PeterCxy/open-keychain
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases 1 Wiki Activity

Block 20 most chosen PINs

Browse source
This commit is contained in:
Dominik Schürmann 2016-08-16 03:23:43 +02:00
parent 0733984e3f
commit 9adaf1434f
2 changed files with 19 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateSecurityTokenPinFragment.java
View file

@ -47,19 +47,30 @@ public class CreateSecurityTokenPinFragment extends Fragment {
View mBackButton; View mBackButton;
View mNextButton; View mNextButton;
// top 20 according to http://datagenetics.com/blog/september32012/index.html
// extended from 4 digits to 6 for our use case
private static HashSet<String> sPinBlacklist = new HashSet<>(Arrays.asList( private static HashSet<String> sPinBlacklist = new HashSet<>(Arrays.asList(
"000000", "123456",
"111111", "111111",
"222222", "000000",
"333333", "121212",
"777777",
// "1004", makes no sense as "100004", see blog post
"200000",
"444444", "444444",
"222222",
"696969",
"999999",
"333333",
"555555", "555555",
"666666", "666666",
"777777", "111222",
"131313",
"888888", "888888",
"999999", "654321",
"123456", "200001",
"XXXXXX" "101010",
"XXXXXX" // additional: should not be used, as this PIN is entered for resetting the card
)); ));
/** /**

2
OpenKeychain/src/main/res/values/strings.xml
View file

@ -791,7 +791,7 @@
<string name="create_key_yubi_key_pin_repeat">"Repeat PIN"</string> <string name="create_key_yubi_key_pin_repeat">"Repeat PIN"</string>
<string name="create_key_yubi_key_pin_not_correct">"PIN is not correct!"</string> <string name="create_key_yubi_key_pin_not_correct">"PIN is not correct!"</string>
<string name="create_key_yubi_key_pin_too_short">"PIN must be at least 6 numbers long!"</string> <string name="create_key_yubi_key_pin_too_short">"PIN must be at least 6 numbers long!"</string>
<string name="create_key_yubi_key_pin_insecure">"Please choose a secure PIN, not 000000, 123456 or similar combinations."</string> <string name="create_key_yubi_key_pin_insecure">"Please choose a secure PIN, not 000000, 123456 or similar combinations (the top 20 most chosen PINs are not allowed)"</string>
<!-- View key --> <!-- View key -->
<string name="view_key_revoked">"Revoked: Key must not be used anymore!"</string> <string name="view_key_revoked">"Revoked: Key must not be used anymore!"</string>