RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
authelia/cmd
History
James Elliott 73bd2e4479
[FIX] Hash Password Cmd Not Encoding Provided Salt (#999) 
* using authelia hash-password if you provide a salt it doesn't encode it as a base64 string
* this causes invalid salts to be stored if a user manually provided one instead of reliance on the automatic generation
* additionally bumped the minimum required salt length to 8 as per reference spec
* additionally removed the maximum salt length as per reference spec (actually 2^32-1 per int32)
* see docs:
  * https://tools.ietf.org/html/draft-irtf-cfrg-argon2-10
  * https://github.com/P-H-C/phc-winner-argon2
  * https://github.com/P-H-C/phc-string-format
* encode all salts
* fix edge case of false positive in CheckPassword
* bump crypt version and fix tests
 		2020-05-14 15:55:03 +10:00
..
authelia [FIX] Hash Password Cmd Not Encoding Provided Salt (#999) 2020-05-14 15:55:03 +10:00
authelia-scripts [CI] Add gocritic linter (#977) 2020-05-06 10:52:06 +10:00
authelia-suites [CI] Add wsl linter (#980) 2020-05-05 21:35:32 +02:00