I'm writing a unit test that says that user passwords should be hashed using bcrypt. To assert this I need to be able to check if a string looks like a bcrypt hash.
I can't find a function that tells me what hashing algorithm was used on a string, is there another way to do it other than something like regular expressions?
@JimL soultion is a bit limiting, there is a question breaking down the structure of a bcrypt hash.
$2a$[Cost]$[Base64Salt][Base64Hash]
So depending on your application you can assert the bcrypt identifier $2a
and the require costs of the generated hash.
See: https://stackoverflow.com/a/10933491/1722719 for full breakdown.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With