You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
166 lines
5.4 KiB
166 lines
5.4 KiB
import java.io.BufferedReader;
|
|
import java.io.IOException;
|
|
import java.io.StringReader;
|
|
import java.math.BigInteger;
|
|
import java.security.MessageDigest;
|
|
import java.security.NoSuchAlgorithmException;
|
|
import java.util.Locale;
|
|
import java.util.regex.Pattern;
|
|
|
|
public class PasswordValidator {
|
|
int minLength = 6;
|
|
boolean requireUppercase = true;
|
|
boolean requireLowercase = true;
|
|
boolean requireDigit = true;
|
|
boolean requireSpecialChar = true;
|
|
boolean checkPwned = true;
|
|
boolean checkWordlist = false;
|
|
|
|
private final Pattern uppercasePattern = Pattern.compile("^(?=.*[A-Z]).+$");
|
|
private final Pattern lowercasePattern = Pattern.compile("^(?=.*[a-z]).+$");
|
|
private final Pattern digitPattern = Pattern.compile("^(?=.*\\d).+$");
|
|
private final Pattern specialCharPattern = Pattern.compile("^(?=.*[.!?=@#$()%^&/*_\\-+]).+$");
|
|
private static final String pwnedPasswordsApiUrl = "https://api.pwnedpasswords.com/range/";
|
|
|
|
public boolean validate(String password) {
|
|
if (password.length() < minLength) {
|
|
return false;
|
|
} else if (requireUppercase && !uppercasePattern.matcher(password).matches()) {
|
|
return false;
|
|
} else if (requireLowercase && !lowercasePattern.matcher(password).matches()) {
|
|
return false;
|
|
} else if (requireDigit && !digitPattern.matcher(password).matches()) {
|
|
return false;
|
|
} else if (requireSpecialChar && !specialCharPattern.matcher(password).matches()) {
|
|
return false;
|
|
} else if (checkWordlist && isInWordlist(password)) {
|
|
return false;
|
|
} else if (checkPwned && isPwned(password)) {
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
public int getMinLength() {
|
|
return minLength;
|
|
}
|
|
|
|
public void setMinLength(int minLength) {
|
|
this.minLength = minLength;
|
|
}
|
|
|
|
public boolean isRequireUppercase() {
|
|
return requireUppercase;
|
|
}
|
|
|
|
public void setRequireUppercase(boolean requireUppercase) {
|
|
this.requireUppercase = requireUppercase;
|
|
}
|
|
|
|
public boolean isRequireLowercase() {
|
|
return requireLowercase;
|
|
}
|
|
|
|
public void setRequireLowercase(boolean requireLowercase) {
|
|
this.requireLowercase = requireLowercase;
|
|
}
|
|
|
|
public boolean isRequireDigit() {
|
|
return requireDigit;
|
|
}
|
|
|
|
public void setRequireDigit(boolean requireDigit) {
|
|
this.requireDigit = requireDigit;
|
|
}
|
|
|
|
public boolean isRequireSpecialChar() {
|
|
return requireSpecialChar;
|
|
}
|
|
|
|
public void setRequireSpecialChar(boolean requireSpecialChar) {
|
|
this.requireSpecialChar = requireSpecialChar;
|
|
}
|
|
|
|
public boolean isCheckPwned() {
|
|
return checkPwned;
|
|
}
|
|
|
|
public void setCheckPwned(boolean checkPwned) {
|
|
this.checkPwned = checkPwned;
|
|
}
|
|
|
|
public boolean isCheckWordlist() {
|
|
return checkWordlist;
|
|
}
|
|
|
|
public void setCheckWordlist(boolean checkWordlist) {
|
|
this.checkWordlist = checkWordlist;
|
|
}
|
|
|
|
public static String getSHA1Hash(String input) {
|
|
if (input.length() > 0) {
|
|
try {
|
|
MessageDigest md = MessageDigest.getInstance("SHA-1");
|
|
byte[] messageDigest = md.digest(input.getBytes());
|
|
|
|
// Convert byte array into signum representation
|
|
BigInteger no = new BigInteger(1, messageDigest);
|
|
|
|
// Convert message digest into hex value
|
|
StringBuilder hashtext = new StringBuilder();
|
|
hashtext.append(no.toString(16));
|
|
|
|
// Add preceding 0s to make it 32 bit
|
|
while (hashtext.length() < 32) {
|
|
hashtext.insert(0, "0");
|
|
}
|
|
return hashtext.toString();
|
|
} catch (NoSuchAlgorithmException e) {
|
|
e.printStackTrace();
|
|
}
|
|
}
|
|
|
|
return null;
|
|
}
|
|
|
|
public static boolean isPwned(String password) {
|
|
String sha1 = PasswordValidator.getSHA1Hash(password);
|
|
if (sha1 != null) {
|
|
String url = pwnedPasswordsApiUrl + sha1.substring(0, 5);
|
|
try {
|
|
String result = HttpApi.sendHttpGETRequest(url);
|
|
BufferedReader bufReader = new BufferedReader(new StringReader(result));
|
|
String line = null;
|
|
while ((line = bufReader.readLine()) != null) {
|
|
String[] lineSplit = line.split(":");
|
|
if (lineSplit.length > 0 && sha1.toUpperCase().endsWith(lineSplit[0])) {
|
|
return true;
|
|
}
|
|
}
|
|
} catch (IOException e) {
|
|
e.printStackTrace();
|
|
}
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
public static boolean isInWordlist(String password) {
|
|
try {
|
|
String lowerPassword = password.toLowerCase();
|
|
ResourceApi resourceApi = new ResourceApi();
|
|
String germanWordlist = resourceApi.getFileFromResourceAsString("german_wordlist.txt");
|
|
BufferedReader bufReader = new BufferedReader(new StringReader(germanWordlist));
|
|
String line = null;
|
|
while ((line = bufReader.readLine()) != null) {
|
|
if (lowerPassword.contains(line.trim().toLowerCase())) {
|
|
return true;
|
|
}
|
|
}
|
|
} catch (IOException e) {
|
|
e.printStackTrace();
|
|
}
|
|
|
|
return false;
|
|
}
|
|
}
|