diff options
Diffstat (limited to 'src/core/PasswordHealth.h')
-rw-r--r-- | src/core/PasswordHealth.h | 119 |
1 files changed, 119 insertions, 0 deletions
diff --git a/src/core/PasswordHealth.h b/src/core/PasswordHealth.h new file mode 100644 index 000000000..ef3249380 --- /dev/null +++ b/src/core/PasswordHealth.h @@ -0,0 +1,119 @@ +/* + * Copyright (C) 2019 KeePassXC Team <team@keepassxc.org> + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 2 or (at your option) + * version 3 of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef KEEPASSX_PASSWORDHEALTH_H +#define KEEPASSX_PASSWORDHEALTH_H + +#include <QHash> +#include <QSharedPointer> +#include <QStringList> + +class Database; +class Entry; + +/** + * Health status of a single password. + * + * @see HealthChecker + */ +class PasswordHealth +{ +public: + explicit PasswordHealth(double entropy); + explicit PasswordHealth(QString pwd); + + /* + * The password score is defined to be the greater the better + * (more secure) the password is. It doesn't have a dimension, + * there are no defined maximum or minimum values, and score + * values may change with different versions of the software. + */ + int score() const + { + return m_score; + } + + void setScore(int score); + void adjustScore(int amount); + + /* + * A text description for the password's quality assessment + * (translated into the application language), and additional + * information. Empty if nothing is wrong with the password. + * May contain more than line, separated by '\n'. + */ + QString scoreReason() const; + void addScoreReason(QString reason); + + QString scoreDetails() const; + void addScoreDetails(QString details); + + /* + * The password quality assessment (based on the score). + */ + enum class Quality + { + Bad, + Poor, + Weak, + Good, + Excellent + }; + Quality quality() const; + + /* + * The password's raw entropy value, in bits. + */ + double entropy() const + { + return m_entropy; + } + + /** + * Name of custom data field that holds the "this is a known + * bad password" flag. Legal values of the field are TRUE_STR + * and FALSE_STR, the default (used if the field doesn't exist) + * is false. + */ + static const QString OPTION_KNOWN_BAD; + +private: + int m_score = 0; + double m_entropy = 0.0; + QStringList m_scoreReasons; + QStringList m_scoreDetails; +}; + +/** + * Password health check for all entries of a database. + * + * @see PasswordHealth + */ +class HealthChecker +{ +public: + explicit HealthChecker(QSharedPointer<Database>); + + // Get the health status of an entry in the database + QSharedPointer<PasswordHealth> evaluate(const Entry* entry) const; + +private: + // To determine password re-use: first = password, second = entries that use it + QHash<QString, QStringList> m_reuse; +}; + +#endif // KEEPASSX_PASSWORDHEALTH_H |