Git-Mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2024-10-01 01:26:01 -04:00
Code Issues Packages Projects Releases Wiki Activity

Update zxcvbn library

Browse Source
This commit is contained in:
Janek Bevendorff 2018-02-19 19:10:30 +01:00 committed by Jonathan White
parent cd3e1fc27e
commit 698b44f71c
6 changed files with 13153 additions and 13172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
COPYING
View File

@ -223,8 +223,8 @@ Copyright: 2009-2010, Iowa State University
License: Boost-1.0
Files: src/zxcvbn/zxcvbn.*
Copyright: 2015, Tony Evans
License: BSD 3-clause
Copyright: 2015-2017, Tony Evans
License: MIT
Files: src/http/qhttp/*
Copyright: 2014, Amir Zamani

2
src/CMakeLists.txt
View File

@ -29,7 +29,7 @@ endif()
find_library(ZXCVBN_LIBRARIES zxcvbn)
if(NOT ZXCVBN_LIBRARIES)
add_library(zxcvbn STATIC zxcvbn/zxcvbn.cpp)
add_library(zxcvbn STATIC zxcvbn/zxcvbn.c)
include_directories(${CMAKE_CURRENT_SOURCE_DIR}/zxcvbn)
set(ZXCVBN_LIBRARIES zxcvbn)
endif(NOT ZXCVBN_LIBRARIES)

26174
src/zxcvbn/dict-src.h
View File

File diff suppressed because it is too large Load Diff

101
src/zxcvbn/zxcvbn.cpp → src/zxcvbn/zxcvbn.c
View File

@ -1,42 +1,41 @@
/**********************************************************************************
* C implementation of the zxcvbn password strength estimation method.
* Copyright (c) 2015, Tony Evans
* All rights reserved.
* Copyright (c) 2015-2017 Tony Evans
*
* Redistribution and use in source and binary forms, with or without modification, are
* permitted provided that the following conditions are met:
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* 1. Redistributions of source code must retain the above copyright notice, this list
* of conditions and the following disclaimer.
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* 2. Redistributions in binary form must reproduce the above copyright notice, this
* list of conditions and the following disclaimer in the documentation and/or other
* materials provided with the distribution.
*
* 3. Neither the name of the copyright holder nor the names of its contributors may be
* used to endorse or promote products derived from this software without specific
* prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
* SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
* ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
* DAMAGE.
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*
**********************************************************************************/
#include "zxcvbn.h"
#include <zxcvbn.h>
#include <ctype.h>
#include <string.h>
#include <stdint.h>
#include <math.h>
#include <float.h>
/* printf */
#ifdef __cplusplus
#include <cstdio>
#else
#include <stdio.h>
#endif
#ifdef USE_DICT_FILE
#if defined(USE_FILE_IO) || !defined(__cplusplus)
#include <stdio.h>
@ -46,11 +45,9 @@
#endif
/* For pre-compiled headers under windows */
#ifdef _WIN32
#ifndef __MINGW32__
#ifdef _WIN32
#include "stdafx.h"
#endif
#endif
/* Minimum number of characters in a incrementing/decrementing sequence match */
#define MIN_SEQUENCE_LEN 3
@ -228,13 +225,12 @@ static void AddMatchRepeats(ZxcMatch_t **Result, ZxcMatch_t *Match, const uint8_
while(MaxLen >= (Len * RepeatCount))
{
if (strncmp(reinterpret_cast<const char *>(Passwd),
reinterpret_cast<const char *>(Rpt), Len) == 0)
if (strncmp((const char *)Passwd, (const char *)Rpt, Len) == 0)
{
/* Found a repeat */
ZxcMatch_t *p = AllocMatch();
p->Entrpy = Match->Entrpy + log(RepeatCount);
p->Type = static_cast<ZxcTypeMatch_t>(Match->Type + MULTIPLE_MATCH);
p->Type = (ZxcTypeMatch_t)(Match->Type + MULTIPLE_MATCH);
p->Length = Len * RepeatCount;
p->Begin = Match->Begin;
AddResult(Result, p, MaxLen);
@ -494,9 +490,8 @@ typedef struct
uint8_t Leeted[sizeof L33TChr];
uint8_t UnLeet[sizeof L33TChr];
uint8_t LeetCnv[sizeof L33TCnv / LEET_NORM_MAP_SIZE + 1];
/* uint8_t LeetChr[3]; */
uint8_t First;
uint8_t PossChars[49];
uint8_t PossChars[CHARSET_SIZE];
} DictWork_t;
/**********************************************************************************
@ -618,7 +613,7 @@ static void DictionaryEntropy(ZxcMatch_t *m, DictMatchInfo_t *Extra, const uint8
e += d;
}
/* Add entropy due to word's rank */
e += log(static_cast<double>(Extra->Rank));
e += log((double)Extra->Rank);
m->Entrpy = e;
}
@ -795,7 +790,7 @@ static void UserMatch(ZxcMatch_t **Result, const char *Words[], const uint8_t *P
int Caps = 0;
int Lowers = 0;
int Leets = 0;
const uint8_t *Wrd = reinterpret_cast<const uint8_t *>(Words[Rank]);
const uint8_t *Wrd = (const uint8_t *)(Words[Rank]);
const uint8_t *Pwd = Passwd;
memset(Extra.Leeted, 0, sizeof Extra.Leeted);
memset(Extra.UnLeet, 0, sizeof Extra.UnLeet);
@ -944,19 +939,19 @@ static const uint8_t UK_Shift[] = "!1\"2$4%5&7(9)0*8:;<,>.?/@'AaBbCcDdEeFfGgHhIi
static const uint8_t US_Shift[] = "!1\"'#3$4%5&7(9)0*8:;<,>.?/@2AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz^6_-{[|\\}]~`";
/* Neighour tables */
/* Neighbour tables */
static const uint8_t UK_Qwerty[48*7] =
{
/* key, left, up-left, up-right, right, down-right, down-left */
'#', '\'',']', 0, 0, 0, 0, '\'',';', '[', ']', '#', 0, '/',
',', 'm', 'k', 'l', '.', 0, 0, '-', '0', 0, 0, '-', 'p', 'o',
'.', ',', 'l', ';', '/', 0, 0, '/', '.', ';', '\'', 0, 0, 0,
'0', '9', 0, 0, '-', 'p', 'o', '1', '`', 0, 0, '2', 'q', 0,
',', 'm', 'k', 'l', '.', 0, 0, '-', '0', 0, 0, '=', '[', 'p',
'.', ',', 'l', ';', '/', 0, 0, '/', '.', ';', '\'', 0, 0, 0,
'0', '9', 0, 0, '-', 'p', 'o', '1', '`', 0, 0, '2', 'q', 0,
'2', '1', 0, 0, '3', 'w', 'q', '3', '2', 0, 0, '4', 'e', 'w',
'4', '3', 0, 0, '5', 'r', 'e', '5', '4', 0, 0, '6', 't', 'r',
'6', '5', 0, 0, '7', 'y', 't', '7', '6', 0, 0, '8', 'u', 'y',
'8', '7', 0, 0, '9', 'i', 'u', '9', '8', 0, 0, '0', 'o', 'i',
';', 'l', 'o', 'p','\'', '/', '.', '=', '-', 0, 0, 0, ']', '[',
';', 'l', 'p', '[','\'', '/', '.', '=', '-', 0, 0, 0, ']', '[',
'[', 'p', '-', '=', ']', '\'',';', '\\', 0, 0, 'a', 'z', 0, 0,
']', '[', '=', 0, 0, '#','\'', '`', 0, 0, 0, '1', 0, 0,
'a', 0, 'q', 'w', 's', 'z','\\', 'b', 'v', 'g', 'h', 'n', 0, 0,
@ -1002,7 +997,7 @@ static const uint8_t US_Qwerty[47*7] =
'x', 'z', 's', 'd', 'c', 0, 0, 'y', 't', '6', '7', 'u', 'h', 'g',
'z', 0, 'a', 's', 'x', 0, 0,
};
static const uint8_t Dvorak[48*7] =
static const uint8_t Dvorak[47*7] =
{
'\'', 0, '1', '2', ',', 'a', 0, ',','\'', '2', '3', '.', 'o', 'a',
'-', 's', '/', '=', 0, 0, 'z', '.', ',', '3', '4', 'p', 'e', 'o',
@ -1160,9 +1155,9 @@ static void SpatialMatch(ZxcMatch_t **Result, const uint8_t *Passwd, int Start,
for(CurLen = MaxLen; CurLen >= MIN_SPATIAL_LEN;CurLen = Len - 1)
{
Len = 0;
memset(&Extra, 0, sizeof Extra);
for(k = Keyboards, Indx = 0; Indx < (sizeof Keyboards / sizeof Keyboards[0]); ++Indx, ++k)
{
memset(&Extra, 0, sizeof Extra);
Len = DoSptlMatch(Passwd, CurLen, k, &Extra);
if (Len > 0)
{
@ -1170,7 +1165,7 @@ static void SpatialMatch(ZxcMatch_t **Result, const uint8_t *Passwd, int Start,
int i, j, s;
double Degree, Entropy;
ZxcMatch_t *p;
Degree = (k->NumNear-1) - static_cast<double>(k->NumBlank) / static_cast<double>(k->NumKeys);
Degree = (k->NumNear-1) - (double)k->NumBlank / (double)k->NumKeys;
s = k->NumKeys;
if (k->Shifts)
s *= 2;
@ -1213,7 +1208,6 @@ static void SpatialMatch(ZxcMatch_t **Result, const uint8_t *Passwd, int Start,
p->Length = Len;
AddMatchRepeats(Result, p, Passwd, MaxLen);
AddResult(Result, p, MaxLen);
break;
}
}
}
@ -1406,13 +1400,13 @@ static void RepeatMatch(ZxcMatch_t **Result, const uint8_t *Passwd, int Start, i
int RepeatCount = 2;
while(MaxLen >= (Len * RepeatCount))
{
if (strncmp(reinterpret_cast<const char *>(Passwd), reinterpret_cast<const char *>(Rpt), Len) == 0)
if (strncmp((const char *)Passwd, (const char *)Rpt, Len) == 0)
{
/* Found a repeat */
int c = Cardinality(Passwd, Len);
ZxcMatch_t *p = AllocMatch();
p->Entrpy = log(static_cast<double>(c)) * Len + log(RepeatCount);
p->Type = static_cast<ZxcTypeMatch_t>(BRUTE_MATCH + MULTIPLE_MATCH);
p->Entrpy = log((double)c) * Len + log(RepeatCount);
p->Type = (ZxcTypeMatch_t)(BRUTE_MATCH + MULTIPLE_MATCH);
p->Length = Len * RepeatCount;
p->Begin = Start;
AddResult(Result, p, MaxLen);
@ -1486,7 +1480,7 @@ static void SequenceMatch(ZxcMatch_t **Result, const uint8_t *Passwd, int Start,
Next = Passwd[0] + Dir;
if (IsDigits && (Dir > 0) && (Next == ('9' + 1)) && (Passwd[1] == '0'))
{
/* Incrementing digits, consider '0' to be same as a 'ten' character */
/* Incrementing digits, consider '0' to be same as a 'ten' character */
++Len;
++Passwd;
break;
@ -1495,8 +1489,9 @@ static void SequenceMatch(ZxcMatch_t **Result, const uint8_t *Passwd, int Start,
{
++Len;
++Passwd;
break;
}
else if ((Next > SetHigh) || (Next < SetLow) || (Passwd[1] != Next))
if ((Next > SetHigh) || (Next < SetLow) || (Passwd[1] != Next))
break;
++Len;
++Passwd;
@ -1528,7 +1523,7 @@ static void SequenceMatch(ZxcMatch_t **Result, const uint8_t *Passwd, int Start,
p->Type = SEQUENCE_MATCH;
p->Begin = Start;
p->Length = i;
p->Entrpy = e + log(static_cast<double>(i));
p->Entrpy = e + log((double)i);
AddMatchRepeats(Result, p, Pwd, MaxLen);
AddResult(Result, p, MaxLen);
}
@ -1557,7 +1552,7 @@ static void SequenceMatch(ZxcMatch_t **Result, const uint8_t *Passwd, int Start,
*
* Dijkstra's algorithm finds the combination of these part matches (or paths)
* which gives the lowest entropy (or smallest distance) from begining to end
* of the password.
* of the password.
*/
/* Struct to hold the data of a node (imaginary point between password characters) */
@ -1579,13 +1574,13 @@ double ZxcvbnMatch(const char *Pwd, const char *UserDict[], ZxcMatch_t **Info)
Node_t *Np;
double e;
int Len = strlen(Pwd);
const uint8_t *Passwd = reinterpret_cast<const uint8_t *>(Pwd);
const uint8_t *Passwd = (const uint8_t *)Pwd;
uint8_t *RevPwd;
/* Create the paths */
Node_t *Nodes = MallocFn(Node_t, Len+1);
memset(Nodes, 0, (Len+1) * sizeof *Nodes);
i = Cardinality(Passwd, Len);
e = log(static_cast<double>(i));
e = log((double)i);
/* Do matching for all parts of the password */
for(i = 0; i < Len; ++i)

40
src/zxcvbn/zxcvbn.h
View File

@ -2,34 +2,26 @@
#define ZXCVBN_H_F98183CE2A01_INCLUDED
/**********************************************************************************
* C implementation of the zxcvbn password strength estimation method.
* Copyright (c) 2015, Tony Evans
* All rights reserved.
* Copyright (c) 2015-2017 Tony Evans
*
* Redistribution and use in source and binary forms, with or without modification, are
* permitted provided that the following conditions are met:
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* 1. Redistributions of source code must retain the above copyright notice, this list
* of conditions and the following disclaimer.
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* 2. Redistributions in binary form must reproduce the above copyright notice, this
* list of conditions and the following disclaimer in the documentation and/or other
* materials provided with the distribution.
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*
* 3. Neither the name of the copyright holder nor the names of its contributors may be
* used to endorse or promote products derived from this software without specific
* prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
* SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
* ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
* DAMAGE.
*
**********************************************************************************/
/* If this is defined, the dictiononary data is read from file. When undefined */

4
tests/gui/TestGui.cpp
View File

@ -545,15 +545,13 @@ void TestGui::testPasswordEntryEntropy()
editNewPassword->setText("");
QTest::keyClicks(editNewPassword, "YQC3kbXbjC652dTDH");
QCOMPARE(entropyLabel->text(), QString("Entropy: 96.07 bit"));
QCOMPARE(entropyLabel->text(), QString("Entropy: 95.83 bit"));
QCOMPARE(strengthLabel->text(), QString("Password Quality: Good"));
editNewPassword->setText("");
QTest::keyClicks(editNewPassword, "Bs5ZFfthWzR8DGFEjaCM6bGqhmCT4km");
QCOMPARE(entropyLabel->text(), QString("Entropy: 174.59 bit"));
QCOMPARE(strengthLabel->text(), QString("Password Quality: Excellent"));
// We are done
}
void TestGui::testDicewareEntryEntropy()