public static PasswordStrengthLevel GetStrengthLevel(string password) { PasswordStrengthLevel strengthLevel = PasswordStrengthLevel.Unmet; try { if (IsValid(password) == true) { if (IsStrong(password) == true) { strengthLevel = PasswordStrengthLevel.Strong; } else if (IsMedium(password) == true) { strengthLevel = PasswordStrengthLevel.Medium; } else if (IsWeak(password) == true) { strengthLevel = PasswordStrengthLevel.Weak; } else { strengthLevel = PasswordStrengthLevel.Unmet; } } } catch { strengthLevel = PasswordStrengthLevel.Unmet; } return(strengthLevel); }
public void IsNotValid(string password, PasswordStrengthLevel level) { // Arrange var attr = new PasswordStrengthAttribute(level); // Act var isValid = attr.IsValid(password); // Assert Assert.IsFalse(isValid); }
private int getMinLengthForLevel(PasswordFamily family, PasswordStrengthLevel level) { switch (level) { //todo: OGEE - what does this code do? case PasswordStrengthLevel.Minimum: return(5 - family == PasswordFamily.Text ? 0 : 1); case PasswordStrengthLevel.BelowNormal: return(6 - family == PasswordFamily.Text ? 0 : 1); default: return(8 - family == PasswordFamily.Text ? 0 : 2);// Normal case PasswordStrengthLevel.AboveNormal: return(10 - family == PasswordFamily.Text ? 0 : 3); case PasswordStrengthLevel.Maximum: return(13 - family == PasswordFamily.Text ? 0 : 4); } }
private int getMinScoreForLevel(PasswordFamily family, PasswordStrengthLevel level) { switch (level) { case PasswordStrengthLevel.Minimum: return(TOP_SCORE_MINIMUM); case PasswordStrengthLevel.BelowNormal: return(TOP_SCORE_BELOW_NORMAL); default: return(TOP_SCORE_NORMAL); case PasswordStrengthLevel.AboveNormal: return(TOP_SCORE_ABOVE_NORMAL); case PasswordStrengthLevel.Maximum: return(TOP_SCORE_MAXIMUM); } }
private int getMaxLengthForLevel(PasswordFamily family, PasswordStrengthLevel level) { switch (level) { case PasswordStrengthLevel.Minimum: return(5 - (family == PasswordFamily.Text ? 0 : 1)); case PasswordStrengthLevel.BelowNormal: return(6 - (family == PasswordFamily.Text ? 0 : 1)); default: return(8 - (family == PasswordFamily.Text ? 0 : 2));// Normal case PasswordStrengthLevel.AboveNormal: return(10 - (family == PasswordFamily.Text ? 0 : 3)); case PasswordStrengthLevel.Maximum: return(13 - (family == PasswordFamily.Text ? 0 : 4)); } }
private static void doPassword(IApplication app, bool pretty, int scoreThreshold, PasswordStrengthLevel strength, string algname) { ConsoleUtils.Info("Score Threshold: {0}%".Args(scoreThreshold)); ConsoleUtils.Info("Strength level: {0}".Args(strength)); SecureBuffer password = null; while (true) { Console.WriteLine("Please type-in your password and press <enter>:"); password = ConsoleUtils.ReadPasswordToSecureBuffer('*'); var score = app.SecurityManager.PasswordManager.CalculateStrenghtPercent(PasswordFamily.Text, password); var pass = score >= scoreThreshold; Console.WriteLine(); var t = "Password score: {0}% is {1} strong".Args(score, pass ? "sufficiently" : "insufficiently"); if (pass) { ConsoleUtils.Info(t); break; } ConsoleUtils.Error(t); Console.WriteLine(); } Console.WriteLine(); while (true) { Console.WriteLine("Please re-type your password and press <enter>:"); using (var p2 = ConsoleUtils.ReadPasswordToSecureBuffer('*')) if (password.Content.MemBufferEquals(p2.Content)) { break; } ConsoleUtils.Error("Passwords do not match"); } Console.WriteLine(); Console.WriteLine(); HashedPassword hashed = null; if (algname.IsNotNullOrWhiteSpace()) { var alg = app.SecurityManager.PasswordManager.Algorithms[algname]; if (alg != null) { hashed = alg.ComputeHash(PasswordFamily.Text, password); } else { ConsoleUtils.Error("Specified algorithm not found. Using default..."); } } if (hashed == null) { hashed = app.SecurityManager.PasswordManager.ComputeHash( PasswordFamily.Text, password, strength); } password.Dispose(); var toPrint = JsonWriter.Write(hashed, pretty ? JsonWritingOptions.PrettyPrintASCII : JsonWritingOptions.CompactASCII); Console.WriteLine("Hashed Password:"); Console.WriteLine(); Console.WriteLine(toPrint); }
protected virtual IEnumerable <PasswordRepresentation> DoGeneratePassword(PasswordFamily family, PasswordRepresentationType type, PasswordStrengthLevel level) { if (family != PasswordFamily.Text && family != PasswordFamily.PIN) { yield break; } if ((type & PasswordRepresentationType.Text) != 0) { if (family == PasswordFamily.Text) { int score = 0; while (true) { using (var password = ExternalRandomGenerator.Instance.NextRandomWebSafeSecureBuffer(getMinLengthForLevel(family, level), getMaxLengthForLevel(family, level))) { score = CalculateStrenghtScore(family, password); if (score >= getMinScoreForLevel(family, level)) { var content = password.Content; var length = content.Length; var reprContent = new byte[length]; Array.Copy(content, reprContent, length); yield return(new PasswordRepresentation(PasswordRepresentationType.Text, "plain/text", reprContent)); break; } } } } if (family == PasswordFamily.PIN) { var min = getMinLengthForLevel(family, level); var max = getMaxLengthForLevel(family, level); var minValue = (int)IntMath.Pow(10, min - 1); var maxValue = (int)IntMath.Pow(10, max) - 1; var value = (uint)ExternalRandomGenerator.Instance.NextScaledRandomInteger(minValue, maxValue); var content = value.ToString(); var reprContent = new byte[content.Length]; for (int i = 0; i < content.Length; i++) { reprContent[i] = (byte)content[i]; } yield return(new PasswordRepresentation(PasswordRepresentationType.Text, "plain/text", reprContent)); } } }
protected virtual HashedPassword DoComputeHash(PasswordFamily family, SecureBuffer password, PasswordStrengthLevel level) { var algoFamily = m_Algorithms.Where(al => al.Match(family)); if (!algoFamily.Any()) { throw new SecurityException(GetType().Name + ".DoComputeHash(family!match)"); } var algs = algoFamily.Where(al => al.StrengthLevel == level); if (!algs.Any()) { algs = algoFamily.Where(al => al.StrengthLevel > level).OrderBy(al => al.StrengthLevel); } if (!algs.Any()) { algs = algoFamily; } var algo = algs.FirstOrDefault(al => al.IsDefault) ?? algs.First(); return(algo.ComputeHash(family, password)); }
public IEnumerable <PasswordRepresentation> GeneratePassword(PasswordFamily family, PasswordRepresentationType type, PasswordStrengthLevel level = PasswordStrengthLevel.Default) { return(DoGeneratePassword(family, type, level == PasswordStrengthLevel.Default ? DefaultStrengthLevel : level)); }
public HashedPassword ComputeHash(PasswordFamily family, SecureBuffer password, PasswordStrengthLevel level = PasswordStrengthLevel.Default) { if (password == null) { throw new SecurityException(StringConsts.ARGUMENT_ERROR + "DefaultPasswordManager.ComputeHash(password==null)"); } if (!password.IsSealed) { throw new SecurityException(StringConsts.ARGUMENT_ERROR + "DefaultPasswordManager.ComputeHash(!password.IsSealed)"); } CheckServiceActive(); return(DoComputeHash(family, password, level == PasswordStrengthLevel.Default ? DefaultStrengthLevel : level)); }
public PasswordStrengthAttribute(PasswordStrengthLevel level = PasswordStrengthLevel.Weak) { Level = level; }