.5
github.com/zitadel/schema v1.3.1
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0
@@ -87,12 +87,12 @@ require (
go.opentelemetry.io/otel/sdk/metric v1.35.0
go.opentelemetry.io/otel/trace v1.35.0
go.uber.org/mock v0.5.0
golang.org/x/crypto v0.36.0
golang.org/x/crypto v0.37.0
golang.org/x/exp v0.0.0-20250305212735-054e65f0b394
golang.org/x/net v0.37.0
golang.org/x/oauth2 v0.28.0
golang.org/x/sync v0.12.0
golang.org/x/text v0.23.0
golang.org/x/sync v0.13.0
golang.org/x/text v0.24.0
google.golang.org/api v0.227.0
google.golang.org/genproto/googleapis/api v0.0.0-20250313205543-e70fdf4c4cb4
google.golang.org/grpc v1.71.0
@@ -226,7 +226,7 @@ require (
github.com/xrash/smetrics v0.0.0-20240312152122-5f08fbb34913 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.35.0 // indirect
go.opentelemetry.io/proto/otlp v1.5.0 // indirect
golang.org/x/sys v0.31.0
golang.org/x/sys v0.32.0
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
nhooyr.io/websocket v1.8.11 // indirect