mirror of
https://github.com/monero-project/monero-gui.git
synced 2025-01-08 20:09:48 +00:00
cmake: fix compilation with zxcvbn, always enable
This commit is contained in:
parent
7c379e2cda
commit
6610f6f2da
17 changed files with 24871 additions and 282705 deletions
|
@ -11,7 +11,6 @@ set(VERSION "0.${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_REVISION}")
|
||||||
option(STATIC "Link libraries statically, requires static Qt")
|
option(STATIC "Link libraries statically, requires static Qt")
|
||||||
|
|
||||||
option(USE_DEVICE_TREZOR "Trezor support compilation" ON)
|
option(USE_DEVICE_TREZOR "Trezor support compilation" ON)
|
||||||
option(ENABLE_PASS_STRENGTH_METER "Enable zxcvbn library for password strength" OFF)
|
|
||||||
option(WITH_SCANNER "Enable webcam QR scanner" OFF)
|
option(WITH_SCANNER "Enable webcam QR scanner" OFF)
|
||||||
option(DEV_MODE "Checkout latest monero master on build" OFF)
|
option(DEV_MODE "Checkout latest monero master on build" OFF)
|
||||||
|
|
||||||
|
@ -78,13 +77,6 @@ if(STATIC)
|
||||||
add_definitions(-DMONERO_GUI_STATIC)
|
add_definitions(-DMONERO_GUI_STATIC)
|
||||||
endif()
|
endif()
|
||||||
|
|
||||||
# Include password strength library
|
|
||||||
if(ENABLE_PASS_STRENGTH_METER)
|
|
||||||
message(STATUS "Building with pass strength meter support.")
|
|
||||||
else()
|
|
||||||
add_definitions(-DDISABLE_PASS_STRENGTH_METER)
|
|
||||||
endif()
|
|
||||||
|
|
||||||
include(CMakePackageConfigHelpers)
|
include(CMakePackageConfigHelpers)
|
||||||
|
|
||||||
# force version update
|
# force version update
|
||||||
|
|
|
@ -48,13 +48,6 @@ if(APPLE)
|
||||||
list(APPEND SOURCE_FILES "qt/macoshelper.mm")
|
list(APPEND SOURCE_FILES "qt/macoshelper.mm")
|
||||||
endif()
|
endif()
|
||||||
|
|
||||||
if(ENABLE_PASS_STRENGTH_METER)
|
|
||||||
file(GLOB PASS_STRENGTH_FILES
|
|
||||||
"zxcvbn-c/zxcvbn.h"
|
|
||||||
"zxcvbn-c/zxcvbn.c"
|
|
||||||
)
|
|
||||||
endif()
|
|
||||||
|
|
||||||
set(EXECUTABLE_FLAG)
|
set(EXECUTABLE_FLAG)
|
||||||
if(MINGW)
|
if(MINGW)
|
||||||
set(EXECUTABLE_FLAG WIN32)
|
set(EXECUTABLE_FLAG WIN32)
|
||||||
|
@ -76,7 +69,6 @@ endif()
|
||||||
|
|
||||||
set(monero_wallet_gui_sources
|
set(monero_wallet_gui_sources
|
||||||
${SOURCE_FILES}
|
${SOURCE_FILES}
|
||||||
${PASS_STRENGTH_FILES}
|
|
||||||
${RESOURCES}
|
${RESOURCES}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -148,6 +140,7 @@ target_link_libraries(monero-wallet-gui
|
||||||
openpgp
|
openpgp
|
||||||
qrdecoder
|
qrdecoder
|
||||||
translations
|
translations
|
||||||
|
zxcvbn
|
||||||
)
|
)
|
||||||
|
|
||||||
if(X11_FOUND)
|
if(X11_FOUND)
|
||||||
|
|
|
@ -459,7 +459,6 @@ QUrl WalletManager::localPathToUrl(const QString &path) const
|
||||||
return QUrl::fromLocalFile(path);
|
return QUrl::fromLocalFile(path);
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifndef DISABLE_PASS_STRENGTH_METER
|
|
||||||
double WalletManager::getPasswordStrength(const QString &password) const
|
double WalletManager::getPasswordStrength(const QString &password) const
|
||||||
{
|
{
|
||||||
static const char *local_dict[] = {
|
static const char *local_dict[] = {
|
||||||
|
@ -474,7 +473,6 @@ double WalletManager::getPasswordStrength(const QString &password) const
|
||||||
ZxcvbnUnInit();
|
ZxcvbnUnInit();
|
||||||
return e;
|
return e;
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
|
|
||||||
bool WalletManager::saveQrCode(const QString &code, const QString &path) const
|
bool WalletManager::saveQrCode(const QString &code, const QString &path) const
|
||||||
{
|
{
|
||||||
|
|
|
@ -174,9 +174,7 @@ public:
|
||||||
Q_INVOKABLE qint64 addi(qint64 x, qint64 y) const { return x + y; }
|
Q_INVOKABLE qint64 addi(qint64 x, qint64 y) const { return x + y; }
|
||||||
Q_INVOKABLE qint64 subi(qint64 x, qint64 y) const { return x - y; }
|
Q_INVOKABLE qint64 subi(qint64 x, qint64 y) const { return x - y; }
|
||||||
|
|
||||||
#ifndef DISABLE_PASS_STRENGTH_METER
|
|
||||||
Q_INVOKABLE double getPasswordStrength(const QString &password) const;
|
Q_INVOKABLE double getPasswordStrength(const QString &password) const;
|
||||||
#endif
|
|
||||||
|
|
||||||
Q_INVOKABLE QString resolveOpenAlias(const QString &address) const;
|
Q_INVOKABLE QString resolveOpenAlias(const QString &address) const;
|
||||||
Q_INVOKABLE bool parse_uri(const QString &uri, QString &address, QString &payment_id, uint64_t &amount, QString &tx_description, QString &recipient_name, QVector<QString> &unknown_parameters, QString &error) const;
|
Q_INVOKABLE bool parse_uri(const QString &uri, QString &address, QString &payment_id, uint64_t &amount, QString &tx_description, QString &recipient_name, QVector<QString> &unknown_parameters, QString &error) const;
|
||||||
|
|
|
@ -1,4 +1,3 @@
|
||||||
file(GLOB_RECURSE SRC_SOURCES *.cpp)
|
add_library(zxcvbn STATIC zxcvbn.c)
|
||||||
file(GLOB_RECURSE SRC_HEADERS *.h)
|
set_target_properties(zxcvbn PROPERTIES POSITION_INDEPENDENT_CODE ON)
|
||||||
|
target_include_directories(zxcvbn PUBLIC ${CMAKE_CURRENT_SOURCE_DIR})
|
||||||
|
|
||||||
|
|
|
@ -1,86 +0,0 @@
|
||||||
# zxcvbn-c
|
|
||||||
This is a C/C++ implementation of the zxcvbn password strength estimation.
|
|
||||||
|
|
||||||
The code is intended to be included as part of the source of a C/C++ program. Like the
|
|
||||||
original this code is for character sets which use single byte characters primarily in the
|
|
||||||
code range 0x20 to 0x7E.
|
|
||||||
|
|
||||||
The original coffee script version is available at
|
|
||||||
https://github.com/lowe/zxcvbn
|
|
||||||
|
|
||||||
An article on the reasons for zxcvbn is at
|
|
||||||
https://tech.dropox.com/2012/04/zxcvbn-realistic-password-strength-estimation
|
|
||||||
|
|
||||||
##Building
|
|
||||||
|
|
||||||
The makefile will build several test programs to test the code. It shows the steps needed
|
|
||||||
to use the code in C and C++ programs, using the dictionary data read from file or included
|
|
||||||
within the program executable.
|
|
||||||
The makefile has only been tried on Linux using GCC version 4.8.4, but should be faily
|
|
||||||
portable to other systems.
|
|
||||||
|
|
||||||
When dictionary data is included in your program's executable, the files `zxcvbn.c` ,
|
|
||||||
`zxcvbn.h` , `dict-src.h` are used in your program.
|
|
||||||
|
|
||||||
When dictionary data is read from file, the files `zxcvbn.c` , `zxcvbn.h` , `dict-crc.h`
|
|
||||||
and `zxcvbn.dict` are used in your program, compiled with `#define USE_DICT_FILE`. The CRC
|
|
||||||
of the dictionary data file is written to `dict-crc.h` so your executable can detect
|
|
||||||
corruption of the data.
|
|
||||||
|
|
||||||
Rename `zxcvbn.c` to `zxcvbn.cpp` (or whatever your compiler uses) to compile as C++.
|
|
||||||
|
|
||||||
The `dict*.h` and `zxcvbn.dict` files are generated by the dictgen program compiled from
|
|
||||||
dict-generate.cpp (see makefile for details).
|
|
||||||
|
|
||||||
##Using
|
|
||||||
|
|
||||||
Initially call `ZxcvbnInit()` with the pathname of the `zxcvbn.dict` file. This can be
|
|
||||||
omitted when dictionary data is included in the executable.
|
|
||||||
|
|
||||||
Call `ZxcvbnMatch()` with the password and optional user dictionary to get the entropy
|
|
||||||
estimation and optional information on the password parts (which will need freeing with
|
|
||||||
`ZxcvbnFreeInfo()` after use). Do this for each password to be tested, or as each character
|
|
||||||
of it is entered into your program. The optional user dictionary can change between each
|
|
||||||
call.
|
|
||||||
|
|
||||||
Finally call `ZxcvbnUninit()` to free the dictionary data from read from file. This can be
|
|
||||||
omitted when dictionary data is included in the executable.
|
|
||||||
|
|
||||||
Review the test program in `test.c` for an example.
|
|
||||||
|
|
||||||
|
|
||||||
## Differences from the original version.
|
|
||||||
|
|
||||||
The entropy calculated will sometimes differ from the original because of
|
|
||||||
|
|
||||||
* The UK keyboard layout is also included, so there are additional spacial sequences, e.g.
|
|
||||||
**;'#** is a spacial sequence.
|
|
||||||
* The different character classes in a password are taken into account when calculating the
|
|
||||||
strength of brute-force matches.
|
|
||||||
* Dijktra's path searching algorithm is used to combine parts of the entered password. This
|
|
||||||
can result in the found parts of the password being combined differently than the
|
|
||||||
original coffee script. E.g. the password **passwordassword**
|
|
||||||
is combined by the original coffee script as **p** (3.5 bits) + **asswordassword** (12.6
|
|
||||||
bits) + multiple part allowance (1.0bit) to give total entropy of 17.1 bits. This
|
|
||||||
implementation combines it as **password** (1.0 bit) + **assword** (11.6 bits) + multiple
|
|
||||||
part allowance (1.0bit) to give 13.6 bits.
|
|
||||||
* For multi part passwords the original coffee script version multiplies the number of
|
|
||||||
guesses needed by the factorial of the number of parts. This is not possible in this
|
|
||||||
version as Dijktra's algorithm is used. Instead one bit entropy is added for the part at the
|
|
||||||
end of the password, 1.7 bits for each part in the middle of a password and nothing
|
|
||||||
for the part at the beginning. This gives similar results compared to the coffee script
|
|
||||||
version when there are 4 or less parts, but will differ significantly when there are many
|
|
||||||
parts (which is likely to be a rare occurrence).
|
|
||||||
|
|
||||||
|
|
||||||
##References
|
|
||||||
|
|
||||||
The original coffee-script version is available at
|
|
||||||
https://github.com/lowe/zxcvbn
|
|
||||||
|
|
||||||
The dictionary words are taken from the original coffee script version.
|
|
||||||
|
|
||||||
Dictionary trie encoding (used for by the word lookup code) based on idea from the Caroline
|
|
||||||
Word Graph from
|
|
||||||
http://www.pathcom.com/~vadco/cwg.html
|
|
||||||
|
|
File diff suppressed because it is too large
Load diff
24867
src/zxcvbn-c/dict-src.h
Normal file
24867
src/zxcvbn-c/dict-src.h
Normal file
File diff suppressed because it is too large
Load diff
|
@ -1,104 +0,0 @@
|
||||||
CFLAGS ?= -O2 -Wall -Wextra -Wdeclaration-after-statement
|
|
||||||
CXXFLAGS ?= -O2 -Wall -Wextra
|
|
||||||
|
|
||||||
# default programs
|
|
||||||
CC ?= gcc
|
|
||||||
AR ?= ar
|
|
||||||
CXX ?= g++
|
|
||||||
|
|
||||||
# need zxcvbn.h prior to package installation
|
|
||||||
CPPFLAGS += -I.
|
|
||||||
|
|
||||||
# library metadata
|
|
||||||
TARGET_LIB = libzxcvbn.so.0.0.0
|
|
||||||
SONAME = libzxcvbn.so.0
|
|
||||||
|
|
||||||
WORDS = words-eng_wiki.txt words-female.txt words-male.txt words-passwd.txt words-surname.txt words-tv_film.txt
|
|
||||||
|
|
||||||
#all: test-file test-inline test-c++inline test-c++file test-shlib test-statlib
|
|
||||||
all: test-statlib
|
|
||||||
|
|
||||||
test-shlib: test.c $(TARGET_LIB)
|
|
||||||
if [ ! -e libzxcvbn.so ]; then ln -s $(TARGET_LIB) libzxcvbn.so; fi
|
|
||||||
$(CC) $(CPPFLAGS) $(CFLAGS) -o $@ $< -L. $(LDFLAGS) libzxcvbn.so -lm
|
|
||||||
|
|
||||||
$(TARGET_LIB): zxcvbn-inline-pic.o
|
|
||||||
$(CC) $(CPPFLAGS) $(CFLAGS) \
|
|
||||||
-o $@ $^ -fPIC -shared -Wl,-soname,$(SONAME) $(LDFLAGS) -lm
|
|
||||||
if [ ! -e $(SONAME) ]; then ln -s $(TARGET_LIB) $(SONAME); fi
|
|
||||||
|
|
||||||
test-statlib: test.c libzxcvbn.a
|
|
||||||
$(CC) $(CPPFLAGS) $(CFLAGS) -o $@ $^ $(LDFLAGS) -lm
|
|
||||||
|
|
||||||
libzxcvbn.a: zxcvbn-inline.o
|
|
||||||
$(AR) cvq $@ $^
|
|
||||||
|
|
||||||
test-file: test.c zxcvbn-file.o
|
|
||||||
$(CC) $(CPPFLAGS) $(CFLAGS) \
|
|
||||||
-DUSE_DICT_FILE -o test-file test.c zxcvbn-file.o $(LDFLAGS) -lm
|
|
||||||
|
|
||||||
zxcvbn-file.o: zxcvbn.c dict-crc.h zxcvbn.h
|
|
||||||
$(CC) $(CPPFLAGS) $(CFLAGS) \
|
|
||||||
-DUSE_DICT_FILE -c -o zxcvbn-file.o zxcvbn.c
|
|
||||||
|
|
||||||
test-inline: test.c zxcvbn-inline.o
|
|
||||||
$(CC) $(CPPFLAGS) $(CFLAGS) \
|
|
||||||
-o test-inline test.c zxcvbn-inline.o $(LDFLAGS) -lm
|
|
||||||
|
|
||||||
zxcvbn-inline-pic.o: zxcvbn.c dict-src.h zxcvbn.h
|
|
||||||
$(CC) $(CPPFLAGS) $(CFLAGS) -fPIC -c -o $@ $<
|
|
||||||
|
|
||||||
zxcvbn-inline.o: zxcvbn.c dict-src.h zxcvbn.h
|
|
||||||
$(CC) $(CPPFLAGS) $(CFLAGS) -c -o zxcvbn-inline.o zxcvbn.c
|
|
||||||
|
|
||||||
dict-src.h: dictgen $(WORDS)
|
|
||||||
./dictgen -o dict-src.h $(WORDS)
|
|
||||||
|
|
||||||
dict-crc.h: dictgen $(WORDS)
|
|
||||||
./dictgen -b -o zxcvbn.dict -h dict-crc.h $(WORDS)
|
|
||||||
|
|
||||||
dictgen: dict-generate.cpp makefile
|
|
||||||
$(CXX) $(CPPFLAGS) -std=c++11 $(CXXFLAGS) \
|
|
||||||
-o dictgen dict-generate.cpp $(LDFLAGS)
|
|
||||||
|
|
||||||
test-c++inline: test.c zxcvbn-c++inline.o
|
|
||||||
if [ ! -e test.cpp ]; then ln -s test.c test.cpp; fi
|
|
||||||
$(CXX) $(CPPFLAGS) $(CXXFLAGS) \
|
|
||||||
-o test-c++inline test.cpp zxcvbn-c++inline.o $(LDFLAGS) -lm
|
|
||||||
|
|
||||||
zxcvbn-c++inline.o: zxcvbn.c dict-src.h zxcvbn.h
|
|
||||||
if [ ! -e zxcvbn.cpp ]; then ln -s zxcvbn.c zxcvbn.cpp; fi
|
|
||||||
$(CXX) $(CPPFLAGS) $(CXXFLAGS) \
|
|
||||||
-c -o zxcvbn-c++inline.o zxcvbn.cpp
|
|
||||||
|
|
||||||
test-c++file: test.c zxcvbn-c++file.o
|
|
||||||
if [ ! -e test.cpp ]; then ln -s test.c test.cpp; fi
|
|
||||||
$(CXX) $(CPPFLAGS) $(CXXFLAGS) \
|
|
||||||
-DUSE_DICT_FILE -o test-c++file test.cpp zxcvbn-c++file.o $(LDFLAGS) -lm
|
|
||||||
|
|
||||||
zxcvbn-c++file.o: zxcvbn.c dict-crc.h zxcvbn.h
|
|
||||||
if [ ! -e zxcvbn.cpp ]; then ln -s zxcvbn.c zxcvbn.cpp; fi
|
|
||||||
$(CXX) $(CPPFLAGS) $(CXXFLAGS) \
|
|
||||||
-DUSE_DICT_FILE -c -o zxcvbn-c++file.o zxcvbn.cpp
|
|
||||||
|
|
||||||
test: test-file test-inline test-c++inline test-c++file test-shlib test-statlib testcases.txt
|
|
||||||
@echo Testing C build, dictionary from file
|
|
||||||
./test-file -t testcases.txt
|
|
||||||
@echo Testing C build, dictionary in executable
|
|
||||||
./test-inline -t testcases.txt
|
|
||||||
@echo Testing C shlib, dictionary in shlib
|
|
||||||
LD_LIBRARY_PATH=. ./test-shlib -t testcases.txt
|
|
||||||
@echo Testing C static lib, dictionary in lib
|
|
||||||
./test-statlib -t testcases.txt
|
|
||||||
@echo Testing C++ build, dictionary from file
|
|
||||||
./test-c++file -t testcases.txt
|
|
||||||
@echo Testing C++ build, dictionary in executable
|
|
||||||
./test-c++inline -t testcases.txt
|
|
||||||
@echo Finished
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f test-file zxcvbn-file.o test-c++file zxcvbn-c++file.o
|
|
||||||
rm -f test-inline zxcvbn-inline.o zxcvbn-inline-pic.o test-c++inline zxcvbn-c++inline.o
|
|
||||||
rm -f dict-*.h zxcvbn.dict zxcvbn.cpp test.cpp
|
|
||||||
rm -f dictgen
|
|
||||||
rm -f ${TARGET_LIB} ${SONAME} libzxcvbn.so test-shlib libzxcvbn.a test-statlib
|
|
|
@ -1,281 +0,0 @@
|
||||||
/**********************************************************************************
|
|
||||||
* Program to test the C implementation of the zxcvbn password strength estimator.
|
|
||||||
* Copyright (c) 2015, Tony Evans
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without modification, are
|
|
||||||
* permitted provided that the following conditions are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright notice, this list
|
|
||||||
* of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright notice, this
|
|
||||||
* list of conditions and the following disclaimer in the documentation and/or other
|
|
||||||
* materials provided with the distribution.
|
|
||||||
*
|
|
||||||
* 3. Neither the name of the copyright holder nor the names of its contributors may be
|
|
||||||
* used to endorse or promote products derived from this software without specific
|
|
||||||
* prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
|
|
||||||
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
||||||
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
|
|
||||||
* SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
||||||
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
|
|
||||||
* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
|
|
||||||
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
||||||
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
|
|
||||||
* ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
|
|
||||||
* DAMAGE.
|
|
||||||
*
|
|
||||||
**********************************************************************************/
|
|
||||||
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <string.h>
|
|
||||||
#include <stdlib.h>
|
|
||||||
#include <sys/time.h>
|
|
||||||
#include <zxcvbn.h>
|
|
||||||
|
|
||||||
const char *UsrDict[] =
|
|
||||||
{
|
|
||||||
"Onename.Twoname@example.com", "Onename", "Twoname", "example.com", "example",
|
|
||||||
0
|
|
||||||
};
|
|
||||||
|
|
||||||
static void CalcPass(const char *Pwd, int Quiet)
|
|
||||||
{
|
|
||||||
double e;
|
|
||||||
if (!Quiet)
|
|
||||||
{
|
|
||||||
/* Output the details of how the entropy figure was calculated */
|
|
||||||
int Len, ChkLen;
|
|
||||||
struct timeval t1, t2;
|
|
||||||
ZxcMatch_t *Info, *p;
|
|
||||||
double m = 0.0;
|
|
||||||
|
|
||||||
gettimeofday(&t1, 0);
|
|
||||||
e = ZxcvbnMatch(Pwd, UsrDict, &Info);
|
|
||||||
gettimeofday(&t2, 0);
|
|
||||||
for(p = Info; p; p = p->Next)
|
|
||||||
m += p->Entrpy;
|
|
||||||
|
|
||||||
Len = strlen(Pwd);
|
|
||||||
m = e - m;
|
|
||||||
printf("Pass %s \tLength %d\tEntropy bits=%.3f log10=%.3f\tMulti-word extra bits=%.1f\n", Pwd, Len, e, e * 0.301029996, m);
|
|
||||||
p = Info;
|
|
||||||
ChkLen = 0;
|
|
||||||
while(p)
|
|
||||||
{
|
|
||||||
int n;
|
|
||||||
switch((int)p->Type)
|
|
||||||
{
|
|
||||||
case BRUTE_MATCH: printf(" Type: Bruteforce "); break;
|
|
||||||
case DICTIONARY_MATCH: printf(" Type: Dictionary "); break;
|
|
||||||
case DICT_LEET_MATCH: printf(" Type: Dict+Leet "); break;
|
|
||||||
case USER_MATCH: printf(" Type: User Words "); break;
|
|
||||||
case USER_LEET_MATCH: printf(" Type: User+Leet "); break;
|
|
||||||
case REPEATS_MATCH: printf(" Type: Repeated "); break;
|
|
||||||
case SEQUENCE_MATCH: printf(" Type: Sequence "); break;
|
|
||||||
case SPATIAL_MATCH: printf(" Type: Spatial "); break;
|
|
||||||
case DATE_MATCH: printf(" Type: Date "); break;
|
|
||||||
case BRUTE_MATCH+MULTIPLE_MATCH: printf(" Type: Bruteforce(Rep)"); break;
|
|
||||||
case DICTIONARY_MATCH+MULTIPLE_MATCH: printf(" Type: Dictionary(Rep)"); break;
|
|
||||||
case DICT_LEET_MATCH+MULTIPLE_MATCH: printf(" Type: Dict+Leet(Rep) "); break;
|
|
||||||
case USER_MATCH+MULTIPLE_MATCH: printf(" Type: User Words(Rep)"); break;
|
|
||||||
case USER_LEET_MATCH+MULTIPLE_MATCH: printf(" Type: User+Leet(Rep) "); break;
|
|
||||||
case REPEATS_MATCH+MULTIPLE_MATCH: printf(" Type: Repeated(Rep) "); break;
|
|
||||||
case SEQUENCE_MATCH+MULTIPLE_MATCH: printf(" Type: Sequence(Rep) "); break;
|
|
||||||
case SPATIAL_MATCH+MULTIPLE_MATCH: printf(" Type: Spatial(Rep) "); break;
|
|
||||||
case DATE_MATCH+MULTIPLE_MATCH: printf(" Type: Date(Rep) "); break;
|
|
||||||
|
|
||||||
default: printf(" Type: Unknown%d ", p->Type); break;
|
|
||||||
}
|
|
||||||
ChkLen += p->Length;
|
|
||||||
printf(" Length %d Entropy %6.3f (%.2f) ", p->Length, p->Entrpy, p->Entrpy * 0.301029996);
|
|
||||||
for(n = 0; n < p->Length; ++n, ++Pwd)
|
|
||||||
printf("%c", *Pwd);
|
|
||||||
printf("\n");
|
|
||||||
p = p->Next;
|
|
||||||
}
|
|
||||||
ZxcvbnFreeInfo(Info);
|
|
||||||
t2.tv_sec -= t1.tv_sec;
|
|
||||||
t2.tv_usec -= t1.tv_usec;
|
|
||||||
t2.tv_usec += t2.tv_sec * 1000000;
|
|
||||||
printf(" Calculation Time %.2fms\n", t2.tv_usec/1000.0);
|
|
||||||
if (ChkLen != Len)
|
|
||||||
printf("*** Password length (%d) != sum of length of parts (%d) ***\n", Len, ChkLen);
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
/* Only get the final entropy figure */
|
|
||||||
e = ZxcvbnMatch(Pwd, UsrDict, 0);
|
|
||||||
printf("Pass %s \tEntropy %.3f\n", Pwd, e);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
int DoChecks(char *file)
|
|
||||||
{
|
|
||||||
char Line[500];
|
|
||||||
int y = 0;
|
|
||||||
int w = 0;
|
|
||||||
int r = 0;
|
|
||||||
FILE *f = fopen(file, "r");
|
|
||||||
if (f == NULL)
|
|
||||||
{
|
|
||||||
printf("Failed to open %s\n", file);
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
memset(Line, 0, sizeof Line);
|
|
||||||
while(fgets(Line, sizeof Line - 4, f))
|
|
||||||
{
|
|
||||||
/* Line is password + whitespace + expected entropy */
|
|
||||||
char *Pwd, *s, *t;
|
|
||||||
double Ent, e, x;
|
|
||||||
unsigned int i;
|
|
||||||
++y;
|
|
||||||
for(i = 0; i < sizeof Line - 5; ++i)
|
|
||||||
{
|
|
||||||
if (!Line[i] || (Line[i] == '\n'))
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
/* Skip blank lines or those starting with # */
|
|
||||||
if ((i < 3) || (Line[0] == '#'))
|
|
||||||
continue;
|
|
||||||
memset(Line + i, 0, 4);
|
|
||||||
Pwd = Line;
|
|
||||||
/* Skip leading whitespace */
|
|
||||||
while(*Pwd && (*Pwd <= ' '))
|
|
||||||
++Pwd;
|
|
||||||
|
|
||||||
/* Make password null termnated */
|
|
||||||
s = Pwd;
|
|
||||||
t = strchr(s, '\t');
|
|
||||||
if (t == NULL)
|
|
||||||
t = strstr(s, " ");
|
|
||||||
if (t == NULL)
|
|
||||||
{
|
|
||||||
printf("Bad test condition on line %d\n", y);
|
|
||||||
r = 1;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
*t++ = 0;
|
|
||||||
|
|
||||||
/* Skip whitespace before entropy value */
|
|
||||||
while(*t && (*t <= ' '))
|
|
||||||
++t;
|
|
||||||
if (!*t)
|
|
||||||
{
|
|
||||||
printf("Bad test condition on line %d\n", y);
|
|
||||||
r = 1;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
Ent = atof(t);
|
|
||||||
if ((Ent < 0.0) || (Ent > 1000.0))
|
|
||||||
{
|
|
||||||
printf("Bad entropy value on line %d\n", y);
|
|
||||||
r = 1;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
e = ZxcvbnMatch(Pwd, UsrDict, 0);
|
|
||||||
x = e / Ent;
|
|
||||||
/* More than 1% difference is a fail. */
|
|
||||||
if ((x > 1.01) || (x < 1.0/1.01))
|
|
||||||
{
|
|
||||||
printf("Line %2d Calculated entropy %5.2f, expected %5.2f <%s>\n", y, e, Ent, Pwd);
|
|
||||||
r = 1;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
++w;
|
|
||||||
}
|
|
||||||
fclose(f);
|
|
||||||
if (!r)
|
|
||||||
printf("Tested %d words\n", w);
|
|
||||||
return r;
|
|
||||||
}
|
|
||||||
|
|
||||||
int main(int argc, char **argv)
|
|
||||||
{
|
|
||||||
int i, Quiet, Checks, White;
|
|
||||||
Quiet = 0;
|
|
||||||
Checks = 0;
|
|
||||||
White = 0;
|
|
||||||
if (!ZxcvbnInit("zxcvbn.dict"))
|
|
||||||
{
|
|
||||||
printf("Failed to open dictionary file\n");
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
if ((argc > 1) && (argv[1][0] == '-'))
|
|
||||||
{
|
|
||||||
if (!strcmp(argv[1], "-qs") || !strcmp(argv[1], "-sq"))
|
|
||||||
Quiet = White = 1;
|
|
||||||
if (!strcmp(argv[1], "-t"))
|
|
||||||
Checks = 1;
|
|
||||||
if (!strcmp(argv[1], "-q"))
|
|
||||||
Quiet = 1;
|
|
||||||
if (!strcmp(argv[1], "-s"))
|
|
||||||
White = 1;
|
|
||||||
if ((Checks + Quiet + White) == 0)
|
|
||||||
{
|
|
||||||
char *s = strrchr(argv[0], '/');
|
|
||||||
if (s == NULL)
|
|
||||||
s = argv[0];
|
|
||||||
else
|
|
||||||
++s;
|
|
||||||
printf( "Usage: %s [ -q | -qs ] [ pwd1 pwd2 ... ]\n"
|
|
||||||
" Output entropy of given passwords. If no passwords on command line read\n"
|
|
||||||
" them from stdin.\n"
|
|
||||||
" -q option stops password analysis details from being output.\n"
|
|
||||||
" -s Ignore anything from space on a line when reading from stdin.\n"
|
|
||||||
" %s -t file\n"
|
|
||||||
" Read the file and check for correct results.\n", s, s);
|
|
||||||
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (Checks)
|
|
||||||
{
|
|
||||||
for(i = 2; i < argc; ++i)
|
|
||||||
{
|
|
||||||
Checks = DoChecks(argv[i]);
|
|
||||||
if (Checks)
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
i = 1+Quiet;
|
|
||||||
if (i >= argc)
|
|
||||||
{
|
|
||||||
/* No test passwords on command line, so get them from stdin */
|
|
||||||
char Line[500];
|
|
||||||
while(fgets(Line, sizeof Line, stdin))
|
|
||||||
{
|
|
||||||
/* Drop the trailing newline character */
|
|
||||||
for(i = 0; i < (int)(sizeof Line - 1); ++i)
|
|
||||||
{
|
|
||||||
if (Line[i] < ' ')
|
|
||||||
{
|
|
||||||
Line[i] = 0;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
if (White && (Line[i] == ' '))
|
|
||||||
{
|
|
||||||
Line[i] = 0;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (Line[0])
|
|
||||||
CalcPass(Line, Quiet);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
/* Do the test passwords on the command line */
|
|
||||||
for(; i < argc; ++i)
|
|
||||||
{
|
|
||||||
CalcPass(argv[i], Quiet);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
ZxcvbnUnInit();
|
|
||||||
return 0;
|
|
||||||
}
|
|
|
@ -1,62 +0,0 @@
|
||||||
zxcvbn 5.83
|
|
||||||
qwER43@! 26.44
|
|
||||||
Tr0ub4dour&3 30.87
|
|
||||||
archi 13.61
|
|
||||||
|
|
||||||
D0g.................. 19.02
|
|
||||||
abcdefghijk987654321 8.53
|
|
||||||
neverforget13/3/1997 34.86
|
|
||||||
1qaz2wsx3edc 9.98
|
|
||||||
barbarbara 12.43
|
|
||||||
abarbarbara 16.18
|
|
||||||
|
|
||||||
temppass22 17.20
|
|
||||||
briansmith 5.32
|
|
||||||
htimsnairb 6.07
|
|
||||||
briansmith4mayor 21.63
|
|
||||||
password1 4.0
|
|
||||||
viking 7.93
|
|
||||||
thx1138 7.70
|
|
||||||
ScoRpi0ns 19.54
|
|
||||||
do you know 25.51
|
|
||||||
|
|
||||||
ryanhunter2000 20.8
|
|
||||||
rianhunter2000 28.25
|
|
||||||
|
|
||||||
asdfghju7654rewq 29.57
|
|
||||||
AOEUIDHG&*()LS_ 33.33
|
|
||||||
|
|
||||||
12345678 1.59
|
|
||||||
defghi6789 13.61
|
|
||||||
02468 3.32
|
|
||||||
adgjmpsvy 4.17
|
|
||||||
|
|
||||||
rosebud 8.09
|
|
||||||
Rosebud 9.09
|
|
||||||
ROSEBUD 9.09
|
|
||||||
rosebuD 9.09
|
|
||||||
R0$38uD 12.09
|
|
||||||
ros3bud99 14.41
|
|
||||||
r0s3bud99 14.41
|
|
||||||
R0$38uD99 17.41
|
|
||||||
|
|
||||||
verlineVANDERMARK 27.24
|
|
||||||
|
|
||||||
eheuczkqyq 41.24
|
|
||||||
rWibMFACxAUGZmxhVncy 111.0
|
|
||||||
|
|
||||||
illness 11.26
|
|
||||||
1llness 12.26
|
|
||||||
i1lness 12.84
|
|
||||||
11lness 22.44
|
|
||||||
ssenl1i 12.84
|
|
||||||
Ba9ZyWABu99[BK#6MBgbH88Tofv)vs$w 171.63
|
|
||||||
correcthorsebatterystaple 47.98
|
|
||||||
elpatsyrettabesrohtcerroc 48.98
|
|
||||||
coRrecth0rseba++ery9.23.2007staple$ 71.95
|
|
||||||
|
|
||||||
pass.word.pass.word.pass.word. 60.41
|
|
||||||
passpasswordword 17.28
|
|
||||||
quvpzquvpz 24.50
|
|
||||||
|
|
||||||
magicfavoriteunclepromisedpublicbotherislandjimseriouslycellleadknowingbrokenadvicesomehowpaidblairlosingpushhelpedkillingusuallyearlierbosslaurabeginninglikedinnocentdocruleselizabethsabrinasummerexcoplearnedthirtyrisklettingphillipspeakingofficerridiculoussupportafternoonericwithsobutallwellareheohaboutrightyou're 545.9
|
|
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
Loading…
Reference in a new issue