try:
    password = input("請輸入密碼: ")
    if not password:
        raise PasswordValidationError("密碼不能為空")
    if len(password) > MAX_PASSWORD_LENGTH:
        raise PasswordValidationError(f"密碼長度不能超過 {MAX_PASSWORD_LENGTH} 個字符")
except PasswordValidationError as e:
    logger.error(f"密碼輸入驗證失敗: {str(e)}")
    raise PasswordSecurityError(f"輸入錯誤: {str(e)}")

try:
    with open(password_file, 'r', encoding='utf-8') as f:
        passwords = f.readlines()
except FileNotFoundError:
    logger.error(f"密碼文件不存在: {password_file}")
    raise PasswordSecurityError(f"文件未找到: {password_file}")
except PermissionError:
    logger.error(f"無權(quán)限訪問密碼文件: {password_file}")
    raise PasswordSecurityError(f"文件訪問權(quán)限不足: {password_file}")

try:
    # 安全清除密碼變量
    password = None
    del password
except Exception as e:
    logger.warning(f"內(nèi)存清理失敗: {str(e)}")

try:
    with open(config_file, 'r', encoding='utf-8') as f:
        config = json.load(f)
except json.JSONDecodeError as e:
    logger.error(f"配置文件格式錯誤: {str(e)}")
    raise PasswordSecurityError(f"配置文件無效: {str(e)}")
except FileNotFoundError:
    logger.warning("配置文件不存在，使用默認配置")
    config = DEFAULT_CONFIG

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
"""
密碼強度檢測器
功能：評估密碼的安全性和強度
作者：Cline
版本：1.0
"""

import argparse
import sys
import json
import logging
import os
import re
import math
from datetime import datetime
from typing import Dict, List, Tuple, Optional
import hashlib
import secrets

# 配置日志
logging.basicConfig(
    level=logging.INFO,
    format='%(asctime)s - %(levelname)s - %(message)s',
    handlers=[
        logging.FileHandler('password_checker.log'),
        logging.StreamHandler(sys.stdout)
    ]
)
logger = logging.getLogger(__name__)

class PasswordSecurityError(Exception):
    """密碼安全異常類"""
    pass

class PasswordValidationError(Exception):
    """密碼驗證異常類"""
    pass

class PasswordStrengthChecker:
    def __init__(self, config: Dict[str, any] = None):
        # 默認配置
        self.default_config = {
            "min_length": 8,
            "max_length": 128,
            "require_uppercase": True,
            "require_lowercase": True,
            "require_digits": True,
            "require_special_chars": True,
            "min_special_chars": 1,
            "blacklist_words": [
                "password", "123456", "qwerty", "admin", "welcome",
                "login", "root", "guest", "user", "test"
            ],
            "keyboard_patterns": [
                "qwerty", "asdf", "zxcv", "1234", "abcd"
            ],
            "scoring_weights": {
                "length": 0.3,
                "complexity": 0.4,
                "patterns": 0.2,
                "entropy": 0.1
            }
        }
        
        # 合并配置
        self.config = {**self.default_config, **(config or {})}
        
        # 特殊字符集合
        self.special_chars = "!@#$%^&*()_+-=[]{}|;:,.<>?"
        
        # 檢測結(jié)果統(tǒng)計
        self.stats = {
            "total_checked": 0,
            "strong_passwords": 0,
            "medium_passwords": 0,
            "weak_passwords": 0,
            "very_weak_passwords": 0
        }
        
    def calculate_entropy(self, password: str) -> float:
        """計算密碼熵值"""
        if not password:
            return 0.0
            
        # 計算字符集大小
        charset_size = 0
        if re.search(r'[a-z]', password):
            charset_size += 26
        if re.search(r'[A-Z]', password):
            charset_size += 26
        if re.search(r'[0-9]', password):
            charset_size += 10
        if re.search(r'[^a-zA-Z0-9]', password):
            charset_size += len(self.special_chars)
            
        # 計算熵值
        if charset_size > 0:
            entropy = len(password) * math.log2(charset_size)
            return min(entropy, 100.0)  # 限制最大值
        return 0.0
        
    def check_length(self, password: str) -> Tuple[int, str]:
        """檢查密碼長度"""
        length = len(password)
        min_len = self.config["min_length"]
        max_len = self.config["max_length"]
        
        if length < min_len:
            return 0, f"密碼長度不足，至少需要 {min_len} 個字符"
        elif length > max_len:
            return 0, f"密碼長度過長，最多允許 {max_len} 個字符"
        else:
            # 長度評分（線性增長）
            score = min(100, (length / max_len) * 100)
            return int(score), f"密碼長度合適 ({length} 個字符)"
            
    def check_complexity(self, password: str) -> Tuple[int, str]:
        """檢查密碼復(fù)雜度"""
        score = 0
        feedback = []
        
        # 檢查小寫字母
        if re.search(r'[a-z]', password):
            score += 25
        elif self.config["require_lowercase"]:
            feedback.append("缺少小寫字母")
            
        # 檢查大寫字母
        if re.search(r'[A-Z]', password):
            score += 25
        elif self.config["require_uppercase"]:
            feedback.append("缺少大寫字母")
            
        # 檢查數(shù)字
        if re.search(r'[0-9]', password):
            score += 25
        elif self.config["require_digits"]:
            feedback.append("缺少數(shù)字")
            
        # 檢查特殊字符
        special_count = len(re.findall(r'[^a-zA-Z0-9]', password))
        if special_count >= self.config["min_special_chars"]:
            score += 25
        elif self.config["require_special_chars"]:
            feedback.append(f"特殊字符不足，至少需要 {self.config['min_special_chars']} 個")
            
        if not feedback:
            feedback_msg = "字符類型齊全"
        else:
            feedback_msg = "、".join(feedback)
            
        return score, feedback_msg
        
    def check_patterns(self, password: str) -> Tuple[int, str]:
        """檢查密碼模式"""
        score = 100
        feedback = []
        
        # 檢查黑名單詞匯
        password_lower = password.lower()
        for word in self.config["blacklist_words"]:
            if word in password_lower:
                score -= 30
                feedback.append(f"包含常見弱密碼詞匯: {word}")
                
        # 檢查鍵盤序列
        for pattern in self.config["keyboard_patterns"]:
            if pattern in password_lower or pattern[::-1] in password_lower:
                score -= 20
                feedback.append(f"包含鍵盤序列: {pattern}")
                
        # 檢查重復(fù)字符
        if re.search(r'(.)\1{2,}', password):
            score -= 15
            feedback.append("包含過多重復(fù)字符")
            
        # 檢查連續(xù)字符
        consecutive_count = 0
        for i in range(len(password) - 2):
            if ord(password[i+1]) == ord(password[i]) + 1 and ord(password[i+2]) == ord(password[i]) + 2:
                consecutive_count += 1
        if consecutive_count > 0:
            score -= 10 * consecutive_count
            feedback.append(f"包含 {consecutive_count} 組連續(xù)字符")
            
        # 確保分數(shù)不低于0
        score = max(0, score)
        
        if not feedback:
            feedback_msg = "未發(fā)現(xiàn)明顯模式問題"
        else:
            feedback_msg = "、".join(feedback)
            
        return score, feedback_msg
        
    def evaluate_password_strength(self, password: str) -> Dict[str, any]:
        """評估密碼強度"""
        if not password:
            raise PasswordValidationError("密碼不能為空")
            
        # 基本驗證
        if len(password) > self.config["max_length"]:
            raise PasswordValidationError(f"密碼長度不能超過 {self.config['max_length']} 個字符")
            
        # 各項檢測
        length_score, length_feedback = self.check_length(password)
        complexity_score, complexity_feedback = self.check_complexity(password)
        patterns_score, patterns_feedback = self.check_patterns(password)
        entropy_score = self.calculate_entropy(password)
        
        # 計算綜合得分
        weights = self.config["scoring_weights"]
        total_score = (
            length_score * weights["length"] +
            complexity_score * weights["complexity"] +
            patterns_score * weights["patterns"] +
            entropy_score * weights["entropy"]
        )
        
        # 確定強度等級
        if total_score >= 80:
            strength_level = "very_strong"
            strength_desc = "非常強"
        elif total_score >= 60:
            strength_level = "strong"
            strength_desc = "強"
        elif total_score >= 40:
            strength_level = "medium"
            strength_desc = "中等"
        else:
            strength_level = "weak"
            strength_desc = "弱"
            
        # 更新統(tǒng)計
        self.stats["total_checked"] += 1
        if strength_level == "very_strong":
            self.stats["strong_passwords"] += 1
        elif strength_level == "strong":
            self.stats["strong_passwords"] += 1
        elif strength_level == "medium":
            self.stats["medium_passwords"] += 1
        else:
            self.stats["weak_passwords"] += 1
            
        result = {
            "password": self.mask_password(password),
            "score": round(total_score, 2),
            "strength_level": strength_level,
            "strength_description": strength_desc,
            "details": {
                "length": {
                    "score": length_score,
                    "feedback": length_feedback
                },
                "complexity": {
                    "score": complexity_score,
                    "feedback": complexity_feedback
                },
                "patterns": {
                    "score": patterns_score,
                    "feedback": patterns_feedback
                },
                "entropy": {
                    "score": round(entropy_score, 2),
                    "bits": round(math.log2(len(password) or 1), 2) if password else 0
                }
            },
            "recommendations": self.generate_recommendations(
                length_score, complexity_score, patterns_score
            ),
            "timestamp": datetime.now().isoformat()
        }
        
        return result
        
    def mask_password(self, password: str) -> str:
        """掩碼密碼顯示"""
        if len(password) <= 4:
            return "*" * len(password)
        else:
            return password[:2] + "*" * (len(password) - 4) + password[-2:]
            
    def generate_recommendations(self, length_score: int, complexity_score: int, patterns_score: int) -> List[str]:
        """生成改進建議"""
        recommendations = []
        
        if length_score < 80:
            recommendations.append("增加密碼長度，建議至少12個字符")
            
        if complexity_score < 80:
            recommendations.append("使用更多類型的字符（大小寫字母、數(shù)字、特殊符號）")
            
        if patterns_score < 80:
            recommendations.append("避免使用常見詞匯、鍵盤序列和重復(fù)字符")
            
        if not recommendations:
            recommendations.append("密碼強度良好，繼續(xù)保持")
            
        return recommendations
        
    def check_password_list(self, passwords: List[str]) -> List[Dict[str, any]]:
        """批量檢查密碼列表"""
        results = []
        
        for i, password in enumerate(passwords):
            try:
                result = self.evaluate_password_strength(password.strip())
                results.append(result)
                logger.info(f"已檢查第 {i+1} 個密碼")
            except Exception as e:
                logger.error(f"檢查第 {i+1} 個密碼時出錯: {str(e)}")
                results.append({
                    "password": self.mask_password(password.strip()),
                    "error": str(e),
                    "timestamp": datetime.now().isoformat()
                })
                
        return results
        
    def load_passwords_from_file(self, file_path: str) -> List[str]:
        """從文件加載密碼列表"""
        try:
            with open(file_path, 'r', encoding='utf-8') as f:
                passwords = [line.strip() for line in f if line.strip()]
            logger.info(f"從文件加載了 {len(passwords)} 個密碼")
            return passwords
        except FileNotFoundError:
            logger.error(f"密碼文件不存在: {file_path}")
            raise PasswordSecurityError(f"文件未找到: {file_path}")
        except Exception as e:
            logger.error(f"加載密碼文件時出錯: {str(e)}")
            raise PasswordSecurityError(f"文件加載失敗: {str(e)}")
            
    def save_results(self, results: List[Dict[str, any]], output_file: str):
        """保存檢測結(jié)果"""
        try:
            # 確保輸出目錄存在
            output_dir = os.path.dirname(output_file) if os.path.dirname(output_file) else '.'
            os.makedirs(output_dir, exist_ok=True)
            
            with open(output_file, 'w', encoding='utf-8') as f:
                json.dump(results, f, indent=2, ensure_ascii=False)
                
            logger.info(f"檢測結(jié)果已保存到 {output_file}")
        except Exception as e:
            logger.error(f"保存檢測結(jié)果時出錯: {str(e)}")
            raise PasswordSecurityError(f"結(jié)果保存失敗: {str(e)}")
            
    def generate_report(self, results: List[Dict[str, any]]) -> Dict[str, any]:
        """生成檢測報告"""
        weak_passwords = [r for r in results if r.get("strength_level") in ["weak", "very_weak"]]
        medium_passwords = [r for r in results if r.get("strength_level") == "medium"]
        strong_passwords = [r for r in results if r.get("strength_level") in ["strong", "very_strong"]]
        
        report = {
            "summary": {
                "total_passwords": len(results),
                "very_strong": len([r for r in results if r.get("strength_level") == "very_strong"]),
                "strong": len([r for r in results if r.get("strength_level") == "strong"]),
                "medium": len(medium_passwords),
                "weak": len([r for r in results if r.get("strength_level") == "weak"]),
                "very_weak": len([r for r in results if r.get("strength_level") == "very_weak"])
            },
            "statistics": self.stats,
            "weak_passwords": weak_passwords[:10],  # 只顯示前10個弱密碼
            "recommendations": [
                "定期更換密碼",
                "使用密碼管理器生成和存儲復(fù)雜密碼",
                "啟用多因素認證",
                "避免在多個賬戶使用相同密碼"
            ],
            "timestamp": datetime.now().isoformat()
        }
        
        return report
        
    def print_result(self, result: Dict[str, any]):
        """打印檢測結(jié)果"""
        print("\n" + "="*60)
        print("密碼強度檢測結(jié)果")
        print("="*60)
        print(f"密碼: {result['password']}")
        print(f"綜合得分: {result['score']}/100")
        print(f"強度等級: {result['strength_description']}")
        print("-"*60)
        print("詳細分析:")
        print(f"  長度檢測: {result['details']['length']['score']}/100 - {result['details']['length']['feedback']}")
        print(f"  復(fù)雜度檢測: {result['details']['complexity']['score']}/100 - {result['details']['complexity']['feedback']}")
        print(f"  模式檢測: {result['details']['patterns']['score']}/100 - {result['details']['patterns']['feedback']}")
        print(f"  熵值檢測: {result['details']['entropy']['score']}/100 ({result['details']['entropy']['bits']} bits)")
        print("-"*60)
        print("改進建議:")
        for i, rec in enumerate(result['recommendations'], 1):
            print(f"  {i}. {rec}")
        print("="*60)
        
    def print_report(self, report: Dict[str, any]):
        """打印檢測報告"""
        print("\n" + "="*60)
        print("密碼強度檢測報告")
        print("="*60)
        print(f"檢測時間: {report['timestamp']}")
        print("-"*60)
        print("統(tǒng)計摘要:")
        print(f"  總密碼數(shù): {report['summary']['total_passwords']}")
        print(f"  非常強: {report['summary']['very_strong']}")
        print(f"  強: {report['summary']['strong']}")
        print(f"  中等: {report['summary']['medium']}")
        print(f"  弱: {report['summary']['weak']}")
        print(f"  非常弱: {report['summary']['very_weak']}")
        print("-"*60)
        print("安全建議:")
        for i, rec in enumerate(report['recommendations'], 1):
            print(f"  {i}. {rec}")
        print("="*60)

def create_sample_config():
    """創(chuàng)建示例配置文件"""
    sample_config = {
        "min_length": 8,
        "max_length": 128,
        "require_uppercase": True,
        "require_lowercase": True,
        "require_digits": True,
        "require_special_chars": True,
        "min_special_chars": 1,
        "blacklist_words": [
            "password", "123456", "qwerty", "admin", "welcome",
            "login", "root", "guest", "user", "test", "abc123"
        ],
        "keyboard_patterns": [
            "qwerty", "asdf", "zxcv", "1234", "abcd", "qwer"
        ],
        "scoring_weights": {
            "length": 0.3,
            "complexity": 0.4,
            "patterns": 0.2,
            "entropy": 0.1
        }
    }
    
    with open('password_checker_config.json', 'w', encoding='utf-8') as f:
        json.dump(sample_config, f, indent=2, ensure_ascii=False)
    logger.info("示例配置文件已創(chuàng)建: password_checker_config.json")

def generate_strong_password(length: int = 16) -> str:
    """生成強密碼"""
    alphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()"
    password = ''.join(secrets.choice(alphabet) for _ in range(length))
    return password

def main():
    parser = argparse.ArgumentParser(description='密碼強度檢測器')
    parser.add_argument('password', nargs='?', help='要檢測的密碼')
    parser.add_argument('-f', '--file', help='包含密碼列表的文件路徑')
    parser.add_argument('-o', '--output', help='輸出結(jié)果文件路徑')
    parser.add_argument('-c', '--config', help='配置文件路徑')
    parser.add_argument('--generate', type=int, nargs='?', const=16, help='生成指定長度的強密碼')
    parser.add_argument('--sample-config', action='store_true', help='創(chuàng)建示例配置文件')
    parser.add_argument('--interactive', action='store_true', help='交互式檢測模式')
    
    args = parser.parse_args()
    
    if args.sample_config:
        create_sample_config()
        return
        
    if args.generate:
        password = generate_strong_password(args.generate)
        print(f"生成的強密碼: {password}")
        return
        
    # 加載配置
    config = {}
    if args.config and os.path.exists(args.config):
        try:
            with open(args.config, 'r', encoding='utf-8') as f:
                config = json.load(f)
        except Exception as e:
            logger.error(f"加載配置文件失敗: {str(e)}")
            
    # 創(chuàng)建檢測器實例
    checker = PasswordStrengthChecker(config)
    
    try:
        if args.interactive:
            # 交互式模式
            while True:
                try:
                    password = input("\n請輸入要檢測的密碼 (輸入 'quit' 退出): ")
                    if password.lower() == 'quit':
                        break
                    if not password:
                        continue
                        
                    result = checker.evaluate_password_strength(password)
                    checker.print_result(result)
                except KeyboardInterrupt:
                    print("\n退出交互模式")
                    break
                except Exception as e:
                    logger.error(f"密碼檢測出錯: {str(e)}")
                    
        elif args.file:
            # 文件批量檢測模式
            passwords = checker.load_passwords_from_file(args.file)
            results = checker.check_password_list(passwords)
            
            # 保存結(jié)果
            output_file = args.output or f"password_check_results_{datetime.now().strftime('%Y%m%d_%H%M%S')}.json"
            checker.save_results(results, output_file)
            
            # 生成報告
            report = checker.generate_report(results)
            report_file = f"{output_file}.report.json"
            with open(report_file, 'w', encoding='utf-8') as f:
                json.dump(report, f, indent=2, ensure_ascii=False)
            logger.info(f"檢測報告已保存到 {report_file}")
            
            # 打印報告
            checker.print_report(report)
            
        elif args.password:
            # 單密碼檢測模式
            result = checker.evaluate_password_strength(args.password)
            checker.print_result(result)
            
            # 保存結(jié)果
            if args.output:
                checker.save_results([result], args.output)
                
        else:
            # 顯示幫助信息
            parser.print_help()
            
    except KeyboardInterrupt:
        logger.info("密碼檢測被用戶中斷")
        sys.exit(1)
    except PasswordSecurityError as e:
        logger.error(f"密碼安全錯誤: {str(e)}")
        sys.exit(1)
    except Exception as e:
        logger.error(f"密碼檢測過程中發(fā)生未知錯誤: {str(e)}")
        sys.exit(1)

if __name__ == '__main__':
    main()

# 檢測單個密碼
python password_checker.py "MyPassword123!"

# 交互式檢測模式
python password_checker.py --interactive

# 生成強密碼
python password_checker.py --generate
python password_checker.py --generate 20  # 指定長度

# 從文件批量檢測密碼
python password_checker.py -f passwords.txt

# 指定輸出文件
python password_checker.py -f passwords.txt -o results.json

# 使用自定義配置文件
python password_checker.py "MyPassword123!" -c config.json

# 創(chuàng)建示例配置文件
python password_checker.py --sample-config

{
  "min_length": 12,
  "max_length": 128,
  "require_uppercase": true,
  "require_lowercase": true,
  "require_digits": true,
  "require_special_chars": true,
  "min_special_chars": 2,
  "blacklist_words": [
    "password", "123456", "qwerty", "admin", "welcome",
    "login", "root", "guest", "user", "test", "abc123",
    "password123", "admin123"
  ],
  "keyboard_patterns": [
    "qwerty", "asdf", "zxcv", "1234", "abcd", "qwer",
    "qazwsx", "plmokn"
  ],
  "scoring_weights": {
    "length": 0.25,
    "complexity": 0.35,
    "patterns": 0.25,
    "entropy": 0.15
  }
}

from password_checker import PasswordStrengthChecker

# 創(chuàng)建檢測器實例
checker = PasswordStrengthChecker()

# 在用戶注冊時檢查密碼強度
def register_user(username, password):
    try:
        result = checker.evaluate_password_strength(password)
        if result['strength_level'] in ['weak', 'very_weak']:
            return False, "密碼強度不足，請使用更強的密碼"
        return True, "密碼強度合格"
    except Exception as e:
        return False, str(e)

# 企業(yè)級密碼策略配置
enterprise_config = {
    "min_length": 16,
    "require_uppercase": True,
    "require_lowercase": True,
    "require_digits": True,
    "require_special_chars": True,
    "min_special_chars": 3,
    "blacklist_words": ["companyname", "productname"],  # 企業(yè)特定詞匯
    "scoring_weights": {
        "length": 0.2,
        "complexity": 0.4,
        "patterns": 0.3,
        "entropy": 0.1
    }
}

checker = PasswordStrengthChecker(enterprise_config)