Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: add more password hashing tests #1900

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

chore: add more password hashing tests #1900

Changes from 1 commit
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
4fa540e
chore: add more password hashing tests
staaldraad Dec 31, 2024
89d2958
feat: check bcrypt format
staaldraad Jan 2, 2025
69fc370
feat: check for password truncation bug
staaldraad Jan 2, 2025
2782e12
feat: add more tests for argon2 and scrypt
staaldraad Jan 2, 2025
41a6db5
add some missed error check tests
staaldraad Jan 2, 2025
0981f9c
add some more crypto tests
staaldraad Jan 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
feat: check bcrypt format
  • Loading branch information
@staaldraad
staaldraad committed Jan 2, 2025
commit 89d2958ec51f72b49f388af15e863d6c94ecbe58
7 changes: 7 additions & 0 deletions internal/crypto/password_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package crypto

import (
"context"
"regexp"
"strings"
"testing"

Expand Down Expand Up @@ -185,6 +186,12 @@ func TestBcryptHashGeneration(t *testing.T) {
assert.NoError(t, e, "No error was expected")
assert.NotNil(t, hashedPassword)

// validate bcrypt format -- https://passlib.readthedocs.io/en/stable/lib/passlib.hash.bcrypt.html#format-algorithm
bcryptRegex, _ := regexp.Compile(`^\$(?P<alg>2[abxy])\$(?P<rounds>[0-9]{1,})\$(?P<salt>[./A-Za-z0-9]{21}[.Oeu]{1})(?P<checksum>[./A-Za-z0-9]{31})$`)
match := bcryptRegex.MatchString(hashedPassword)
assert.Equal(t, match, true, "Produced hash not valid bcrypt format")

// validate hash resolves to plainText
err := CompareHashAndPassword(context.Background(), hashedPassword, plainText)
assert.NoError(t, err, "Expected hashedPassword to be valid")

Expand Down