Skip to content

Commit

Permalink
Merge pull request #147 from nulab/fix-the-discrepancy-in-password-sc…
Browse files Browse the repository at this point in the history
…ores-between-zxcvbn-and-zxcvbn4j

fix: improved SpatialMatcher decision logic (#84) (#129)
  • Loading branch information
vvatanabe authored Aug 18, 2023
2 parents 1b811ba + 94e2ff3 commit 91deed7
Show file tree
Hide file tree
Showing 5 changed files with 14 additions and 7 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ public double exec(Match match) {
if (match.shiftedCount > 0) {
int shiftedCount = match.shiftedCount;
int unshiftedCount = match.tokenLength() - match.shiftedCount;
if (unshiftedCount == 0) {
if (shiftedCount == 0 || unshiftedCount == 0) {
guesses *= 2;
} else {
int shiftedVariations = 0;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ private List<Match> findSpatialMatchesInKeyboard(CharSequence password, Keyboard
private int processSpatialMatch(
CharSequence password, Keyboard keyboard, List<Match> matches, int curCharIndex) {
int nextCharIndex = curCharIndex + 1;
int lastDirection = 0;
Integer lastDirection = null;
int turns = 0;
int shiftedCount = calculateShiftedCount(keyboard, password.charAt(curCharIndex));
final Map<Character, List<String>> graph = keyboard.getAdjacencyGraph();
Expand All @@ -59,7 +59,9 @@ private int processSpatialMatch(
if (result.found) {
nextCharIndex++;
shiftedCount += result.shiftedCount;
if (lastDirection != result.foundDirection) {
if (lastDirection == null || lastDirection != result.foundDirection) {
// adding a turn is correct even in the initial case when last_direction is null:
// every spatial pattern starts with a turn.
turns++;
lastDirection = result.foundDirection;
}
Expand Down
4 changes: 2 additions & 2 deletions src/test/java/com/nulabinc/zxcvbn/FeedbackTest.java
Original file line number Diff line number Diff line change
Expand Up @@ -134,9 +134,9 @@ public static Iterable<Object[]> data() {
Feedback.EXTRA_SUGGESTIONS_ADD_ANOTHER_WORD,
Feedback.SPATIAL_SUGGESTIONS_USE_LONGER_KEYBOARD_PATTERN
}},
{"lkjhgfdsa", Feedback.SPATIAL_WARNING_SHORT_KEYBOARD_PATTERNS, new String[]{
{"lkjhgfdsa", Feedback.DICTIONARY_WARNING_PASSWORDS_SIMILAR, new String[]{
Feedback.EXTRA_SUGGESTIONS_ADD_ANOTHER_WORD,
Feedback.SPATIAL_SUGGESTIONS_USE_LONGER_KEYBOARD_PATTERN
Feedback.DICTIONARY_SUGGESTIONS_REVERSED
}},
{"justshort", "", new String[]{
Feedback.EXTRA_SUGGESTIONS_ADD_ANOTHER_WORD
Expand Down
7 changes: 6 additions & 1 deletion src/test/java/com/nulabinc/zxcvbn/JavaPortTest.java
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,8 @@ public void testMeasure() throws Exception {
} else {
jsScore = (int) score;
}
int javaScore = zxcvbn.measure(password).getScore();
Strength strength = zxcvbn.measure(password);
int javaScore = strength.getScore();
Assert.assertEquals("Password score difference for " + password, jsScore, javaScore);
}

Expand Down Expand Up @@ -85,6 +86,10 @@ public static Iterable<Object[]> data() {
{"61526611441"},
{"0078690420729"},
{"zhang198822"},
{"Sigma@123"},
{"password@123"},
{"lkjhgfdsa"},
{"hGFd"},
//the following password fails in version 4.4.1
//https://github.com/dropbox/zxcvbn/issues/174
// {"Rh&pW%EXT=/Z1lzouG.wU_+2MT+FG4sm+&jqN?L25jDtjW3EQuppfvD_30Vo3K=SX4=z3-U2gVf7A0oSM5oWegRa_sV$-GLI3LzCo&@!h@$v#OkoN#@-eS8Y&W$pGmmVXc#XHAv?n$M+_wQx1FAB_*iaZE1_9ZV.cwn-d@+90B8z0bVOKc63lV9QntW0kryN7Y#rjv@0+Bd8hc-3WW_Yn%z5/DE?R*UeiKgR#$/F8kA9I!Ib*GDa.x0T7UWCCxDV&ithebyz$=7vW6TdmlmL%WZxmA7K%*Rg1035UO%WOTIgiMs4AjpmL1"}
Expand Down
2 changes: 1 addition & 1 deletion src/test/java/com/nulabinc/zxcvbn/MatchingTest.java
Original file line number Diff line number Diff line change
Expand Up @@ -243,7 +243,7 @@ public static Collection<Object[]> data() throws IOException {
{"12345", qwerty, 1, 0},
{"@WSX", qwerty, 1, 4},
{"6tfGHJ", qwerty, 2, 3},
{"hGFd", qwerty, 0, 2},
{"hGFd", qwerty, 1, 2},
{"/;p09876yhn", qwerty, 3, 0},
{"Xdr%", qwerty, 1, 2},
{"159-", keypad, 1, 0},
Expand Down

0 comments on commit 91deed7

Please sign in to comment.