diff options
| author | Dongsun Lee <ds73.lee@samsung.com> | 2017-03-13 18:09:02 +0900 |
|---|---|---|
| committer | Dong Sun Lee <ds73.lee@samsung.com> | 2017-03-13 18:52:33 -0700 |
| commit | d2b32746a4584fe367c8f247e26bdc0f41e3a7c9 (patch) | |
| tree | 6663dbc4340798c25385e631d826ce6ca19e6ec9 | |
| parent | 5cf51615252228859cd3bec16a9d13985c1af6d5 (diff) | |
| download | auth-fw-d2b32746a4584fe367c8f247e26bdc0f41e3a7c9.tar.gz auth-fw-d2b32746a4584fe367c8f247e26bdc0f41e3a7c9.tar.bz2 auth-fw-d2b32746a4584fe367c8f247e26bdc0f41e3a7c9.zip | |
Change the concept of min complex character number
- complexity 1 : Character + Number
- complexity 2 : Character + Number(same with complexity 1)
- complexity 3 : Character + Number + Special character
- complexity 4 : Upper case + Lower case + Number + Special character
Change-Id: Ia20ca456a1adc35c2340512f07c27bfc2a40c02f
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
(cherry picked from commit 02cccab9543847144755ac044fa523c0c8e01c57)
| -rw-r--r-- | src/client/client-password-admin.cpp | 2 | ||||
| -rw-r--r-- | src/include/auth-passwd-policy-types.h | 9 | ||||
| -rw-r--r-- | src/server/service/policy-file.cpp | 52 |
3 files changed, 55 insertions, 8 deletions
diff --git a/src/client/client-password-admin.cpp b/src/client/client-password-admin.cpp index 8b94a19..166ad5f 100644 --- a/src/client/client-password-admin.cpp +++ b/src/client/client-password-admin.cpp @@ -159,6 +159,8 @@ int auth_passwd_set_min_complex_char_num(policy_h *p_policy, unsigned int val) { if (!p_policy) return AUTH_PASSWD_API_ERROR_INPUT_PARAM; + if (val > AUTH_PWD_COMPLEX_CHAR_LAST) + return AUTH_PASSWD_API_ERROR_INPUT_PARAM; auto policy = reinterpret_cast<AuthPasswd::Policy *>(p_policy); policy->setFlag(POLICY_MIN_COMPLEX_CHAR_NUMBER); diff --git a/src/include/auth-passwd-policy-types.h b/src/include/auth-passwd-policy-types.h index e024671..8d60bf1 100644 --- a/src/include/auth-passwd-policy-types.h +++ b/src/include/auth-passwd-policy-types.h @@ -58,6 +58,15 @@ typedef enum { AUTH_PWD_QUALITY_LAST = AUTH_PWD_QUALITY_ALPHANUMERIC } password_quality_type; +typedef enum { + AUTH_PWD_COMPLEX_CHAR_UNSPECIFIED = 0, + AUTH_PWD_COMPLEX_CHAR_GROUP_1 = 1, // Character + Number + AUTH_PWD_COMPLEX_CHAR_GROUP_2 = 2, // Same with GROUP1(It is the requirement from EAS.) + AUTH_PWD_COMPLEX_CHAR_GROUP_3 = 3, // Character + Number + Special character + AUTH_PWD_COMPLEX_CHAR_GROUP_4 = 4, // Upper case + Lower case + Number + Special character + AUTH_PWD_COMPLEX_CHAR_LAST = AUTH_PWD_COMPLEX_CHAR_GROUP_4, +} password_complex_char_group; + #ifdef __cplusplus } #endif diff --git a/src/server/service/policy-file.cpp b/src/server/service/policy-file.cpp index a25343c..5fe7c3e 100644 --- a/src/server/service/policy-file.cpp +++ b/src/server/service/policy-file.cpp @@ -50,6 +50,17 @@ const unsigned int CURRENT_FILE_VERSION = 1; } // namespace anonymous namespace AuthPasswd { + +// This is a same policy wiht Android. +// complexity 1 : Character + Number +// complexity 2 : Character + Number (same with complexity1. It is the requirement from EAS.) +// complexity 3 : Character + Number + Special character +// complexity 4 : Upper case + Lower case + Number + Special character +const std::string REGEX_COMPLEX_GROUP1 = "(?=.*[A-Za-z]+.*)(?=.*[0-9]+.*)"; +const std::string REGEX_COMPLEX_GROUP2 = REGEX_COMPLEX_GROUP1; +const std::string REGEX_COMPLEX_GROUP3 = "(?=.*[A-Za-z]+.*)(?=.*[0-9]+.*)(?=.*[^A-Za-z0-9]+.*)"; +const std::string REGEX_COMPLEX_GROUP4 = "(?=.*[A-Z]+.*)(?=.*[a-z]+.*)(?=.*[0-9]+.*)(?=.*[^A-Za-z0-9]+.*)"; + PolicyFile::PolicyFile(unsigned int user): m_user(user), m_enable(false) { // check if data directory exists @@ -185,20 +196,45 @@ void PolicyFile::setMinLength(unsigned int minLength) // policy minComplexCharNumber bool PolicyFile::checkMinComplexCharNumber(const std::string &password) const { - unsigned int i = 0, cnt = 0; - char ch; + std::string pattern; - if (m_policy.minComplexCharNumber == 0) + switch (m_policy.minComplexCharNumber) { + case AUTH_PWD_COMPLEX_CHAR_UNSPECIFIED: return true; - for (i = 0; i < password.size(); i++) { - ch = password[i]; + case AUTH_PWD_COMPLEX_CHAR_GROUP_1: + pattern = REGEX_COMPLEX_GROUP1; + break; + + case AUTH_PWD_COMPLEX_CHAR_GROUP_2: + pattern = REGEX_COMPLEX_GROUP2; + break; - if (ch < '0' || ('9' < ch && ch < 'A') || ('Z' < ch && ch < 'a') || 'z' < ch) - cnt++; + case AUTH_PWD_COMPLEX_CHAR_GROUP_3: + pattern = REGEX_COMPLEX_GROUP3; + break; + + case AUTH_PWD_COMPLEX_CHAR_GROUP_4: + pattern = REGEX_COMPLEX_GROUP4; + break; + + default: + return false; } - return (cnt >= m_policy.minComplexCharNumber); + try { + std::regex rx(pattern); + std::smatch match; + return std::regex_search(password, match, rx); + } catch (const std::regex_error& rerr) { + LogError("Fail to check min complex char number due to invalid pattern: minComplexCharNumber=" + << m_policy.minComplexCharNumber << ", Pattern=" << pattern << ", error=" << rerr.code()); + return false; + } catch (...) { + LogError("Fail to check min complex char number with unknown reason: minComplexCharNumber=" + << m_policy.minComplexCharNumber << ", Pattern=" << pattern); + return false; + } } void PolicyFile::setMinComplexCharNumber(unsigned int minComplexCharNumber) |