safec  2.1
Safe C Library - ISO TR24731 Bounds Checking Interface
strispassword_s.c
Go to the documentation of this file.
1 /*------------------------------------------------------------------
2  * strispassword_s.c
3  *
4  * October 2008, Bo Berry
5  *
6  * Copyright (c) 2008-2011, 2013 by Cisco Systems, Inc
7  * All rights reserved.
8  *
9  * Permission is hereby granted, free of charge, to any person
10  * obtaining a copy of this software and associated documentation
11  * files (the "Software"), to deal in the Software without
12  * restriction, including without limitation the rights to use,
13  * copy, modify, merge, publish, distribute, sublicense, and/or
14  * sell copies of the Software, and to permit persons to whom the
15  * Software is furnished to do so, subject to the following
16  * conditions:
17  *
18  * The above copyright notice and this permission notice shall be
19  * included in all copies or substantial portions of the Software.
20  *
21  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
23  * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
25  * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
26  * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
27  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
28  * OTHER DEALINGS IN THE SOFTWARE.
29  *------------------------------------------------------------------
30  */
31 
32 #include "safeclib_private.h"
33 #include "safe_str_constraint.h"
34 #include "safe_str_lib.h"
35 
36 
69 bool
70 strispassword_s (const char *dest, rsize_t dmax)
71 {
72  uint32_t cnt_all;
73  uint32_t cnt_lowercase;
74  uint32_t cnt_uppercase;
75  uint32_t cnt_numbers;
76  uint32_t cnt_specials;
77 
78  if (!dest) {
79  invoke_safe_str_constraint_handler("strispassword_s: "
80  "dest is null",
81  NULL, ESNULLP);
82  return (false);
83  }
84 
85  if (dmax < SAFE_STR_PASSWORD_MIN_LENGTH) {
86  invoke_safe_str_constraint_handler("strispassword_s: "
87  "dest is too short",
88  NULL, ESLEMIN);
89  return (false);
90  }
91 
92  if (dmax > SAFE_STR_PASSWORD_MAX_LENGTH) {
93  invoke_safe_str_constraint_handler("strispassword_s: "
94  "dest exceeds max",
95  NULL, ESLEMAX);
96  return (false);
97  }
98 
99  if (*dest == '\0') {
100  return (false);
101  }
102 
103  cnt_all = cnt_lowercase = cnt_uppercase = 0;
104  cnt_numbers = cnt_specials = 0;
105 
106  while (*dest) {
107 
108  if (dmax == 0) {
110  "strispassword_s: dest is unterminated",
111  NULL, ESUNTERM);
112  return (false);
113  }
114  dmax--;
115 
116  cnt_all++;
117 
118  if ((*dest >= '0') && (*dest <= '9')) {
119  cnt_numbers++;
120 
121  } else if ((*dest >= 'a') && (*dest <= 'z')) {
122  cnt_lowercase++;
123 
124  } else if ((*dest >= 'A') && (*dest <= 'Z')) {
125  cnt_uppercase++;
126 
127  /* allow all specials */
128  } else if ((*dest >= 33) && (*dest <= 47)) {
129  cnt_specials++;
130  } else if ((*dest >= 58) && (*dest <= 64)) {
131  cnt_specials++;
132  } else if ((*dest >= 91) && (*dest <= 94)) {
133  cnt_specials++;
134  } else if ((*dest >= 95) && (*dest <= 96)) {
135  cnt_specials++;
136  } else if ((*dest >= 123) && (*dest <= 126)) {
137  cnt_specials++;
138 
139  } else {
140  /* illegal char in password string */
141  return (false);
142  }
143  dest++;
144  }
145 
146  if (cnt_all < SAFE_STR_PASSWORD_MAX_LENGTH &&
147  cnt_numbers >= SAFE_STR_MIN_NUMBERS &&
148  cnt_lowercase >= SAFE_STR_MIN_LOWERCASE &&
149  cnt_uppercase >= SAFE_STR_MIN_UPPERCASE &&
150  cnt_specials >= SAFE_STR_MIN_SPECIALS ) {
151  return (true);
152  } else {
153  return (false);
154  }
155 }
bool strispassword_s(const char *dest, rsize_t dmax)
This function validates the make-up of a password string.
void invoke_safe_str_constraint_handler(const char *msg, void *ptr, errno_t error)
Invokes the currently set constraint handler or the default.