1
0
mirror of https://github.com/bitwarden/mobile.git synced 2024-11-27 12:26:31 +01:00

Sanitize Password Length (#783)

* Sanitize Password Length

* Formatting updates

* Else if format

Co-authored-by: Vincent Salucci <vsalucci@bitwarden.com>
This commit is contained in:
Vincent Salucci 2020-03-18 13:43:20 -05:00 committed by GitHub
parent ed37972b99
commit 55dff81b9f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -51,52 +51,7 @@ namespace Bit.Core.Services
} }
// Sanitize // Sanitize
if(options.Uppercase.GetValueOrDefault() && options.MinUppercase.GetValueOrDefault() <= 0) SanitizePasswordLength(options, true);
{
options.MinUppercase = 1;
}
else if(!options.Uppercase.GetValueOrDefault())
{
options.MinUppercase = 0;
}
if(options.Lowercase.GetValueOrDefault() && options.MinLowercase.GetValueOrDefault() <= 0)
{
options.MinLowercase = 1;
}
else if(!options.Lowercase.GetValueOrDefault())
{
options.MinLowercase = 0;
}
if(options.Number.GetValueOrDefault() && options.MinNumber.GetValueOrDefault() <= 0)
{
options.MinNumber = 1;
}
else if(!options.Number.GetValueOrDefault())
{
options.MinNumber = 0;
}
if(options.Special.GetValueOrDefault() && options.MinSpecial.GetValueOrDefault() <= 0)
{
options.MinSpecial = 1;
}
else if(!options.Special.GetValueOrDefault())
{
options.MinSpecial = 0;
}
if(options.Length.GetValueOrDefault() < 1)
{
options.Length = 10;
}
var minLength = options.MinSpecial.GetValueOrDefault() + options.MinLowercase.GetValueOrDefault() +
options.MinNumber.GetValueOrDefault() + options.MinUppercase.GetValueOrDefault();
if(options.Length < minLength)
{
options.Length = minLength;
}
var positionsBuilder = new StringBuilder(); var positionsBuilder = new StringBuilder();
if(options.Lowercase.GetValueOrDefault() && options.MinLowercase.GetValueOrDefault() > 0) if(options.Lowercase.GetValueOrDefault() && options.MinLowercase.GetValueOrDefault() > 0)
@ -617,6 +572,8 @@ namespace Bit.Core.Services
{ {
options.WordSeparator = options.WordSeparator[0].ToString(); options.WordSeparator = options.WordSeparator[0].ToString();
} }
SanitizePasswordLength(options, false);
} }
// Helpers // Helpers
@ -691,5 +648,71 @@ namespace Bit.Core.Services
var num = await _cryptoService.RandomNumberAsync(0, 9); var num = await _cryptoService.RandomNumberAsync(0, 9);
wordList[index] = wordList[index] + num; wordList[index] = wordList[index] + num;
} }
private void SanitizePasswordLength(PasswordGenerationOptions options, bool forGeneration)
{
var minUppercaseCalc = 0;
var minLowercaseCalc = 0;
var minNumberCalc = options.MinNumber;
var minSpecialCalc = options.MinNumber;
if(options.Uppercase.GetValueOrDefault() && options.MinUppercase.GetValueOrDefault() <= 0)
{
minUppercaseCalc = 1;
}
else if(!options.Uppercase.GetValueOrDefault())
{
minUppercaseCalc = 0;
}
if(options.Lowercase.GetValueOrDefault() && options.MinLowercase.GetValueOrDefault() <= 0)
{
minLowercaseCalc = 1;
}
else if(!options.Lowercase.GetValueOrDefault())
{
minLowercaseCalc = 0;
}
if(options.Number.GetValueOrDefault() && options.MinNumber.GetValueOrDefault() <= 0)
{
minNumberCalc = 1;
}
else if(!options.Number.GetValueOrDefault())
{
minNumberCalc = 0;
}
if(options.Special.GetValueOrDefault() && options.MinSpecial.GetValueOrDefault() <= 0)
{
minSpecialCalc = 1;
}
else if(!options.Special.GetValueOrDefault())
{
minSpecialCalc = 0;
}
// This should never happen but is a final safety net
if(options.Length.GetValueOrDefault() < 1)
{
options.Length = 10;
}
var minLength = minUppercaseCalc + minLowercaseCalc + minNumberCalc + minSpecialCalc;
// Normalize and Generation both require this modification
if(options.Length < minLength)
{
options.Length = minLength;
}
// Apply other changes if the options object passed in is for generation
if(forGeneration)
{
options.MinUppercase = minUppercaseCalc;
options.MinLowercase = minLowercaseCalc;
options.MinNumber = minNumberCalc;
options.MinSpecial = minSpecialCalc;
}
}
} }
} }