}
function showEntropyFeedback(entropy) {
+ var numberOfBits = entropy.binaryStr.length;
var strength = "extremely weak";
- if (entropy.binaryStr.length >= 64) {
+ if (numberOfBits >= 64) {
strength = "very weak";
}
- if (entropy.binaryStr.length >= 96) {
+ if (numberOfBits >= 96) {
strength = "weak";
}
- if (entropy.binaryStr.length >= 128) {
+ if (numberOfBits >= 128) {
strength = "strong";
}
- if (entropy.binaryStr.length >= 160) {
+ if (numberOfBits >= 160) {
strength = "very strong";
}
- if (entropy.binaryStr.length >= 192) {
+ if (numberOfBits >= 192) {
strength = "extremely strong";
}
// If time to crack is less than one day, and password is considered
// strong or better based on the number of bits, rename strength to
// 'easily cracked'.
- var z = zxcvbn(entropy.cleanStr);
- var timeToCrack = z.crack_times_seconds.offline_fast_hashing_1e10_per_second;
- if (timeToCrack < 86400 && entropy.binaryStr.length >= 128) {
- strength = "easily cracked";
- if (z.feedback.warning != "") {
- strength = strength + " - " + z.feedback.warning;
- };
- }
- var bitsStr = getNumberOfEntropyBits(entropy);
- var wordCount = Math.floor(entropy.binaryStr.length / 32) * 3;
+ try {
+ var z = zxcvbn(entropy.base.parts.join(""));
+ var timeToCrack = z.crack_times_seconds.offline_fast_hashing_1e10_per_second;
+ if (timeToCrack < 86400 && entropy.binaryStr.length >= 128) {
+ strength = "easily cracked";
+ if (z.feedback.warning != "") {
+ strength = strength + " - " + z.feedback.warning;
+ };
+ }
+ }
+ catch (e) {
+ strength = "unknown";
+ console.log("Error detecting entropy strength with zxcvbn:");
+ console.log(e);
+ }
+ var entropyTypeStr = getEntropyTypeStr(entropy);
+ var wordCount = Math.floor(numberOfBits / 32) * 3;
+ var bitsPerEvent = Math.log2(entropy.base.asInt).toFixed(2);
+ if (entropy.base.asInt == 52) {
+ bitsPerEvent = bitsPerEvent + " (or less)";
+ }
DOM.entropyFiltered.html(entropy.cleanHtml);
- DOM.entropyType.text(entropy.base.str);
+ DOM.entropyType.text(entropyTypeStr);
DOM.entropyStrength.text(strength);
DOM.entropyEventCount.text(entropy.base.ints.length);
- DOM.entropyBits.text(bitsStr);
+ DOM.entropyBits.text(numberOfBits);
DOM.entropyWordCount.text(wordCount);
DOM.entropyBinary.text(entropy.binaryStr);
- DOM.entropyBitsPerEvent.text(Math.log2(entropy.base.asInt).toFixed(2));
+ DOM.entropyBitsPerEvent.text(bitsPerEvent);
}
- function getNumberOfEntropyBits(entropy) {
- var bitsStr = entropy.binaryStr.length.toString();
- // If using cards, assume they are not reused, thus additional entropy
- // decreases as more cards are used. This means entropy is measured
- // using n!, not base^n.
- // eg the second last card can be only one of two, not one of fifty two
- // so the added entropy for that card is only one bit at most
+ function getEntropyTypeStr(entropy) {
+ var typeStr = entropy.base.str;
+ // Add some detail if these are cards
if (entropy.base.asInt == 52) {
- var totalCombos = factorial(52);
- var remainingCards = 52 - entropy.base.parts.length;
- var remainingCombos = factorial(remainingCards);
- var currentCombos = totalCombos.divide(remainingCombos);
- bitsStr = currentCombos.toString(2).length.toString();
- }
- return bitsStr
- }
-
- // Depends on BigInteger
- function factorial(n) {
- if (n == 0) {
- return 1;
- }
- f = BigInteger.ONE;
- for (var i=1; i<=n; i++) {
- f = f.multiply(new BigInteger(i));
+ var cardDetail = []; // array of message strings
+ // Detect duplicates
+ var dupes = [];
+ var dupeTracker = {};
+ for (var i=0; i<entropy.base.parts.length; i++) {
+ var card = entropy.base.parts[i];
+ var cardUpper = card.toUpperCase();
+ if (cardUpper in dupeTracker) {
+ dupes.push(card);
+ }
+ dupeTracker[cardUpper] = true;
+ }
+ if (dupes.length > 0) {
+ var dupeWord = "duplicates";
+ if (dupes.length == 1) {
+ dupeWord = "duplicate";
+ }
+ var msg = dupes.length + " " + dupeWord + ": " + dupes.slice(0,3).join(" ");
+ if (dupes.length > 3) {
+ msg += "...";
+ }
+ cardDetail.push(msg);
+ }
+ // Detect full deck
+ var uniqueCards = [];
+ for (var uniqueCard in dupeTracker) {
+ uniqueCards.push(uniqueCard);
+ }
+ if (uniqueCards.length == 52) {
+ cardDetail.unshift("full deck");
+ }
+ // Detect missing cards
+ var values = "A23456789TJQK";
+ var suits = "CDHS";
+ var missingCards = [];
+ for (var i=0; i<suits.length; i++) {
+ for (var j=0; j<values.length; j++) {
+ var card = values[j] + suits[i];
+ if (!(card in dupeTracker)) {
+ missingCards.push(card);
+ }
+ }
+ }
+ // Display missing cards if six or less, ie clearly going for full deck
+ if (missingCards.length > 0 && missingCards.length <= 6) {
+ var msg = missingCards.length + " missing: " + missingCards.slice(0,3).join(" ");
+ if (missingCards.length > 3) {
+ msg += "...";
+ }
+ cardDetail.push(msg);
+ }
+ // Add card details to typeStr
+ if (cardDetail.length > 0) {
+ typeStr += " (" + cardDetail.join(", ") + ")";
+ }
}
- return f;
+ return typeStr;
}
var networks = [