xchange-passgen 1.0.1.a

data/lib/passgen/strength_analyzer.rb

@@ -0,0 +1,282 @@
+module Passgen
+  class StrengthAnalyzer
+    MIN_LENGTH = 8
+    attr_reader :password, :score, :complexity, :errors
+    
+    def initialize(pw)
+      @password = pw
+      @score = 0
+      @complexity = "Invalid"
+      @errors = []
+    end
+    
+    def self.analyze(pw)
+      sa = StrengthAnalyzer.new(pw)
+      sa.analyze
+      sa
+    end
+    
+    def analyze
+      return self unless check_minimum_requirements
+      
+      nScore = 0
+      nLength = 0
+      nAlphaUC = 0
+      nAlphaLC = 0
+      nNumber = 0
+      nSymbol = 0
+      nMidChar = 0
+      nRequirements = 0
+      nAlphasOnly = 0
+      nNumbersOnly = 0
+      nUnqChar = 0
+      nRepChar = 0
+      nRepInc = 0
+      nConsecAlphaUC = 0
+      nConsecAlphaLC = 0
+      nConsecNumber = 0
+      nConsecSymbol = 0
+      nConsecCharType = 0
+      nSeqAlpha = 0
+      nSeqNumber = 0
+      nSeqSymbol = 0
+      nSeqChar = 0
+      nReqChar = 0
+      nMultConsecCharType = 0
+      nMultRepChar = 1
+      nMultConsecSymbol = 1
+      nMultMidChar = 2
+      nMultRequirements = 2
+      nMultConsecAlphaUC = 2
+      nMultConsecAlphaLC = 2
+      nMultConsecNumber = 2
+      nReqCharType = 3
+      nMultAlphaUC = 3
+      nMultAlphaLC = 3
+      nMultSeqAlpha = 3
+      nMultSeqNumber = 3
+      nMultSeqSymbol = 3
+      nMultLength = 4
+      nMultNumber = 4
+      nMultSymbol = 6
+      nTmpAlphaUC = ""
+      nTmpAlphaLC = ""
+      nTmpNumber = ""
+      nTmpSymbol = ""
+      sAlphas = 'abcdefghijklmnopqrstuvwxyz'
+      sNumerics = '01234567890'
+      sSymbols  = '!@#$%&/()+?*'
+      sComplexity = 'Invalid'
+      sStandards = 'Below'
+      nMinPwdLen = MIN_LENGTH
+      
+      nScore = @password.length * nMultLength
+      nLength = @password.length
+      arrPwd = @password.gsub(/\s+/, "").split(/\s*/)
+      arrPwdLen = arrPwd.length
+      
+      # Loop through password to check for Symbol, Numeric, Lowercase and Uppercase pattern matches
+      arrPwdLen.times do |a|
+        if /[A-Z]/.match(arrPwd[a])
+          if (nTmpAlphaUC != "")
+            if (nTmpAlphaUC + 1) == a
+              nConsecAlphaUC += 1
+              nConsecCharType += 1
+            end
+          end
+          nTmpAlphaUC = a
+          nAlphaUC += 1
+        elsif /[a-z]/.match(arrPwd[a])
+          if nTmpAlphaLC != ""
+            if (nTmpAlphaLC + 1) == a
+              nConsecAlphaLC += 1
+              nConsecCharType += 1
+            end
+          end
+          nTmpAlphaLC = a
+          nAlphaLC += 1
+        elsif /[0-9]/.match(arrPwd[a])
+          if (a > 0 && a < (arrPwdLen - 1))
+            nMidChar += 1
+          end
+          if nTmpNumber != ""
+            if ((nTmpNumber + 1) == a)
+              nConsecNumber += 1
+              nConsecCharType += 1
+            end
+          end
+          nTmpNumber = a
+          nNumber += 1
+        elsif /[^a-zA-Z0-9_]/.match(arrPwd[a]) 
+          if a > 0 && a < (arrPwdLen - 1)
+            nMidChar += 1
+          end
+          if nTmpSymbol != ""
+            if (nTmpSymbol + 1) == a
+              nConsecSymbol += 1
+              nConsecCharType += 1
+            end
+          end
+          nTmpSymbol = a;
+          nSymbol += 1;
+        end
+        
+        # Internal loop through password to check for repeat characters
+        bCharExists = false
+        arrPwdLen.times do |b|
+          if arrPwd[a] == arrPwd[b] && a != b # repeat character exists
+            bCharExists = true
+            # Calculate increment deduction based on proximity to identical characters
+            # Deduction is incremented each time a new match is discovered
+            # Deduction amount is based on total password length divided by the
+            # difference of distance between currently selected match
+            nRepInc += (arrPwdLen/(b-a)).abs
+          end
+        end
+        if bCharExists 
+          nRepChar += 1 
+          nUnqChar = arrPwdLen - nRepChar;
+          nRepInc = (nUnqChar > 0) ? (nRepInc/nUnqChar).ceil : nRepInc.ceil
+        end
+      end
+      
+      # Check for sequential alpha string patterns (forward and reverse)
+      (sAlphas.size - 3).times do |s|
+        sFwd = sAlphas[s...s+3]
+        sRev = sFwd.reverse
+        if @password.downcase.index(sFwd) || @password.downcase.index(sRev)
+          nSeqAlpha += 1
+          nSeqChar += 1
+        end
+      end
+      
+      # Check for sequential numeric string patterns (forward and reverse)
+      (sNumerics.size - 3).times do |s|
+        sFwd = sNumerics[s...s+3]
+        sRev = sFwd.reverse
+        if @password.downcase.index(sFwd) || @password.downcase.index(sRev)
+          nSeqNumber += 1
+          nSeqChar += 1
+        end
+      end
+      
+      # Check for sequential symbol string patterns (forward and reverse)
+      (sSymbols.size - 3).times do |s|
+        sFwd = sSymbols[s...s+3]
+        sRev = sFwd.reverse
+        if @password.downcase.index(sFwd) || @password.downcase.index(sRev)
+          nSeqSymbol += 1
+          nSeqChar += 1
+        end
+      end
+      
+      # Modify overall score value based on usage vs requirements
+      if nAlphaUC > 0 && nAlphaUC < nLength
+        nScore += (nLength - nAlphaUC) * 2
+      end
+
+      if nAlphaLC > 0 && nAlphaLC < nLength 
+        nScore += (nLength - nAlphaLC) * 2
+      end
+
+      if (nNumber > 0 && nNumber < nLength)
+        nScore += nNumber * nMultNumber
+      end
+
+      if nSymbol > 0  
+        nScore += nSymbol * nMultSymbol
+      end
+
+      if nMidChar > 0
+        nScore += nMidChar * nMultMidChar
+      end
+      
+      # Point deductions for poor practices
+      if (nAlphaLC > 0 || nAlphaUC > 0) && nSymbol == 0 && nNumber == 0 # Only Letters
+        nScore -= nLength
+        nAlphasOnly = nLength
+      end
+
+      if nAlphaLC === 0 && nAlphaUC === 0 && nSymbol === 0 && nNumber > 0 # Only Numbers
+        nScore -= nLength
+        nNumbersOnly = nLength
+      end
+
+      if nRepChar > 0 # Same character exists more than once
+        nScore -= nRepInc
+      end
+
+      if nConsecAlphaUC > 0 # Consecutive Uppercase Letters exist
+        nScore -= nConsecAlphaUC * nMultConsecAlphaUC
+      end
+
+      if nConsecAlphaLC > 0 # Consecutive Lowercase Letters exist
+        nScore -= nConsecAlphaLC * nMultConsecAlphaLC
+      end
+
+      if nConsecNumber > 0 # Consecutive Numbers exist
+        nScore -= nConsecNumber * nMultConsecNumber
+      end
+
+      if nSeqAlpha > 0 # Sequential alpha strings exist (3 characters or more)
+        nScore -= nSeqAlpha * nMultSeqAlpha
+      end
+
+      if nSeqNumber > 0 # Sequential numeric strings exist (3 character or more)
+        nScore -= nSeqNumber * nMultSeqNumber
+      end
+
+      if nSeqSymbol > 0 # Sequential symbol strings exist (3 character or more)
+        nScore -= nSeqSymbol * nMultSeqSymbol
+      end
+
+      # Determine if mandatory requirements have been met and set image indicators accordingly
+      arrChars = [nLength, nAlphaUC, nAlphaLC, nNumber, nSymbol]
+      arrCharsIds = ["nLength", "nAlphaUC", "nAlphaLC", "nNumber", "nSymbol"]
+      arrCharsLen = arrChars.length;
+      arrCharsLen.times do |c|
+        minVal = arrCharsIds[c] == "nLength" ? MIN_LENGTH - 1 : 0
+        if arrChars[c] == (minVal + 1)
+          nReqChar += 1
+        elsif arrChars[c] > (minVal + 1)
+          nReqChar += 1
+        end
+      end
+      nRequirements = nReqChar
+      nMinReqChars = @password.length >= nMinPwdLen ? 3 : 4
+      if nRequirements > nMinReqChars # One or more required characters exist
+        nScore += (nRequirements * 2) 
+      end
+  
+      # Determine complexity based on overall score
+      if (nScore > 100)
+        nScore = 100
+      elsif (nScore < 0)
+        nScore = 0
+      end
+      @complexity = case nScore
+      when 0...20
+        "Trivial"
+      when 20...40
+        "Weak"
+      when 40...60
+        "Good"
+      when 60...80
+        "Strong"
+      else
+        "Very Strong"
+      end
+      
+      @score = nScore
+    end
+    
+    private
+    def check_minimum_requirements
+      if @password.length < MIN_LENGTH
+        @errors << "Password must be at least #{MIN_LENGTH} characters long"
+        return false
+      end
+      true
+    end
+  end
+end

data/lib/passgen.rb

@@ -0,0 +1,328 @@
+#= Passgen
+#
+#Ruby gem for generating passwords quickly and easily. Although it is
+#suitable for use within Rails it has no Rails dependencies and can be used in
+#non-Rails applications as well.
+#
+#== Install
+#
+#  gem install cryptice-passgen --source http://gems.github.com
+#
+#== Usage
+#
+#The usage could not be easier. Just require and call the generate method:
+#
+#  >> require 'rubygems'
+#  >> require 'passgen'
+#  >> Passgen::generate
+#  => "zLWCeS3xC9"
+#
+#== Examples
+#
+#  >> Passgen::generate
+#  => "zLWCeS3xC9"
+#
+#  >> Passgen::generate(:length => 20)
+#  => "6lCcHvkuEW6OuzAtkoAs"
+#
+#  >> Passgen::generate(:symbols => true)
+#  => "gr)$6bIym1"
+#
+#  >> Passgen::generate(:lowercase => :only)
+#  => "ysbwuxbcea"
+#
+#  >> Passgen::generate(:number => 3)
+#  => ["REdOigTkdI", "PQu8DsV9WZ", "qptKLbw8YQ"]
+#
+#  >> Passgen::generate(:seed => 5)
+#  => "JoV9M2qjiK"
+#  >> Passgen::generate(:seed => 5) # Will generate same password again
+#  => "JoV9M2qjiK"
+#
+#  >> Passgen::generate(:seed => :default) # Will set random seed...
+#  => "SI8QDBdV98"
+#  >> Passgen::generate(:seed => :default) # and hence give different password
+#  => "tHHU5HLBAn"
+#
+#== Options:
+#
+#=== :lowercase => true/false/:only
+#* true - Use lowercase letters in the generated password.
+#* false - Do not use lowercase letters in the generated password.
+#* :only - Only use lowercase letters in the generated password.
+#
+#=== :uppercase => true/false/:only
+#* true - Use uppercase letters in the generated password.
+#* false - Do not use uppercase letters in the generated password.
+#* :only - Only use uppercase letters in the generated password.
+#
+#=== :digits => true/false/:only
+#* true - Use digits in the generated password.
+#* false - Do not use digits in the generated password.
+#* :only - Only use digits in the generated password.
+#
+#=== :symbols => true/false/:only/:list
+#* true - Use symbols in the generated password.
+#* false - Do not use symbols in the generated password.
+#* :only - Only use symbols in the generated password.
+#* :list - A string with the symbols to use. Not implemented yet.
+#
+#=== :pronounceable => true/false
+#Not implmented yet.
+#
+#=== :number => integer
+#Number of passwords to generate. If >1 the result is an Array.
+#
+#=== :length => integer/range
+#The number of characters in the generated passwords. A range results in passwords
+#lengths within the given range.
+#
+#=== :seed => integer/:default
+#Set the srand seed to the given integer prior to generating the passwords.
+#
+#=== Default values:
+#
+#:lowercase => true
+#
+#:uppercase => true
+#
+#:digits => true
+#
+#:symbols => false
+#
+#:pronounceable => Not implemented yet.
+#
+#:number => 1
+#
+#:length => 10
+#
+#:seed => nil
+#
+#== Copyright and license
+#
+#Copyright (c) 2009 Erik Lindblad
+#
+#Permission is hereby granted, free of charge, to any person obtaining
+#a copy of this software and associated documentation files (the
+#"Software"), to deal in the Software without restriction, including
+#without limitation the rights to use, copy, modify, merge, publish,
+#distribute, sublicense, and/or sell copies of the Software, and to
+#permit persons to whom the Software is furnished to do so, subject to
+#the following conditions:
+#
+#The above copyright notice and this permission notice shall be
+#included in all copies or substantial portions of the Software.
+#
+#THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+#EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+#MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+#NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+#LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+#OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+#WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+require 'digest'
+require 'passgen/probabilities'
+require 'passgen/strength_analyzer'
+
+module Passgen
+
+  VERSION = "1.0.0"
+  
+  DEFAULT_PARAMS = {
+    :number => 1,
+    :length => 10,
+    :lowercase => true,
+    :uppercase => true,
+    :digits => true,
+    :symbols => false,
+    :pronounceable => false
+  }
+
+  def self.default_seed
+    Digest::MD5.hexdigest("#{rand}#{Time.now}#{Process.object_id}").to_i(16)
+  end
+
+  def self.generate(params={})
+    set_options(params)
+    tokens = valid_tokens
+    set_seed
+
+    if n == 1
+      generate_one(tokens)
+    else
+      Array.new(n) {|i| generate_one(tokens) }
+    end
+  end
+
+  def self.analyze(pw)
+    Passgen::StrengthAnalyzer.analyze(pw)
+  end
+  
+  private
+  def self.alphabet(index)
+    if use_lowercase? && !use_uppercase?
+      LOWERCASE_TOKENS[index]
+    elsif use_uppercase? && !use_lowercase?
+      UPPERCASE_TOKENS[index]
+    else
+      tmp = LOWERCASE_TOKENS[index]
+      tmp.upcase! if rand > 0.5
+      tmp
+    end
+  end
+  
+  def self.generate_one(tokens)
+    if @options[:pronounceable]
+      generate_pronounceable
+    else
+      Array.new(password_length) {tokens[rand(tokens.size)]}.join
+    end
+  end
+
+  def self.generate_pronounceable
+    password = ""
+
+    # Append digits in front
+    digits_prefix = if @options[:digits_before]
+      @options[:length] -= @options[:digits_before]
+      Array.new(@options[:digits_before]) {DIGIT_TOKENS[rand(DIGIT_TOKENS.size)]}.join
+    else
+      ""
+    end
+
+    # Append digits at the end
+    digits_suffix = if @options[:digits_after]
+      @options[:length] -= @options[:digits_after]
+      Array.new(@options[:digits_after]) {DIGIT_TOKENS[rand(DIGIT_TOKENS.size)]}.join
+    else
+      ""
+    end
+
+    # Find a random starting point.
+    found_start = false
+    ranno = rand * SIGMA # random number [0,1[ weighed by sum of frequencies
+    sum = 0;
+    N_LETTERS.times do |c1|
+      N_LETTERS.times do |c2|
+        N_LETTERS.times do |c3|
+          sum += P[c1][c2][c3]
+          if sum > ranno
+            password << alphabet(c1)
+            password << alphabet(c2)
+            password << alphabet(c3)
+            found_start = true
+            break
+          end
+        end
+        break if found_start
+      end
+      break if found_start
+    end
+
+    # Do a random walk.
+    (3...@options[:length]).each do |nchar|
+      c1 = LETTER_INDEXES[password[nchar-2..nchar-2]]
+      c2 = LETTER_INDEXES[password[nchar-1..nchar-1]]
+      sum = 0
+      N_LETTERS.times {|c3| sum += P[c1][c2][c3]}
+      break if sum == 0
+      ranno = rand * sum
+      sum = 0;
+      N_LETTERS.times do |c3|
+        sum += P[c1][c2][c3]
+        if sum > ranno
+          password << alphabet(c3)
+          break
+        end
+      end
+    end
+    digits_prefix + password + digits_suffix
+  end
+  
+  def self.password_length
+    if @options[:length].is_a?(Range)
+      tmp = @options[:length].to_a
+      tmp[rand(tmp.size)]
+    else
+      @options[:length].to_i
+    end
+  end
+
+  def self.n
+    @options[:number]
+  end
+
+  def self.set_options(params)
+    if params[:lowercase] == :only
+      params[:uppercase] = false
+      params[:digits] = false
+    end
+
+    if params[:uppercase] == :only
+      params[:lowercase] = false
+      params[:digits] = false
+    end
+
+    if params[:digits] == :only
+      params[:lowercase] = false
+      params[:uppercase] = false
+    end
+
+    if params[:symbols] == :only
+      params[:lowercase] = false
+      params[:uppercase] = false
+      params[:digits] = false
+      params[:symbols] = true
+    end
+
+    if params[:digits_before] == true
+      params[:digits_before] = 2
+    end
+
+    if params[:digits_after] == true
+      params[:digits_after] = 2
+    end
+
+    @options = DEFAULT_PARAMS.merge(params)
+  end
+
+  def self.set_seed
+    if @options[:seed]
+      if @options[:seed] == :default
+        srand(default_seed)
+      else
+        srand(@options[:seed])
+      end
+    end
+  end
+
+  def self.symbol_tokens
+    %w{! @ # $ % & / ( ) + ? *}
+  end
+
+  def self.use_lowercase?
+    @options[:lowercase]
+  end
+
+  def self.use_uppercase?
+    @options[:uppercase]
+  end
+
+  def self.use_digits?
+    @options[:digits]
+  end
+
+  def self.use_symbols?
+    @options[:symbols]
+  end
+
+  def self.valid_tokens
+    tmp = []
+    tmp += LOWERCASE_TOKENS if use_lowercase?
+    tmp += UPPERCASE_TOKENS if use_uppercase?
+    tmp += DIGIT_TOKENS if use_digits?
+    tmp += symbol_tokens if use_symbols?
+    tmp
+  end
+end

data/passgen.gemspec

@@ -0,0 +1,30 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{xchange-passgen}
+  s.version = "1.0.1.a"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Erik Lindblad"]
+  s.date = %q{2010-12-16}
+  s.description = %q{A password generation gem for Ruby and Rails applications.}
+  s.email = %q{erik@l2c.se}
+  s.extra_rdoc_files = ["CHANGELOG", "README.rdoc", "lib/passgen.rb", "lib/passgen/probabilities.rb", "lib/passgen/strength_analyzer.rb"]
+  s.files = ["CHANGELOG", "Manifest", "README.rdoc", "Rakefile", "init.rb", "lib/passgen.rb", "lib/passgen/probabilities.rb", "lib/passgen/strength_analyzer.rb", "passgen.gemspec", "spec/passgen/strength_analyzer_spec.rb", "spec/passgen_spec.rb"]
+  s.homepage = %q{http://github.com/cryptice/passgen}
+  s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Passgen", "--main", "README.rdoc"]
+  s.require_paths = ["lib"]
+  s.rubyforge_project = %q{passgen}
+  s.rubygems_version = %q{1.3.7}
+  s.summary = %q{A password generation gem for Ruby and Rails applications.}
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+    else
+    end
+  else
+  end
+end

data/spec/passgen/strength_analyzer_spec.rb

@@ -0,0 +1,75 @@
+require "./lib/passgen"
+
+describe "Using strength analyzer" do
+
+  before do
+    srand(2)
+  end
+
+  it "should return a StrengthAnalyzer instance" do
+    Passgen.analyze("abcdefg").should be_a(Passgen::StrengthAnalyzer)
+  end
+  
+  it "should require minimum of 8 characters" do
+    sa = Passgen.analyze("abcdefg")
+    sa.score.should == 0
+    sa.complexity.should == "Invalid"
+    sa.errors.should == ["Password must be at least 8 characters long"]
+  end
+
+  it "should analyze aaaaaaaa correctly" do
+    sa = Passgen.analyze("aaaaaaaa")
+    sa.score.should == 0
+    sa.complexity.should == "Trivial"
+    sa.errors.should == []
+  end
+
+  it "should analyze aaaaAAAA correctly" do
+    sa = Passgen.analyze("aaaaAAAA")
+    sa.score.should == 0
+    sa.complexity.should == "Trivial"
+    sa.errors.should == []
+  end
+
+  it "should analyze aaaAAA11 correctly" do
+    sa = Passgen.analyze("aaaAAA11")
+    sa.score.should == 35
+    sa.complexity.should == "Weak"
+    sa.errors.should == []
+  end
+
+  it "should analyze aaa1AAA1 correctly" do
+    sa = Passgen.analyze("aaa1AAA1")
+    sa.score.should == 38
+    sa.complexity.should == "Weak"
+    sa.errors.should == []
+  end
+
+  it "should analyze hht14AAA correctly" do
+    sa = Passgen.analyze("hht14AAA")
+    sa.score.should == 57
+    sa.complexity.should == "Good"
+    sa.errors.should == []
+  end
+  
+  it "should analyze hie14KOL correctly" do
+    sa = Passgen.analyze("hie14KOL")
+    sa.score.should == 62
+    sa.complexity.should == "Strong"
+    sa.errors.should == []
+  end
+  
+  it "should analyze hI&14KoL correctly" do
+    sa = Passgen.analyze("hI&14KoL")
+    sa.score.should == 82
+    sa.complexity.should == "Very Strong"
+    sa.errors.should == []
+  end
+
+  it "should analyze hI&1#4KoL correctly" do
+    sa = Passgen.analyze("hI&1#4KoL")
+    sa.score.should == 100
+    sa.complexity.should == "Very Strong"
+    sa.errors.should == []
+  end
+end