phphashphpunitbcrypt

What's the easiest and quickest way to check if a string is a bcrypt hash?


I'm writing a unit test that says that user passwords should be hashed using bcrypt. To assert this I need to be able to check if a string looks like a bcrypt hash.

I can't find a function that tells me what hashing algorithm was used on a string, is there another way to do it other than something like regular expressions?


Solution

  • @JimL soultion is a bit limiting, there is a question breaking down the structure of a bcrypt hash.

    $2a$[Cost]$[Base64Salt][Base64Hash]

    So depending on your application you can assert the bcrypt identifier $2a and the require costs of the generated hash.

    See: https://stackoverflow.com/a/10933491/1722719 for full breakdown.