Module me.gosimple.nbvcxz
Package me.gosimple.nbvcxz.resources

Class ConfigurationBuilder

java.lang.Object
me.gosimple.nbvcxz.resources.ConfigurationBuilder
public class ConfigurationBuilder extends Object
Builder class for creating Configuration.
Author:
Adam Brusselback.

  • Constructor Details

    • ConfigurationBuilder

      public ConfigurationBuilder()

  • Method Details

    • getDefaultPasswordMatchers

      public static List<PasswordMatcher> getDefaultPasswordMatchers()
      Returns:
      Includes all standard password matchers included with Nbvcxz.

    • getMooresMultiplier

      public static BigDecimal getMooresMultiplier()
      Returns the Moore's law multiplier we're using for getDefaultGuessTypes(). We will only return a multiplier greater than 1 if it has been more than year since we've updated the constants. The date for this function is: 2018-08-01
      Returns:
      the Moore's Law multiplier

    • getDefaultGuessTypes

      public static Map<String,Long> getDefaultGuessTypes(Long crackingHardwareCost)
      This list was compiled in September 2021 using a baseline of what could be bought for roughly $20k usd for the offline attack values.

      In the case this library is no longer maintained (or you choose to stay on an old version of it), we will scale the existing values by Moore's law.

      Parameters:
      crackingHardwareCost - the hardware cost (USD) to scale the guesses per second
      Returns:
      The default list of guess types and associated values of guesses per second.

    • getDefaultGuessTypes

      public static Map<String,Long> getDefaultGuessTypes()
      This list was compiled in August 2018 using a baseline of what could be bought for roughly $20k usd for the offline attack values.

      In the case this library is no longer maintained (or you choose to stay on an old version of it), we will scale the existing values by Moore's law.

      Returns:
      The default list of guess types and associated values of guesses per second.

    • getDefaultDictionaries

      public static List<Dictionary> getDefaultDictionaries()
      Returns:
      Returns all the dictionaries included with Nbvcxz. Namely there is a dictionary for common passwords, english male names, english female names, english surnames, and common english words.

    • getDefaultAdjacencyGraphs

      public static List<AdjacencyGraph> getDefaultAdjacencyGraphs()
      Returns:
      Default keyboard adjacency graphs for standard querty, standard keypad, and mac keypad

    • getDefaultLeetTable

      public static Map<Character,Character[]> getDefaultLeetTable()
      Returns:
      The default table of common english leet substitutions

    • getDefaultYearPattern

      public static Pattern getDefaultYearPattern()
      Returns:
      The default pattern for years includes years 1900-2029

    • getDefaultMinimumEntropy

      public static double getDefaultMinimumEntropy()
      Returns:
      The default value for minimum entropy is 35.

    • getDefaultMaxLength

      public static int getDefaultMaxLength()
      Returns:
      The default value for max length is 256. This should match the exact length your algorithm is limited to (72 for most bcrypt implementations).

    • getDefaultDistanceCalc

      public static Boolean getDefaultDistanceCalc()
      Returns:
      the default is false

    • getDefaultCombinationAlgorithmTimeout

      public static long getDefaultCombinationAlgorithmTimeout()
      Returns:
      The default value for combination algorithm timeout is 500 (ms).

    • getDefaultCrackingHardwareCost

      public static long getDefaultCrackingHardwareCost()
      Returns:
      The default value for hardware cost is 20000 usd.

    • setPasswordMatchers

      public ConfigurationBuilder setPasswordMatchers(List<PasswordMatcher> passwordMatchers)
      PasswordMatcher are what look for different patterns within the password and create an associated Match object.
      Users of this library can implement their own PasswordMatcher and Match classes, here is where you would register them.
      Parameters:
      passwordMatchers - List of matchers
      Returns:
      Builder

    • setGuessTypes

      public ConfigurationBuilder setGuessTypes(Map<String,Long> guessTypes)
      Guess types are used to calculate how long an attack would take using that method using guesses/sec.
      Parameters:
      guessTypes - key is a description of the type of guess, value is how many guesses per second
      Returns:
      Builder

    • setDictionaries

      public ConfigurationBuilder setDictionaries(List<Dictionary> dictionaries)
      Dictionaries are used by the DictionaryMatcher to find common words, names, and known passwords within the password.
      Parameters:
      dictionaries - List of dictionaries
      Returns:
      Builder

    • setAdjacencyGraphs

      public ConfigurationBuilder setAdjacencyGraphs(List<AdjacencyGraph> adjacencyGraphs)
      AdjacencyGraphs are used to find spacial patterns within passwords (e.g. asdfghj).
      Parameters:
      adjacencyGraphs - List of adjacencyGraphs
      Returns:
      Builder

    • setLeetTable

      public ConfigurationBuilder setLeetTable(Map<Character,Character[]> leetTable)
      The leet table is used to check within a password for common character substitutions (e.g. s to $).
      Parameters:
      leetTable - Map for leetTable
      Returns:
      Builder

    • setYearPattern

      public ConfigurationBuilder setYearPattern(Pattern yearPattern)
      Year patterns are used to look for years within a password.
      Parameters:
      yearPattern - Pattern for year matching
      Returns:
      Builder

    • setMinimumEntropy

      public ConfigurationBuilder setMinimumEntropy(Double minimumEntropy)
      Used to check if the password is secure enough, and give feedback if not.
      Parameters:
      minimumEntropy - Value for minimumEntropy (should be a positive value)
      Returns:
      Builder

    • setMinimumEntropy

      public ConfigurationBuilder setMinimumEntropy(BigDecimal seconds_to_crack, String guess_type)
      Sets the minimum entropy based on time to crack, and a specific guess type.
      If you are specifying a cracking hardware cost, you should set that prior to calling this.
      Parameters:
      seconds_to_crack - Value in seconds that you want to consider the minimum for a password to be considered good
      guess_type - The guess type to use to figure out what the guesses per second are for this calculation
      Returns:
      Builder

    • setMaxLength

      public ConfigurationBuilder setMaxLength(Integer maxLength)
      Used to limit total password length to run estimation on. Information will be available in the Result if the password was longer than maxLength. This should match the exact length your algorithm is limited to (72 for most bcrypt implementations). If you arbitrarily limit the input for passwords, ensure the passed in value is either already truncated to the correct length, or this value is set to the same length you will truncate to.
      Parameters:
      maxLength - Value for maxLength (should be a positive value)
      Returns:
      Builder

    • setLocale

      public ConfigurationBuilder setLocale(Locale locale)
      Supported locales are en, and fr.
      Default locale is en.
      Parameters:
      locale - Locale for localization
      Returns:
      Builder

    • setDistanceCalc

      public ConfigurationBuilder setDistanceCalc(Boolean distanceCalc)
      Distance based dictionary calculations which provide support for misspelling detection, at the expense of performance. This will slow down calculations by an order of magnitude.
      Parameters:
      distanceCalc - true to enable distance based dictionary calculations
      Returns:
      Builder

    • setCombinationAlgorithmTimeout

      public ConfigurationBuilder setCombinationAlgorithmTimeout(Long combinationAlgorithmTimeout)
      Timeout for the findBestCombination algorithm. If there are too many possible matches at each position of the password, the algorithm can take too long to get an answer and we must fall back to a simpler algorithm.

      To disable the findBestMatches calculation and always fall back to the faster, less accurate one, set to 0.

      Parameters:
      combinationAlgorithmTimeout - The time in ms to timeout
      Returns:
      Builder

    • setCrackingHardwareCost

      public ConfigurationBuilder setCrackingHardwareCost(Long crackingHardwareCost)
      Sets the cost of cracking hardware to scale the guesses / second for the default guess types.
      Does not have any affect if you manually specify the guess types.
      Parameters:
      crackingHardwareCost - The hardware cost in USD
      Returns:
      Builder

    • createConfiguration

      public Configuration createConfiguration()
      Creates the Configuration object using all values set in this builder, or default values if unset.
      Returns:
      Configuration object from builder