1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "components/autofill/core/browser/password_generator.h"
10 #include "base/basictypes.h"
11 #include "base/logging.h"
12 #include "base/rand_util.h"
14 const int kMinUpper = 65; // First upper case letter 'A'
15 const int kMaxUpper = 90; // Last upper case letter 'Z'
16 const int kMinLower = 97; // First lower case letter 'a'
17 const int kMaxLower = 122; // Last lower case letter 'z'
18 const int kMinDigit = 48; // First digit '0'
19 const int kMaxDigit = 57; // Last digit '9'
20 // Copy of the other printable symbols from the ASCII table since they are
22 const char kOtherSymbols[] =
23 {'!', '\"', '#', '$', '%', '&', '\'', '(',
24 ')', '*', '+', ',', '-', '.', '/', ':',
25 ';', '<', '=', '>', '?', '@', '[', '\\',
26 ']', '^', '_', '`', '{', '|', '}', '~'};
27 const size_t kMinPasswordLength = 4;
28 const size_t kMaxPasswordLength = 15;
32 // A helper function to get the length of the generated password from
33 // |max_length| retrieved from input password field.
34 size_t GetLengthFromHint(size_t max_length, size_t default_length) {
35 if (max_length >= kMinPasswordLength && max_length <= kMaxPasswordLength)
38 return default_length;
41 void InitializeAlphaNumericCharacters(std::vector<char>* characters) {
42 for (int i = kMinDigit; i <= kMaxDigit; ++i)
43 characters->push_back(static_cast<char>(i));
44 for (int i = kMinUpper; i <= kMaxUpper; ++i)
45 characters->push_back(static_cast<char>(i));
46 for (int i = kMinLower; i <= kMaxLower; ++i)
47 characters->push_back(static_cast<char>(i));
50 // Classic algorithm to randomly select |num_select| elements out of
51 // |num_total| elements. One description can be found at:
52 // "http://stackoverflow.com/questions/48087/select-a-random-n-elements-from-listt-in-c-sharp/48089#48089"
53 void GetRandomSelection(size_t num_to_select,
55 std::vector<size_t>* selections) {
56 DCHECK_GE(num_total, num_to_select);
57 size_t num_left = num_total;
58 size_t num_needed = num_to_select;
59 for (size_t i = 0; i < num_total && num_needed > 0; ++i) {
60 // we have probability = |num_needed| / |num_left| to select
62 size_t probability = base::RandInt(0, num_left - 1);
63 if (probability < num_needed) {
64 selections->push_back(i);
69 DCHECK_EQ(num_to_select, selections->size());
76 const size_t PasswordGenerator::kDefaultPasswordLength = 12;
78 PasswordGenerator::PasswordGenerator(size_t max_length)
79 : password_length_(GetLengthFromHint(max_length, kDefaultPasswordLength)) {}
80 PasswordGenerator::~PasswordGenerator() {}
82 std::string PasswordGenerator::Generate() const {
84 CR_DEFINE_STATIC_LOCAL(std::vector<char>, alphanumeric_characters, ());
85 if (alphanumeric_characters.empty())
86 InitializeAlphaNumericCharacters(&alphanumeric_characters);
88 // First, randomly select 4 positions to hold one upper case letter,
89 // one lower case letter, one digit, and one other symbol respectively,
90 // to make sure at least one of each category of characters will be
91 // included in the password.
92 std::vector<size_t> positions;
93 GetRandomSelection(4u, password_length_, &positions);
95 // To enhance the strengh of the password, we random suffle the positions so
96 // that the 4 catagories can be put at a random position in it.
97 std::random_shuffle(positions.begin(), positions.end());
99 // Next, generate each character of the password.
100 for (size_t i = 0; i < password_length_; ++i) {
101 if (i == positions[0]) {
102 // Generate random upper case letter.
103 ret.push_back(static_cast<char>(base::RandInt(kMinUpper, kMaxUpper)));
104 } else if (i == positions[1]) {
105 // Generate random lower case letter.
106 ret.push_back(static_cast<char>(base::RandInt(kMinLower, kMaxLower)));
107 } else if (i == positions[2]) {
108 // Generate random digit.
109 ret.push_back(static_cast<char>(base::RandInt(kMinDigit, kMaxDigit)));
110 } else if (i == positions[3]) {
111 // Generate random other symbol.
113 kOtherSymbols[base::RandInt(0, arraysize(kOtherSymbols) - 1)]);
115 // Generate random alphanumeric character. We don't use other symbols
116 // here as most sites don't allow a lot of non-alphanumeric characters.
118 alphanumeric_characters.at(
119 base::RandInt(0, alphanumeric_characters.size() - 1)));
125 } // namespace autofill