From d98be078c317d21eaec4e8bb33f626c6a54287f1 Mon Sep 17 00:00:00 2001
From: Zahary Karadjov <zahary@gmail.com>
Date: Tue, 6 Oct 2020 21:55:04 +0300
Subject: [PATCH] Address #1690 Min password entropy

---
 .gitmodules                          | 5 +++++
 beacon_chain.nimble                  | 3 ++-
 beacon_chain/keystore_management.nim | 8 +++++++-
 vendor/nim-zxcvbn                    | 1 +
 4 files changed, 15 insertions(+), 2 deletions(-)
 create mode 160000 vendor/nim-zxcvbn

diff --git a/.gitmodules b/.gitmodules
index 2e18185b0..e712d5bff 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -193,3 +193,8 @@
 	url = https://github.com/nitely/nim-normalize.git
 	ignore = dirty
 	branch = master
+[submodule "vendor/nim-zxcvbn"]
+	path = vendor/nim-zxcvbn
+	url = https://github.com/status-im/nim-zxcvbn.git
+	ignore = dirty
+	branch = master
diff --git a/beacon_chain.nimble b/beacon_chain.nimble
index 225912f7e..8a7f35fdb 100644
--- a/beacon_chain.nimble
+++ b/beacon_chain.nimble
@@ -36,7 +36,8 @@ requires "nim >= 0.19.0",
   "prompt",
   "unicodedb",
   "web3",
-  "yaml"
+  "yaml",
+  "zxcvbn"
 
 ### Helper functions
 proc buildAndRunBinary(name: string, srcDir = "./", params = "", cmdParams = "", lang = "c") =
diff --git a/beacon_chain/keystore_management.nim b/beacon_chain/keystore_management.nim
index 7c21e91f9..55595ce3a 100644
--- a/beacon_chain/keystore_management.nim
+++ b/beacon_chain/keystore_management.nim
@@ -1,6 +1,6 @@
 import
   std/[os, strutils, terminal, wordwrap, unicode],
-  chronicles, chronos, web3, stint, json_serialization,
+  chronicles, chronos, web3, stint, json_serialization, zxcvbn,
   serialization, blscurve, eth/common/eth_types, eth/keys, confutils, bearssl,
   spec/[datatypes, digest, crypto, keystore],
   stew/[byteutils, io2], libp2p/crypto/crypto as lcrypto,
@@ -31,6 +31,7 @@ type
 
 const
   minPasswordLen = 12
+  minPasswordEntropy = 60.0
 
   mostCommonPasswords = wordListArray(
     currentSourcePath.parentDir /
@@ -165,6 +166,11 @@ proc keyboardCreatePassword(prompt: string, confirm: string): KsResult[string] =
               " characters."
         echo ""
         continue
+      elif passwordEntropy(password) < minPasswordEntropy:
+        echoP "The entered password has low entropy and may be easy to " &
+              "brute-force with automated tools. Please increase the " &
+              "variety of the user characters."
+        continue
       elif password in mostCommonPasswords:
         echoP "The entered password is too commonly used and it would be " &
               "easy to brute-force with automated tools."
diff --git a/vendor/nim-zxcvbn b/vendor/nim-zxcvbn
new file mode 160000
index 000000000..ea6de3427
--- /dev/null
+++ b/vendor/nim-zxcvbn
@@ -0,0 +1 @@
+Subproject commit ea6de3427d532a77eb83b63f431d5ddb850d5a17