|
1 | | -import 'dart:math'; |
| 1 | +import 'package:komodo_defi_types/komodo_defi_type_utils.dart'; |
2 | 2 |
|
3 | | -String generatePassword() { |
4 | | - final List<String> passwords = []; |
5 | | - |
6 | | - final rng = Random.secure(); |
7 | | - |
8 | | - const String lowerCase = 'abcdefghijklmnopqrstuvwxyz'; |
9 | | - const String upperCase = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; |
10 | | - const String digit = '0123456789'; |
11 | | - const String punctuation = '*.!@#\$%^(){}:;\',.?/~`_+\\-=|'; |
12 | | - |
13 | | - final string = [lowerCase, upperCase, digit, punctuation]; |
14 | | - |
15 | | - final length = rng.nextInt(24) + 8; |
16 | | - |
17 | | - final List<String> tab = []; |
18 | | - |
19 | | - while (true) { |
20 | | - // This loop make sure the new RPC password will contains all the requirement |
21 | | - // characters type in password, it generate automatically the position. |
22 | | - tab.clear(); |
23 | | - for (var x = 0; x < length; x++) { |
24 | | - tab.add(string[rng.nextInt(4)]); |
25 | | - } |
26 | | - |
27 | | - if (tab.contains(lowerCase) && |
28 | | - tab.contains(upperCase) && |
29 | | - tab.contains(digit) && |
30 | | - tab.contains(punctuation)) { |
31 | | - break; |
32 | | - } |
33 | | - } |
34 | | - |
35 | | - for (int i = 0; i < tab.length; i++) { |
36 | | - // Here we constitute new RPC password, and check the repetition. |
37 | | - final chars = tab[i]; |
38 | | - final character = chars[rng.nextInt(chars.length)]; |
39 | | - final count = passwords.where((c) => c == character).toList().length; |
40 | | - if (count < 2) { |
41 | | - passwords.add(character); |
42 | | - } else { |
43 | | - tab.add(chars); |
44 | | - } |
45 | | - } |
46 | | - |
47 | | - return passwords.join(''); |
48 | | -} |
| 3 | +/// Generates a password that meets the KDF password policy requirements using |
| 4 | +/// the device's secure random number generator. |
| 5 | +String generatePassword() => SecurityUtils.generatePasswordSecure(16); |
49 | 6 |
|
50 | 7 | /// unit tests: [testValidateRPCPassword] |
51 | | -bool validateRPCPassword(String src) { |
52 | | - if (src.isEmpty) return false; |
53 | | - |
54 | | - // Password can't contain word 'password' |
55 | | - if (src.toLowerCase().contains('password')) return false; |
56 | | - |
57 | | - // Password must contain one digit, one lowercase letter, one uppercase letter, |
58 | | - // one special character and its length must be between 8 and 32 characters |
59 | | - final RegExp exp = RegExp( |
60 | | - r'^(?:(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[^A-Za-z0-9])).{8,32}$', |
61 | | - ); |
62 | | - if (!src.contains(exp)) return false; |
63 | | - |
64 | | - // Password can't contain same character three time in a row, |
65 | | - // so some code below to check that: |
66 | | - |
67 | | - // MRC: Divide the password into all possible 3 character blocks |
68 | | - final pieces = <String>[]; |
69 | | - for (int start = 0, end = 3; end <= src.length; start += 1, end += 1) { |
70 | | - pieces.add(src.substring(start, end)); |
71 | | - } |
72 | | - |
73 | | - // If, for any block, all 3 character are the same, block doesn't fit criteria |
74 | | - for (String p in pieces) { |
75 | | - final src = p[0]; |
76 | | - int count = 1; |
77 | | - if (p[1] == src) count += 1; |
78 | | - if (p[2] == src) count += 1; |
79 | | - |
80 | | - if (count == 3) return false; |
81 | | - } |
82 | | - |
83 | | - return true; |
84 | | -} |
| 8 | +bool validateRPCPassword(String src) => |
| 9 | + SecurityUtils.checkPasswordRequirements(src).isValid; |
0 commit comments