$ docker run --rm --name validator-libsodium-usage-php83-r14-pwhash-str-verify-rejects-wrong-2732 -t --mount type=bind,src=/tmp/validator-status-libsodium-usage-php83-r14-pwhash-str-verify-rejects-wrong,dst=/validator/status validator-libsodium-shared bash -lc 'set -euo pipefail
/validator/tests/_shared/install_override_debs.sh
exec /validator/tests/_shared/run_library_tests.sh "$@"' validator-testcase libsodium usage-php83-r14-pwhash-str-verify-rejects-wrong -- bash -c 'PS4=$1; shift; set -x; source "$@"' validator-xtrace '__VALIDATOR_XTRACE__ ' /validator/tests/libsodium/tests/cases/usage/usage-php83-r14-pwhash-str-verify-rejects-wrong.sh
no override packages found; continuing with apt originals
$pw = "r14 php pwhash payload";
$hash = sodium_crypto_pwhash_str(
    $pw,
    SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE,
    SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE
);
if (!is_string($hash) || $hash === "") { fwrite(STDERR, "empty hash\n"); exit(1); }
if (strpos($hash, "\$argon2id\$") !== 0) {
    fwrite(STDERR, "unexpected hash prefix: " . substr($hash, 0, 16) . "\n");
    exit(1);
}

if (sodium_crypto_pwhash_str_verify($hash, $pw) !== true) {
    fwrite(STDERR, "matching password rejected\n"); exit(1);
}
if (sodium_crypto_pwhash_str_verify($hash, "r14 different password") !== false) {
    fwrite(STDERR, "wrong password accepted\n"); exit(1);
}
echo "ok\n";
'
ok