@@ -31,4 +31,64 @@ struct BcryptTests {
3131
3232 #expect( hash. hasPrefix ( " $2b$06$ " ) )
3333 }
34+
35+ @Test ( " Empty password " )
36+ func emptyPassword( ) throws {
37+ #expect( throws: Error . self) {
38+ try Bcrypt . hash ( password: " " , cost: 6 )
39+ }
40+ }
41+
42+ @Test ( " Maximum length password (72 bytes) " )
43+ func maximumLengthPassword( ) throws {
44+ let password = String ( repeating: " a " , count: 72 )
45+ let hash = try Bcrypt . hash ( password: password, cost: 6 )
46+ #expect( try Bcrypt . verify ( password: password, hash: hash) )
47+ }
48+
49+ @Test ( " Password too long " )
50+ func passwordTooLong( ) throws {
51+ let password = String ( repeating: " a " , count: 73 )
52+ #expect( throws: BcryptError . passwordTooLong) {
53+ try Bcrypt . hash ( password: password, cost: 6 )
54+ }
55+ }
56+
57+ @Test ( " Different passwords produce different hashes " )
58+ func differentPasswordsDifferentHashes( ) throws {
59+ let hash1 = try Bcrypt . hash ( password: " password1 " , cost: 6 )
60+ let hash2 = try Bcrypt . hash ( password: " password2 " , cost: 6 )
61+
62+ #expect( hash1 != hash2)
63+ }
64+
65+ @Test ( " Same password with different salts produces different hashes " )
66+ func samePwDifferentSalts( ) throws {
67+ let password = " test "
68+ let hash1 = try Bcrypt . hash ( password: password, cost: 6 )
69+ let hash2 = try Bcrypt . hash ( password: password, cost: 6 )
70+
71+ // Different salts should produce different hashes
72+ #expect( hash1 != hash2)
73+
74+ // But both should verify
75+ #expect( try Bcrypt . verify ( password: password, hash: hash1) )
76+ #expect( try Bcrypt . verify ( password: password, hash: hash2) )
77+ }
78+
79+ @Test ( " Unicode password handling " )
80+ func unicodePassword( ) throws {
81+ let passwords = [ " πάσσω " , " 密码 " , " 🔐🔑 " , " Ñoño " ]
82+
83+ for password in passwords {
84+ let hash = try Bcrypt . hash ( password: password, cost: 4 )
85+ #expect( try Bcrypt . verify ( password: password, hash: hash) )
86+ }
87+ }
88+
89+ @Test ( " Wrong password fails verification " )
90+ func wrongPasswordFails( ) throws {
91+ let hash = try Bcrypt . hash ( password: " correct " , cost: 6 )
92+ #expect( try ! Bcrypt. verify ( password: " wrong " , hash: hash) )
93+ }
3494}
0 commit comments