mirror of
https://github.com/zitadel/zitadel.git
synced 2025-12-07 07:16:54 +00:00
feat(crypto): support for SHA2 and PHPass password hashes (#9809)
# Which Problems Are Solved
- Allow users to use SHA-256 and SHA-512 hashing algorithms. These
algorithms are used by Linux's crypt(3) function.
- Allow users to import passwords using the PHPass algorithm. This
algorithm is used by older PHP systems, WordPress in particular.
# How the Problems Are Solved
- Upgrade passwap to
[v0.9.0](https://github.com/zitadel/passwap/releases/tag/v0.9.0)
- Add sha2 and phpass as a new verifier option in defaults.yaml
# Additional Changes
- Updated docs to explain the two algorithms
# Additional Context
Implements the changes in the passwap library from
https://github.com/zitadel/passwap/pull/59 and
https://github.com/zitadel/passwap/pull/60
(cherry picked from commit 38013d0e84)
This commit is contained in:
Juriaan Kennedy
committed by
Livio Spring
Livio Spring
parent
b19fd84760
commit
603799f409
@@ -71,6 +71,8 @@ The following hash algorithms are supported:
|
||||
- md5: implementation of md5Crypt with salt and password shuffling [^2]
|
||||
- md5plain: md5 digest of a password without salt [^2]
|
||||
- md5salted: md5 digest of a salted password [^2]
|
||||
- phpass: md5 digest with PHPass algorithm (used in WordPress) [^2]
|
||||
- sha2: implementation of crypt(3) SHA-256 & SHA-512
|
||||
- scrypt
|
||||
- pbkdf2
|
||||
|
||||
|
||||
Reference in New Issue
Block a user