Support django pbkdf2

[schettn]

Currently passwap does not support Django pbkdf2 hashes.

Example: pbkdf2_sha256$100000$eWZncb8EO0lM$HddIrL/Yuvg91JrroQWqLk4kIJRzD25olN2+0UM8MoQ=

1. Issue: zitadel/passwap does not support the Django format. Ref:

   passwap/pbkdf2/pbkdf2.go

   Lines 27 to 35 in f5db279

   	const (
   	IdentifierSHA1 = "pbkdf2"
   	IdentifierSHA224 = IdentifierSHA1 + "-sha224"
   	IdentifierSHA256 = IdentifierSHA1 + "-sha256"
   	IdentifierSHA384 = IdentifierSHA1 + "-sha384"
   	IdentifierSHA512 = IdentifierSHA1 + "-sha512"
   	Prefix = "$" + IdentifierSHA1
   	)

   . This leads to a "internal server error" when logging in.
2. Issue: Just updating the format from pbkdf2_sha256$100000$eWZncb8EO0lM$HddIrL/Yuvg91JrroQWqLk4kIJRzD25olN2+0UM8MoQ= to pbkdf2-sha256$100000$eWZncb8EO0lM$HddIrL/Yuvg91JrroQWqLk4kIJRzD25olN2+0UM8MoQ= results in a password incorrect when logging in.

Originally posted by @schettn in zitadel/zitadel#8491 (comment)

[muhlemmer]

Acceptance criteria

• Create a python script that outputs Django hashes in the testvalues package.
• Add the format to the pbkdf2 parser

We are open for PRs.

[MatejMijoskiAirteam]

@schettn In the documentation, it says that the password needs to be in MCF and also the hash should have an alternate base64 encoding by replacing all + with . so the password would be: $pbkdf2-sha256$100000$eWZncb8EO0lM$HddIrL/Yuvg91JrroQWqLk4kIJRzD25olN2.0UM8MoQ= (the padding is optional).

However I'm not sure why it won't work even if everything's changed correctly, or at least that's my case when migrating users from Django to Zitadel.

[muhlemmer]

@MatejMijoskiAirteam the problem is not the encoding.

We support all variants of encoding. Using standard (+) or alternative (.), with and without padding (=).

These are the values used in our unit tests:

passwap/internal/testvalues/pbkdf2.go

Line 14 in 19778a2

Pbkdf2Sha256Encoded = `$pbkdf2-sha256$12$cmFuZG9tc2FsdGlzaGFyZA$OFvEcLOIPFd/oq8egf10i.qJLI7A8nDjPLnolCWarQY`

passwap/internal/testvalues/pbkdf2.go

Lines 20 to 21 in 19778a2

	Pbkdf2Sha256StdEncoded = `$pbkdf2-sha256$12$cmFuZG9tc2FsdGlzaGFyZA$OFvEcLOIPFd/oq8egf10i+qJLI7A8nDjPLnolCWarQY`
	Pbkdf2Sha256StdEncodedPadding = `$pbkdf2-sha256$12$cmFuZG9tc2FsdGlzaGFyZA==$OFvEcLOIPFd/oq8egf10i+qJLI7A8nDjPLnolCWarQY=`

There outputs are created with the same password, salt and cost and len parameter:

passwap/internal/testvalues/values.go

Lines 11 to 12 in 19778a2

	Password = "password"
	Salt = "randomsaltishard"

passwap/internal/testvalues/pbkdf2.go

Lines 9 to 11 in 19778a2

	Pbkdf2Rounds = 12
	Pbkdf2Sha1KeyLen = 20
	Pbkdf2Sha256KeyLen = 32

Django may be doing something different. Whomever will implement this feature request will need to pinpoint where the difference occurs and implement it in Go. I would recommend by starting to input the same password, salt and parameters into Django and compare the output to the above testvalues. And read whatever Django has published as developer docs on the subject.

[max619]

I've tracked down the difference in formats to the way salt is encoded, django just uses plain ascii salt, but zitadel stores it in base64

Equivalent django hash to

`$pbkdf2-sha256$12$cmFuZG9tc2FsdGlzaGFyZA$OFvEcLOIPFd/oq8egf10i+qJLI7A8nDjPLnolCWarQY`

Will be

`pbkdf2_sha256$12$randomsaltishard$OFvEcLOIPFd/oq8egf10i.qJLI7A8nDjPLnolCWarQY`

https://passlib.readthedocs.io/en/stable/lib/passlib.hash.django_std.html#format