What's the easiest and fastest way to check if a string is a bcrypt hash?

Question

What's the easiest and fastest way to check if a string is a bcrypt hash?

I am writing a unit test which says that user passwords should be hashed using bcrypt. In order to assert this, I need to be able to check if a string looks like a bcrypt hash.

I can't find a function that tells me which hashing algorithm was used on the string, is there any other way to do this differently than with something like regex?

+3

php bcrypt hash phpunit

John Dorean 19 oct. '14 at 1:17

source to share

1 answer

input · Accepted Answer · 2014-10-20T08:26:47+0000

@JimL soultion is a bit limiting, there is a question about breaking the bcrypt hash structure.

$2a$[Cost]$[Base64Salt][Base64Hash]

So depending on your application, you might assert the bcrypt id $2a

and incur the cost of the generated hash.

See: fooobar.com/questions/169644 / ... for a complete crash.

What's the easiest and fastest way to check if a string is a bcrypt hash?

More articles: