feat(bcrypt): add cost implementation for bcrypt

Author: Meecr0b

crypto.go

@@ -57,8 +57,15 @@ func adler32sum(input string) string {
 	return fmt.Sprintf("%d", hash)
 }
 
-func bcrypt(input string) string {
-	hash, err := bcrypt_lib.GenerateFromPassword([]byte(input), bcrypt_lib.DefaultCost)
+func bcrypt(input string, cost ...int) string {
+	c := bcrypt_lib.DefaultCost
+	if len(cost) > 0 {
+		c = cost[0]
+	}
+	if len(cost) > 1 {
+		return fmt.Sprintf("multiple cost parameter set: %v", cost)
+	}
+	hash, err := bcrypt_lib.GenerateFromPassword([]byte(input), c)
 	if err != nil {
 		return fmt.Sprintf("failed to encrypt string with bcrypt: %s", err)
 	}

crypto_test.go

@@ -5,6 +5,7 @@ import (
 	"encoding/base64"
 	"encoding/pem"
 	"fmt"
+	"strconv"
 	"strings"
 	"testing"
 
@@ -54,16 +55,80 @@ func TestAdler32Sum(t *testing.T) {
 	}
 }
 
-func TestBcrypt(t *testing.T) {
+func TestBcryptDefaultCost(t *testing.T) {
 	out, err := runRaw(`{{"abc" | bcrypt}}`, nil)
 	if err != nil {
 		t.Error(err)
 	}
+	result := strings.Split(out, "$")
+	passwordCost, err := strconv.Atoi(result[2])
+	if err != nil {
+		t.Error(err)
+	}
+	if passwordCost != bcrypt_lib.DefaultCost {
+		t.Error("Generated hash has not the expected cost. Got:", passwordCost, " Expected:", bcrypt_lib.DefaultCost)
+	}
+	if bcrypt_lib.CompareHashAndPassword([]byte(out), []byte("abc")) != nil {
+		t.Error("Generated hash is not the equivalent for password:", "abc")
+	}
+}
+
+func TestBcryptCustomCost(t *testing.T) { // 4 >= validCost <= 31
+	out, err := runRaw(`{{bcrypt "abc" 12 }}`, nil)
+	if err != nil {
+		t.Error(err)
+	}
+	result := strings.Split(out, "$")
+	passwordCost, err := strconv.Atoi(result[2])
+	if err != nil {
+		t.Error(err)
+	}
+	if passwordCost != 12 {
+		t.Error("Generated hash has not the expected cost. got:", passwordCost, "expected:", 12)
+	}
+	if bcrypt_lib.CompareHashAndPassword([]byte(out), []byte("abc")) != nil {
+		t.Error("Generated hash is not the equivalent for password:", "abc")
+	}
+}
+
+func TestBcryptMinCost(t *testing.T) {
+	out, err := runRaw(`{{bcrypt "abc" 3 }}`, nil)
+	if err != nil {
+		t.Error(err)
+	}
+	result := strings.Split(out, "$")
+	passwordCost, err := strconv.Atoi(result[2])
+	if err != nil {
+		t.Error(err)
+	}
+	if passwordCost != bcrypt_lib.DefaultCost {
+		t.Error("Generated hash has not the expected cost. got:", passwordCost, "expected:", bcrypt_lib.DefaultCost)
+	}
 	if bcrypt_lib.CompareHashAndPassword([]byte(out), []byte("abc")) != nil {
 		t.Error("Generated hash is not the equivalent for password:", "abc")
 	}
 }
 
+func TestBcryptMaxCost(t *testing.T) {
+	out, err := runRaw(`{{bcrypt "abc" 32 }}`, nil)
+	if err != nil {
+		t.Error(err)
+	}
+	if !strings.HasPrefix(out, "failed to encrypt string with bcrypt") {
+		t.Error("Generated string should be a failure message, got:", out, "expected: failed to encrypt string with bcrypt")
+	}
+}
+
+func TestBcryptMultipleCostParameter(t *testing.T) {
+	out, err := runRaw(`{{bcrypt "abc" 10 10 }}`, nil)
+	if err != nil {
+		t.Error(err)
+	}
+	if !strings.HasPrefix(out, "multiple cost parameter set") {
+		t.Error("Generated string should be a failure message, got:", out, "expected: multiple cost parameter set")
+	}
+}
+
 type HtpasswdCred struct {
 	Username      string
 	Password      string

docs/crypto.md

@@ -41,7 +41,7 @@ adler32sum "Hello world!"
 ```
 ## bcrypt
 
-The `bcrypt` function receives a string, and generates its `bcrypt` hash.
+The `bcrypt` function takes a `input`, and a `cost` and generates a `bcrypt` hash. `cost` is optional and defaults to `bcrypt_lib.DefaultCost` (10).
 
 ```
 bcrypt "myPassword"