1 package org.cacert.gigi.util;
3 import java.util.regex.Pattern;
5 import org.cacert.gigi.GigiApiException;
6 import org.cacert.gigi.User;
8 public class PasswordStrengthChecker {
9 static Pattern digits = Pattern.compile("\\d");
10 static Pattern lower = Pattern.compile("[a-z]");
11 static Pattern upper = Pattern.compile("[A-Z]");
12 static Pattern whitespace = Pattern.compile("\\s");
13 static Pattern special = Pattern.compile("(?!\\s)\\W");
15 private PasswordStrengthChecker() {
18 private static int checkpwlight(String pw) {
20 if (pw.length() > 15) {
23 if (pw.length() > 20) {
26 if (pw.length() > 25) {
29 if (pw.length() > 30) {
32 if (digits.matcher(pw).find()) {
35 if (lower.matcher(pw).find()) {
38 if (upper.matcher(pw).find()) {
41 if (special.matcher(pw).find()) {
44 if (whitespace.matcher(pw).find()) {
50 public static int checkpw(String pw, User u) {
54 int light = checkpwlight(pw);
55 if (contained(pw, u.getEmail())) {
58 if (contained(pw, u.getFname())) {
61 if (contained(pw, u.getLname())) {
64 if (contained(pw, u.getMname())) {
67 if (contained(pw, u.getSuffix())) {
70 // TODO dictionary check
74 public static void assertStrongPassword(String pw, User u) throws GigiApiException {
75 if (checkpw(pw, u) < 3) {
76 throw new GigiApiException("The Pass Phrase you submitted failed to contain enough"
77 + " differing characters and/or contained words from" + " your name and/or email address.");
81 private static boolean contained(String pw, String check) {
82 if (check == null || check.equals("")) {
85 if (pw.contains(check)) {
88 if (check.contains(pw)) {