Improved master password validation

cryptography/src/passwords.rs

@@ -11,6 +11,15 @@ bitflags::bitflags! {
         const NUMBER = 0b0100;
         const SPECIAL_CHARACTER = 0b1000;
     }
+
+    #[derive(PartialEq, Eq)]
+    pub struct PasswordValidity: u8 {
+        const NO_LOWERCASE = 0b00001;
+        const NO_UPPERCASE = 0b00010;
+        const NO_NUMBER = 0b00100;
+        const NO_SPECIAL_CHARACTER = 0b01000;
+        const TOO_SHORT = 0b10000;
+    }
 }
 
 /// Returns true if the generated master password is valid.
@@ -35,6 +44,7 @@ fn check_generated_password<const LENGTH: usize>(password: &[u8; LENGTH]) -> boo
     false
 }
 
+/// Continuously generates the password until it passes the checks
 #[inline]
 fn generate_password<R, const LENGTH: usize>(rng: &mut R) -> ArrayString<LENGTH>
 where
@@ -48,7 +58,6 @@ where
     }
 }
 
-/// Continuously generates the password until it passes the checks
 #[inline]
 pub fn generate_passwords<const AMOUNT: usize, const LENGTH: usize>(
 ) -> [ArrayString<LENGTH>; AMOUNT] {
@@ -57,26 +66,32 @@ pub fn generate_passwords<const AMOUNT: usize, const LENGTH: usize>(
 }
 
 #[inline]
-pub fn check_master_pass(password: &str) -> bool {
+pub fn check_master_pass(password: &str) -> PasswordValidity {
     let mut count = 0;
     let mut chars = password.chars();
-    let mut flags = PasswordFlags::empty();
+    let mut flags = PasswordValidity::all();
+
     for char in &mut chars {
         count += 1;
         if char.is_lowercase() {
-            flags |= PasswordFlags::LOWERCASE
+            flags.remove(PasswordValidity::NO_LOWERCASE)
         } else if char.is_uppercase() {
-            flags |= PasswordFlags::UPPERCASE
+            flags.remove(PasswordValidity::NO_UPPERCASE)
         } else if char.is_ascii_digit() {
-            flags |= PasswordFlags::NUMBER;
+            flags.remove(PasswordValidity::NO_NUMBER)
         } else if char.is_ascii_punctuation() {
-            flags |= PasswordFlags::SPECIAL_CHARACTER
+            flags.remove(PasswordValidity::NO_SPECIAL_CHARACTER)
         }
 
-        if flags.is_all() {
+        if flags == PasswordValidity::TOO_SHORT {
             count += chars.count();
-            return count >= 8;
+            break;
         }
     }
-    false
+
+    if count >= 8 {
+        flags.remove(PasswordValidity::TOO_SHORT)
+    }
+
+    flags
 }