mirror of
https://github.com/Luzifer/password.git
synced 2024-12-20 04:41:17 +00:00
Fix: Blacklisted characters were not excluded from passwords
This commit is contained in:
parent
715f6244f2
commit
86571c7758
2 changed files with 27 additions and 2 deletions
|
@ -69,9 +69,14 @@ func (s *SecurePassword) GeneratePassword(length int, special bool) (string, err
|
|||
password := ""
|
||||
rand.Seed(time.Now().UnixNano())
|
||||
for {
|
||||
char := string(characterTable[rand.Intn(len(characterTable))])
|
||||
if strings.Contains(strings.Join(s.badCharacters, ""), char) {
|
||||
continue
|
||||
}
|
||||
|
||||
password = fmt.Sprintf("%s%s",
|
||||
password,
|
||||
string(characterTable[rand.Intn(len(characterTable))]),
|
||||
char,
|
||||
)
|
||||
if len(password) == length {
|
||||
if s.CheckPasswordSecurity(password, special) {
|
||||
|
|
|
@ -1,6 +1,9 @@
|
|||
package securepassword
|
||||
|
||||
import "testing"
|
||||
import (
|
||||
"strings"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestInsecurePasswords(t *testing.T) {
|
||||
passwords := map[string]string{
|
||||
|
@ -119,6 +122,23 @@ func TestImpossiblePasswords(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func TestBadCharacters(t *testing.T) {
|
||||
badCharacters := []string{"I", "l", "0", "O", "B", "8"}
|
||||
|
||||
for i := 0; i < 500; i++ {
|
||||
pwd, err := NewSecurePassword().GeneratePassword(20, false)
|
||||
if err != nil {
|
||||
t.Errorf("An error occured: %s", err)
|
||||
}
|
||||
for _, char := range badCharacters {
|
||||
if strings.Contains(pwd, char) {
|
||||
t.Errorf("Password '%s' contained blacklisted character: '%s'", pwd, char)
|
||||
return
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func BenchmarkGeneratePasswords8Char(b *testing.B) {
|
||||
pwd := NewSecurePassword()
|
||||
for i := 0; i < b.N; i++ {
|
||||
|
|
Loading…
Reference in a new issue