Update entropy calculation and docs.

readme.md

@@ -0,0 +1,114 @@
+# PassMeRust Password Strength Calculator
+
+Simple and efficient command-line password strength assessment tool.
+
+**PassMeRust** is a command-line tool written in Rust that calculates the strength of a password. It checks the provided password against a list of common passwords and a dictionary of words to determine its strength. The password strength is measured based on factors such as length, character variety, and presence in common password lists. It also supports space characters within passwords for more diverse passphrases.
+
+## Features
+
+- Calculates the strength of a password based on its length, character variety, and the types of characters used (alphabets, numbers, symbols, and spaces).
+- Checks if the password is present in a list of common passwords.
+- Verifies if the password is a dictionary word.
+- Provides a score and a strength rating for the password.
+- Supports both console input and command-line argument for entering the password.
+
+## How Password Strength is Calculated
+
+### Character Set Calculation (`calculate_charset` function):
+
+The character set size plays a vital role in determining the password's entropy. The more diverse the set of characters used in a password, the higher its entropy. The function `calculate_charset` analyzes the password to determine the possible characters it's composed of:
+
+- **Numbers**: Consists of 10 characters (0-9).
+- **Lowercase Letters**: Consists of 26 characters (a-z).
+- **Uppercase Letters**: Consists of 26 characters (A-Z).
+- **Special Characters and Spaces**: For our calculations, we assume the presence of 33 special characters and the space character. This encompasses space, punctuation, and symbols from the ASCII table.
+
+Based on the types of characters detected in the password, `calculate_charset` returns a cumulative count, which is then used in the entropy calculation.
+
+### Strength Assessment (`get_strength` function):
+
+After calculating the entropy using the character set size and password length, the `get_strength` function categorizes the password into one of five strength classes:
+
+- **Very Weak**: Entropy is less than 28.
+- **Weak**: Entropy is between 28 and 36.
+- **Moderate**: Entropy is between 36 and 60.
+- **Strong**: Entropy is between 60 and 128.
+- **Very Strong**: Entropy is above 128.
+
+The strength is then outputted to the user, providing a simple, human-readable assessment of the password's robustness.
+
+## Requirements
+
+- Rust (1.54.0 or later)
+
+## Installation
+
+1. Clone this repository:
+
+   ```
+   git clone https://github.com/dewan-ahmed/PassMeRust.git
+   ```
+
+2. Change to the project directory:
+
+   ```
+   cd PassMeRust
+   ```
+
+3. Build the project:
+
+   ```
+   cargo build --release
+   ```
+
+4. Run the program:
+
+   ```
+   cargo run --release
+   ```
+
+## Usage
+
+To calculate the strength of a password, run the program and follow the prompts to enter the password. Alternatively, you can provide the password as a command-line argument:
+
+```
+cargo run --release -- "<password>"
+```
+
+Replace `<password>` with the actual password you want to check. If your password contains spaces or special characters, ensure it is wrapped in double quotes. The program will output a strength rating such as "Very Weak", "Weak", "Moderate", "Strong", or "Very Strong".
+
+## Examples
+
+1. Calculating password strength interactively:
+
+   ```
+   $ cargo run --release
+   Enter a password: **********
+   Password Strength: Strong
+   ```
+
+2. Calculating password strength with a command-line argument:
+
+   ```
+   $ cargo run --release -- MySecurePassword123
+   Password Strength: Weak
+   ```
+
+3. Using a password with spaces:
+
+   ```
+   $ cargo run --release -- "My Secure Password 123"
+   Password Strength: Very Strong
+   ```
+
+## Contributing
+
+Contributions are welcome! If you find any issues or have suggestions for improvements, please feel free to open an issue or submit a pull request.
+
+## License
+
+This project is licensed under the [MIT License](LICENSE).
+
+## Disclaimer
+
+This tool is meant to be used for educational and informational purposes only. It does not guarantee the absolute security of a password. Users are advised to follow best practices and use strong, unique passwords for their accounts.

src/entropy.rs

@@ -2,35 +2,33 @@ pub fn calculate_entropy(password: &str) -> f64 {
     let charset = calculate_charset(password);
     let length = password.len();
 
-    (length as f64).log2() * charset.log2()
+    length as f64 * charset.log2()
 }
 
 fn calculate_charset(password: &str) -> f64 {
     let mut charset = 0u32;
 
-    for byte in password.bytes() {
-        if byte >= b'0' && byte <= b'9' {
-            charset |= 1;
-        } else if byte >= b'a' && byte <= b'z' {
-            charset |= 2;
-        } else if byte >= b'A' && byte <= b'Z' {
-            charset |= 4;
-        } else {
-            charset |= 8;
-        }
+    if password.bytes().any(|byte| byte >= b'0' && byte <= b'9') {
+        charset += 10;  // Numbers
+    }
+    if password.bytes().any(|byte| byte >= b'a' && byte <= b'z') {
+        charset += 26;  // Lowercase letters
+    }
+    if password.bytes().any(|byte| byte >= b'A' && byte <= b'Z') {
+        charset += 26;  // Uppercase letters
+    }
+    if password.bytes().any(|byte| byte < b'0' || (byte > b'9' && byte < b'A') || (byte > b'Z' && byte < b'a') || byte > b'z') {
+        charset += 33;  // Special characters, rough estimation
     }
 
-    charset.count_ones() as f64
+    charset as f64
 }
 
 pub fn get_strength(entropy: f64) -> String {
-    if entropy < 28.0 {
-        String::from("Weak")
-    } else if entropy < 36.0 {
-        String::from("Moderate")
-    } else if entropy < 60.0 {
-        String::from("Strong")
-    } else {
-        String::from("Very Strong")
+    match entropy {
+        e if e < 28.0 => "Weak".to_string(),
+        e if e < 36.0 => "Moderate".to_string(),
+        e if e < 60.0 => "Strong".to_string(),
+        _ => "Very Strong".to_string(),
     }
 }

src/main.rs

@@ -4,6 +4,9 @@ use std::io::{self, Write};
 use std::path::Path;
 use std::process;
 
+// Importing the entropy module
+mod entropy;
+
 fn main() {
     let args: Vec<String> = env::args().collect();
     let mut password = String::new();
@@ -32,8 +35,9 @@ fn main() {
     if is_password_in_dictionary(password, dictionary_path) || is_password_common(password, common_passwords_path) {
         println!("Password is weak: It matches a common password or dictionary word.");
     } else {
-        let entropy = calculate_entropy(password);
-        println!("Password strength: {}", get_strength(entropy));
+        // Use the imported calculate_entropy function
+        let entropy = entropy::calculate_entropy(password);
+        println!("Password strength: {}", entropy::get_strength(entropy)); // Update get_strength function as well.
     }
 }
 
@@ -46,23 +50,3 @@ fn is_password_common(password: &str, common_passwords_path: &Path) -> bool {
     let common_passwords = fs::read_to_string(common_passwords_path).unwrap();
     common_passwords.lines().any(|line| line == password)
 }
-
-fn calculate_entropy(password: &str) -> f64 {
-    let length = password.chars().count();
-    let range = password.chars().collect::<std::collections::HashSet<char>>().len();
-    length as f64 * (range as f64).log2()
-}
-
-fn get_strength(entropy: f64) -> &'static str {
-    if entropy < 28.0 {
-        "Very weak"
-    } else if entropy < 36.0 {
-        "Weak"
-    } else if entropy < 60.0 {
-        "Reasonable"
-    } else if entropy < 128.0 {
-        "Strong"
-    } else {
-        "Very strong"
-    }
-}