Significant update to bring inline with the Typescript library. (#22)

A significant update to bring the library in line with the Typescript library.

.gitignore

@@ -1,5 +1,7 @@
 ## Ignore Visual Studio temporary files, build results, and
 ## files generated by popular Visual Studio add-ons.
+##
+## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
 
 # User-specific files
 *.suo
@@ -22,11 +24,14 @@ bld/
 [Oo]bj/
 [Ll]og/
 
-# Visual Studio 2015 cache/options directory
+# Visual Studio 2015/2017 cache/options directory
 .vs/
 # Uncomment if you have tasks that create the project's static files in wwwroot
 #wwwroot/
 
+# Visual Studio 2017 auto generated files
+Generated\ Files/
+
 # MSTest test Results
 [Tt]est[Rr]esult*/
 [Bb]uild[Ll]og.*
@@ -40,11 +45,19 @@ TestResult.xml
 [Rr]eleasePS/
 dlldata.c
 
-# DNX
+# Benchmark Results
+BenchmarkDotNet.Artifacts/
+
+# .NET Core
 project.lock.json
 project.fragment.lock.json
 artifacts/
+**/Properties/launchSettings.json
+
+# StyleCop
+StyleCopReport.xml
 
+# Files built by Visual Studio
 *_i.c
 *_p.c
 *_i.h
@@ -90,6 +103,9 @@ ipch/
 *.vspx
 *.sap
 
+# Visual Studio Trace Files
+*.e2e
+
 # TFS 2012 Local Workspace
 $tf/
 
@@ -110,6 +126,14 @@ _TeamCity*
 # DotCover is a Code Coverage Tool
 *.dotCover
 
+# AxoCover is a Code Coverage Tool
+.axoCover/*
+!.axoCover/settings.json
+
+# Visual Studio code coverage results
+*.coverage
+*.coveragexml
+
 # NCrunch
 _NCrunch_*
 .*crunch*.local.xml
@@ -141,7 +165,7 @@ publish/
 # Publish Web Output
 *.[Pp]ublish.xml
 *.azurePubxml
-# TODO: Comment the next line if you want to checkin your web deploy settings
+# Note: Comment the next line if you want to checkin your web deploy settings,
 # but database connection strings (with potential passwords) will be unencrypted
 *.pubxml
 *.publishproj
@@ -154,12 +178,12 @@ PublishScripts/
 # NuGet Packages
 *.nupkg
 # The packages folder can be ignored because of Package Restore
-**/packages/*
+**/[Pp]ackages/*
 # except build/, which is used as an MSBuild target.
-!**/packages/build/
+!**/[Pp]ackages/build/
 # Uncomment if necessary however generally it will be regenerated when needed
-#!**/packages/repositories.config
-# NuGet v3's project.json files produces more ignoreable files
+#!**/[Pp]ackages/repositories.config
+# NuGet v3's project.json files produces more ignorable files
 *.nuget.props
 *.nuget.targets
 
@@ -176,6 +200,7 @@ AppPackages/
 BundleArtifacts/
 Package.StoreAssociation.xml
 _pkginfo.txt
+*.appx
 
 # Visual Studio cache files
 # files ending in .cache can be ignored
@@ -189,11 +214,15 @@ ClientBin/
 *~
 *.dbmdl
 *.dbproj.schemaview
+*.jfm
 *.pfx
 *.publishsettings
-node_modules/
 orleans.codegen.cs
 
+# Including strong name files can present a security risk 
+# (https://github.com/github/gitignore/pull/2483#issue-259490424)
+#*.snk
+
 # Since there are multiple workflows, uncomment next line to ignore bower_components
 # (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
 #bower_components/
@@ -208,10 +237,12 @@ _UpgradeReport_Files/
 Backup*/
 UpgradeLog*.XML
 UpgradeLog*.htm
+ServiceFabricBackup/
 
 # SQL Server files
 *.mdf
 *.ldf
+*.ndf
 
 # Business Intelligence projects
 *.rdl.data
@@ -226,13 +257,20 @@ FakesAssemblies/
 
 # Node.js Tools for Visual Studio
 .ntvs_analysis.dat
+node_modules/
+
+# TypeScript v1 declaration files
+typings/
 
 # Visual Studio 6 build log
 *.plg
 
 # Visual Studio 6 workspace options file
 *.opt
 
+# Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
+*.vbw
+
 # Visual Studio LightSwitch build output
 **/*.HTMLClient/GeneratedArtifacts
 **/*.DesktopClient/GeneratedArtifacts
@@ -251,9 +289,39 @@ paket-files/
 # JetBrains Rider
 .idea/
 *.sln.iml
-/reports/coverage
-/tools/OpenCover
-/tools/ReportGenerator
-/tools/xunit.runner.console
-/test-results.xml
-/tools/coveralls.io/tools
+
+# CodeRush
+.cr/
+
+# Python Tools for Visual Studio (PTVS)
+__pycache__/
+*.pyc
+
+# Cake - Uncomment if you are using it
+# tools/**
+# !tools/packages.config
+
+# Tabs Studio
+*.tss
+
+# Telerik's JustMock configuration file
+*.jmconfig
+
+# BizTalk build output
+*.btp.cs
+*.btm.cs
+*.odx.cs
+*.xsd.cs
+
+# OpenCover UI analysis results
+OpenCover/
+
+# Azure Stream Analytics local run output 
+ASALocalRun/
+
+# MSBuild Binary and Structured Log
+*.binlog
+
+/reports
+/tools
+/nuget.exe

LICENSE

@@ -1,4 +1,5 @@
 Copyright (c) 2012 Dropbox, Inc.
+Copyright (c) 2020 Tony Richards
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

README.md

@@ -1,8 +1,8 @@
 Zxcvbn C#/.NET
 ==============
 
-[![Build status](https://ci.appveyor.com/api/projects/status/ji4rr97d6rbxycw4?svg=true)](https://ci.appveyor.com/project/trichards57/zxcvbn-cs-62692)
-[![Coverage Status](https://coveralls.io/repos/github/trichards57/zxcvbn-cs/badge.svg?branch=master)](https://coveralls.io/github/trichards57/zxcvbn-cs?branch=master)
+[![Build status](https://ci.appveyor.com/api/projects/status/90iaonivnh97yfda?svg=true)](https://ci.appveyor.com/project/trichards57/zxcvbn-cs-62692)
+[![Coverage Status](https://coveralls.io/repos/github/trichards57/zxcvbn-cs/badge.svg)](https://coveralls.io/github/trichards57/zxcvbn-cs)
 [![NuGet](https://img.shields.io/nuget/v/zxcvbn-core.svg)](https://www.nuget.org/packages/zxcvbn-core)
 
 This is a port of the `Zxcvbn` JavaScript password strength estimation library at
@@ -25,69 +25,36 @@ From the `Zxcvbn` readme:
 >
 > http://tech.dropbox.com/?p=165
 
-This port aims to produce comparable results with the JS version of `Zxcvbn`. The results
-structure that is returned can be interpreted in the same way as with JS `Zxcvbn` and this
-port has been tested with a variety of passwords to ensure that it return the same results
-as the JS version.
-
-There are some implementation differences, however, so exact results are not guaranteed.
+This port aims to produce comparable results with the Typescript version of `Zxcvbn` which I have also put out and is here https://github.com/trichards57/zxcvbn. 
+The results structure that is returned can be interpreted in the same way as with JS `Zxcvbn` and this port has been tested with a variety of passwords to ensure 
+that it return the same score as the JS version (some other details vary a little).
 
+I have tried to keep the implementation as close as possible, but there is still a chance of some small changes.  Let me know if you find any differences
+and I can investigate.
 
 ### Using `Zxcvbn-cs`
 
 The included Visual Studio project will create a single assembly, Zxcvbn.dll, which is all that is
 required to be included in your project.
 
-To evaluate a single password:
-
-``` C#
-using Zxcvbn;
-
-//...
-
-var result = Zxcvbn.MatchPassword("p@ssw0rd");
-```
-
-To evaluate many passwords, create an instance of `Zxcvbn` and then use that to evaluate your passwords. 
-This avoids reloading dictionaries etc. for every password:
+To evaluate a password:
 
 ``` C#
 using Zxcvbn;
 
 //...
 
-var zx = new Zxcvbn();
-
-foreach (var password in passwords)
-{
-	var result = zx.EvaluatePassword(password);
-
-	//...
-}
+var result = Zxcvbn.Core.EvaluatePassword("p@ssw0rd");
 ```
 
-Both `MatchPassword` and `EvaluatePassword` take an optional second parameter that contains an enumerable of
+`EvaluatePassword` takes an optional second parameter that contains an enumerable of
 user data strings to also match the password against.
 
 ### Interpreting Results
 
-The `Result` structure returned from password evaluation is interpreted the same way as with JS `Zxcvbn`:
-
-- `result.Entropy`: bits of entropy for the password
-- `result.CrackTime`: an estimation of actual crack time, in seconds.
-- `result.CrackTimeDisplay`: the crack time, as a friendlier string: "instant", "6 minutes", "centuries", etc.
-- `result.Score`: [0,1,2,3,4] if crack time is less than [10\*\*2, 10\*\*4, 10\*\*6, 10\*\*8, Infinity]. (useful for implementing a strength bar.)
-- `result.MatchSequence`: the list of pattern matches that was used to calculate Entropy.
-- `result.CalculationTime`: how long `Zxcvbn` took to calculate the results.
-
-### More Information
-
-For more information on why password entropy is calculated as it is, refer to `Zxcvbn`s originators:
-
-https://github.com/lowe/zxcvbn
-
-http://tech.dropbox.com/?p=165
+The `Result` structure returned from password evaluation is interpreted the same way as with JS `Zxcvbn`.
 
+- `result.Score`: 0-4 indicating the estimated strength of the password.
 
 ### Licence
 

appveyor.yml

@@ -1,5 +1,6 @@
-version: 2.1.{build}
-image: Visual Studio 2017
+version: 5.0.{build}
+image: Visual Studio 2019
+
 init:
   - git config --global core.autocrlf true
 skip_tags: true
@@ -14,15 +15,15 @@ after_build:
   - cmd: dotnet pack
 before_test:
   - cmd: mkdir %APPVEYOR_BUILD_FOLDER%\reports\coverage\history
-  - cmd: cd %APPVEYOR_BUILD_FOLDER% && nuget install OpenCover -ExcludeVersion -OutputDirectory tools
-  - cmd: cd %APPVEYOR_BUILD_FOLDER% && nuget install xunit.runner.console -ExcludeVersion -OutputDirectory tools
-  - cmd: cd %APPVEYOR_BUILD_FOLDER% && nuget install coveralls.io -ExcludeVersion -OutputDirectory tools
+  - cmd: mkdir %APPVEYOR_BUILD_FOLDER%\tools
+  - cmd: cd %APPVEYOR_BUILD_FOLDER% 
+  - cmd: nuget install OpenCover -ExcludeVersion -OutputDirectory tools
+  - cmd: nuget install xunit.runner.console -ExcludeVersion -OutputDirectory tools
+  - cmd: nuget install coveralls.io -ExcludeVersion -OutputDirectory tools
 test_script:
-  - cmd: cd %APPVEYOR_BUILD_FOLDER%\zxcvbn-core-test && set APPVEYOR_API_URL= && ..\tools\OpenCover\tools\OpenCover.Console.exe -target:"%programfiles%\dotnet\dotnet.exe" -targetargs:"xunit -noShadow -xml ..\test-results.xml" -register:user -output:"..\reports\coverage\coverage.xml" -skipautoprops -filter:"+[zxcvbn-core*]* -[zxcvbn-core-test]*"  -excludebyattribute:*.ExcludeFromCodeCoverage* -mergebyhash -returntargetcode -oldStyle
+  - cmd: cd %APPVEYOR_BUILD_FOLDER% && dotnet test  --collect:"XPlat Code Coverage" --test-adapter-path:. --logger:Appveyor
 after_test:
-  - cmd: cd %APPVEYOR_BUILD_FOLDER%
   - ps: .\upload-results.ps1
-  - cmd: cd %APPVEYOR_BUILD_FOLDER% && tools\coveralls.io\tools\coveralls.net.exe --autodetect reports\coverage\coverage.xml
 environment:
   COVERALLS_REPO_TOKEN:
     secure: iSoNwLqIwwMN/WHRx1cV7varflDclJFbg9SGrPrBzGYHJrMTXuk+h8hWfHajvaH/

upload-results.ps1

@@ -1,8 +1,4 @@
-# upload results to AppVeyor
-$wc = New-Object 'System.Net.WebClient'
-$wc.UploadFile("https://ci.appveyor.com/api/testresults/xunit/$($env:APPVEYOR_JOB_ID)", (Resolve-Path .\test-results-net452.xml))
-$wc.UploadFile("https://ci.appveyor.com/api/testresults/xunit/$($env:APPVEYOR_JOB_ID)", (Resolve-Path .\test-results-netcoreapp1.1.xml))
-$wc.UploadFile("https://ci.appveyor.com/api/testresults/xunit/$($env:APPVEYOR_JOB_ID)", (Resolve-Path .\test-results-netcoreapp2.0.xml))
-
-
+# upload results to Coveralls
 
+ $result = Get-ChildItem -Path . -Filter coverage.cobertura.xml -Recurse |%{$_.FullName}
+ .\tools\coveralls.io\tools\coveralls.net.exe --autodetect $result

zxcvbn-core-list-builder/GlobalSuppressions.cs

@@ -0,0 +1,14 @@
+// This file is used by Code Analysis to maintain SuppressMessage
+// attributes that are applied to this project.
+// Project-level suppressions either have no target or are given
+// a specific target and scoped to a namespace, type, member, etc.
+
+using System.Diagnostics.CodeAnalysis;
+
+[assembly: SuppressMessage("StyleCop.CSharp.ReadabilityRules", "SA1101:Prefix local calls with this", Justification = "To match this project's coding style.")]
+[assembly: SuppressMessage("StyleCop.CSharp.OrderingRules", "SA1200:Using directives should be placed correctly", Justification = "To match this project's coding style.")]
+[assembly: SuppressMessage("StyleCop.CSharp.LayoutRules", "SA1503:Braces should not be omitted", Justification = "To match this project's coding style.")]
+[assembly: SuppressMessage("Globalization", "CA1308:Normalize strings to uppercase", Justification = "This normalization isn't security critical.")]
+[assembly: SuppressMessage("StyleCop.CSharp.OrderingRules", "SA1208:System using directives should be placed before other using directives", Justification = "Using CodeMaid for this task.")]
+[assembly: SuppressMessage("StyleCop.CSharp.DocumentationRules", "SA1600:Elements should be documented", Justification = "This isn't actually publicly released.")]
+[assembly: SuppressMessage("StyleCop.CSharp.DocumentationRules", "SA1633:File should have header", Justification = "No header required.")]