1 package org.cacert.gigi.util;
3 import java.util.regex.Pattern;
5 import org.cacert.gigi.GigiApiException;
6 import org.cacert.gigi.dbObjects.Name;
8 public class PasswordStrengthChecker {
10 private static Pattern digits = Pattern.compile("\\d");
12 private static Pattern lower = Pattern.compile("[a-z]");
14 private static Pattern upper = Pattern.compile("[A-Z]");
16 private static Pattern whitespace = Pattern.compile("\\s");
18 private static Pattern special = Pattern.compile("(?!\\s)\\W");
20 private PasswordStrengthChecker() {}
22 private static int checkpwlight(String pw) {
24 if (pw.length() > 15) {
27 if (pw.length() > 20) {
30 if (pw.length() > 25) {
33 if (pw.length() > 30) {
36 if (digits.matcher(pw).find()) {
39 if (lower.matcher(pw).find()) {
42 if (upper.matcher(pw).find()) {
45 if (special.matcher(pw).find()) {
48 if (whitespace.matcher(pw).find()) {
54 public static int checkpw(String pw, Name name, String email) {
58 int light = checkpwlight(pw);
59 if (contained(pw, email)) {
62 if (contained(pw, name.getFname())) {
65 if (contained(pw, name.getLname())) {
68 if (contained(pw, name.getMname())) {
71 if (contained(pw, name.getSuffix())) {
74 // TODO dictionary check
78 public static void assertStrongPassword(String pw, Name name, String email) throws GigiApiException {
79 if (checkpw(pw, name, email) < 3) {
80 throw new GigiApiException("The Pass Phrase you submitted failed to contain enough" + " differing characters and/or contained words from" + " your name and/or email address.");
84 private static boolean contained(String pw, String check) {
85 if (check == null || check.equals("")) {
88 if (pw.contains(check)) {
91 if (check.contains(pw)) {