]> git.ipfire.org Git - thirdparty/shadow.git/commitdiff
tests/unit/test_chkhash.c: add bcrypt hash validation tests
authorIker Pedrosa <ipedrosa@redhat.com>
Sun, 1 Feb 2026 09:46:18 +0000 (10:46 +0100)
committerAlejandro Colomar <foss+github@alejandro-colomar.es>
Tue, 17 Feb 2026 23:30:57 +0000 (00:30 +0100)
Add comprehensive bcrypt algorithm validation tests covering all
variants ($2a$, $2b$, $2x$, $2y$) with different cost factors.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
tests/unit/test_chkhash.c

index 753083794e4a63df46538a861dda3c35706dc857..34820eabd7d48377b9acfa6c3284e4d489a53df0 100644 (file)
@@ -44,11 +44,32 @@ test_is_valid_hash_ok_yescrypt(void **)
 }
 
 
+static void
+test_is_valid_hash_ok_bcrypt(void **)
+{
+       // Basic bcrypt hash: $2a$ + cost + $ + 53 character hash
+       assert_true(is_valid_hash("$2a$12$abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ."));
+
+       // Bcrypt $2b$ variant with different cost
+       assert_true(is_valid_hash("$2b$10$abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ."));
+
+       // Bcrypt $2x$ variant with minimum cost
+       assert_true(is_valid_hash("$2x$04$abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ."));
+
+       // Bcrypt $2y$ variant with high cost
+       assert_true(is_valid_hash("$2y$15$abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ."));
+
+       // Bcrypt with numeric characters in hash portion
+       assert_true(is_valid_hash("$2a$08$abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ."));
+}
+
+
 int
 main(void)
 {
     const struct CMUnitTest tests[] = {
         cmocka_unit_test(test_is_valid_hash_ok_yescrypt),
+        cmocka_unit_test(test_is_valid_hash_ok_bcrypt),
     };
 
     return cmocka_run_group_tests(tests, NULL, NULL);