zxcvbn-ruby 1.2.0 → 1.4.0

data/lib/zxcvbn/matchers/dictionary.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'zxcvbn/match'
 
 module Zxcvbn
@@ -6,31 +8,64 @@ module Zxcvbn
     # the lowercased password in the dictionary
 
     class Dictionary
-      def initialize(name, ranked_dictionary)
+      def initialize(name, ranked_dictionary, trie = nil)
         @name = name
         @ranked_dictionary = ranked_dictionary
+        @trie = trie
       end
 
       def matches(password)
+        lowercased_password = password.downcase
+
+        if @trie
+          trie_matches(password, lowercased_password)
+        else
+          hash_matches(password, lowercased_password)
+        end
+      end
+
+      private
+
+      def trie_matches(password, lowercased_password)
+        results = []
+
+        (0...password.length).each do |i|
+          @trie.search_prefixes(lowercased_password, i).each do |word, rank, start, ending|
+            results << build_match(word, password.slice(start, ending - start + 1), start, ending, rank)
+          end
+        end
+
+        results
+      end
+
+      def hash_matches(password, lowercased_password)
         results = []
         password_length = password.length
-        lowercased_password = password.downcase
+
         (0..password_length).each do |i|
           (i...password_length).each do |j|
-            word = lowercased_password[i..j]
-            if @ranked_dictionary.has_key?(word)
-              results << Match.new(:matched_word => word,
-                                   :token => password[i..j],
-                                   :i => i,
-                                   :j => j,
-                                   :rank => @ranked_dictionary[word],
-                                   :pattern => 'dictionary',
-                                   :dictionary_name => @name)
-            end
+            length = j - i + 1
+            word = lowercased_password.slice(i, length)
+            next unless @ranked_dictionary.key?(word)
+
+            results << build_match(word, password.slice(i, length), i, j, @ranked_dictionary[word])
           end
         end
+
         results
       end
+
+      def build_match(matched_word, token, start_pos, end_pos, rank)
+        Match.new(
+          matched_word: matched_word,
+          token: token,
+          i: start_pos,
+          j: end_pos,
+          rank: rank,
+          pattern: 'dictionary',
+          dictionary_name: @name
+        )
+      end
     end
   end
-end
+end

data/lib/zxcvbn/matchers/digits.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'zxcvbn/matchers/regex_helpers'
 
 module Zxcvbn
@@ -5,7 +7,7 @@ module Zxcvbn
     class Digits
       include RegexHelpers
 
-      DIGITS_REGEX = /\d{3,}/
+      DIGITS_REGEX = /\d{3,}/.freeze
 
       def matches(password)
         result = []

data/lib/zxcvbn/matchers/l33t.rb

@@ -1,20 +1,24 @@
+# frozen_string_literal: true
+
+require 'set'
+
 module Zxcvbn
   module Matchers
     class L33t
       L33T_TABLE = {
-        'a' => ['4', '@'],
-        'b' => ['8'],
-        'c' => ['(', '{', '[', '<'],
-        'e' => ['3'],
-        'g' => ['6', '9'],
-        'i' => ['1', '!', '|'],
-        'l' => ['1', '|', '7'],
-        'o' => ['0'],
-        's' => ['$', '5'],
-        't' => ['+', '7'],
-        'x' => ['%'],
-        'z' => ['2']
-      }
+        'a' => ['4', '@'].freeze,
+        'b' => ['8'].freeze,
+        'c' => ['(', '{', '[', '<'].freeze,
+        'e' => ['3'].freeze,
+        'g' => ['6', '9'].freeze,
+        'i' => ['1', '!', '|'].freeze,
+        'l' => ['1', '|', '7'].freeze,
+        'o' => ['0'].freeze,
+        's' => ['$', '5'].freeze,
+        't' => ['+', '7'].freeze,
+        'x' => ['%'].freeze,
+        'z' => ['2'].freeze
+      }.freeze
 
       def initialize(dictionary_matchers)
         @dictionary_matchers = dictionary_matchers
@@ -23,24 +27,17 @@ module Zxcvbn
       def matches(password)
         matches = []
         lowercased_password = password.downcase
-        combinations_to_try = l33t_subs(relevent_l33t_subtable(lowercased_password))
+        relevent_subtable = relevent_l33t_subtable(lowercased_password)
+
+        # Early bailout: if no l33t characters present, return empty matches
+        return matches if relevent_subtable.empty?
+
+        combinations_to_try = l33t_subs(relevent_subtable)
         combinations_to_try.each do |substitution|
           @dictionary_matchers.each do |matcher|
             subbed_password = translate(lowercased_password, substitution)
             matcher.matches(subbed_password).each do |match|
-              token = password[match.i..match.j]
-              next if token.downcase == match.matched_word.downcase
-              match_substitutions = {}
-              substitution.each do |s, letter|
-                match_substitutions[s] = letter if token.include?(s)
-              end
-              match.l33t = true
-              match.token = password[match.i..match.j]
-              match.sub = match_substitutions
-              match.sub_display = match_substitutions.map do |k, v|
-                "#{k} -> #{v}"
-              end.join(', ')
-              matches << match
+              process_match(match, password, substitution, matches)
             end
           end
         end
@@ -48,9 +45,11 @@ module Zxcvbn
       end
 
       def translate(password, sub)
-        password.split('').map do |chr|
-          sub[chr] || chr
-        end.join
+        result = String.new
+        password.each_char do |chr|
+          result << (sub[chr] || chr)
+        end
+        result
       end
 
       def relevent_l33t_subtable(password)
@@ -77,8 +76,29 @@ module Zxcvbn
         new_subs
       end
 
+      private
+
+      def process_match(match, password, substitution, matches)
+        length = match.j - match.i + 1
+        token = password.slice(match.i, length)
+        return if token.downcase == match.matched_word.downcase
+
+        match_substitutions = {}
+        substitution.each do |s, letter|
+          match_substitutions[s] = letter if token.include?(s)
+        end
+        match.l33t = true
+        match.token = token
+        match.sub = match_substitutions
+        match.sub_display = match_substitutions.map do |k, v|
+          "#{k} -> #{v}"
+        end.join(', ')
+        matches << match
+      end
+
       def find_substitutions(subs, table, keys)
         return subs if keys.empty?
+
         first_key = keys[0]
         rest_keys = keys[1..-1]
         next_subs = []
@@ -109,14 +129,12 @@ module Zxcvbn
 
       def dedup(subs)
         deduped = []
-        members = []
+        seen = Set.new
         subs.each do |sub|
-          assoc = sub.dup
-
-          assoc.sort! rescue debugger
-          label = assoc.map{|k, v| "#{k},#{v}"}.join('-')
-          unless members.include?(label)
-            members << label
+          # Sort and convert to hash for consistent comparison
+          sorted_sub = sub.sort.to_h
+          unless seen.include?(sorted_sub)
+            seen.add(sorted_sub)
             deduped << sub
           end
         end
@@ -124,4 +142,4 @@ module Zxcvbn
       end
     end
   end
-end
+end

data/lib/zxcvbn/matchers/new_l33t.rb

@@ -1,20 +1,22 @@
+# frozen_string_literal: true
+
 module Zxcvbn
   module Matchers
     class L33t
       L33T_TABLE = {
-        'a' => ['4', '@'],
-        'b' => ['8'],
-        'c' => ['(', '{', '[', '<'],
-        'e' => ['3'],
-        'g' => ['6', '9'],
-        'i' => ['1', '!', '|'],
-        'l' => ['1', '|', '7'],
-        'o' => ['0'],
-        's' => ['$', '5'],
-        't' => ['+', '7'],
-        'x' => ['%'],
-        'z' => ['2']
-      }
+        'a' => ['4', '@'].freeze,
+        'b' => ['8'].freeze,
+        'c' => ['(', '{', '[', '<'].freeze,
+        'e' => ['3'].freeze,
+        'g' => ['6', '9'].freeze,
+        'i' => ['1', '!', '|'].freeze,
+        'l' => ['1', '|', '7'].freeze,
+        'o' => ['0'].freeze,
+        's' => ['$', '5'].freeze,
+        't' => ['+', '7'].freeze,
+        'x' => ['%'].freeze,
+        'z' => ['2'].freeze
+      }.freeze
 
       def initialize(dictionary_matchers)
         @dictionary_matchers = dictionary_matchers
@@ -24,20 +26,20 @@ module Zxcvbn
         matches = []
         lowercased_password = password.downcase
         combinations_to_try = substitution_combinations(relevant_l33t_substitutions(lowercased_password))
-        # debugger if password == 'abcdefghijk987654321'
-        combinations_to_try.each do |substitution|
+        combinations_to_try.each do |substitutions|
           @dictionary_matchers.each do |matcher|
-            subbed_password = substitute(lowercased_password, substitution)
+            subbed_password = substitute(lowercased_password, substitutions)
             matcher.matches(subbed_password).each do |match|
-              token = lowercased_password[match.i..match.j]
+              length = match.j - match.i + 1
+              token = lowercased_password.slice(match.i, length)
               next if token == match.matched_word.downcase
-              # debugger if token == '1'
+
               match_substitutions = {}
-              substitution.each do |letter, substitution|
+              substitutions.each do |letter, substitution|
                 match_substitutions[substitution] = letter if token.include?(substitution)
               end
               match.l33t = true
-              match.token = password[match.i..match.j]
+              match.token = password.slice(match.i, length)
               match.sub = match_substitutions
               match.sub_display = match_substitutions.map do |k, v|
                 "#{k} -> #{v}"
@@ -49,9 +51,9 @@ module Zxcvbn
         matches
       end
 
-      def substitute(password, substitution)
+      def substitute(password, substitutions)
         subbed_password = password.dup
-        substitution.each do |letter, substitution|
+        substitutions.each do |letter, substitution|
           subbed_password.gsub!(substitution, letter)
         end
         subbed_password
@@ -64,9 +66,7 @@ module Zxcvbn
         end
         L33T_TABLE.each do |letter, substibutions|
           password.each_char do |password_char|
-            if substibutions.include?(password_char)
-              subs[letter] << password_char
-            end
+            subs[letter] << password_char if substibutions.include?(password_char)
           end
         end
         subs
@@ -82,7 +82,7 @@ module Zxcvbn
         expanded_substitutions.each do |substitution_hash|
           # convert a hash to an array of hashes with 1 key each
           subs_array = substitution_hash.map do |letter, substitutions|
-            {letter => substitutions}
+            { letter => substitutions }
           end
           combinations << subs_array
 
@@ -94,15 +94,13 @@ module Zxcvbn
         end
 
         # convert back to simple hash per substitution combination
-        combination_hashes = combinations.map do |combination_set|
+        combinations.map do |combination_set|
           hash = {}
           combination_set.each do |combination_hash|
             hash.merge!(combination_hash)
           end
           hash
         end
-
-        combination_hashes
       end
 
       # expand possible combinations if multiple characters can be substituted
@@ -110,11 +108,11 @@ module Zxcvbn
       #      [{'a' => '4', 'i' => 1}, {'a' => '@', 'i' => '1'}]
       def expanded_substitutions(hash)
         return {} if hash.empty?
+
         values = hash.values
         product_values = values[0].product(*values[1..-1])
-        product_values.map{ |p| Hash[hash.keys.zip(p)] }
+        product_values.map { |p| Hash[hash.keys.zip(p)] }
       end
-
     end
   end
-end
+end

data/lib/zxcvbn/matchers/regex_helpers.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'zxcvbn/match'
 
 module Zxcvbn
@@ -5,15 +7,15 @@ module Zxcvbn
     module RegexHelpers
       def re_match_all(regex, password)
         pos = 0
-        while re_match = regex.match(password, pos)
+        while (re_match = regex.match(password, pos))
           i, j = re_match.offset(0)
           pos = j
           j -= 1
 
           match = Match.new(
-            :i => i,
-            :j => j,
-            :token => password[i..j]
+            i: i,
+            j: j,
+            token: password.slice(i, j - i + 1)
           )
           yield match, re_match
         end

data/lib/zxcvbn/matchers/repeat.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'zxcvbn/match'
 
 module Zxcvbn
@@ -9,17 +11,15 @@ module Zxcvbn
         while i < password.length
           cur_char = password[i]
           j = i + 1
-          while cur_char == password[j]
-            j += 1
-          end
+          j += 1 while cur_char == password[j]
 
           if j - i > 2 # don't consider length 1 or 2 chains.
             result << Match.new(
-              :pattern => 'repeat',
-              :i => i,
-              :j => j-1,
-              :token => password[i...j],
-              :repeated_char => cur_char
+              pattern: 'repeat',
+              i: i,
+              j: j - 1,
+              token: password.slice(i, j - i),
+              repeated_char: cur_char
             )
           end
 

data/lib/zxcvbn/matchers/sequences.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'zxcvbn/match'
 
 module Zxcvbn
@@ -7,14 +9,14 @@ module Zxcvbn
         'lower' => 'abcdefghijklmnopqrstuvwxyz',
         'upper' => 'ABCDEFGHIJKLMNOPQRSTUVWXYZ',
         'digits' => '01234567890'
-      }
+      }.freeze
 
       def seq_match_length(password, from, direction, seq)
         index_from = seq.index(password[from])
         j = 1
         while from + j < password.length &&
               password[from + j] == seq[index_from + direction * j]
-          j+= 1
+          j += 1
         end
         j
       end
@@ -24,15 +26,13 @@ module Zxcvbn
       def applicable_sequence(password, i)
         SEQUENCES.each do |name, sequence|
           index1 = sequence.index(password[i])
-          index2 = sequence.index(password[i+1])
-          if index1 and index2
-            seq_direction = index2 - index1
-            if [-1, 1].include?(seq_direction)
-              return [name, sequence, seq_direction]
-            else
-              return nil
-            end
-          end
+          index2 = sequence.index(password[i + 1])
+          next unless index1 && index2
+
+          seq_direction = index2 - index1
+          return [name, sequence, seq_direction] if [-1, 1].include?(seq_direction)
+
+          return nil
         end
       end
 
@@ -46,13 +46,13 @@ module Zxcvbn
             length = seq_match_length(password, i, seq_direction, seq)
             if length > 2
               result << Match.new(
-                :pattern => 'sequence',
-                :i => i,
-                :j => i + length - 1,
-                :token => password[i, length],
-                :sequence_name => seq_name,
-                :sequence_space => seq.length,
-                :ascending => seq_direction == 1
+                pattern: 'sequence',
+                i: i,
+                j: i + length - 1,
+                token: password[i, length],
+                sequence_name: seq_name,
+                sequence_space: seq.length,
+                ascending: seq_direction == 1
               )
             end
             i += length - 1

data/lib/zxcvbn/matchers/spatial.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'zxcvbn/match'
 
 module Zxcvbn
@@ -24,7 +26,7 @@ module Zxcvbn
           turns = 0
           shifted_count = 0
           loop do
-            prev_char = password[j-1]
+            prev_char = password[j - 1]
             found = false
             found_direction = -1
             cur_direction = -1
@@ -34,22 +36,22 @@ module Zxcvbn
               cur_char = password[j]
               adjacents.each do |adj|
                 cur_direction += 1
-                if adj && adj.index(cur_char)
-                  found = true
-                  found_direction = cur_direction
-                  if adj.index(cur_char) == 1
-                    # index 1 in the adjacency means the key is shifted, 0 means unshifted: A vs a, % vs 5, etc.
-                    # for example, 'q' is adjacent to the entry '2@'. @ is shifted w/ index 1, 2 is unshifted.
-                    shifted_count += 1
-                  end
-                  if last_direction != found_direction
-                    # adding a turn is correct even in the initial case when last_direction is null:
-                    # every spatial pattern starts with a turn.
-                    turns += 1
-                    last_direction = found_direction
-                  end
-                  break
+                next unless adj&.index(cur_char)
+
+                found = true
+                found_direction = cur_direction
+                if adj.index(cur_char) == 1
+                  # index 1 in the adjacency means the key is shifted, 0 means unshifted: A vs a, % vs 5, etc.
+                  # for example, 'q' is adjacent to the entry '2@'. @ is shifted w/ index 1, 2 is unshifted.
+                  shifted_count += 1
+                end
+                if last_direction != found_direction
+                  # adding a turn is correct even in the initial case when last_direction is null:
+                  # every spatial pattern starts with a turn.
+                  turns += 1
+                  last_direction = found_direction
                 end
+                break
               end
             end
             # if the current pattern continued, extend j and try to grow again
@@ -59,13 +61,13 @@ module Zxcvbn
               # otherwise push the pattern discovered so far, if any...
               if j - i > 2 # don't consider length 1 or 2 chains.
                 result << Match.new(
-                  :pattern => 'spatial',
-                  :i => i,
-                  :j => j-1,
-                  :token => password[i...j],
-                  :graph => graph_name,
-                  :turns => turns,
-                  :shifted_count => shifted_count
+                  pattern: 'spatial',
+                  i: i,
+                  j: j - 1,
+                  token: password.slice(i, j - i),
+                  graph: graph_name,
+                  turns: turns,
+                  shifted_count: shifted_count
                 )
               end
               # ...and then start a new search for the rest of the password.
@@ -78,4 +80,4 @@ module Zxcvbn
       end
     end
   end
-end
+end

data/lib/zxcvbn/matchers/year.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'zxcvbn/matchers/regex_helpers'
 
 module Zxcvbn
@@ -5,7 +7,7 @@ module Zxcvbn
     class Year
       include RegexHelpers
 
-      YEAR_REGEX = /19\d\d|200\d|201\d/
+      YEAR_REGEX = /19\d\d|200\d|201\d/.freeze
 
       def matches(password)
         result = []
@@ -17,4 +19,4 @@ module Zxcvbn
       end
     end
   end
-end
+end

data/lib/zxcvbn/math.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Zxcvbn
   module Math
     def bruteforce_cardinality(password)
@@ -30,25 +32,27 @@ module Zxcvbn
 
     def nCk(n, k)
       return 0 if k > n
-      return 1 if k == 0
+      return 1 if k.zero?
+
+      # Use symmetry property: C(n,k) = C(n, n-k)
+      # Choose smaller k to minimize iterations
+      k = n - k if k > n - k
+
       r = 1
       (1..k).each do |d|
-        r = r * n
-        r = r / d
+        r *= n
+        r /= d
         n -= 1
       end
       r
     end
 
     def average_degree_for_graph(graph_name)
-      graph = data.adjacency_graphs[graph_name]
-      degrees = graph.map { |_, neighbors| neighbors.compact.size }
-      sum = degrees.inject(0, :+)
-      sum.to_f / graph.size
+      data.graph_stats[graph_name][:average_degree]
     end
 
     def starting_positions_for_graph(graph_name)
-      data.adjacency_graphs[graph_name].length
+      data.graph_stats[graph_name][:starting_positions]
     end
   end
 end

data/lib/zxcvbn/omnimatch.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'zxcvbn/dictionary_ranker'
 require 'zxcvbn/matchers/dictionary'
 require 'zxcvbn/matchers/l33t'
@@ -26,17 +28,18 @@ module Zxcvbn
 
     def user_input_matchers(user_inputs)
       return [] unless user_inputs.any?
+
       user_ranked_dictionary = DictionaryRanker.rank_dictionary(user_inputs)
       dictionary_matcher = Matchers::Dictionary.new('user_inputs', user_ranked_dictionary)
       l33t_matcher = Matchers::L33t.new([dictionary_matcher])
       [dictionary_matcher, l33t_matcher]
     end
 
-
     def build_matchers
       matchers = []
       dictionary_matchers = @data.ranked_dictionaries.map do |name, dictionary|
-        Matchers::Dictionary.new(name, dictionary)
+        trie = @data.dictionary_tries[name]
+        Matchers::Dictionary.new(name, dictionary, trie)
       end
       l33t_matcher = Matchers::L33t.new(dictionary_matchers)
       matchers += dictionary_matchers