diff --git a/src/ManagedUnitTests/V3StoreTests.cs b/src/ManagedUnitTests/V3StoreTests.cs index 7761e26..b15f301 100644 --- a/src/ManagedUnitTests/V3StoreTests.cs +++ b/src/ManagedUnitTests/V3StoreTests.cs @@ -112,7 +112,7 @@ public void BuildUsablev3Store() public void TestBadPassword() { V3Store store = new V3Store(@"D:\pwnedpwds\store"); - Assert.IsTrue(store.IsInStore("monash!!!!", StoreType.Word)); + Assert.IsTrue(store.IsInStore("password!!!!", StoreType.Word)); } [TestMethod] diff --git a/src/NativeUnitTests/StringNormalizationTests.cpp b/src/NativeUnitTests/StringNormalizationTests.cpp index 5d2d5f9..b7b4399 100644 --- a/src/NativeUnitTests/StringNormalizationTests.cpp +++ b/src/NativeUnitTests/StringNormalizationTests.cpp @@ -44,6 +44,11 @@ namespace NativeUnitTests TestString password(L"Password345!"); Assert::AreEqual(L"password", NormalizePassword(password)); } - }; + TEST_METHOD(NormalizedStringNoLetters) + { + TestString password(L"123456789"); + Assert::AreEqual(L"123456789", NormalizePassword(password)); + } + }; } \ No newline at end of file diff --git a/src/PasswordFilter/stringnormalization.cpp b/src/PasswordFilter/stringnormalization.cpp index a36f335..25440a2 100644 --- a/src/PasswordFilter/stringnormalization.cpp +++ b/src/PasswordFilter/stringnormalization.cpp @@ -35,6 +35,11 @@ SecureArrayT NormalizePassword(const SecureArrayT &password) return SecureArrayT(0); } + if (!HasLetter(password)) + { + return password; + } + SecureArrayT newPassword = ToLowerInvariant(password); RemoveWhiteSpace(newPassword); @@ -45,6 +50,19 @@ SecureArrayT NormalizePassword(const SecureArrayT &password) return newPassword; } +bool HasLetter(const SecureArrayT &s) +{ + for (wchar_t* c = s.get(); *c; ++c) + { + if (std::iswalpha(*c)) + { + return true; + } + } + + return false; +} + void RemoveWhiteSpace(SecureArrayT &s) { LPWSTR cpy = s.get(); diff --git a/src/PasswordFilter/stringnormalization.h b/src/PasswordFilter/stringnormalization.h index 3ef4022..0a3588d 100644 --- a/src/PasswordFilter/stringnormalization.h +++ b/src/PasswordFilter/stringnormalization.h @@ -14,3 +14,5 @@ void RemoveWhiteSpace(SecureArrayT &s); void RemoveChars(SecureArrayT &s, const WCHAR *charsToRemove); void ReplaceChars(SecureArrayT &s, const WCHAR *charPairsToReplace); + +bool HasLetter(const SecureArrayT &s); \ No newline at end of file diff --git a/src/PasswordProtection/StringNormalizer.cs b/src/PasswordProtection/StringNormalizer.cs index 8d129e5..3c50f7a 100644 --- a/src/PasswordProtection/StringNormalizer.cs +++ b/src/PasswordProtection/StringNormalizer.cs @@ -17,7 +17,13 @@ public static class StringNormalizer public static string Normalize(string password) { + if (!password.Any(char.IsLetter)) + { + return password; + } + password = password.ToLowerInvariant(); + password = new string(password.Where(t => !char.IsWhiteSpace(t)).ToArray()); password = password.TrimEnd(StringNormalizer.CharsToTrim); password = password.TrimStart(StringNormalizer.CharsToTrim); @@ -26,11 +32,11 @@ public static string Normalize(string password) .Replace(".", "") .Replace("+", "") .Replace('$', 's') + .Replace('5', 's') .Replace('0', 'o') .Replace('4', 'a') .Replace('3', 'e') .Replace('@', 'a') - .Replace('4', 'a') .Replace('^', 'a') .Replace('(', 'c') .Replace('6', 'g') @@ -41,4 +47,4 @@ public static string Normalize(string password) .Replace('!', 'i'); } } -} +} \ No newline at end of file