github/zot

Fork 0

mirror of https://github.com/project-zot/zot.git synced 2026-06-18 05:28:07 +08:00

Commit Graph

Author	SHA1	Message	Date
Andrei Aaron	e82aac8409	fix(fips): flaky fips blackbox test and add missing curves (#3732 ) 2 unrelated issues: See https://github.com/project-zot/zot/actions/runs/21336958408/job/61410298444?pr=3731 for details. Also add missing fips curves https://cs.opensource.google/go/go/+/refs/tags/go1.25.6:src/crypto/tls/defaults_fips140.go;l=33 Signed-off-by: Andrei Aaron <andreifdaaron@gmail.com>	2026-01-26 13:45:03 +02:00
Ramkumar Chinchani	04ae0a9409	fix: add support for sha256 and sha512 in htpasswd (#3497 ) feat: add support for sha256 and sha512 htpasswd formats Fixes issue #3495 We currently support only bcrypt htpasswd hashes, however bcrypt is not FIPS-140 approved since it uses Blowfish. This PR adds support for sha256 and sha512 formats and enforces that bcrypt be disabled when fips140 mode is enabled. Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com>	2025-11-09 15:28:29 +02:00

Author

SHA1

Message

Date

Andrei Aaron

e82aac8409

fix(fips): flaky fips blackbox test and add missing curves (#3732 )

2 unrelated issues:
See https://github.com/project-zot/zot/actions/runs/21336958408/job/61410298444?pr=3731 for details.
Also add missing fips curves https://cs.opensource.google/go/go/+/refs/tags/go1.25.6:src/crypto/tls/defaults_fips140.go;l=33

Signed-off-by: Andrei Aaron <andreifdaaron@gmail.com>

2026-01-26 13:45:03 +02:00

Ramkumar Chinchani

04ae0a9409

fix: add support for sha256 and sha512 in htpasswd (#3497 )

feat: add support for sha256 and sha512 htpasswd formats

Fixes issue #3495

We currently support only bcrypt htpasswd hashes, however bcrypt is not
FIPS-140 approved since it uses Blowfish.

This PR adds support for sha256 and sha512 formats and enforces that
bcrypt be disabled when fips140 mode is enabled.

Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com>

2025-11-09 15:28:29 +02:00

2 Commits