Google Git
Sign in
chromium / chromium / src / 34abaad72e48648518e276a68ba546804dd6ff6a / . / components / autofill / core / browser / password_generator_fips181.cc
blob: 3226576ea9b50da914f6dd926905c9363cbd3c0e [file] [log] [blame]
// Copyright 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "components/autofill/core/browser/password_generator_fips181.h"
#include <stddef.h>
#include <algorithm>
#include <vector>
#include "base/rand_util.h"
#include "base/strings/string_util.h"
#include "third_party/fips181/fips181.h"
namespace {
const int kMinUpper = 65; // First upper case letter 'A'
const int kMaxUpper = 90; // Last upper case letter 'Z'
const int kMinLower = 97; // First lower case letter 'a'
const int kMaxLower = 122; // Last lower case letter 'z'
const int kMinDigit = 48; // First digit '0'
const int kMaxDigit = 57; // Last digit '9'
const int kMinPasswordLength = 4;
const int kMaxPasswordLength = 15;
// A helper function to get the length of the generated password from
// |max_length| retrieved from input password field.
int GetLengthFromHint(int max_length, int default_length) {
if (max_length >= kMinPasswordLength && max_length <= kMaxPasswordLength)
return max_length;
return default_length;
}
// We want the password to have uppercase, lowercase, and at least one number.
bool VerifyPassword(const std::string& password) {
int num_lower_case = 0;
int num_upper_case = 0;
int num_digits = 0;
for (size_t i = 0; i < password.size(); ++i) {
if (password[i] >= kMinUpper && password[i] <= kMaxUpper)
++num_upper_case;
if (password[i] >= kMinLower && password[i] <= kMaxLower)
++num_lower_case;
if (password[i] >= kMinDigit && password[i] <= kMaxDigit)
++num_digits;
}
return num_lower_case && num_upper_case && num_digits;
}
// Password generation function for unit testing, default to nullptr.
// If not null, ForceFixPassword() will also always use |kMinDigit| as the digit
// replacement, instead of choosing randomly.
int (*g_test_override_generator)(char* word,
char* hypenated_word,
unsigned short minlen,
unsigned short maxlen,
unsigned int pass_mode) = nullptr;
} // namespace
namespace autofill {
const int PasswordGeneratorFips181::kDefaultPasswordLength = 15;
void ForceFixPassword(std::string* password) {
for (char& it : *password) {
if (islower(it)) {
it = base::ToUpperASCII(it);
break;
}
}
for (std::string::reverse_iterator iter = password->rbegin();
iter != password->rend(); ++iter) {
if (islower(*iter)) {
// Tests will use |PasswordGeneratorFips181::SetGeneratorForTest| to put a
// non-random generator in |g_test_override_generator|. To eliminate the
// other source of randomness, always fix the chosen digit to |kMinDigit|
// in such case.
*iter = g_test_override_generator == nullptr
? base::RandInt(kMinDigit, kMaxDigit)
: kMinDigit;
break;
}
}
}
PasswordGeneratorFips181::PasswordGeneratorFips181(int max_length)
: password_length_(GetLengthFromHint(max_length, kDefaultPasswordLength)) {}
PasswordGeneratorFips181::~PasswordGeneratorFips181() {}
void PasswordGeneratorFips181::SetGeneratorForTest(
int (*generator)(char* word,
char* hypenated_word,
unsigned short minlen,
unsigned short maxlen,
unsigned int pass_mode)) {
g_test_override_generator = generator;
}
std::string PasswordGeneratorFips181::Generate() const {
char password[255];
char unused_hypenated_password[255];
// Generate passwords that have numbers and upper and lower case letters.
// No special characters included for now.
unsigned int mode = S_NB | S_CL | S_SL;
// Generate the password and fix afterwards if needed.
auto generator =
g_test_override_generator ? g_test_override_generator : gen_pron_pass;
generator(password, unused_hypenated_password, password_length_,
password_length_, mode);
std::string str_password(password);
if (VerifyPassword(str_password))
return str_password;
ForceFixPassword(&str_password);
return str_password;
}
} // namespace autofill