1
0
Fork 0
mirror of https://github.com/Luzifer/password.git synced 2024-11-09 01:40:04 +00:00

Fix: Blacklisted characters were not excluded from passwords

This commit is contained in:
Knut Ahlers 2015-05-10 19:05:34 +02:00
parent 715f6244f2
commit 86571c7758
2 changed files with 27 additions and 2 deletions

View file

@ -69,9 +69,14 @@ func (s *SecurePassword) GeneratePassword(length int, special bool) (string, err
password := "" password := ""
rand.Seed(time.Now().UnixNano()) rand.Seed(time.Now().UnixNano())
for { for {
char := string(characterTable[rand.Intn(len(characterTable))])
if strings.Contains(strings.Join(s.badCharacters, ""), char) {
continue
}
password = fmt.Sprintf("%s%s", password = fmt.Sprintf("%s%s",
password, password,
string(characterTable[rand.Intn(len(characterTable))]), char,
) )
if len(password) == length { if len(password) == length {
if s.CheckPasswordSecurity(password, special) { if s.CheckPasswordSecurity(password, special) {

View file

@ -1,6 +1,9 @@
package securepassword package securepassword
import "testing" import (
"strings"
"testing"
)
func TestInsecurePasswords(t *testing.T) { func TestInsecurePasswords(t *testing.T) {
passwords := map[string]string{ passwords := map[string]string{
@ -119,6 +122,23 @@ func TestImpossiblePasswords(t *testing.T) {
} }
} }
func TestBadCharacters(t *testing.T) {
badCharacters := []string{"I", "l", "0", "O", "B", "8"}
for i := 0; i < 500; i++ {
pwd, err := NewSecurePassword().GeneratePassword(20, false)
if err != nil {
t.Errorf("An error occured: %s", err)
}
for _, char := range badCharacters {
if strings.Contains(pwd, char) {
t.Errorf("Password '%s' contained blacklisted character: '%s'", pwd, char)
return
}
}
}
}
func BenchmarkGeneratePasswords8Char(b *testing.B) { func BenchmarkGeneratePasswords8Char(b *testing.B) {
pwd := NewSecurePassword() pwd := NewSecurePassword()
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {