src/org/cacert/gigi/util/PasswordStrengthChecker.java

   1 package org.cacert.gigi.util;
   2
   3 import java.util.regex.Pattern;
   4
   5 import org.cacert.gigi.User;
   6
   7 public class PasswordStrengthChecker {
   8         static Pattern digits = Pattern.compile("\\d");
   9         static Pattern lower = Pattern.compile("[a-z]");
  10         static Pattern upper = Pattern.compile("[A-Z]");
  11         static Pattern whitespace = Pattern.compile("\\s");
  12         static Pattern special = Pattern.compile("(?!\\s)\\W");
  13
  14         private PasswordStrengthChecker() {
  15         }
  16
  17         private static int checkpwlight(String pw) {
  18                 int points = 0;
  19                 if (pw.length() > 15) {
  20                         points++;
  21                 }
  22                 if (pw.length() > 20) {
  23                         points++;
  24                 }
  25                 if (pw.length() > 25) {
  26                         points++;
  27                 }
  28                 if (pw.length() > 30) {
  29                         points++;
  30                 }
  31                 if (digits.matcher(pw).find()) {
  32                         points++;
  33                 }
  34                 if (lower.matcher(pw).find()) {
  35                         points++;
  36                 }
  37                 if (upper.matcher(pw).find()) {
  38                         points++;
  39                 }
  40                 if (special.matcher(pw).find()) {
  41                         points++;
  42                 }
  43                 if (whitespace.matcher(pw).find()) {
  44                         points++;
  45                 }
  46                 return points;
  47         }
  48
  49         public static int checkpw(String pw, User u) {
  50                 if (pw == null) {
  51                         return 0;
  52                 }
  53                 int light = checkpwlight(pw);
  54                 if (contained(pw, u.getEmail())) {
  55                         light -= 2;
  56                 }
  57                 if (contained(pw, u.getFname())) {
  58                         light -= 2;
  59                 }
  60                 if (contained(pw, u.getLname())) {
  61                         light -= 2;
  62                 }
  63                 if (contained(pw, u.getMname())) {
  64                         light -= 2;
  65                 }
  66                 if (contained(pw, u.getSuffix())) {
  67                         light -= 2;
  68                 }
  69                 // TODO dictionary check
  70                 return light;
  71         }
  72
  73         private static boolean contained(String pw, String check) {
  74                 if (check == null || check.equals("")) {
  75                         return false;
  76                 }
  77                 if (pw.contains(check)) {
  78                         return true;
  79                 }
  80                 if (check.contains(pw)) {
  81                         return true;
  82                 }
  83                 return false;
  84         }
  85 }