From fd2797ebcc4704e6a0d1d535ae37ecc7a80cdaeb Mon Sep 17 00:00:00 2001
From: Romain Lanz <romain.lanz@pm.me>
Date: Sun, 22 Oct 2023 20:56:15 +0200
Subject: [PATCH] refactor(hash): needsRehash should return true when invalid
 identifier

---
 src/drivers/argon.ts         | 3 ++-
 src/drivers/bcrypt.ts        | 3 ++-
 src/drivers/scrypt.ts        | 3 ++-
 tests/drivers/argon2.spec.ts | 4 ++--
 tests/drivers/bcrypt.spec.ts | 4 ++--
 tests/drivers/scrypt.spec.ts | 8 +++-----
 6 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/src/drivers/argon.ts b/src/drivers/argon.ts
index 4f68774..4c40d58 100644
--- a/src/drivers/argon.ts
+++ b/src/drivers/argon.ts
@@ -281,6 +281,7 @@ export class Argon implements HashDriverContract {
    * 3. The memory value is changed
    * 4. The parellelism value is changed
    * 5. The argon variant is changed
+   * 6. The provided hash has not been hashed with argon
    *
    * ```ts
    * const isValid = await argon.verify(hash, plainText)
@@ -294,7 +295,7 @@ export class Argon implements HashDriverContract {
   needsReHash(value: string): boolean {
     const phcNode = this.#phcFormatter.deserialize(value)
     if (!this.#ids.includes(phcNode.id)) {
-      throw new TypeError('Value is not a valid argon hash')
+      return true
     }
 
     /**
diff --git a/src/drivers/bcrypt.ts b/src/drivers/bcrypt.ts
index 92ed9c1..6f15711 100644
--- a/src/drivers/bcrypt.ts
+++ b/src/drivers/bcrypt.ts
@@ -227,6 +227,7 @@ export class Bcrypt implements HashDriverContract {
    * 1. The bcrypt version is changed
    * 2. Number of rounds are changed
    * 3. Bcrypt hash is not using MCF hash format
+   * 4. The provided hash has not been hashed with bcrypt
    *
    * ```ts
    * const isValid = await bcrypt.verify(hash, plainText)
@@ -244,7 +245,7 @@ export class Bcrypt implements HashDriverContract {
 
     const phcNode = this.#phcFormatter.deserialize(value)
     if (phcNode.id !== 'bcrypt') {
-      throw new TypeError('Value is not a valid bcrypt hash')
+      return true
     }
 
     /**
diff --git a/src/drivers/scrypt.ts b/src/drivers/scrypt.ts
index 097755a..3a556dc 100644
--- a/src/drivers/scrypt.ts
+++ b/src/drivers/scrypt.ts
@@ -226,6 +226,7 @@ export class Scrypt implements HashDriverContract {
    * 1. The cost value is changed
    * 2. The blockSize value is changed
    * 3. The parallelization value is changed
+   * 4. The provided hash has not been hashed with scrypt
    *
    * ```ts
    * const isValid = await scrypt.verify(hash, plainText)
@@ -239,7 +240,7 @@ export class Scrypt implements HashDriverContract {
   needsReHash(value: string): boolean {
     const phcNode = this.#phcFormatter.deserialize(value)
     if (phcNode.id !== 'scrypt') {
-      throw new TypeError('Value is not a valid scrypt hash')
+      return true
     }
 
     /**
diff --git a/tests/drivers/argon2.spec.ts b/tests/drivers/argon2.spec.ts
index a791a47..056937b 100644
--- a/tests/drivers/argon2.spec.ts
+++ b/tests/drivers/argon2.spec.ts
@@ -414,7 +414,7 @@ test.group('argon | needsRehash', () => {
     )
   })
 
-  test('throw error when not a valid argon identifier', async ({ assert }) => {
+  test('return true when not a valid argon identifier', async ({ assert }) => {
     const hash =
       '$bcrypt$v=19$m=4096,t=3,p=1$PcEZHj1maR/+ZQynyJHWZg$2jEN4xcww7CYp1jakZB1rxbYsZ55XH2HgjYRtdZtubI'
 
@@ -426,7 +426,7 @@ test.group('argon | needsRehash', () => {
       saltSize: 16,
     })
 
-    await assert.rejects(() => argon.needsReHash(hash), 'Value is not a valid argon hash')
+    assert.isTrue(argon.needsReHash(hash))
   })
 
   test('return true when using argon2 directly', async ({ assert }) => {
diff --git a/tests/drivers/bcrypt.spec.ts b/tests/drivers/bcrypt.spec.ts
index 6e5dca8..5f1f2b1 100644
--- a/tests/drivers/bcrypt.spec.ts
+++ b/tests/drivers/bcrypt.spec.ts
@@ -236,13 +236,13 @@ test.group('bcrypt | needsRehash', () => {
     )
   })
 
-  test('throw error when identifier is invalid', async ({ assert }) => {
+  test('return true when not a valid bcrypt identifier', async ({ assert }) => {
     const bcrypt = new Bcrypt({
       rounds: 10,
     })
 
     const hash = '$argon2id$v=98$r=10$Jtxi46WJ26OQ0khsYLLlnw$knXGfuRFsSjXdj88JydPOnUIglvm1S8'
-    await assert.rejects(() => bcrypt.needsReHash(hash), 'Value is not a valid bcrypt hash')
+    assert.isTrue(bcrypt.needsReHash(hash))
   })
 })
 
diff --git a/tests/drivers/scrypt.spec.ts b/tests/drivers/scrypt.spec.ts
index 1b66eaf..22d5ef5 100644
--- a/tests/drivers/scrypt.spec.ts
+++ b/tests/drivers/scrypt.spec.ts
@@ -306,15 +306,13 @@ test.group('scrypt | needsRehash', () => {
     await assert.rejects(() => scrypt.needsReHash('foo'), 'pchstr must contain a $ as first char')
   })
 
-  test('throw error when identifier is invalid', async ({ assert }) => {
+  test('return true when not a valid scrypt identifier', async ({ assert }) => {
     const scrypt = new Scrypt({
       cost: 16384,
     })
 
-    const hash =
-      '$script$n=16384,r=8,p=1$YhdCGu1G+vTC6F9oJZ16lg$IDWTbizFCq5n9YvPiy3YTPdUD12Nf1Iit8aQeGyWZdA9k9L8rKk9Ii5jQxSkV0MJyxr3/nzOHh+VTht0KFxiBA'
-
-    await assert.rejects(() => scrypt.needsReHash(hash), 'Value is not a valid scrypt hash')
+    const hash = '$argon2id$v=98$r=10$Jtxi46WJ26OQ0khsYLLlnw$knXGfuRFsSjXdj88JydPOnUIglvm1S8'
+    assert.isTrue(scrypt.needsReHash(hash))
   })
 })