1
0
mirror of https://github.com/bitwarden/mobile.git synced 2024-12-28 17:18:23 +01:00

Sanitize Password Length (#783)

* Sanitize Password Length

* Formatting updates

* Else if format

Co-authored-by: Vincent Salucci <vsalucci@bitwarden.com>
This commit is contained in:
Vincent Salucci 2020-03-18 13:43:20 -05:00 committed by GitHub
parent ed37972b99
commit 55dff81b9f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -51,52 +51,7 @@ namespace Bit.Core.Services
}
// Sanitize
if(options.Uppercase.GetValueOrDefault() && options.MinUppercase.GetValueOrDefault() <= 0)
{
options.MinUppercase = 1;
}
else if(!options.Uppercase.GetValueOrDefault())
{
options.MinUppercase = 0;
}
if(options.Lowercase.GetValueOrDefault() && options.MinLowercase.GetValueOrDefault() <= 0)
{
options.MinLowercase = 1;
}
else if(!options.Lowercase.GetValueOrDefault())
{
options.MinLowercase = 0;
}
if(options.Number.GetValueOrDefault() && options.MinNumber.GetValueOrDefault() <= 0)
{
options.MinNumber = 1;
}
else if(!options.Number.GetValueOrDefault())
{
options.MinNumber = 0;
}
if(options.Special.GetValueOrDefault() && options.MinSpecial.GetValueOrDefault() <= 0)
{
options.MinSpecial = 1;
}
else if(!options.Special.GetValueOrDefault())
{
options.MinSpecial = 0;
}
if(options.Length.GetValueOrDefault() < 1)
{
options.Length = 10;
}
var minLength = options.MinSpecial.GetValueOrDefault() + options.MinLowercase.GetValueOrDefault() +
options.MinNumber.GetValueOrDefault() + options.MinUppercase.GetValueOrDefault();
if(options.Length < minLength)
{
options.Length = minLength;
}
SanitizePasswordLength(options, true);
var positionsBuilder = new StringBuilder();
if(options.Lowercase.GetValueOrDefault() && options.MinLowercase.GetValueOrDefault() > 0)
@ -617,6 +572,8 @@ namespace Bit.Core.Services
{
options.WordSeparator = options.WordSeparator[0].ToString();
}
SanitizePasswordLength(options, false);
}
// Helpers
@ -691,5 +648,71 @@ namespace Bit.Core.Services
var num = await _cryptoService.RandomNumberAsync(0, 9);
wordList[index] = wordList[index] + num;
}
private void SanitizePasswordLength(PasswordGenerationOptions options, bool forGeneration)
{
var minUppercaseCalc = 0;
var minLowercaseCalc = 0;
var minNumberCalc = options.MinNumber;
var minSpecialCalc = options.MinNumber;
if(options.Uppercase.GetValueOrDefault() && options.MinUppercase.GetValueOrDefault() <= 0)
{
minUppercaseCalc = 1;
}
else if(!options.Uppercase.GetValueOrDefault())
{
minUppercaseCalc = 0;
}
if(options.Lowercase.GetValueOrDefault() && options.MinLowercase.GetValueOrDefault() <= 0)
{
minLowercaseCalc = 1;
}
else if(!options.Lowercase.GetValueOrDefault())
{
minLowercaseCalc = 0;
}
if(options.Number.GetValueOrDefault() && options.MinNumber.GetValueOrDefault() <= 0)
{
minNumberCalc = 1;
}
else if(!options.Number.GetValueOrDefault())
{
minNumberCalc = 0;
}
if(options.Special.GetValueOrDefault() && options.MinSpecial.GetValueOrDefault() <= 0)
{
minSpecialCalc = 1;
}
else if(!options.Special.GetValueOrDefault())
{
minSpecialCalc = 0;
}
// This should never happen but is a final safety net
if(options.Length.GetValueOrDefault() < 1)
{
options.Length = 10;
}
var minLength = minUppercaseCalc + minLowercaseCalc + minNumberCalc + minSpecialCalc;
// Normalize and Generation both require this modification
if(options.Length < minLength)
{
options.Length = minLength;
}
// Apply other changes if the options object passed in is for generation
if(forGeneration)
{
options.MinUppercase = minUppercaseCalc;
options.MinLowercase = minLowercaseCalc;
options.MinNumber = minNumberCalc;
options.MinSpecial = minSpecialCalc;
}
}
}
}