Closed abudden closed 10 years ago
jdstapleton
commented
10 years ago Does the empty string ("") one matches?
assertEquals("gNV", pwm.generateVerificationCode(""));
I didn't write this part of it, so I am doing some investigation on how this works too... But your code atleast from outer appearance looks like it should give the same result.
jdstapleton
commented
10 years ago public void testPwmWithSameProfileSettings() {
pwm = new PasswordMaker();
PwmProfile profile = pwm.getProfile();
profile.setCharacters("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz");
profile.setHashAlgo(HashAlgo.SHA_256);
profile.setLengthOfPassword((short) 3);
profile.setModifier("");
profile.setPrefix("");
profile.setSuffix("");
profile.setUseLeet(UseLeet.NotAtAll);
assertEquals("KPA", pwm.generatePassword("happy", ""));
}I can't seem to get the chrome version to get me an output for an empty master password. And I don't really have a dev environment setup for the chrome plugin. Can you verify that for those settings in the chrome password maker it returns KPA?
abudden
commented
10 years ago The chrome password maker does return KPA for happy and also gNV for "". Maybe I was a little unclear in my original question. As far as I can see, the chrome implementation matches the tests in the code for the android implementation. The issue I've got is that the android version running on my phone doesn't!
| Input | Android Test Harness | Chrome Extension | My Android Phone |
|---|---|---|---|
| gNV | gNV | 1B2 | |
| h | YJO | YJO | JRD |
| happybirthday | RHd | RHd | mGM |
| happy | KPA | KPA | Vqs |
Having said all of that, I've now realised that I'm using a different android app to the one I thought I was (oops): I was using https://play.google.com/store/apps/details?id=com.passwordmaker instead. Clearly this is a difference in implementation between your version and K.-M. Hansche's version (which is LGPL but I can't find the source code for it).
Having installed yours, I get the same result for the verification code as the javascript app. However, I get a different password in some cases (which prevents me from using your version at the moment), so I'll raise a separate issue for that.
Hello tasermonkey,
I really like the verification code feature that you've implemented on the android app (and I really like the android app, thank you!). I've got so used to it that I really miss it when I use the chrome extension (https://github.com/bitboxer/chrome-passwordmaker). In order to sort this out, I decided to have a go at implementing it (https://github.com/abudden/chrome-passwordmaker/commit/7b76d86acdab8e705cb459ba9c3a18ab2f183b26). However, I've found some confusing discrepancies. In the test harness for your implementation (https://github.com/tasermonkey/android-passwordmaker/commit/590e8cf18ec156f28a7c75debf9c76b61b0a77f9#diff-5), there are several example passwords, such as "happy" becoming "KPA". My implementation produces "KPA" for "happy".
However, when I run the app on my phone and type "happy" as a password, I get the code "Vqs" and I don't really understand why this is happening. I've tried various different settings in my implementation, but I can't produce the same result as the phone app. Is there something obvious I'm missing?
Many thanks in advance for any help you might be able to offer.
Al