mirrors/cryptomator
1
0
Fork 0
mirror of https://github.com/cryptomator/cryptomator.git synced 2026-05-28 07:30:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updated zxcvbn4j to 1.3.0, which allows us to swipe the password from memory even after measuring its strength

Browse Source
This commit is contained in:
Sebastian Stenzel
2019-12-18 14:40:04 +01:00
parent 93c3da66da
commit f475f70adf
3 changed files with 5 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
main/ui/pom.xml
View File

@@ -65,7 +65,7 @@
<dependency>
<groupId>com.nulab-inc</groupId>
<artifactId>zxcvbn</artifactId>
<version>1.2.7</version>
<version>1.3.0</version>
</dependency>
<!-- Logging -->

2
main/ui/src/main/java/org/cryptomator/ui/common/NewPasswordController.java
View File

@@ -38,7 +38,7 @@ public class NewPasswordController implements FxController {
public void initialize() {
BooleanBinding passwordsMatch = Bindings.createBooleanBinding(this::hasSamePasswordInBothFields, passwordField.textProperty(), reenterField.textProperty());
BooleanBinding reenterFieldNotEmpty = reenterField.textProperty().isNotEmpty();
passwordStrength.bind(Bindings.createIntegerBinding(() -> strengthRater.computeRate(passwordField.getCharacters().toString()), passwordField.textProperty()));
passwordStrength.bind(Bindings.createIntegerBinding(() -> strengthRater.computeRate(passwordField.getCharacters()), passwordField.textProperty()));
passwordStrengthLabel.textProperty().bind(EasyBind.map(passwordStrength, strengthRater::getStrengthDescription));
passwordMatchLabel.visibleProperty().bind(reenterFieldNotEmpty);

8
main/ui/src/main/java/org/cryptomator/ui/common/PasswordStrengthUtil.java
View File

@@ -8,12 +8,10 @@
*******************************************************************************/
package org.cryptomator.ui.common;
import com.google.common.base.Strings;
import com.nulabinc.zxcvbn.Zxcvbn;
import org.cryptomator.ui.fxapp.FxApplicationScoped;
import javax.inject.Inject;
import java.util.ArrayList;
import java.util.List;
import java.util.ResourceBundle;
@@ -34,12 +32,12 @@ public class PasswordStrengthUtil {
this.sanitizedInputs = List.of("cryptomator");
}
public int computeRate(String password) {
if (Strings.isNullOrEmpty(password)) {
public int computeRate(CharSequence password) {
if (password == null || password.length() == 0) {
return -1;
} else {
int numCharsToRate = Math.min(PW_TRUNC_LEN, password.length());
return zxcvbn.measure(password.substring(0, numCharsToRate), sanitizedInputs).getScore();
return zxcvbn.measure(password.subSequence(0, numCharsToRate), sanitizedInputs).getScore();
}
}