检查字符串是否为bcrypt哈希的最简单,最快捷的方法是什么?
[英]What's the easiest and quickest way to check if a string is a bcrypt hash?
问题描述
I'm writing a unit test that says that user passwords should be hashed using bcrypt. 
我正在编写一个单元测试,说明应该使用bcrypt对用户密码进行哈希处理。 To assert this I need to be able to check if a string looks like a bcrypt hash. 为了断言这一点,我需要能够检查一个字符串是否看起来像一个bcrypt哈希。
I can't find a function that tells me what hashing algorithm was used on a string, is there another way to do it other than something like regular expressions? 我找不到一个函数来告诉我在字符串上使用了什么哈希算法,除了正则表达式之外还有另外一种方法吗?
1 个解决方案
解决方案1
3 已采纳 2014-10-20 08:26:47
@JimL soultion is a bit limiting, there is a question breaking down the structure of a bcrypt hash. @JimL的灵魂有点限制,有一个问题打破了bcrypt哈希的结构。
$2a$[Cost]$[Base64Salt][Base64Hash]
So depending on your application you can assert the bcrypt identifier $2a and the require costs of the generated hash. 因此,根据您的应用程序,您可以断言bcrypt标识符$2a以及生成的哈希值的需求成本。
See: https://stackoverflow.com/a/10933491/1722719 for full breakdown. 请参阅: https : //stackoverflow.com/a/10933491/1722719以获取完整细分。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.